Analysis
-
max time kernel
48s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
20-04-2024 02:08
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD54590f33c69d2fcb85c34f7a993850a90
SHA1cbba0593722875e9aea8d9e3635586b0f1dd8cab
SHA256e35bf7df52f41c1ed2d8f4788805dc031ec19c35e91cbcb021894269bbcce8fe
SHA5122ccbe8e1b8502a15651749aca3058c63339d9ea834c4b004c1aeb96b903655f6fa7b6770cbba2e3fff31bea730ca5ff11da6160df9064b459255b45c66e460d7
-
Filesize
1KB
MD51a7f6b7b160cdf52108b86b142ef1395
SHA179c3399eed5147e0366c2dbda2618182be028cad
SHA2567af13b85bb226faaa427991e6ad722b3db279944c44f68750d955ea1b04925b1
SHA5126bdf8813bfacccb0036131d7b3a32c6dac096e0cd922216e7c9f2da12f49773bfc70570b0094d8b9b8f099e9b8a6dbe1e47b1bca350662bf77faa0a34147126d
-
Filesize
76KB
MD5247a9a1ab8a9d50b768aea16f443ee52
SHA11b8ef45ad7df4db30e70051835585e526f7fe488
SHA2566c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796
SHA5126285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f
-
Filesize
512B
MD50552fab0bf8e3eb286c2b74625190a88
SHA16cd1f842787b9ec55a4f36c0d10abcb273c873d5
SHA256850c92105963aa172e770f2a4927927f1c249d46ee9d25a12dd0c9201bf8f609
SHA5120f782e2dcdcd598b70e656f6ac9a0a1be70f5430fb33a869f5b7145d8d717d9edda646b9b41d57b41426b2d498885c210d4469b8349cf4a0fb63afc45f6dee9a
-
Filesize
140KB
MD533cd13b11448700d021ac3c7fd535b9c
SHA18f9b4ce35271b30f428b5c188ba36fdc5542b044
SHA256325da3d5a1615e6f4bb1f7ce06c7345192bcc0aeb835207c62a287b081612885
SHA512ea1ffa2b023adf7175fa3b75d21480750bfeae40da874668b8c945e396fb6eac0a17b7c175fda58d70946152cfe27d41b9b4011ec9983016eeb31566569f5cb0
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD50fb65c01b3f900aa291995634b704a5e
SHA167c9bb142886dc0e16d1c8ce791ccd6bf747b62e
SHA2560c2aee29a9054e79039f3476a9d67478bcbb1c8a0911ea81ee462f84b475012c
SHA512ef2be6d87cccfad986308f9c05cb64b7513a048a00f1dc665c3ad9e39a4ea6c3ff75cef873342676632f3dc81ea01466daaaa4eb96851f3df25a22bb7c51ab26
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD594e393a4404d340d378a8b39d6e5aa61
SHA1d8c2b2b5e5e656a8ef191cf1e0d9403c88f5c7f7
SHA2565d98aedeca6e43ef583ce32880f7512b82070e3ab1d19e81a55e0d8128fc5745
SHA512486509293b7016e97dedd8452bb0166ff6b04ebd23171e3a55ce4753210f8fa982aa022c8c516a784e7781122e4e56162bfd87c9fe488d43fb329a922f24d48e
-
Filesize
512B
MD501bab6de8542b182915993abee4a79b1
SHA10a58d146c2923bbba29331c7e18d236c969733b3
SHA2561d8f61f51a8e86d26c269c1e87aeee20f6bb044af06151215d80cd68db53b686
SHA5122c1989558708f5b57efc4e10f82f002973e37a3fe12aad4f6a6e9b0c21fc239495228752ab010326d60d49782e37b75d11af9e1c3fbc5ecf0f840d512b324a71
-
Filesize
68KB
MD51d1460f4b5f15d40907a38b7f84b0e1a
SHA1374f8623320ef3d6e2b1454cb2881a5581979930
SHA256450c6cce951f3978313faabed02363ed5659071548b13adac8b0312fef29abcb
SHA51221177acbbae29abefec3dfa92a24588712b079fa44bd8baf4e0b53155b5b7a10364faff39af1b4fa65dd0328f6b5adbec1c707312d7589103b936cee0a2c2d43
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD5683a75ca1fc10c60a452e8dd72a012d2
SHA17b552d9d518e309ac2e3a2891b94e7546491fe0c
SHA256ad37079b6cccfb1685efe41d9d018215741ed1e6aed1669a1ee823861f7f3e79
SHA51278de4b9ab1c69c6d59143a8ba402fb33fdc5eb9bdb6f702c8bc47708576ca7bdcd1539dd63e4a63bf84b524684cf415b576e609d5bbc0a4b86c220e6cce829e2
-
Filesize
16KB
MD5ffaa38ba2bfe939061e95f6295011c07
SHA1360b0af32c469f1704e81f3d73b62bdaa9beb4f4
SHA256a65e23a3ca306ff1b80876d8abfb2e1c8b888ecf2879cfdcabc0de17a8650a1b
SHA512288aa313cacb107f3d7b1cead628117429cfe0a5970930a637d36fe276b635308d05a9885ef85cd8c23c11f6988c9b7898910b1dcb1ceb5f9f3d469b2522ed55
-
Filesize
16KB
MD5e72522df2d5acfc43c7937cdba5db173
SHA11fec5960546773a46f5841f5be75da74d70def4e
SHA256483b40a6234645e6abccf444b62ef4e2d289055320644fcc0d425f3a0db6d4b6
SHA512f953ace336c3091644c66a5a485ef75de02a0c65dff8bd92cdd4aa25f16a3a7f13f40ac21b47ceea11b811e94028d032cb5c53b0d93b1e9f622593a2e90fedf0
-
Filesize
16KB
MD5913a1931c681e3f8241308cba6fd2e8b
SHA1b055e9ee5f43b5de89d8b27a4a47e0944b9a5c37
SHA25685bb8aa84cc49253a5ba5a9f33e72f72c524edb026d076cd07c5469feb7fcb97
SHA5127611f8eedacc2b32dfe3b0d6f5bf196754caf7f0f2c821b5d50bd7975305373ebd89ed253a4e41a1af21190f83d36c3616d1263e6fbc46e3a8b26c2772dc71fc
-
Filesize
16KB
MD587cb9139596742358c3c3c255a7eb83d
SHA14c828cd7ecb820c49388be23f7044752b2a799a5
SHA2563efa205c621cf97960f5c1b691931bf0b983ceeebbf1833b6fa0f9b1391a1593
SHA5127edce5c507f0c3efad1c9fbc7da751a2b11de32fb23e52f21d18cea525e1172ffcdf71198884a0a5c88d84e3268d8125815fe88f78743d9a2b2fb4982a841b2a
-
Filesize
512B
MD5da91769e252d79db0910fb1879485c6f
SHA15342c548aed737ce242218031f99623666d51ee7
SHA25604a191279a2a061121f04bbca49dfe122312550c00cff63f1992f0a46d1a7918
SHA51280b9ba1f225ed5972c15ba013e3236546e3e2a47ae6afb4f86d3df1a9e219c1f7b7a79b9eeadd5a9e9a821b77552ffa5da8789a222a95bbc64ead1ade22f8c9c
-
Filesize
36KB
MD5884cbb573c022181c469f9c7e4a097fb
SHA1a5a625993f7e481ba7d27996d543bddee5d4f129
SHA2560a0a69c39c4f5eeaebbe8027019d63fdc7da7046d7e4be4cc4b671ca2b7b459e
SHA512e646112f5e0cc25e3dd2fd7fed818ff8949276c7925cad5b17bf000a474ca258db1d377868d58cc178eaec1ac9e4c6a428f031837c77372d68f2de20d54959d6
-
Filesize
4KB
MD55c750b6ae1ff0743b225775339429eeb
SHA119d5a6d48ea17703124d0c7d49e1527e174f5277
SHA2567227161b7b5cbb4700b5e03e2286e39941833d8a80fd0961da5fd97a086c188e
SHA5127dc8b10662e2761ce1641bce6e40085f0d4d890148ac2f1ac61d55640fb0c86421ff9c30490c049e59ddc1c398a82ff31246c63469fdb5dfb8d96f5cc5792ac2
-
Filesize
4KB
MD5cc20d1766c6525c38f58ffc0a2e3541b
SHA1969a787e39eaf89bd169adfb9c9c802238d64550
SHA2569a242baab0015e0b17f66f845702e327ec369dacc0f3f027158e17c7999d3e36
SHA512c1d49780fb88b82ce543b41ec3fc9778ed7538b956259e60a5cee860f2ce7c5b2583fd645aea24c9df5d63dc8596894d8c4eed208917365e4ef38d766447cdda
-
Filesize
4KB
MD516d180ae1e10f6b0deabd34655bbcae5
SHA1266128dc00a2c3df57e22c2ca1b6d20c9147349a
SHA2562ebc5bb9b1a2985ede1e8f3e95fe3b952ef40229641e0a120793ac0aaee4d095
SHA5122c7104457a6193d9e8f04442d625c3ae700537559e1b5e48eea1de553733ca6eec2994cd99a449573008e6891359cd4d99eacd303f2ff85db2383c134dbf3b16
-
Filesize
4KB
MD5c409727306d0c50265279415d1751520
SHA12f328a100f40584185928309975d8b0ad79438da
SHA256f0940c09df67d14c207605869a8bcd20f6c69f03b4b19a973148e24777f161ba
SHA512df440528822e38130a6cf9349b2171cb0c19fe01c1426fa372ec18937c704757a51d8e25d2e5afce2c5814e3ebd40a0555575307248fbe9b5641705e66a203c2
-
Filesize
4KB
MD52c8011460eab2cb07a15e4f51e9bd33a
SHA1a1b4dae00c6bbea46facde0a4ac32a6a7cb6d07a
SHA2561088647b31e1d519b1cb87663f13833f982202675e1a66629fc9da75ef4dbde1
SHA5128ca16ff480c1ecd1e4b39a2390606af3d3f2a11f3184d58ea3738658efc3e4e7955fe3d3c4c9323a2e109bdb56f059816119a698dfa853b38245326fc05abaa8
-
Filesize
710B
MD5586df35dee2d5067e1556f8776755d55
SHA1570b52b1e11759b77c7108c7de0c7ac4edbf7217
SHA256e8035dfdc9e5471f4788ad8baca77d9782353369b1d51e909fbc86af1196aaf0
SHA512de6e7dc625ecd95751b08e06295e7d47b36413560444bee30790f186c375774d855f587150a95c7c76b9847e1a17e836a666090465e4dbac7477889c0836f599
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-662323A502AC0001108329AC1A382FDC.temp
Filesize442B
MD51dfeb7b747f387467ac426cdefca4f82
SHA1fde54105df5e869bf65f25bc5c9b25bace3446f8
SHA256b694fe3d1193f748ddb852e0b2d06ac368c4d3b6be435576b627fffbf1964f88
SHA5129f34b078b509229cd54f5f5f6b958a329e494d32675df1aea6f951ebffd8dc393053b4e70a2245412e8ed862549fa47558f03d6dc471807fa3ed1706c003dc43
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-662323A502AC0001108329AC1A382FDC.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/662323A502AC0001108329AC1A382FDC/report
Filesize732B
MD5051030c6a67778bcb7acff295ba417d0
SHA1bf8e60dae6417c0f65ef0dac148e5939af2c1d99
SHA256ff4db2a83e0a9fee8ee0639cab8403b409802c4ffa13dea65b967c2ff7942953
SHA512c570fe536a7aa32d347d67dad625648cba949cb035a6a8a1921f3f22964a2f7a31f01de27fc03bbcc4674a1d407fb656e76b27862f59736afee30a13a484c09b
-
Filesize
90B
MD5f03fe96d3d7958b6542a486133e80d9e
SHA1047943ec887588a447cc4b69821458d6ccec19f4
SHA25696738ed2bb7cfbcd63c2fcccbada65977488e2783a0ff1127c71730d76d681a8
SHA5122c08940e52107bf715ec510fd0ab7eb2cec3e05b5a14893ea8ad40d418647230393a149545ff120b26ed7a318229b3cec49ee2ad364244d8c76ee3874e9ae9c5
-
Filesize
564B
MD5d3df45b85fcde935995ff820de9d0ff5
SHA1216ea70c36fe06ac22ef74ea9d5038be82df3d90
SHA256626e9d106f93f893843f9512da093dca08aedeb5fa29b497ca37cd2e0d620518
SHA51232bcc3010e653d08ac245b8379ad7653c11da43d7f3a01b73270399672938fce14a916aed2bcafee27299e35a886d392b9ddd69b189e73971e4b1e86842bcd90
-
Filesize
36B
MD5f4d81e383d49afc6873734f02a3eacad
SHA1d60cbebb4303ce604e429c132b9acb38cdf7575b
SHA256fa5ce3301334eba3c335b38e28a73bff277d0d84882999a031f3500d2cc82036
SHA512feb2a72e67686978f20d3280fc741dfb61626c0f9ab17ee10f47a316ba6d3595118f772c71e456cee36b27b980a7f0fb54f9c90bcdaba7408fd39e484807ad76
-
Filesize
512B
MD5893e97b38110fabda9d9a070c275829a
SHA1cc7e7fea14a5ad2099b63c788512731b9b0b1c19
SHA256592e40db8a8d7570da45c4eaf9882da030243b0e2d47ab3f90aadc134074f986
SHA5128ac664aa7640b9c69f3aba2f65246f22c4e34389f19dbcd1b1f99b91637fe61f3115e29921c07b5c259f7a72c088819abf947a771cdcbc7df7763193232729f9
-
Filesize
16KB
MD568657b5b3da0d34eea70a61270c6cc37
SHA129258ef1b45994ef5991194d8cddc7d38e61c318
SHA256e8bed20e3b58c7bfa0dce47659e8862bd8a34f35c6424df295902c9769824459
SHA512dec904653d767c8ff94c88a0185ee63cbaf3ffd39b20e26dae54446187fd03312e4cbe15b3a8587249226a92afdd3ede5a416308fd99a45ff4360372c436b63a
-
Filesize
108KB
MD5d34a1bd976d6a07ac95e47aed2333689
SHA1516bf633ba1063849d9dca4c51c706ffb657fd3b
SHA2568f75a1783c81777dd91d318b72f894541731652e60f47d1925e02caaf9b2878c
SHA512fbf4813d77d6030c217dbd092ca98c571713e723082347050662d8161833e0648edf3d43f6c35d87c6838f48bed21b47616d5501e83314156bd02dd6c5050453