easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
47s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
18/04/2024, 01:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger banker discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:4180

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
ec34919e48be43bcaf0f1962490e5cb3

SHA1
cde5bc269df49790f18c0d82afa0f4b0d0047a1e

SHA256
c508fb6c1b5eece7b0cc76ce7fe019fec1a524e7ad33a650554146da21ea5f22

SHA512
7ff280a14de314666b8e38e716533d57f645893a627ca7bd5bb65280a1d348943411730b577cad04bb4794da4284984a7e228a69cfc8361452a50c7f4bd48667

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
ed9982d0319c5c76631229374179e726

SHA1
3102b62c9bea7ea1b4ae06dc7d39a5161994f878

SHA256
72e7a487e4aa5573b1e0f1ffaf46ebc2801d0cdbd816b8d0a1dd34693727eb54

SHA512
439082b480305a0db32054fd135f325e5b730f879b7efedb8476408197a28794c893593c2913521595601d9b3bbdcbd651244a2197de8719a1e94d12efe8738a

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db

Filesize
76KB

MD5
247a9a1ab8a9d50b768aea16f443ee52

SHA1
1b8ef45ad7df4db30e70051835585e526f7fe488

SHA256
6c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796

SHA512
6285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-journal

Filesize
512B

MD5
a44a7deb361c9808fc852ad20c68208e

SHA1
7cd65d5a0b9ad38fd204bc003c7c76f5122cfd8f

SHA256
6addad92a819530b4cec51d971021dc107f2af4f5f2dda43e67383b40fc398d8

SHA512
d5fea237ba45e8a618a899b2db497bcc9332ae0dfa1e73a66a58d103cf42cc39bec3abb6e8f6b1a3a1e8ef7c102bc77581449f4460ab17cc39e045c21fed641e

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-wal

Filesize
140KB

MD5
019ba2484acd2430ddf086e8f50a5b3f

SHA1
10278e20456b29dc5dabbfdcb7bb0e01198a34f7

SHA256
73719978c64f8eaf454b936edbdde3c96233453265e898026ca8ac3c4ec6e0fb

SHA512
34641299fa25ca491dc919320c8aed93372f4ca8114245c788de79c26175d85df5fb7e54bbc2ce7a3a60ee2cf65db6485320a08fdc13bab08adbcd55f1f72ae6

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
b351ba54234388ce7c4ceb76e2ea4a09

SHA1
ad2808dfce10d244fcfba696b7f6634c2432a2f5

SHA256
a969e14d24393c08f449449654d9546b8dcf3993502ad0dc042e7f7284160a20

SHA512
bc1477b6d5c67c31166f62a338b105dd28640bf3502189a9249818d81080a530ee2586689998608b123ffa56d9996d4696a465bf4a106359aef7a27f140f8314

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
3910a2cfe09ae336755349301ee2da5d

SHA1
769af55c9bb00f63fe27e1975df8df8d65be701d

SHA256
208360f6a95f25eb5eac2bfd0a7178604b342586a1f923614e2964c4333c4992

SHA512
5254f47eade2aae9a419d8aa8b98314ec30eb4f3b969dbc97f609d7d740a5f20bb43a7ded8143be84c76ce3105f2e452bdbdf755047e007e7e808ce4e0ec2657

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
b72697e0f87b1dfb037b6bd07927f703

SHA1
ebd6573bc14a96dd38c07580ad6fbc9225456ce2

SHA256
b0f05c40c815ee725802fb0dcaed752629ec1343d125e6bb4a3ae49bc29644c1

SHA512
8d66bc72bbf9f5b824bb07e1336d4b302da85a48e91f26019ca44be1880c342f1741e4d8d08bbd2911c0aa3de839c46c60974de4b95070d49c99e1eee484a95d

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-wal

Filesize
68KB

MD5
4849b64a89bf0e445c055b133c6e27c9

SHA1
5d876fc22e82badab3d3b813c6b172736d07678b

SHA256
391dfbf5e771aff371134f0d8d1105effc61d0c704475f01438883573edaed2c

SHA512
848031afabfe0fe2c4ec51400e424ba8b44bc44cca6aa86fcad496ad723bdcb574b9766a458212e8a28c93ee1309873e1295b5a0d314b71229a6498b6d74cb7e

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
887147a984c10e559e86fbfa5bce0551

SHA1
8c247914a99b786e1847c2f5001f94cbc9b37bc4

SHA256
5a0c0ad992ce5691576a59900dd9ae376b266071c59276e2c2636589dcce23d4

SHA512
dab8fce22ee09fbd881cf7cd8612a7c9409baee3e552f9853ab6792c6cda138dc8ad05b8f2cf4758d9909e34dc456e7ddf326e58de4a2d81bd86a6289a4ac6ed

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7ae0ebf0935d6b0598ed166106bce69e

SHA1
ad181417c75f8d4d88fcd6b39bcafbaa13cbb258

SHA256
eca5e2e7bded1abb248274783279b527aea7cbc44548a4569ad56a4e22f3d88c

SHA512
7bb96173dfc9bb59d3cb2ea082b38ca5855edbbc7a2f828c80dd97c4f35e8feaea59e2686654faf5ecbe269fe0d5532078699a009cee3a1260a3486ec4bad351

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
31ac7c945603bd41eb733b2405344721

SHA1
87f09e202b064a8fb6d61b66896cf400b4e77429

SHA256
51f59ee0b9cb4567e5a3d35ad4f02cb5cd04a4d6a4e7e9201682067ec007ad14

SHA512
c7c684e9400287c6089aa328437d34560d1647d5a1d80ce48718b4dcb998288fb7e0e5038bdfc89a68a70a1322b3f2bed6aec0c57ff48a1e0820909d7052344c

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e1fa9548c448235f2a7835b94c488720

SHA1
ecd6b163cbcc4d0459e731f2130cc14192c2b0a1

SHA256
ebd1ea6627e134e7ecb0cf3276e4a2b5d96e6e1197eea1b2270cae9c4bbf1942

SHA512
cc2160a666e6b907ea9f0b014842bb54d214083c182763656ff998e28474ee5e5f45a6c3aac6ab4ff260f26cdd1230c27c09a4c88d6fe3097dbb37a1d525bc55

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ade57a9892c105eb146676b760e41e1a

SHA1
4ae761adbe22de8b6979c1e3b6f9129ab8ff2c11

SHA256
273783621ede4e3a64953b0f7bf0d9fc8ea1d76a0d3d822f94f568a1d9a36eb6

SHA512
aeaf10d02cc568f8f5a09a713bbfd0ebe83d7fd2f66903bc8a64e75ff83d9e438fb937c2f76b5424e540b10f6260ca29477d8eb7370f35cb3ba74ddf7892d8fc

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
74ae2e1117732c0ed59821a3021952ac

SHA1
26d70da316a9d994a82d89b2c9f3c6b53a3159f3

SHA256
65f777f2bf25b566d2fc56f04841067a14dacc2ce18da174b99259e5f91b49ff

SHA512
c7be00ab3f1ec81e0fe1916599b202f1e72ea3f5e73e07dd53d4cf0a55f2509f339a83cb647a18cbd659b1c4c2e6a058a6e0a7043e6b64f652a64f5f124bffc7

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
2f1bd1d32cca696f735b69e572f8af7c

SHA1
a6d9e4c86856735efba2d4784c45b87dc24b8b0d

SHA256
d130e44bded7d64bfc05d5a4b35709499ca0801a20ac0e2d86e19d0990a92700

SHA512
7f63fb40a0fffb736aeda9a77e6de42d3b85b5349178679c11ee8dd4728b341693a5c7a5b8d9bd94013514bc116a07809e21456ffeec60ebfda39223cbdb9096

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
816df5f09e1ca10e73769f51406b81ff

SHA1
b3e40a5e156c7c0b4852a5e1947a16a328df3791

SHA256
afc3c0d570bd84e5ba89dc0a4f3d72c23f50da9ed4c5e6e3347c4eebf7a66cf2

SHA512
b4b91e20dd4c411826bf0096ca7892fda1343970787a9ecc33b1f3a984612fbdc1fc1b2a7f4b4f17487ee4476c0afc08da0b909e8a30b7e9462345ecb6eaebc8

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
abf9b99bbae336e88baf55b3f1612bfe

SHA1
4b0ef608b8cf1d70769b3a3de363ee4b81014693

SHA256
66fa2dafe5027d2036d07fc62d6a15ae8de0682d1e388007d8b5ad2e5cb04f98

SHA512
b5a284928d086d29383a7e17d9107c7ad00185c610bded1dd13bb83326d6943895d9c1ec4706daf1e23725c5e103f7b031825da2e49d6f37249ca1e34292a0e9

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bd4640368f87acf302ea642441abf3f6

SHA1
627d491c83ca2b6ffb75e2a8c53d840a3a6ea7a4

SHA256
92e563acde238708d0cec7fb95302b48c90f3aed63238550627e616c71d30063

SHA512
8daa837e56c15a4915f4d00d5c4094e49a94c81a75505ee1fe81a482980fee32e00931285e7351ba9e273ce51ddbe884d5177d5179829d4d924cdcc3bf9f6aca

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f95f9d8139cbfa0dc4214d3eb5d470f9

SHA1
3e13460aa9efaa127476bb6ef8aa9fcd40760d98

SHA256
dae8aa4a5fc4beca5480537101af024bd760f2feb15999974ac6fc72b7fd430e

SHA512
e9490f33e821c6e3125026d278db9c49308ba8e070e6451a9c4ae65f066c168b9ca2e0562a624fcb8522f2434f360c97b61bc1af14c013717c0a80e642e058d3

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8761600de1639b757a2dbdbd3ce3c126

SHA1
b6547fa57bbbb1a1638560e9dbe90a74c8c5095c

SHA256
79152f3c1920927d783ec711c92c6169e6da6b1ffa83ac509a646ce62904b891

SHA512
8189385ee5435f56370a034e31a050b15405e050e1c827d98f471c822d1d4170dcb01c2efcc7c5535cfc39928f635f5f318669fab75022a89f7ecbf0cfd7e954

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
c0d197954735f3da22ee1b99c7d5695c

SHA1
87c4e6280898593679a06e4a035154371c4adf64

SHA256
9437dec33b42c9bf3d81902d42a49a8f621d1dbfe26c20813b869ccd6c09e90f

SHA512
83013271266bf6d0fe6580c01d97c1d4ffe11459c0d7e1f1ad88253006f46d43782a55c47e87a417c65178a1407cc95139c37ea4836d79717ac18fc06cf53fe4

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66207D1A006700011054835D51E8CA61.temp

Filesize
442B

MD5
d8b542c330103e5492920a6e74ad4d17

SHA1
aa4f7c84e36a96ca6bd13bffbe89a755e9b8d46d

SHA256
7a4923ccfcdb47e8f3badcb462b37bddce8c4cdb5adaef34b1090bc6bfba94bd

SHA512
b220451d247dbcd877fcba472c86d39f3af44aa05b5a4dba51c1ff73145a381fb0dbd71fab275c21688c457b5883a3670977e8abe387d80a49eb852e44711ea1

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66207D1A006700011054835D51E8CA61.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/66207D1A006700011054835D51E8CA61/report

Filesize
732B

MD5
34a8e4170c3fb514fd23a3d841d01c03

SHA1
4f7a9c3efa9fd83a0347f4463f9fdc25a286d7c3

SHA256
3f6e73c973f743010ecd1a84bc76a258f1e52d56d350339b445f3323f0328b05

SHA512
d651452f95e90a0d9d0d1c72d698deb89c6e012e6d41f6e52be19564d49f25b206f5f5a2f06248ffc7cfa1ec8c26d01bcc201faf84d460bced203477c695133b

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation4949652173086918479tmp

Filesize
90B

MD5
1e5ad8e6c85d86feddc2404029f4d466

SHA1
4cec46385ebd75cf375699198a6b272248e2ccfc

SHA256
820f53e18a85e9d4389eb544807f68c0096c3a42b5f15eb0b60121f8e560ee7b

SHA512
eceb6828c7f6b6fd98615bd08cb579356ec1e79f9de7f9305d9e7161ddd9aa90a503dfd5adfbfc53f7a54d18218eb34320ff30a090e8c8695c9005e5060ab708

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation8908895421683853276tmp

Filesize
564B

MD5
926cedcb687d8e7503a90f385f41ccaf

SHA1
75fbf4724fbda7234b273cc86c4b413cc8d0405e

SHA256
3a9b39a0fcc4be6334e9f8803f8611198482ca4f824be9f6fbc5022d24ae4cae

SHA512
b75c60a74d3825bf5dce65623934a709551a77a986322da1eaf6bd2051f064676938a340d71570e7b187013dab307dfb189f9349faf7c51efddde38e0030ec57

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
d9dd3d0c29f30b2cd22c827258c2a243

SHA1
ca5c4e9e5c1995f9f31da5da4a77653e58cc67c2

SHA256
adc25d9978f55a3decb6821281662f261c345d685dce59c1b60781af0673a5e7

SHA512
cde75d7392925612b854db1f3a67c5bafc7e11f8f5724482a1849e0aa41223e454fff193a6c4c1852eb66abc113e774e4a2771bafa16148c67b407b3322107ee

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
232cd5c9920c960767834baf09bb8d48

SHA1
8d84a64470404dd651e941191f70dc7ec047630b

SHA256
bffa3b8f366dc4d60a935384824a07369be56279853f310b633caebe618e4f66

SHA512
cc6033698280501f31050de8a12fea3090d25d1f362828cde46843ba2740d78e4f57bbe6689a1094fb9d46d508ec57b170efc5f97472032b7c1174ebe8ee51e0

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
c123b23a3c100ec6b3a47ae392596801

SHA1
6d52ea6e73b4accf73b05bfe2b44cfb6f8591cc4

SHA256
0af3ad4a833bbb35a032eab54b5511537fd397124f2a3d5b2f6585c74c4fdad2

SHA512
34321407c83eebf3e4be3f5ea35a7f16ad5a3abf787444791551aaff4ef34eaa7bde200277fd32ce7f645e0aa2b1e19f2d0d16add61827a87e12815322619a08

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
de08938886bb00781f191867da49de4e

SHA1
2cc058b8b780f3aa7480d697888cd43c5a4b8329

SHA256
83764ec96b23f4aeee2f8d581ad02d0b4a0bf6d671b50d4afa6c5daf263cacbc

SHA512
bcae0bd425d976caaddd01c5802d2ba8b9a26929178a4d9b82fa982f35ef55768de8f481434e38ab289c587d9dfcd63f360e3af95c2c91763173810aed9bf760

Download Submit