Analysis
-
max time kernel
47s -
max time network
144s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
17-04-2024 01:57
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Checks the presence of a debugger
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD566dcb0aaefa66493da6fc95c13e16f94
SHA1b9479607adc47b55e35268b2a164c487fa9d043a
SHA256fee6ead41118d880462479dafc049f68beab6631935978219278144096f32a6b
SHA512aade8cfb9f8740bbd29d5d0de479e2239e8e25525b13a99c80ded5f380dc38c1d8a268a556e50e1bcacea1b859819987b54c0e91f98577d83804c0be4855f74c
-
Filesize
1KB
MD5c97d4f322fb67d121c2cb810e33bf40b
SHA1a72719785b0bf764486f7b9fc9e92a6878f984ef
SHA2568c356d5a1268e6df476a08ccf0f5209d4b1b6ac2614b031f4399530f5dcbb207
SHA512cca6976e2440f8673575f126021cc4d85d4c1b04849f759efd8d4104db3a4acbf74326a4c2d0aa93eec07a1322f6b923f7c017efb4368aa798b009953ff6d498
-
Filesize
76KB
MD5247a9a1ab8a9d50b768aea16f443ee52
SHA11b8ef45ad7df4db30e70051835585e526f7fe488
SHA2566c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796
SHA5126285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f
-
Filesize
512B
MD53c38a0da2f267c0f827049917bcccae3
SHA1eebedf3053e3b4f07ab679362fc9d7b1526da8f3
SHA256e6e10079d3377cfae17ec947bed18b19e97c6681969505064502480d0392136b
SHA512422badf5a51a2225129474cb9d822bd0ca26c56fda891ab1f8ea7772468ff3871bcddadcafc752fe045fe654d237285a671e62f83fdf632c41d8106694508d3a
-
Filesize
140KB
MD5a6afdc2f9854deb6f509f1d212f7c060
SHA1953edb4ca7df68117bad1583fc9da62c07002306
SHA25607f71218dda15e590ec7e1b338b14bfe06b42a879f8c8d46cdc8caca05d77eb4
SHA5123d68ebb1dd649015a196a1f3425433407b4a999effdcf3d429f4364e7cc7cb12133a2d3d6acda8fdc98eafad7b916d71b212295f286fb7c22e68f7d0838802c7
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5c5056d535ac8ead380b6b4ec0211b76d
SHA1ddb267a64723fa61b722e0b3c61cfc5675f8f55f
SHA256180b92a917ae9b8f132f82f4a64085d79897d57b982ba2d63071350d312b4537
SHA5128923e15e96f6a16f8c0b374f4e6952f3b223ccafaae7bffc978173e16c71810cd23a98393b0ffb359e4dcf6a65cfe08c37e9b5474111d441c40c34f93709f494
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD57471217536dc5d7564f8c16f35e3c660
SHA1cc9b7f945c8879e8aa6bf9bf98ec5d993a2446d2
SHA25685b308ad5f417d1a7168a0e0626197a90973c1391a46ba77ed6f098abc808b2d
SHA5128392b2bf3a991336bf24c75384874fc11ac435e8b4252c47ef1d9bb0ef2d082a04e2ffa0a37cd776d430ccdc7280722f55ed028eb400252d8d9d93ab047a38f1
-
Filesize
512B
MD560f907ddf06ebd8b3be3ecd516be1d0a
SHA15e6a047a797e10cd260d3dc3b63d9a5acca31215
SHA256b2dfc8cb6f1e2dbd1557a4f4056fb965e43ee8f421d4709e8333248219533f83
SHA512987496f2153144d7c99d0add131df7cdb188df9474c07425ad0457c30237d51e80bc91b8b81712b9837e964f049148f9e28bbee8ebf08764bdb4f6ccbaf3bfac
-
Filesize
68KB
MD5a1e6bde174185fbf3154d5a88e9e111b
SHA12f829029553108eb5244e364091da18e5457abff
SHA256ebc85c7cc1aff9e92e6bf8dda5edee557739a5bda7e031994bfdee1e6f1207cc
SHA51246a0c9c32b9d5c9e16471df139b72fccb5da42ea4d38bfab6b1cc046f29356c1dc82b320bfd1c7169564e7f85b0d08dcc180976564dbfddd296eb885027a6ee4
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD55a53e15433f4fd2456dd672609f0224c
SHA10c21c16a63e138f7257a7778a318ddffe397bce2
SHA25688f2d87c45f14ff277061393d95834e19e1c38fdd8b4e687bd2eea16f8da1386
SHA5128c068c81456cdb4105848dd78f46cc449b9191db0a1e4f3fcd5dce4b4c2d5356136cb4e8ee5294815f48e3e12746e2ab4ae454e526fbd0d9c7cdf12834c80365
-
Filesize
16KB
MD5a459dc135651170a4adb59f3e3f9a63f
SHA1d28a39a89e42b9bc0aa5a52ec416d2d755d5dea3
SHA2566de550d9f865b1034068b55c529a006ac6f4b8a9170e256f634851f028fd589d
SHA512bc43e3dbad0cccd299ba2bd37d3826fd2df5151a652e79e986280cb635bf39c0fa4f8f3748f8d802c8e5d1aa4809ca7017663ebc8be68f9bb62f15822778aa51
-
Filesize
16KB
MD5af4cbf06ab44f2c28aa26e97d6e7569d
SHA127a53f84823d6f78566674f46e3811fd81c70bee
SHA256c74821c096c524cdc4f8ec9ea1f62387aa5334c6ba2d8c45eae887fba0badd91
SHA51274b83c7dcbb71ac78e957289e0e5c4644f40ae91ae05638e322a7151885cbcc2b0d7cf7d8f2e33baf9f51147babb404c9a799641734c9ae6c838c43186387630
-
Filesize
16KB
MD58e45e654a6513e4360637ed75c3ce31e
SHA1a8158f0ed2b3da707971a6a35f6769d3e2dfcefc
SHA25618a8f6374a8cf0e255bd63c16f320b29a3ec1fb2a2abfff04164b20e06c8ca5f
SHA512d625a71ded3c93b5d1800e5308e5433673c23c81eb6e5c92149e66fdc59880f23f61412774485e572a7219373ea92476369a591bcdb1a8322b022e5d9b17f833
-
Filesize
16KB
MD5ade57a9892c105eb146676b760e41e1a
SHA14ae761adbe22de8b6979c1e3b6f9129ab8ff2c11
SHA256273783621ede4e3a64953b0f7bf0d9fc8ea1d76a0d3d822f94f568a1d9a36eb6
SHA512aeaf10d02cc568f8f5a09a713bbfd0ebe83d7fd2f66903bc8a64e75ff83d9e438fb937c2f76b5424e540b10f6260ca29477d8eb7370f35cb3ba74ddf7892d8fc
-
Filesize
512B
MD534915fc43066d591a40bb3204b974c6e
SHA1a03fcd875edfe580cdf84b36d3f43e8f6f80655e
SHA25615a230ff3328ae1f7e128aabfe83cf1c30d6805fbbdc5f78f116f380f5e7267c
SHA51254302dc283748b223925c16ac09e2f159d9ebace90c4936a9bbc536bdc3d7b8df4f9444c6f0ea70723288ef776c58a4ee758121bb7c187a89343df3dac528fd0
-
Filesize
36KB
MD5e59fb7750d14590c8fab04709117486c
SHA116dfa47917fe8b0429dc005a45a67be765ef800b
SHA256c014045f7e00ebcd85a206edb9fd076028e41843dcdddb4c3d1c1ff86fb27818
SHA5121aae0c7dfd4e8bd529c710770701199463523c6a206c772b78184dc17c7ab2cde76759cdd5f690a35d1fa196812150a040c2473cbc9470779267cb9efc0a3c07
-
Filesize
4KB
MD5e28803a7805bb9f26a7bc1536bea53a1
SHA14eae3cbf21d778207c1834f51ff751e837a126be
SHA256ab8abd2daaf3a3643662d143c0cb0332280fdd73236e7a1d7b264b1090915fb4
SHA5125feffe350d7f8271e4fbbd6e867a44371eaf7bd22a26ad956f79b583b0ceeb86638ebf40470b5ce5f722b8a3509735c26706a06a786a9e88add3aa247346c8bf
-
Filesize
4KB
MD5cbba604ff4ae7b5cd26ccedea67f6ba5
SHA10624b96d89bc770336b144f9ff8cd3e7b43ffda8
SHA25664b1c0dfb2258ee617bddbbcf1c76307974ada08d1f1c155d5604d0c0d352baf
SHA512853af57a06ce684aabd0b36c11f9721b6691b88ec70c5adcbd09a3ae3295753a8fc943dd7ec43b212fa278dae8349575a575d09ed325c5c995a2d6dd6d8667c0
-
Filesize
4KB
MD5a9986600437efa99091d12cb2e3f137f
SHA1109cbdd8456ae29c43c565f7f48972f2e2ceab54
SHA256f9f1bc9577a5f709a2965c446d431be5a78963aff9902cade118c625eec53c7e
SHA5126b74f33638453ca45c14c371ea44e6271b729e9b8fc093b7239d918109316b7c444329bd9f592adb6c9276a144f329017fe66fd3c8625292cf197dafec8406f6
-
Filesize
4KB
MD558a196354e500b2cd4e7c6bd70394bed
SHA1c617c4da5b6091d5e7bf34cac0963c43df1a5699
SHA256c67c72610ea875ef24f83818b1c8324b76f9def3ca67b257c1e07e95d4a4aeff
SHA512905d4c610c33c25e0334d21360c2d254acf04b425e4dfe2484127340148a2f67b4f1d37961faa0e25144efd6e3354874d8dd3ea01cf25d5b704557f2d0efcece
-
Filesize
4KB
MD5bd946eb10ae3eefc2f86c1b3dce35ac0
SHA111f02c2c4c713073a5dacf2f49eec691fbf360b1
SHA256c1012c2a4995e22a72fa026340613106a8b17fc4c8af6cc26d1684ad4878156f
SHA512de815effcd267e12b7803faa31b6599d142985b735b38200a6ecc2fd317fe0d36d31710ab6c8b682ff142464796d60a762efcac7c5bca354a33505e5d86287d1
-
Filesize
710B
MD50fc77832a81bc99607c46c674c681066
SHA100071566771db765f2867af1f472017d1477af22
SHA25667b193076d2f824847a44a4e0127bec6cac0f642882c2abdbe056bbdbe6b5168
SHA51296ef457e1376b8f1b291cdf8506a2cfbbd52b64a9059f3e03d925dfa464935d78ca53bd4225d9f3832b98e9f91726c9776689e8469af01ff6717f8b9aa11ea80
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661F2C9200FE000110611C92FEB525A9.temp
Filesize442B
MD52d75b52af33e6babb4ba0f195a3a97dd
SHA1d3e226141c7f53c6356e84fd6d4ca8246a3bb360
SHA25689c9c97733d23564c75f1c4b00c1707967f83128c0d6d5107ed82dbfb987d0a8
SHA512068293c3a90b573747bb9527edfb2ea24f0f58b66050a5cbc382e2d58104a50f39fdf26685339349633a6c1a852482f5d09fe5cd43666881464d90f4f2e4fc1b
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661F2C9200FE000110611C92FEB525A9.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/661F2C9200FE000110611C92FEB525A9/report
Filesize732B
MD56e4ab322b48cd48ac67fb1b9fa16e58e
SHA1c2b8bae6c6653e52a2a4cd0157d115b595d8136d
SHA2565cb552b5abc98f020bb50bf845ccf23b1690da87457741c72226d2dcdcf0dd92
SHA51250b6f2f052f02b4628f1b58fea841547d7e2928dd4645f3f099059782060e64c4ba88d11d27ba0b7f3599a5fdd6fe79bf1a7f10b7b53ccd077b9af1e8ece581f
-
Filesize
565B
MD5199d396e287827515bae76c4fd753c3c
SHA19a00610ae62dcebda34d6a863e019c86cb6d7820
SHA256f80ab196543f7284b237e635ec94c585cb2a9662e4a64c42af8b4647d2c1bfc9
SHA512f3806202133a1cf3d88e98fd8eb2df339e5dafb4a6a894a13e6c4c5aecea4460eef279d55ed49c5a4b91479117508159e3cce25eabf693c73b167529a7675a75
-
Filesize
90B
MD544988da6f40cf7fcddc9a02e86037bca
SHA1670d5ad89132d67c360bbe353742a5d7e6752da9
SHA2567c408b7f5615d37e9dd78e445202376e07d613271566f2bc19c28c838308c177
SHA5127620c92589dddbe34a98c5175acdde6d22d23ed080ec2b734be217e5af8eb72a2d413b455606e299da48019338b649dcb08ae00b8b78392391f2c1179f8cc458
-
Filesize
36B
MD5562ea9ef6ebdac7349e10b67fca40d6e
SHA13766ec3c48ac8d7a3ebf9468f15df978e8f6d5a8
SHA25665f8c18b8d236a7401e3fec2c9e9e9e2d8108a1ae5415fb5156e3056d7808a01
SHA512cee708c010d76a23b6969818f66c9e67cc16efc2e3c56f3c946f628807fcd78a93e829250a687a028a2e8d46269e3ae5fb2437d9986434cb74134743072031e7
-
Filesize
512B
MD5c31c3b09b76fb9856d92d7fb697a00c3
SHA1ba2f469147919e7cda08082a09881b764f64401c
SHA25649828e365b0d83b4cdb7c1c34aeeb62294847b6053ab029a9044b4043027330e
SHA512b471dbef96271117320d760c1dcbf9e4aa28cf6f086133dc3a457cbf58ef1ef5cc70a9b281d65f2da3c615b5b44f233939c814c36507553a6851727ce78126f7
-
Filesize
16KB
MD59f45242ae76dc1d8256eb14398a1653f
SHA1f3d9116bbfa7fe96c4dd7171b4a48b2affb6f759
SHA2568f1d50d8db272cb4317d183285ebbb7a6ad4f47dfe443cc03ca0642f707dcc19
SHA512d20a56306f5a0871e69295b57c9235062ed34482da2ecd6421409b615db4209e35c9dbc10c50c2700ad468744327643ae3165f4fe262d2272afffd5e9bc49c0f
-
Filesize
108KB
MD5e9086deed43060c3ae47675bd490ad58
SHA12174573f75762ce205f548ec0021d6a57633d1cc
SHA256f3bfcc47345b7d6437fd847e3027e1431de7a1cb29c8d19574d46de3ea22e2bd
SHA512cceb6c98d30a2e7969966adbdad2f0e6b9323e51799b2452cf7c2d30389d5a244121e6af7dc3330ca9132bf0e69711bda98b21abd68458f1441c9bff9a84748b