easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
7s
max time network
151s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
18/04/2024, 01:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger banker discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:5048

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
8144cfc20efacbb66498c2c836f562e5

SHA1
6abbe001e4cffe96156ff245d2be14d34d218fdc

SHA256
efa6f7f0d48648672eeccca927bec44d67c6df64bef987349bd83b7892b9dd8f

SHA512
c8cb085bc686a8b73976fb2fc8c1bf2c21384b5598fc65271165b186fd0b9184e5b3e4cf3204789c0787b6503e0a7f95c7e357019b563e886ea5a7598681a674

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
15d5b92dcbda7ef7f9ca327a903e46e4

SHA1
ca153b66028a58d90346ff8abadbdf01b95c37b1

SHA256
e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370

SHA512
2352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e8a103947d1ca43580c99d0af7e2db37

SHA1
4def4e8cdd1c52111a1473daeb824f9dc1efb916

SHA256
daf9da38ef60b1788ffa15ea3de0932a95d63e0cbf83d9d4164d678f5607e447

SHA512
75cd9b5f802700a44d18d27b380e85fe00704a47f5d7a17f0eb26b488b7b2399ac766789ce37cf56a41a45d5459726eeb7a5e3a534aa6f58a2ccf619f15efe19

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
4f731aa1b09b82a0f977cff5f6dfd03f

SHA1
d944a043eeead19c84aceebf95ef91081400c1df

SHA256
376936e81e5d23d00a8bcb97a801683a48d5cca0c20c229cc6de02cf4dc232d3

SHA512
be14eb9d8e32198c1da0dd9089b03c8fac1556b890cd7846e83ddffab0b1145e132af444564e0873e9a78d2d4a405e1c81efd173ad4b5ee271235adad0824f29

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
d9ce8c078366e1f0ee9f032a1ed21f03

SHA1
6ddd102c9bab30c227eb94ba2dbdcf4acbafd71e

SHA256
c069bce079a300ce4895518c63e00bb4a386cf443e171ea93cf95548540eba8d

SHA512
6200de43180d8dbaadd3b386f12f5b0b38d74b442cda1b46edfbc61d279d3d439400005869a60e09be84eb19c3de871e3b08e0bc06f43914afd1d820bd81359b

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db

Filesize
28KB

MD5
584546bc5cecae9fe5ee6ad866544292

SHA1
e8cb18734028bd2e1289003546c723a5b8bfe491

SHA256
d0a39ad0f7ed814f0de04747dc8fece29ee5dae1ccdc1f0eacdaf7ea531d9d49

SHA512
8bda1dc87f7ffb12eb8515623ceb806cf6c797738b73ba06fa606907886e933b68bfbdbab14268e0008cf041342fae0c5feb9edba8f160403d5592c72709f52c

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
0b6213f3556dbd44bc9f712d9256e733

SHA1
b7ca670ebb576460495db0f3a2222c9137ef99fa

SHA256
2ca97110347ffb8440d722ad731ef06c424587e3b5cef4b2ec27d09a22f5a213

SHA512
7e7bd4cf32bdb605b9cee92296f01bee0747794a7e0f1751e8365040bb1d36cf86e292b9309f5c496b92399a6310ee160aeaf220b926f9fc4ae2c3213df0833c

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
720e8865dae0f1d7f898eb6c0b046b51

SHA1
5aab1458c734cb452344984b31eaba623cc523e8

SHA256
ba272ab1ba772d6909a8fc445b8eeba0bbb37bf81240a5c3afaa2880b23d16b8

SHA512
869fbfaef789c9cbf1485558fb50eafeedf409f52f3e7a8ed698124eadbe4678430b494498fc297f6cea032073cad20977fc2efdf7524067c014d93f9535f56a

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
2323382121bb4136242d3ae7f63de08c

SHA1
dbc6c779754bc0d7753eed44cf0dd99e366f0fed

SHA256
cbc1d7fa73cc74865fc48b7d205238c46ee3a13f9ed89514bc5624539171636d

SHA512
a94d48a564dc8ab1ae9295209d24c2385af8d546fe8cb8655cb6b8322d9d76024562da77d2e3bc99cccc82ee74f53c0f4e428c7f83578613a5b4483a1a1220de

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
5c063054a56e4b5f1c8d242b3a812496

SHA1
cb2666508b75e51bd2f2ba3dbb3f748e7483de14

SHA256
581748eef50c2cabdcbec0b2b81296789b33d0bce2343d4fe33bf1bc32c62f15

SHA512
576bf786fa2c833fbd372fa4bd6d3affed47ec2208d08cee7c0005f8a8b63222195002301597bf604713fe2226fb69eed6f01005fe2e937dfe336edae8db2e10

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
ec73bba03d7aa8d39e13d7fe11cd6a14

SHA1
11b25e42f4f08fc1635d631de7efce6801731dc6

SHA256
761495be65f3ec0c1fe56b1e29cf563448fa45277d89fb6d457f52e7d68f24bd

SHA512
9c68c18560032ea7ac2dae5ffb8b5b6703ce21a8b93709adb15cf6e9f82a09996971ba4209cdd8a39470ceefdd47f493eb4abbfdadf48e9f0e5e16a7e7f70df5

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
93a484ca8f1a71382023c7f3a5120853

SHA1
39af5a4aedce987d0d4d42766b95ec6b03afdd5a

SHA256
51f1987b7ba74d433f5c7dd0ddd1d5d2f1ef156cfaa67e9a19b95f5b311a7109

SHA512
bb82562046528f22319a3b3f17a5a0d579203792ca2dc9f4359e5a351a1be94090f162aa338d77d76cb2152658f526c5d8cb15076b4638d7a29a6372abd69a1e

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ab65bf63a41ef5f6997da94a1a395b7e

SHA1
0936422f06ddd17b0c19eaf61997d987f2072575

SHA256
11d25bcc4c2860ac701815a520f95deb9808ede90c20394956488852b93836d8

SHA512
a987ef616b015ae8e8071737c3c60530f668ac1b055b15e9728db504b5e43c9bf2c66dac5acb2ec0a58d24bc653e4fcece048f241c67ff09277327d2b0b374c2

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
52c0fc01f03be391f5e509c853068bc5

SHA1
5f9b962662945096da9caa546f5567200faa5392

SHA256
f08cc707446f50d266762ef9642e4d9ceeb5b33c07eaf3575d5ef6299bca9e4b

SHA512
22ecd72c602cd302a0dc91815039cb955a88de1ef8e8c6068cc6f06a00930e3f942d371daaed80d0ceaa7ec373245adfef59304d62413c22bd06ffbab08e1494

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
676502d3f90c59ab39d0e03df5d654a3

SHA1
3eaeb0588011bc17da25e9c16a7c92c690697909

SHA256
711161c2b0f10172dab4538d11e81d359c6a1bec1d488890f0befe6962568216

SHA512
49962f011a590b315f6a5a35610d88300ab1c11f01a8de1d324ec1b6aace6224c9351eb172e86767f44a81137cb4a4461885fd5bd2db70b8f9895aab8209784c

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6e32fd193d8e71a84690cf8b94449b0d

SHA1
426e27f692cb5cdcc3f1168c6bd5450b6111c564

SHA256
a6d3473d492e9a966573f88aed4eb494d54caef4bdf34ceccc9a9a7d09fceb69

SHA512
13a54425351fec653851e4ea180610df4d80a6f393a823e7945ac42077befa9770fa66b02763b586d6cf842ee70b5180c51d904bd78d978f39726b860bbbe714

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
a8ebd348dd53231d1fd890189561ce28

SHA1
6c6f60309065540892df02a71edd62901478373c

SHA256
27b5aaa7a0a7e6a439163a20591e14acd5db6be58e587e32adea8804af8ae357

SHA512
32a03300afb84d4179f836345cd66ba55e21cf286b92f7604b03bc2b91b213818343971f65b61bfd604f81a2accf2958f794d8c6c6190c472f1cd02ddf035b8f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5965e63323605e964b40ecb66e8bc15d

SHA1
474843173d3f1c325442bd759a63e3f3920ef5c6

SHA256
d64347481f73935d0a8dc5b2f355f6519359991daacbff5c4137704ce8289612

SHA512
695e992e51e6928071c54c54edae82edc78eab252bf0ca529e0fea661baedab1ff340bd56251117fb53634f5fd111deaf2329616543813bd903e7b0ee1e84cd4

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d97d6297336087b075db9b9d63340c94

SHA1
3b93263e1945286ee3d107739163e3a93b38b1c4

SHA256
227cd14cfe6a8d9f4db9d6f86526306a663c25aef9ef70b681e48a5ef23429aa

SHA512
964237b7aeb7dd03a176806bec659376c2c1600bdb3fac273455a211c3295b99e13bf09abbc98549ff485a6661dff15f3e24d4d4ab1b314afa0512868e6d9278

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b776cafec3393ac02fbebbbf2cda6719

SHA1
e8fe26896583350d4ef5af225f94b30bfac2c0ef

SHA256
7741b636457136b627d9ba6b3816bb6762637707981d29041570bb3aa5ace0a9

SHA512
c43fcb85ab068b68d5ca2de3f61ca55e8b1270aea81738af4028e9d9da75d6908f6890f8138b6099822e81b8681b541b7da2540548ac2b1965553ff9faa92b6f

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
4f8cd00a659be6289bbf23bfa4465a10

SHA1
4df9f773b9c2e2d76c877c87a33eda3b51d270fa

SHA256
7cf1e63d4ef428b0bc2fcf34864f9e7dc6e6293dc39c989357ece8f2adad373f

SHA512
0d408d1b8110bf58ee76095598d6e400c68adbd19ef5dd6c51f6dec930e56c675325bf2e8c3ed71e74d2340fcad94132e0ff81d26965b04fcc516a6dec812078

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/66207D1D01EF000113B8BAB521853790/report

Filesize
733B

MD5
ae2c50a88be27ec8e3d8220faad9bbc0

SHA1
812a5d9ad396774129d632726d1d2c3a5e1552e8

SHA256
c7547391e49a1bae8f60576f1713d29720edb47bd1efd460dc371cdcbfc3e3d4

SHA512
97a5ac4f5d0209f5456f45e9c644b5c762a7aeffbf4ad7b541ba202c51e27ecc38af4e1d7e012ce5b39f387015ca1238390296c4ff7c3330155e082083c20478

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation5662218136554750995tmp

Filesize
562B

MD5
8f9d1a294d7dbd43ef4f94c6c9c8aab5

SHA1
38ec0a161a6fe169fcd530147f0494e64317d905

SHA256
be17559a2df1276fc55a807fb8ca36a2ab46922982cf030ec57a473ccd6affec

SHA512
12dcb1d662f88cc7f85afc3bf653878c35d04e9eed121a5865e3a84cd02416e6cbcc6dd450d2c4f226a59a481f12334f8d874a7c79ed075093b87007fabc2719

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation5805638852991451556tmp

Filesize
90B

MD5
d8b0d64fa279b6acd4ecd6f05034e224

SHA1
bd8beaab6b6692b691767d45075a2434c9d3d70c

SHA256
16e0804045a0f3b8e54799a284fe403f190a291f97492d42b324a30e4e7be2b7

SHA512
20cd62450d4fec1576e75b87efaaf4bed3615ef1b888adae0f81e45038803792de66bab94c01897cf9f9ef89f85ee096e32d514b175075aac73b472d529a25f4

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
97927707602b951eff8f27f193d4f488

SHA1
068ca544c482e9f20a658d72153fca89d0c353ad

SHA256
c3fb37cbb81da2829fbeab2aa6773ffb89ec0c03102c4974175f297451cc6d3f

SHA512
235fdaa2eb62c0174ba17e08c76926f4a4ecaf98a37d51cfcbca14d492e9e082240acdb2b28278e86a6c0bfd85bb12826af488f0731e1c463388430e9a805285

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
1426815b3908271ec8770370f657b0ca

SHA1
52d859c5a36ed808d3b43d78a6f39c98d9961729

SHA256
018a091eef1ca5ea2509a9c0a48772e3b031fcdd45bad937b6856e3183f7d689

SHA512
074babb91918be0aaee6c00f8c359a4bafd6fa1dae51c8ef6dce2e3a90286c36a6313653e3dcd6438bc0957038c2b93c36d7cbd9edd6f830c68edc1192439844

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
67629fa039f7f87ece00f7d190065879

SHA1
97a15824dc7a508be65e3842fe42346831fe1ea5

SHA256
0df42ffc1f018cdadcf603590f6b126a955d645b34701edd7ea6e70f770648f2

SHA512
868e94921eb7d3425dd2b87231eb6739dff89e35737f1a6632f7a51bf08b2024d664360a955eaad9d6d84ee2425a2db952363f1919a38c1717700fb49a17e255

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
65fb613ddb072e70fc3286aef6c52b5b

SHA1
5bc2142c526031c893ecb6caf9b1e1a056ad47fd

SHA256
d15c0b68c3adf8a0ce6b38b18f627c7f8447fcc88505d0a2138c6919a0aa10d2

SHA512
5d4dd3c990076d8af42d59b07c500f0f245ef52559fda8149d5515dd9bd65384138ab3c8e11cc4274f577a342ca3011450968ae88629e70c5c224bade1433456

Download Submit