Analysis
-
max time kernel
48s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
25-04-2024 02:50
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD521d937adc6ccfb640ec29c8ce8db1db8
SHA1ed6a772a13e222564a83924b5c91937c3ff2bfe1
SHA256a377a6dc66ba5da1ba04d3eaf376ca68cbb077575fc3b83d6d1577591dd088df
SHA512c85fdc94457cf99382bcb7dc4209e90c9cf31969b73a3edb226ecc89e62d822b37a9cdb529754d7a6fcfa51be0ed7af287a507610fe986edfeabc04fee63624f
-
Filesize
1KB
MD50667523388080b50887410606371651f
SHA1c7d8118aae5ff552c428c3e4d5e2e94e41062808
SHA2562f7d3c980b6dceb117da3d398262cc3526bf046456d6ac0ae6c819099d5fbb31
SHA5129dc05fc8502132773ad8c8dbcdc6293d85fc6796f49fe2a04786fce77c7c8fd46726a7051b21e9bb8edb1d0aaa71a58eeed44cb50fe1f5049a63991e68ffdc60
-
Filesize
76KB
MD565e41370cf11c2718cf78e9ad13f1f86
SHA1a8a58e529c8d41223840640778bd8961d73505d5
SHA256563253ea278be27154c894cb4d7cfaa4a653509f0b1ca54577988d92b381f9d1
SHA512c7291142379de850dd9b5992882d866eb50969dfe531a530f8f4144c67c7d8b39f77243cba13cbcc731658e192cd845ab817eec6c37411d7029b83668ba47069
-
Filesize
512B
MD529a35f70e0469ed5b1c479831b798cd0
SHA14778b3afe2553ebee6c7c03fbc50cff38b3bcce8
SHA256fad385d6214c3bed81685cad10bec36d89f6537fb626dbc8d4eff48114e6f6ec
SHA512e577ec6df3524207823eed34a1aa42845a3384c09b0c11899ee82774695380fa1c3c5b2c60e8cd6e8b4b0a0e57a4fe07989cba1559c72c6c8eb47633f0496ddd
-
Filesize
8KB
MD5a1557aeadc4d03fdd196e8b23a225a94
SHA1ed304f5715e910e160cfbaa3b067fdcb27dc0fd2
SHA2562b25d1427c00dbaa104da6ebd60bd784a5a4d526570ab4b3346875ffe14e26e1
SHA51214988612d2f686766d253ad731417613ea501aaded99ff5b3a56eaeb869d8ac75d4b75f1da357a8b5308945c31a3c1477e3e1e5f7548728bdd2241c97f5dce32
-
Filesize
8KB
MD5698510d5c91e5a695edfa28ba127a177
SHA160ca73459a07c823d3fa704210a11d488bebb65d
SHA256c770e0a3df2156a308a259c61908c17be34199af1d3329be5f6df3334b6c0b38
SHA5123e70c352d55cd92955fc91052b06e2d51a610a9ec032f5bb6a9731020cfc3cc998436773e910bdb012cc983db82ed924a645f8d8d79f85e1a9c67a2262c96f3b
-
Filesize
8KB
MD53e8b241ca01c60a10f67013273c7c94e
SHA1672ceeeae469ea4dc492fdb5494b0dde51b60711
SHA256eb37aac5a3275dcb24d936a213c20be28181d3ed74749b1160bc5eb721d4f5fc
SHA51252b29335b1cc9f5876e38d4e3417a7f45fb15449f4ccf0af758436703712f3e70873ad2484846d9a9199713541e1237d84ef1c54a38b78683b56ff462788b260
-
Filesize
8KB
MD5cdefaa64c5a0c6696a4e50c8a46b150b
SHA13de88d71c06cf7b4e1baabff2ba07b51ac6a5490
SHA256e9aa801155064e70895db6e0e4cd240e11ecf6123fe264e119f917821c37a93f
SHA512e5056df4e55e4ae81e69da9ef631d2c815cf3311e0cdda5a63e76f8ec5d134d376c418b25e47d154e4133c1ee2e5d896052a2afb493788cc7877545827e75fbd
-
Filesize
8KB
MD5bc440a4cee387fea7926d47afb1cd06e
SHA11f0fee6b95802700aca584c8cb8062a12bfa0002
SHA256cc2c68ec5c72194f382e19b41a2a2a6780e5435bf3fe850da87d89a6c5df9a17
SHA512ef70e840bbcaeeba10bc8d58f8dfa52876ca0958597898e193d3f68c718efd0c0c4e9721fe7da21d06c90c3396cd3276fd5a138c069ffa8d30cba8cb7548d872
-
Filesize
40KB
MD51cf3f63c021d755a21623e6d0e86dbc6
SHA1e40e0f1faa61abcca7ba3394c54c92ff7334b49b
SHA256100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895
SHA51238d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466
-
Filesize
8KB
MD52365d02da041d1e0c11558fcb8c9665a
SHA144cbb727f3c2fb6568e27d880aa5121d2f3747c4
SHA256b58959eaafd44d2e8108071a6292ae8631af23fa277006e756f90cb149391c84
SHA5122b4425638145de12b9f4eda8d7848c532a9afd0bb2368fad0fd60b12bf0781974fb5c0d771d69e829db249368e99607d24e75cf2e8fe679450acedff71c7648c
-
Filesize
512B
MD5309c70bb1e6a0dd98641e40c80b4ec12
SHA105d1eaf835fa30b8b76b813709e10bb2882284ca
SHA25658bbca2502b5ac5b7f652cc1f6e64fcaadfa405bf21d1b42e8f5802b1c2013e9
SHA5126c9449ca04a909cbf47254db7c0eb979f29e22db62ebe48f8a65e62d8c29e1662be978ba3df93ebd029626bb069758c374feaba17746e359c64bde888f635d15
-
Filesize
8KB
MD5a3d4b15c35a75ec2e04aad9efc882b06
SHA1d4bcc7ff0714ca6d7a31a9a2f3e6429db851a40a
SHA256553f9dedbb34129599ab4be730887adf8831809fc7854734e580554fba874f82
SHA512e1a7d8c6e1a868f3cad50d8323f5d5ccc741ebebb13236ae34375fdfbddb9317b6948eed680e2e06114db9e1955d9a8c766a0125834d0e4c414381d1b1a03240
-
Filesize
28KB
MD5fbb645e146bdc42b52c4938f0540e13b
SHA14c7be863e36f7a97cfe582addc0db595057a9749
SHA25639684985daf6a3166d181af487683af39e4f2e64f112519292f16f5ed30eb6a6
SHA512026732afb057e3db47b6056522cdb81b8a946ee9cc30c891980522f4fccadd751d367776f882df7d6a0dc08466a04e065fdc8bd4526ace7b13e3082021c302f4
-
Filesize
512B
MD5f68e52efefbbdae99b9e1f38ac7957f8
SHA1633eb9168078629dd6a34fffa552da14e3a4ca12
SHA256b78a261c6ff5c698158ba3f521eef47791867797e62d72b7316a856e6f69bd9d
SHA5124ba76c6a2cd66013ddd07f0e993a45a3ea4b2668d9cb61add303567e0e77f068657bd003bd2612c518de00dc86548c68b5c5499f9de939a3224d32546cf5b844
-
Filesize
8KB
MD5efbd2069753d92143c2386be9fc94916
SHA19d8a20438cd7081305659ce857ef87a97cfe5bad
SHA25698c691c53de2c0b4d3b8ee109d3f6362f95479ab445c143b5859751faf1cd99d
SHA512c783c9d91dca8f45fc187e44dad51e30e587be827e5bf2c9cec7bb1f8272855aa1c59c5a68afa5742836aa02aee71b2613e039a8d9888448c2a49d9d6945284f
-
Filesize
4KB
MD5acbdcfe051bb60c0bc46c919b1ac8c33
SHA1b5ec9ab4f42cf7f602464e60524ff58461a1a041
SHA25638bc7c242136bb64d77d7690c4a6343c33f8bfc72b0d8f801eae658e235cba0c
SHA512bee9f4fd9e74d6709456d2e509c9f2afcb60557174fb73d519f81e92fad5bb7066add73e6a5479ed0f7d30fab7c225808fc83372b7d2007c82c21f120fbd8b97
-
Filesize
8KB
MD57a9563e8f0d4c80a12cda62deb82fc20
SHA13b5d87885e5d0d1b4369213ef26f63a7b1d42767
SHA2561cc0b8d16e915291255759be7efe3907819e522c7c0d1410daf387c53a446719
SHA512c5e147b431daad991537f8c4047a9eef18eee940c4a2eeb7aa894dc91881b76c8f3e02d32a5121fedf9c94bcf17ebd2e3a0d1a4c5ca1285631d1af707fe65699
-
Filesize
8KB
MD59c3f2ad7c809652ab9797987666c3943
SHA100604f6a8d5f255bd4b82b40472921b5a11c718a
SHA256746e4aff6547ea108fa249aa9d3bb7960f126fbab8f9e5d9e09588305ea206d2
SHA512a621fc89b6ad11efaa2c5a006a2b25e2a86fc92cc47e72d81e9d5c59ceb92c0b809c9cbbd7d697409ffcd4b8b35c6276a8df99a84ef37edbe1e10215b4b4ece7
-
Filesize
12KB
MD5a53a943741dc00c6dcc1a5421cc9d2cf
SHA1e6c199e90a33aecfb6f8b869c4e6a90b32673d5b
SHA25697305c3f8cd3e6a1d87105cfdec1c6428957f46472aa747ca0429c83466fe624
SHA5122a15663d041167bb80014edc1181bff4db83bbabdcb8e722d2f67321ac45f72d719a76d95ea6853892a3843ec767cef34fe20ebedab767666af759a4eb964d21
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
16KB
MD54f0f87b4c0c64275d88907b4bcb0d2e1
SHA1d10b72ab67ca94190f347b4c98897067736fad72
SHA2562cdfac431aeda18f73f6144380c2b34d87a8cd355f68899fe5125133977afe46
SHA5124b395be3facc2a8b379f4ae8ef25789c583e3125b20a51d942b4395b14a0204ae071ab567efef61e3bcb249cdb8bffb8a85247b1936f21b644b025d1be57d16e
-
Filesize
16KB
MD5f91a2a6f04da40b48dd34040663aa306
SHA1f7f3574036124ce66fd3c560795bd49af1b970c9
SHA256f40f14e83d0b086bd91ed10ed859da0abd299376804d5bac41e2911a927cb75c
SHA512545214fe9d0a46874644f36dc4532b5d4ccb67f8e2732ae2f505a456f7546cc73ff2f6b7dec2646061e1b178c6d3010173dee18ff66c3ca48cd506ef387cfe0f
-
Filesize
16KB
MD58b9da327784c5ca105c97f28ae37a3fc
SHA1fca83f1ded1921f3b30a36aaa93ced44f331a498
SHA2561b53eea0057d44dc683ac38fd20c041e350e4426e8e51cc5593188ace8a991ca
SHA5124c2ea0f849e13371ce1d360d816e7fca34be1dd745ed240b39505d25476375ffce1b1c4919009dc3c392e1389364346432b5001aa1fac5b3124616e1b422cf54
-
Filesize
16KB
MD5654e5d3f353ef2ebceba1dbdccac3329
SHA1a9fe27d233429cb2c3d5418e69cf07557e62e865
SHA256927911be69f361fa8ef41632229e6922666b9701248d4521654e89d0da5f5d8b
SHA512a8f40ff8febf208f093e7fc7ef1dd4c0c52bc56efc758d9537f9f7fe78df9e8c405347185c4da5384363ffed1b44f2c78a22dbcf90c4f5e1b012f7c05da72712
-
Filesize
16KB
MD5c6de019a93b8a298c139021e0283ba5a
SHA150dc2c6c159ffd1142b0227eb079e94e90964692
SHA256bffd2c611a545c2a706cfde42b9a0ec3e42a0d439b29dde7b97f04585eeec3d0
SHA51214001d11deb208c3c9a2a2261fcc6890df0979a120fa7fd71983e03f04d763efaeb4cccc517f58e4640393e1a01f93955f9436a5b78eb05812cd81dc67c13b1e
-
Filesize
512B
MD57b0abdced538a92c9826f16d8b2f18a6
SHA1491e524711c1b1b977fd3f25e853cb3902175d4e
SHA256fae8642001af7500469a48ff39b90eff41e88ee70bff95b0eda31505e56e6107
SHA51279e749ca1330c1d81f40257e192f4c17aba21f1fb5ddb4f87518cddd8d470c5bc0c0d71139a6886f04645adbb384544d4f8c271d370375d2f2750e2532b8be36
-
Filesize
8KB
MD58a62c530e6f9b073c8aa89436a5a3ced
SHA15de0eb79481591e2863da6d36da6722303515ca3
SHA256f5d0f4a638b3205a6a36533ef37b4211ca17fe4f072afd36a7bf79a5349822a2
SHA512099f856b9b9b3ac7efbd75d6173d6dc9c93d344a3065177d2f09dba22ec8edec54adb935bdf65df6d5056d8dbda010dac17a1ff767d37c00b070e35a7aada4d1
-
Filesize
4KB
MD5c889eba43d9a6707fbc51e41244df1b0
SHA1d71cd8fb21ee1772d999f27674e446350f753dd3
SHA256b99f387189282cc4ecb36639e7ffcec2a36b2a362a5c2ff84382d327a98f4e10
SHA512b142b3fe00891a48a93ea047c74bbee34ce6521b0d671ac8e9628205e9c46a5b4dc57fb6819548a37f98460346b02b70d5bd8d389f458d2c3c3b1644552bafed
-
Filesize
8KB
MD596f14246bff5e991e9a8aaad0d1523d1
SHA17aff730c12c0d0b5dc2bf209b689b42f00fec33c
SHA2565b1abb4cfaa594a44c158b049f4f630db903956a1cf0e44db37cd3d8077760ae
SHA512898babbcdeace0bc75761149b06554f64cd0dd9ba69ef63e8262f9a2c4004cf1e11ea691cca7b6be91112e222560e096f3430bc1582ddeea6380c0728bf2bbcd
-
Filesize
8KB
MD5a5449f0dfe17d699257fc613b3a35ff4
SHA13ae16fc969384fecec7188ac9db2693685dae62e
SHA25685b27ff89cd70c120fe0a1d04bff6de2ef8f4b8d8cf8b4e4108d1f1c5064d9bb
SHA512bfb2b3e81c04315bb8f1bbb09c1fa143e63f88f4a2fbba5fd69d5b2ce015e538cd8a4b7bb1a2669e217428e452ab22cff4f82d767af4a616ae085b4044e14c28
-
Filesize
8KB
MD56c0ad9e17988f5b5bc8f939ae4169626
SHA1722dc7ee781f603bf99771a517033c43f084f0ad
SHA256c5f469063495af4926bcc196d0fd936318c66eab13e87645b63458e35efa1f51
SHA51243671fbae2a1f53f12aec68fd4be2e267f87dd6227308299cf0cc43d2fe1c72158baeadd6ff50d4da3a0e2c9df534b9da0a47dfdfe7da20b535c397fb047f48f
-
Filesize
710B
MD5cb4970074d95b7f9e2a14415e34f96ad
SHA1e93e3943d6e802ae9c35b2faf8bd8e87a862c012
SHA256c883a274d4dd81558051792a900ec895dedf2a3a0858273490289f4c39f6000e
SHA512357cc49c0c365d7c9d78adfbb469e1a25ca766c7a0cd7934e0c2323dc1558f7ea93dd02280c645f5a016a3a03f87b198b14e16b363a3c45f6c1e34aaeeb0cea1
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6629C4FC01F500011273276CD2855EA4.temp
Filesize436B
MD55b09f38118fa72f4bd4a9154ba348350
SHA12e028530f3cb3164ffe31ddf6e41518fc7214684
SHA2565f9cfa725ab21bfe13737d51dc875f9b5249ade99df575cf7dc9ccbe275ee8c8
SHA5121cceb38249eebc8010dd55bbe4c9540fe03687a172909ca7b2d5729d6b1955954a12740294812fa3259444f419617fa27702c798982960d2977611af588d5884
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6629C4FC01F500011273276CD2855EA4.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6629C4FC01F500011273276CD2855EA4/report
Filesize733B
MD526c2b5f33ad2114cb9e7dddafc1f561f
SHA17653fbe6364c83a725871e44019f3e165d5f7094
SHA2561b1096de043e1e133cbac54077e2ebeb467538509bd4477c4e8cad445265b8db
SHA512417d8f014cfb0215d92eaa35a54a02e9facfbdc0d097675d96bf7ba1e7ede4058fe1801b0522f56ed695737eae4d35d5956dc3c36d4ca7b9cb5bd1af4f0f17c3
-
Filesize
90B
MD5f6809dd907ddfb20d4ea9c4502ffb063
SHA13d8a6c659feef86b31e94d9d35fef80def490529
SHA256937a648b7a76ce0e66e7a82ed68a7deb486f6c059d1a9f81af7c8bae250598e3
SHA5126906a34cc08e789548edbfedd5b7bf156a12b6b30819123e25c49338a969852ddef167ef3eab6837adf77ee1dc72fe2c32df2cfcef1a7938f391e14a9002f8c2
-
Filesize
564B
MD5e32463db9e233b823d891f8eb92a20be
SHA14c2abd0f5179e277d96fb38d96ecab633e31a175
SHA256e0b9c970491605cd2de86c68ade3282e7326b80e40e89a8ecf64baa4a5384ca8
SHA512ad13e82d717f1f5120738ffd249105495d053be2ab79bcb2337e96d8fe58d9751efbf3692a8516caae64ba8391bd87ff7b4241c10a6ff8854179767b3c2ed7cc
-
Filesize
36B
MD5272477fcd6c98d05f82c6ab581676058
SHA1ae1ebdc269a3ee99cdedde3bc04757d8b8af2f9d
SHA256cab89ea6c8598684acac7d002830b9077d6fa0b279b3e2cf9fc183e50a83271f
SHA5127d144b0560acfa123c89141c0aac793d6f275d26ff8cfe6e5f7d6f5b30c2222412a3c44184530ee3bd3c81c9ccbbbcc22209bf7abe5ddd95a7b36ed7257e83e8
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD5f6d8e485069c32fef3b3bb683de50573
SHA19c85128d5e6e55e437ea9b2450c053f95edb57ed
SHA2569def7a189cc4f803032d23dc704a440fc4ba7383652baf658f764a343ccfbdfb
SHA5126fcd663adecf727220fb11f79f35d7459c7d2ed59d741eb2854fd1c2c90995aa85d4d60e214106d959ae27034f71fb66f353a6a64692663014ae532e26a3add6
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD513fdb938683aa74b6cb62d0365aa69d6
SHA1661619e4f6131cc2b6e7e4fc964ee85f4d18c570
SHA2563f587ec372bf2cb9bb324005e1dde198b313150d5ef8b66542261914a8b53acc
SHA5122f1443b39afd99ee76fe5d70c4568d7965b224405e58291187af88f3ae6298b1e76f6a06cc4c900dcefa2b59fca0d60a635b9f16bff3756f99ef683cf3433f40
-
Filesize
108KB
MD5beec92a6da83649c40354d1519435528
SHA18bf94644b0d8901927c9630ed4cb70d5609dfaeb
SHA2564af4197011d2eb5261537f75594aed7319f976579a6c83a248042a90c5707651
SHA51231a0024330af757b26621ab93b3c40060b1fe229aba9ed736b2927992a6e69fcf73fe1b3084a5404238622bdd479dfcb720a4175a0558776db7f94cee7543994