easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
47s
max time network
140s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
19/04/2024, 01:56

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger banker discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:4186

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
ec9f605db1b362397bde37815d162086

SHA1
d6b7d92358d26e45a29a8dcdd6a4a9c1769e87ed

SHA256
d3277b4f2ceb8eaf92358446417c9c18fc78f90168e7c08676f945375d1f23e8

SHA512
2048488cc30cb1a84affcc5fd3f4a41e904d1b41622305803dddd9a97779a5c7438731e4932cb8e1b846717d786c191e9bf32b11283c91d83ebe80214ace88be

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
0c5be4e06b476104f5c8c01f58df6e51

SHA1
fced12910a3cf1f5dcd75c6a59d3fe8aaa0549a0

SHA256
8e590c3cde3a05f9c51548fe01dc509b976a0dfc1d66af6eff0f6893278eaebb

SHA512
d88066596f209fcdca59a32cc692c04cb7a988ad4161c78925646151679f1b26c3fa56c473b83fc0e75268516889452dbe4c4bd7b0d110e83498ecde8d2ef941

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db

Filesize
76KB

MD5
247a9a1ab8a9d50b768aea16f443ee52

SHA1
1b8ef45ad7df4db30e70051835585e526f7fe488

SHA256
6c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796

SHA512
6285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-journal

Filesize
512B

MD5
74fb8aeea36e9c3f0bad1d57efa93f5c

SHA1
01477ecd27515ab342c281e074107ad95e1ede1e

SHA256
ac2836e130f8af2e16eb8ac5239cc7842a149a11714ae5af5892de2c420760bc

SHA512
9de58cfc373a39a8480dc917ca5485a7bd504ac3353c4d49f51907914b4141abdfb150833c690554d2ce1b4172576e3a774965d2ccf4f85a5752783e17ae92ba

Download Submit
/data/data/app.EasyLogger/databases/EasyLoggerLog.db-wal

Filesize
140KB

MD5
69de12d71e9498d3f4b8da32d6a8e524

SHA1
742f8be86a1f33a571dbda3b920b55b0bd74de9d

SHA256
e0ef4f2ee64e06bb765deea246bdf32e169f33f239ad9c3cbf2deba73253c4ff

SHA512
4d6722d8628332e319a06346027d404ed4c29db21faf711b49d48964b84507b798960387674f05dc94c2b4c0ef92c9e07dd62313e4bd68117670eee055ec13a6

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
439feabcf95da4c65988098809f469a1

SHA1
8bd626d03807d8978341895b8573e2b228b0fefd

SHA256
49731c325feeefc1e636af97c26dd9b16381fe05e58eed07c94f771872b5215e

SHA512
81a9d71a68f0d55f43b89a802e01168a0e5f99fdfc51ab1cd14e77056dd894f4961171148155eb6face9d5da8bf65aa7590269df807d5a0b0649e3fe291f0bbb

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
02bcd376fa09d0afe27e122e31544536

SHA1
eaa94f0877bd6d934b2066120b612b1aee6b533e

SHA256
e1e217cdcf0b006df183bde16d54af7a3001753a326f3b6d7f862c4edb7fe141

SHA512
c0e46f03b9997979984e8bacc07ac9d69a405b3a211527036546d9b19de60dcdd64e63a8e8d181ce6177e8dc37d38662e9cdb74c5477b4a7c7259e29c3d00414

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
24939bcf55a229a15d81636d14a6cd28

SHA1
1609370f6b0ecf2809fe6b5d9815410dbf6f2f06

SHA256
a594514eb78762ba37964864d898af7d826730cce35faf35f4ae1686c1a77cbc

SHA512
7e1c2e26e53fa38c85a5074180e861e65cf54841e8a7b563fb1df47b102f0b39eade85962bad56704fdcae40f9fca2cf54247d7da32f08d76b4a8db64e15085a

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-wal

Filesize
68KB

MD5
4ba01c58c538b8711ba45a667879f159

SHA1
ee1c11e144f763318232fd9523a9d582fe8157e8

SHA256
82bfab40c4a7677e3affeb1b78fbb7b7f23689afba19ae5610c3b97b1c03edfa

SHA512
ec1733d5fbbf569f03eafb44c38c073d48f1f677d465ffabe3163dd8323a3146182c302125fe9fb3d8024597ef33455b1292ce8082c0e716093ce99078766315

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
18d606d740602f6b003482c48e7150b9

SHA1
5b49dbca580ae7c14ee93ffb812b5cf97bb74a69

SHA256
3eca977243f056ecca7e4f7ccef4541cb3062c3f02fcd8994b8e0faeb953ac89

SHA512
9dd698e5439329b6f6f1625507eb1f5f39867278bd13846100f84beadbb5452f3bc362b3029c9ba443d8a4fc0981f111b43d6710b136f59b4170979abfc8c640

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0ab1284c6506c241c0a46ca51334984e

SHA1
b59bf8adff761048c7ffb94f7c0c8ea712f2c44e

SHA256
a2bcbe57fea1a503177c3685d5ef16a932b54577408929b5f3c1203e475a60a3

SHA512
eec02ec73f46c416a05be694931978d4ae850865b4a79dce19724997ce1317ba06d6f7a1beb1f2dd6a1ef8cc44e70b5df9f0ed0dfbb4e739f982fdb9eb182d73

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f484ba6c5863901a72a17eb8ef958f47

SHA1
78624fdb0a247e077ae8273ebc98ceabc54ef1e8

SHA256
e5486d207daa1c31a71571ccde4c42a7ca31f28aa5aba2fe235c1cb659183ce4

SHA512
45ae0f861d397b944ac999bb8438d905fb8782a869c00fe0d48e4c0564c86cdcb94f0400a7d9d2483deae646de9ea6677872ef9a28b0b487b71044249f88ed97

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2822283037479fc613c5188099caa17c

SHA1
a25eb25a79a12f734d08d5b8d72cbb739fceebff

SHA256
3e86f7d97bd28beba416a08d1cc14a6a1f648e0b5b29a55be0a90422e861f17b

SHA512
fe1a58d18e81a2252f3425c9e325ba46de3ecec0e35dc7c29d8aed16b39d4ec1affbbfc73b768deeabc3862ff4195e074dda9ab6a0181b86133c4d82c9d5d871

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ade57a9892c105eb146676b760e41e1a

SHA1
4ae761adbe22de8b6979c1e3b6f9129ab8ff2c11

SHA256
273783621ede4e3a64953b0f7bf0d9fc8ea1d76a0d3d822f94f568a1d9a36eb6

SHA512
aeaf10d02cc568f8f5a09a713bbfd0ebe83d7fd2f66903bc8a64e75ff83d9e438fb937c2f76b5424e540b10f6260ca29477d8eb7370f35cb3ba74ddf7892d8fc

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
50b05a186023d31134fd105432d1a675

SHA1
ac520900042f332fa2abb36d306c2257c4a98d9c

SHA256
dd0a44d0d1171b32c487255c25d930cfa1b177b0dbfa6fd68fe2fd1aebddfc08

SHA512
0484cc7f91bf919aa495fbe51b4e3350f552369bedbd57fab1981d61a4a4ac9f27b2753496279103ccf5d2d12a1529563b1fb4ff542ea02331ed36487965602d

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
561b5baf3d40a7f929b3a71182680aba

SHA1
b7c34306cb3ede53c818007bc1f5dace07174fac

SHA256
b4741766333c5936b8446f4e5317656eafb216b0180c2da26f5312e12c78f43b

SHA512
1b209aabd9094b465f44267b59b822b225c4de17c19cd7377dc9e340d37d2a315f4f4dcafd06b735dc8e6d6a96a5da69a896d93573539a49a19a8a8f01bdfd78

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8091ba66299adeec982e91b31c162d2e

SHA1
28da9803fd4c0a2c3b6cc5ddf6620824a755c3e9

SHA256
3ba05ffd6a00ed6e87aa0e9794612e64e1a7e2461f60003a96f6a7ec95e0371d

SHA512
02f1c771a52b84071af885ab1f3831e6254f3c9e2cb52fdf2678f8d153113face3e03063981c39ec4e515659615441c4262aee213bcdb7c823f246457687bd1e

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3c1273425655cf06957916d6a0a1f377

SHA1
11bfc3555afe5571a80f01c46a0d7cd0c89b6a76

SHA256
d68c40fff7409ffe29cc85ccfcf0d42f9d607137e5553459b28c92e46170bb60

SHA512
ecd566660b3cb9620a03603c870020ac84be90320da3bbe88047e24395d02178f3ada8cad4432e6eb11de4a5f5782bf09ac10f530103a8551e4866594b0fda31

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b1ed67b528f0aa9212d8ebae5ca22678

SHA1
cd5ae86013686abbab04f46bc1be9aa9e3cfd8d2

SHA256
57f85b71b0083de48172af97dca9b39053c5bcd049f240a1dd850f7278718242

SHA512
9ed24edb2187d70d04ed35b2e80ff081bed06b777d1cfff5333f8fc70be6feee64e21d244be9271f8af731160880aae83a96fcdedb1f0579f52312ba2afe49bb

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bdea081b8ee81cf2002b21b0661095ae

SHA1
ce853d1f405d8662290379893e10b703d29385f1

SHA256
e76992f8bf11eee7ef616809dc03edf164d969e1dcced39bd966e172ac3f3c33

SHA512
825c2874dbc87a4fe75a4c1efa4307987f8ba663b05cabad3f91b483f7e263f6e6bbdb0a22dae90818ccc372c5b40565159f93f0c616e51a5cbc6e0618bd5f11

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
42ed66c956a872209d4d4911eb4cd114

SHA1
50f6fa2d40ea904a4d1c346ec63388c949aec06a

SHA256
037e68250e5e525bc49b7a10b0a99c4e5b9011da5482c2ce5fad9f82e48e7038

SHA512
962b01d235e54634a5d801c892ae6c60ced66a3b4f8e66c0eee88fce5de833ebc97751bf70da09cba3affc845c9d4308e64e9774a07cdf0d2d0c17d88546a9a9

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
4c48cc9f19f42e1a8d982511d1f6cdf8

SHA1
ed4bb21dfe78b997373a0a656a6def0dc44dce47

SHA256
5b9daf2c6696cc881f8874155b0417f8befe029cbc123b677364357070fc4e6e

SHA512
8db5ab418a37eb8a4b22c638ac1322f7860e65d10161950a70689ee2dbf82220dc4b821cd8479d9bc684fe5c0aed673e46ff8738f37124e07a1db4dfe36a0898

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6621CF4800F10001105A5A78C1D7129E.temp

Filesize
438B

MD5
b60191188eefc05ef7f2b16ec3a10ebf

SHA1
c1654aec8a90dfb7cca832ffc1727cd113bf9041

SHA256
6615a11ecd12045bcb95721b464fb955a42bc7c7bcae723a9e32f8a992b30252

SHA512
c11357f362fd9f3b2d97f8a94e76440d4856d1bd7c021282415c1d058b7b7ba73ade6ee51f08f67c3b590b1f6f5e64962ab5cba1e46341da43f85439b60a4781

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6621CF4800F10001105A5A78C1D7129E.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6621CF4800F10001105A5A78C1D7129E/report

Filesize
732B

MD5
1f40f2757762ea07e9df039723361eb9

SHA1
d7bb4c3a5e876ae22a1712d1ba8be7d4e52ff4a3

SHA256
e982d6f3044cd4ce670eb7d0bfd0bb06a5817e564dac1906270f6d706e655c25

SHA512
dc5ca35cfe955fb2114668cb5507984c72d336c2daa2e3f9deeeb9ea478fcce9fbea6f8a8ffad000fb209a30b56c98925fcf66ff47efb214d705f7b502c24b09

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation5144665284817283398tmp

Filesize
564B

MD5
f33f05b30561827cc2959db4db8dde5b

SHA1
c4c8fe2755fa0af32c8995c9ef2d88dbb4dcc93b

SHA256
3ff38f9c5b1d26c4584292b2704d8f0619ab2e140b9800cd46bcb4c79ec68d53

SHA512
701b9dda0a12d8372c79fbec612de40762a61db2a2c764a9413e22247823784c5b3d1d4754064c269e7230263ffb6e8e8f443a3c38eb451cb1fbcf8eed4c38fe

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation7722434556098896150tmp

Filesize
90B

MD5
9a919b222721ce7b74fa14e8e5ebf45e

SHA1
9d64aad8183cea8824cfbe7ce5daf28ced455017

SHA256
24fdb89c364dd269309368e7d08fce1412761cda0b5ea20ed35407f4759aeb50

SHA512
6c0a5c2fa9a6ccdaf4011ec396916486614fc20fc5eb06d6e1d30a28df938d5c84942db8925eb523936b7e36abc3dd0ce19281cac018c5b75d98bfe95c257c80

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
3a29bc852ea4567e98b95a558b533e0c

SHA1
44291d5c2dbada52f2628e32d8db97ea7fabfaf6

SHA256
fee29fd8889587d3e5eabbad7d3cbfa3939fbeceb00ef356c9655cc5a3112e5b

SHA512
db546f988e07a72198445bcf5a2f5b11bb7d4737444dac3d08541df2d31660e3769ea44f45f5514e2493795497932e3ada2af12b7282d78a57dc3c93f2270978

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
1247b79ffa0753a1a4885017ee43dfcd

SHA1
f6f6f5b3feed7f9c6d0b2e1b73768e0308ac9125

SHA256
cea05080b72e3229e7635740109a17bc8607ec17f8747cb31ff019c902931227

SHA512
133b38095adc21154d21e70fe3f9eaf41402df96a943cb4bbd1ef95f7f614945a452be14a973b5e968afdf76b5c0fe754e5bcd483f7119dfa6c46ec8e1ea8e83

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
b6d9f7122388715b6b0786551e6e3749

SHA1
23832e518d86711daec918944d2e3893b620408c

SHA256
0d37acd51e93cfce954d1f20f43915a13d3777c9b0b146ae19555e36554776ae

SHA512
cf5347c6c947835c8afad31b16bb7c4bc0120ca8675c27a7865a49a8bc249caf0635e6e788ac8cfd5bca5ac8c480ee7458e355d86986dfe4d01437a35b94982f

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
38e4dde366c87998c77b111b87f37edf

SHA1
3897f672b993bf435ba96b31acc10ec23c05567d

SHA256
b83e56a9e140730ccc1af4eb2da1936be95b028d163d13c19b22e56c279c1342

SHA512
4608fe03fcc3f12115f1b7aa20a51c49bb9b510a06b8132198368262c8ad1c1e12dc6ae6b8bb8daaa84a8656e8fcc42b53da83b2f31c6ec98bf656790372651c

Download Submit