Analysis
-
max time kernel
48s -
max time network
138s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
25-04-2024 02:50
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD504a3359383feec3f9a0fbb9eaef61fff
SHA10644fc873f7f6e16486e3f91236245391eb2d990
SHA256006eb9cde27d1386b4d838c1c6350c30d835bf7181442b79992c5c5a2ad76595
SHA512fc0627f7b68c3ad9054f9d2cf477c2c7ec0743048005145680b568b2834ea25d1d54b5140e6eb2d78e77a034678960dd399525e6360eee0f8f943bb9a7713446
-
Filesize
1KB
MD52b57aa12a1c5a45e2fc01bd899733308
SHA10a641a777b119841bffe99438026a5573dabd9f8
SHA25658a0e1e419d2bdef6f22fb7e35a8cfc8238a1adf308c50d63f313a69aa998f08
SHA5121cad12c34d377064a99f5ddf83d091cc70ef64ec5fe2b853782bdf9ed3cc50c43c3d4eb58e77db0173492b6cced5947c6da29097e8d4d2a56e428b5701b58fdd
-
Filesize
1KB
MD501f5a93ab88f5c8970e93bdf4b939801
SHA1b0fdc43a648d22844af5f08bb64aa9b1165fa381
SHA2560f4d51dca0ee7b9c40b372e42cc0530969d9812a3f8480d79a23be80aa62e701
SHA512426297b054986b24294ab4b256fe7ab07b2e2ddf6e1b059cde54f916ca98166f528d9e641f3e795a05211f3830001115957212c5ed6b3353552f63ba9173ecfc
-
Filesize
76KB
MD5247a9a1ab8a9d50b768aea16f443ee52
SHA11b8ef45ad7df4db30e70051835585e526f7fe488
SHA2566c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796
SHA5126285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f
-
Filesize
512B
MD564d9bc60b7df4b32a1616bcd14aad673
SHA1dc596b4894c92237f77dc2cb57a9113cafb183ab
SHA2567869442f4bcb8a62b40a74732764e88568ad976c853eca81475bfaa1b0e7dde8
SHA51221fc2987328532c064fc439dc952234e0bd7956f734dad837574b5019cccd8f4c22d898431e545ed3229b7b34a5ed74ae30486804e01f5ac445c8980ac7d4bd6
-
Filesize
140KB
MD57c1b4d5d6a6c2e00d203be141b5a75ec
SHA1a49c90b41b3adee5ea1e0f45044d751125ea7df6
SHA256895910710fe7dc0baf73c46a8f1b230698d299a108308279cab0e1b6e282f627
SHA512e50b9842d10baad632aae2c623a9067ef811a6877fb2489fd76ed3eda3f7d2310d9da2fd76f204fd72f90e17df61f395120291803c8ec2210895314d36c76746
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5fc81cd5f73e8fe3ac9f96638d6594958
SHA1af2d1022e7dda323f907ffc4f216fd3dccb20851
SHA256343867b15a05eaa870b85b92aec92a22a0942da646fd25ef7a7b245f3358682b
SHA512b25e869e9b32c8e94d9558741aa79cb8c8059cd47563264418d1b61c62269c612d4d697eea3d6163799e3a95d220f65dbf9508fa6371fc6281066ebf0b15713a
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD55431cd03bcb8455298ba1e75f78501a5
SHA1d5c9024b4ff7f020669043056fe3b8b4c244b8df
SHA2560f956c24eac4c3130e799feb936d5fd3ccd7e972a1b70148ee8f2924877926ea
SHA5122297af413f817a8f389fa31f2201d3bd8eabb34ac6d4eb0d18fc65b2374ad34fc235dcbf194b4c1cdf14ba412a094d28f7501a8ca227a595a84028f3533aeed5
-
Filesize
512B
MD5f37f6f305ca57e6c64f3ea68006587ec
SHA1ed8876559b6855fee8a0f86203eb6f1f89bcd54d
SHA256dc5be69ce71239f2439e10cdabfdfe8192b4c0385a6c108ae2738d89e4fb9641
SHA5126ba8a288746c40f4717a6dbc81128543a9f669da286d06bcb0e33793d48179648c87f3856cb7fe1ab0bc58d9d636812caabaac77f58a98b324ce92e203614ad5
-
Filesize
68KB
MD5ce69c259a71d7a3442655a6a1fa1ce38
SHA186b505988608e33500cd7b51e9f310289db0ef08
SHA256324913c684bfd5ada1355d1ffa4e7e9b162aa588dd5615865df60b3804b7151f
SHA5122914ec1783dbbcfef2cdefb0fd2c69772c46f7d65872c6bca0a66f4a8d3401a58e3848cb663b4e48d2ec4600eed9ae8679a8ab8edd10f2fbce88b2a8b1c9db99
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD55a16b9df46fd65a8496ccd9dfbceb47e
SHA18756ac1d5302e9e248b724ac59c8eaea3ecad2f2
SHA256aa97191aca9bfa2679d2e6a7f90508d14526948093bda090127e4dee619d8f0e
SHA512e8ec752181dbbd6f1fd5b3be490b3fdb7948d5d97d02728378e250db7a069bbd0d204ae195a71e8680d2a77b38967d0cf160e9270ee0b0c2667b5dd65ebecd7e
-
Filesize
16KB
MD5351de2ac7ac250e4337d1dcfc5e4b8ee
SHA1f7e24ce447ae2f70bf6a45a1971631a2d2523436
SHA256ebc6b3464696b75f08a90f9172fcb647603ddf8fd558dd5fdc5330333079449e
SHA5124e18afe393ee67109de58e69702eb5c8660b4144164df8b2befdf98ff8dbdf3b43d0cfc04814d9f2b8779bebe0a6e61bd9f8463889fdee0e6e3bf5c2315cecdd
-
Filesize
16KB
MD5a42c230fdd7dc17697d539878875caf1
SHA1b5f552eb6c70770c9bcec5d95575ba6dbb82d610
SHA256005f0d6855dd932cf9d0167929e88a6f9c5793af699c636934f55291167bd040
SHA512ba3484897698fa6631bd8fdae3add5eb1d39d2d13022a2753ef8c9e6a541626d7ab2f84d190758d0b457892d57119db57570a43be8d6a2844baeb3d980212247
-
Filesize
16KB
MD57db3b26b9843617d40fb8bfc31a05bed
SHA1aa2195338b1e4ea1cf17b2e41840f2f97a208db2
SHA25690eed5da90c8b706d6e79f6d5352fc5224cac38a66ec29bdd410938c17977485
SHA5128a5ddb4af6bbd2581e6f0fcd4394ca04ca20615ff232e8a6c390770b22c32c686c3fa0673efa427fdb24f02c8d5812274182bd9c77e5d74b89cc83ab445ec15a
-
Filesize
16KB
MD52a12ab0e4891ca8740f9c81d88141492
SHA1188afa64dc133d5cddb44daaa5ed822fdf3ba371
SHA2564581a1d46a9334171ae3dd903d5769adf4948557830121accda46359da39e583
SHA512f74e441f6a9132426015c0f0318c5f2d0b13ce01f5d8ec4744d72535102104c9b3271786811ced454626877ed7ebb20c5fc50c105f55e79811b03c466e633135
-
Filesize
512B
MD58b1ac460a237f830dfc9e23eb34aca38
SHA18121dbc72a306901ba9ad315293b60dc9076fb41
SHA256695bbc9707568e77424a1cb260d0d60b95707bf2ea2a508d2ef81218608d2ea8
SHA51271bcc00ef64a3c10f9d5638a2f0cf0377ca57be02e21ecf8cc395a5afaf719a1d9c0bd89ec316baa601db009a1c03f3bfd3bbfbe3935e79f8cb0c253a41554f2
-
Filesize
36KB
MD533f8ff0d08ef57aea6800c8c444a86b1
SHA14fc37beef55b104ffbc977abc384b36726675404
SHA25674e3551b9bba94dc8356a116dc338bb16fe714520f6efdea6b2f4a8b4d03854c
SHA512fc342d8edda1e862419709e1238a3668e0d09029c62212846002ba918bc10b5a59fbc2d52ab958eff9a7cc02f98c0b4da2dee57d6d78478947374d7ac2e0bf31
-
Filesize
4KB
MD556384dc2fd41468fccfd340589194692
SHA1790c5f973158a774e4eb447191f124806540fb31
SHA2569f6bbb4af9b0f99143f552ef99ca3bb49ee93f4a4f145e6f8b8c44e4dbca2f08
SHA5125d4b253e5ae00715609c5e93197a5e90cdb1b3da1fc50c913570c5280e4793f5d779cefae41ad327f3f2d5f613955a94809335ad1789981191358955ed414f60
-
Filesize
4KB
MD54df9071b2f5d8f42553f6c309a2872fd
SHA141aa1b1da1dcb06cd379bae433cec7e3fe8fa2f7
SHA256c9f8dbe4933d3fb4e6b31ff698fb1c16ff733fe838268fe4ebb5bbeffd41d417
SHA5128ea268f580d9f11bddb29187bd5c54657c89a956f1368f204c46c386fa195980ced6a92a1f6ea83c58a5c729a7d0d9b3fde8f9d3aab232e4dc004ffa6c68103e
-
Filesize
4KB
MD509f07e6f8ac188b5671692e16bf6657a
SHA13a7fe00aa10bbfd55395269ccf7d73a81534e73e
SHA25600f1bb87869a49d8151c07f0c2883959762e3e469b6a900d9583b4d7392b370c
SHA5128030330faa766f0e3ddc33bf7725233cc24ecb9d981334eebd5dc5352ab222c3b3ed6e790ca3fd45a365251d01a51db5a653a7f1945745fc2a8d04376be8449f
-
Filesize
4KB
MD5b6ebc5c95c2f35b38270b75396398ed7
SHA1653b4eea35f64e29ede8d682b03e3f1c060fcdbe
SHA256c25aead6ccbeea299497594e1a6995350ab8949152e54083e3ffc864ebd86d2f
SHA51224a0792f715349e079c8ff80ef77a6896fe5306436e8d80a27a0e0241668f506bcd993d105830fb72a5b7ef90b5329429c348002409b77830c71a1c6ccf08d44
-
Filesize
4KB
MD51a33c3bc15654b18f1bb2bac882fd4e3
SHA15f06fef0401b648a60698a76e378586f467fd405
SHA256ca440820ef1b1becfa5259a0f957a3d95fcd448248a3a948a7352d3677b8e645
SHA512c48b7a01f23fe64ee097d9c59b29a7771bce51b9c3231d803e6c7a8517447c0b9e1879f9ff81fd8e5910290ba7782cec4e224d68fe5ac5ca73f77855ee1213a4
-
Filesize
710B
MD5837e31397301f527e4c1f6c6c2b5785d
SHA149b9a8540633fff151d9afbf5cad00741cbc0d6e
SHA25677ab0502500f27e7faa8cb0eb61abf5a64d3c96cd705eeb72e054289358e1c07
SHA512e06d28be11945ce80783437cb146ea99672719be8d53ee621486251fe910a3c801e654afbea65a9fe8d13f9dfddded8a65065670184208855c531cafd23ccea2
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6629C4FB019D00011094505AD30F0014.temp
Filesize438B
MD540c8be0d4b047d38bca259b9526ab546
SHA1ed76cd804424ff4fce5fa01946813ac88acf0ee9
SHA25644311dad2c6f333727224f35619c955aff99743e44ae8b725fc71e3b1ff7e756
SHA51221ed0ea95ed15a919bbe9ba7e8cc3fb3eeac9c746e6b06768b499638a50ba695c4e6a626c3092b6705dcdb2d0ecc20e70d05f441d700dd97f79ecd98a7b24ac2
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6629C4FB019D00011094505AD30F0014.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6629C4FB019D00011094505AD30F0014/report
Filesize732B
MD5e59c989216b8785105744f0283d6bae4
SHA1f3469ae2887f98a081674235b91f9f127ac08043
SHA25693191fab9c1dc268b5e95a27c0de9de309adbb006e151eabc2c0f1037b405e30
SHA5127c63ac8e7b113cb8cd5ebb4465bec264be14d377037142e816f79e5aa724ca4e657e2368e20ac8e084c85c852aeb2d32cb83acf3e6ea33378518353ea9805465
-
Filesize
90B
MD5c080c0de5a367846f124cf9d2b02126d
SHA1fcf765282b99a060ab4d561c0ea4260283cafcda
SHA256515cdaac57bc0788f28a1596b4998d7782e2c5879ae6989f5aa063c6cc8a76a6
SHA51244ab8a6d13fd8418ea18fcb574bbfea976da0dab50d14962f0316a0e711e0bb2dd1e37cef5ade176c32d15c17150916f8456186a7668accf1fc7c1920bcd27a0
-
Filesize
565B
MD5be5acbe2a4a22bfe745c1ee9e8284518
SHA18e01b5329d73415a8425467ac05b2f3472fb1c07
SHA25646ec5a027c0056f7a7830057343012c1665e5ea53cdce235f47fb90a49a7f027
SHA5122734c3133e74efaa7bf2361cfee8edd0bbfc0bf02ac914f424596020cb17124a9f08669039d9620d169e6de7c9731ae5fd11717f669667bd347ab5f45a55f69c
-
Filesize
36B
MD5b7992c5739f54549bd71d0483eac92ea
SHA1180b813b4143881a73eae66c18700e05fbe13dc9
SHA256852d767eb94108240bb87c2824fb61da4a98cdf9c5ecc36319841a57ea4fd4a5
SHA5128049615219fc225e17218e84df2278e15956e4a4a8fa33ef27d48f4a8c9a8972dd2c6347c9dc9d1c2310b0ae4d67c0a41a960f79e1079ef10fce7315781f15cc
-
Filesize
512B
MD521da24ae7bec4e86eb043158f5d7e7a1
SHA176ad5c9632124fc10d76addfa87086ec07cebb03
SHA256907133bbedb728e58caeff251b12afc484513e90fbe150dafae0fa3542ec3eb1
SHA51299799e7e25c1df4eeff187256efc9ac9d8ca7d290b92d62040076b3c946116176b53fa365443d30fb20445bb7348164a57b38577da5d5009ababda1bf4de671a
-
Filesize
16KB
MD5dff6a95c2a39797ee3b39ce4cb12c208
SHA13000fa63364f1ab66c3925990d68b285b5ebf9b0
SHA256833c0382570d73fafc08775eedc3fd185970098467b16dd046a83524b30ebc55
SHA51282ffdde8156dece1a972ecbceadbc455622362f547cb2f64ffc8ec83410b18fb0f0d7d89afdfa95215d85bf82aefb54dbd375497c49e8d7e458a59154343acc0
-
Filesize
108KB
MD591a1c34e2693ffcf0421c173b1b118c8
SHA1e8506212889ab466c9cc26b510a54570540c3bd4
SHA256b92992490a88beeb678799442128b306b33aa41c879f59225cd4050ccaf9ac7b
SHA5120091aaa9af464d32e5470c85967e0f758deb3e0e1c117131a0e2f47e81c261a630edaf47efdb11e78ab723ab626deabf37058c80bb6f632243e80ed0c9374442