Analysis
-
max time kernel
48s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
27-04-2024 02:05
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD518a522c09554028109b9e7f1dcda627c
SHA1cbd3e38d7561cc36ee3753aeae28d73a91713188
SHA256013e170eb50e3ff1e24fe48628e61e7024417870bdb17c78003b558caf2f5c61
SHA512360b9d0f1b31ce4e22f87a89cd2337defcd70c1813ad11ff7e1230e7387b353b9c276411d3b3f02de6c1758faedde6e1400cc4b8a1cbca9b4639ac592a9b09e8
-
Filesize
1KB
MD52c5fbabddfc3de0474df49fcdd3982c8
SHA17bda64adb4f70488279921b2b02fd33d627e2e03
SHA25687985b3a6f3c213103df24f04a699152e5dd8bb97499187c2e016a521c912dcd
SHA5121167964a7ab976041ac456c73294cf0ef4e49371efaf78792d6e14d102b42ca1c07a94c686391207f3bde974a1a212ae300f0dc25d46980ee2e148778cbc0a6a
-
Filesize
76KB
MD565e41370cf11c2718cf78e9ad13f1f86
SHA1a8a58e529c8d41223840640778bd8961d73505d5
SHA256563253ea278be27154c894cb4d7cfaa4a653509f0b1ca54577988d92b381f9d1
SHA512c7291142379de850dd9b5992882d866eb50969dfe531a530f8f4144c67c7d8b39f77243cba13cbcc731658e192cd845ab817eec6c37411d7029b83668ba47069
-
Filesize
512B
MD50a7aa3050fcca146c56b632012d9df34
SHA17049361ab3eef3802c7632bb271bc26d854ff5db
SHA256672fc4cef720468e7bf09217d50f44102a734b39a382a0c62a6d57982d843f47
SHA5123d55dda8627dd48f4ba375aae55d45c35b0efe825d9fe1bf0eff8396a6d11f5dbca0bba272a76aa825e858582ef839383f9c3954e5ee1d8ccda158cac17e4145
-
Filesize
8KB
MD5a801abc018dce85cfbe083453273a369
SHA1bce3b663974734a0537d21fa7097b3171ccee9fe
SHA25653649436a5cdd8a2f6b2284c090825c1919cdd507d07113723140f2e0d98b3ab
SHA5126a76feecf27479a9a84d741a2e8788f9eee06a9622894bfece1cf15b48ebf8ffcac2ddb9a08f889dbd9b240cb075977dd20b31ed0028cd7ac9b6f4f23aa8066a
-
Filesize
8KB
MD5a8e85b1c33d0da46856b187811982f00
SHA1ab16b99e67ac649db08ae229e7ad13baee458c53
SHA2564f9edea63ae076987a15ae25144cc491dfc1f72d631af5c96e08cf77226b64d7
SHA512fda7545999a5bba19b5ff3ae21b247aa14fe524ac2b124b8e4c7b8c7eb54ee75eeeb6a916a383ac99ecf95700850b9221358ff4b2265e45742c1330722669b90
-
Filesize
8KB
MD54e854aefcbda1be0784e777d2b5d3549
SHA158ed5db96196b6f3cd5af648f43f8c3ba0079a5f
SHA256b496855873fbd59e169c710e758d64495cd3d4c61fd33a5a155c3fd2ddfd7340
SHA512a71fcb5eca412289478d0c3e3061a74d34d76f5d8446a58b4ac3be6eb957c5b5976d17ea60a46b91d27c998c615ecfcb46126ac51aa1ac96718e5048f194406a
-
Filesize
8KB
MD5fceaec597ca7e68621d4a50d467a3cd1
SHA1f3302d4648903add640977b89cee8d7a055167ec
SHA25685e33d7d21854cb21d9ab7e1e6ceee6cc1795199d63e78e6ec28a9d624b7e65d
SHA512569db44b053c42caff05aabc369664c81e9eb7e008261970ab15a2bddeadb314ff23487529dd4207b6184031f616c1c5c5f48be04ce28748aecbbd7c0b1834ab
-
Filesize
8KB
MD5ed1a074af7c6e732b2df394c516b8858
SHA1249bf9bf701611cc0a59299ca0c5ede9d3e29d6e
SHA256927a9eae432f601d2cf2cb5b997d0a4b9e95dd223303febd00bd1f1c4a5d4030
SHA512f9544875705c3d165e499be7a92a74374e172f753236a02da93a77453b0e34a344f5340a3421dd9e704a5ad6dfe829e21a9e928b4aea6c81156de46ed1ba61f6
-
Filesize
40KB
MD51cf3f63c021d755a21623e6d0e86dbc6
SHA1e40e0f1faa61abcca7ba3394c54c92ff7334b49b
SHA256100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895
SHA51238d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466
-
Filesize
8KB
MD504952ae80427242f18eabea0f53cd808
SHA15548ebdf2b2745421885026d908408db94baa177
SHA256105e646d0dc071f3bbbb557d2752c6b2f9647e36e2ad807b43c83ea1b7249327
SHA5125ff1ffeb8b5ec4c08477fd7607b4c672b593e377663410fd84eafe9a3190ff91e5e19f850cc15fa1c527280a84942ef990efcf5809c71de26a5e637d68e89da8
-
Filesize
512B
MD57657d6d198c567d6b2a9025c3531182b
SHA1a8e672c86a67bb831a09b249042ed0f0309fd102
SHA256dbe150b38f9ffb73c34a7474e75cb7f50c794a1ed71660045a79751afd1fac3b
SHA51216d5e474093a63b4c52ac776418fd337a6cd3f5ef0f57a373b17ca10d1173ebb841e895a862e789a06e4f350b0ceef34f6cdc0a6779dd6b306b1a702a24ff10c
-
Filesize
8KB
MD5fb814c562a9fe023e5bac23298a94026
SHA1c39c7ff143d64dc5c7bb636936e10f2b6c8a4940
SHA2561069a3cbebe82666d7779b2066539839538a14a758d2588674e7ab3c7d2af7a1
SHA512caeb4bedc13a5641e5aa2b2e43ceeca363b7453025cb360b051709a1dbb555aabddf444c11fa7e85b302954ab6a56f44b5aa63d2eeee0b86d341aa5965cda595
-
Filesize
28KB
MD54805f1728a0156f62c08dd9d11626c85
SHA1b2f7771e98253a0a8d4d056376f776293b78f6d6
SHA2562dc835584a96d3330c63b2395072b511f14b8ea9287126f4e291163a4096ed18
SHA5127474c56d8a474fc9f2cb387ea714d035a685f56b0dcd73ed32bf632be05e97dd17b15c583c5388a66570ea24ad3dbc6a86c92c3a0d8b03dd1bf5eb31c519e5ff
-
Filesize
512B
MD5b8cde670b6d24f175880004876faca49
SHA120b43b6b0bf458611b532a6f7da60685a1198948
SHA2565334cd1ca4a782084095dc7d00f666db8286f05d9f838cc7fc5d6b2f37cf29de
SHA51231d5dd90e285f68986c624ab7d45fe5b2cb8a0b2ad526fcc8073060934f0f48a2d19b2b1a15c87f74b59b8e014cf102d6b538e52b58fcd16df5e44b7c34937ea
-
Filesize
8KB
MD50f6e41ae636a48aa9c03988fcab6460b
SHA15dda4a29f44b18309ac5b6c519c1ff1616cb55f8
SHA256bc2f8cf9b5c540f4e0292ebe9cb328a5eb3d277d5266a893f455d8d608fde111
SHA5120507d8a2fb4f84a6e0a8cb9e431c50425702b882715e3f85db16c3ba3b6c64c7ad38157e8634d31cb3d549774872226521fc9de7a0fbf9272ad71928a6d91660
-
Filesize
4KB
MD554334d6391c759b9072281ed80a754c2
SHA1afdd7fb3eee8307d93b236c87edacddc0105de0c
SHA25620d76266e9932ef3217e1d2714edc2c26682e87d885e8f52e42d8855a3d9d0ac
SHA512aea4d2822d5ee199e6a31f331dd57b1b0364ef05551ad506da2fea74b3b867f2302fc36f67e7041749ba2e7ecd00cf6b2fc581eac0de69b8a910bf1a1526f58e
-
Filesize
8KB
MD5949eafcec34eb68f5b162fee9f1c1ce7
SHA11b4cfb885e7511c63e2074ed2a81d6db171afd80
SHA2563f7e596f7e6a035ec7c4ef73847a0d88232e821fb2e1b16863f0a4a0d34bb2d0
SHA512255f0fa075a892d895ab047abb526f5b2af63001ea23596c770d89a7e7cc5f52369cba930c85c43a9447ba0fc161f1bcb84f06fea7205618af0e66e4de2edf9e
-
Filesize
8KB
MD5e6fcb6bc61138ee90a42fb9577a1936b
SHA1b898d9148a79d63dd29934f0ba0f669903ea6a5b
SHA256d0b4f88107987349f0b07b521fd092e4ea4282f37e3404288a646f4edaaf7062
SHA5124bc3c0242f6a2491d2020c72ca1a064cbb96ee9d0dd9da0936d21f8ff2e3bc76929133ab21f8c7a4b1cddceadaaab9171fc318af07440a72c27b6045a99b8271
-
Filesize
12KB
MD546f2f09dc10e65964d0ea979cb802447
SHA1567fbf44f88d6c8f7de14e142a7bf06d7319ad27
SHA256b3739776d8983f614d48eeb81e92f1a60ec758f37d24bc3fee4e035def5b7c93
SHA5124bc7a32cf28e30e02c44ce2abf8088a8938843eb2e902c2f8839ce9bccc1553788c045bc8747a5c3e7463cdfb96e0357b36bd85c390982f1a17b594dad17a27d
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
16KB
MD5293b3f71abbab96d6e9297d8677ae41f
SHA19e2c3751abb3bc1e71c5bbdb26e01cce0001c3dd
SHA2565ee1632e32cbe37b97b06386e58eecbc4fb7d92bd1984006056c8ee078afc84c
SHA512005afc827f7e554fdb15fab6e1835de77dd497bc193884e306083945db68fd2393110f0475fa33eba1728c6ca645e84ed530c2723235229d296e43049ee59743
-
Filesize
16KB
MD53011b18411dbececad70ab08f459d9f4
SHA1f7fbec360e427abdcbcc9fa1057c7545a2739347
SHA256a7d0f29ff585a3160ce0f7af651529eb30193b3b037f5979c57d88f73b40fc43
SHA5126e76a267e152db9c86af78367810454b8f913e1ea01f28d824dd5ed0f312828fe62ebbbea8c41a6406a7a2d7b63d7ff1f5a7816c47b3ad6d72a1bb2ea9e42868
-
Filesize
16KB
MD5122dc80eba75d03a90c4ebcac4f08d90
SHA1f64c2afd6e94cf40937abf460bdb8a91bfcbb51f
SHA25645c99a5579f30fe121b6d4249d1fe71929e0a1590d38ae4dfb1fb8f2b4e96be3
SHA5121b45fee9b55ad468579daddd33107b85980376871e888561b72d8510f2f3ba50387c4067f065484d561a89bd4d6cde4d8cefbc2a960c219350394c3866cbfd5f
-
Filesize
16KB
MD52ce96cfc3acef3535ebeb36b7829018b
SHA128bb5115be792a81caad47c12a4417a5cad62e80
SHA2561d44a748490ff21ad83ce93ea6330e2328ccd5864fa2916beece6f0c0897fd0e
SHA512b1fea62d9b8eeb94fe33a3bf0afe68a2b2b40afe183953af20e9345d4a89309f5d5399738efcd4dffb0d44435275279984311a09f86d320a27a0419abbe5daf8
-
Filesize
16KB
MD5c6de019a93b8a298c139021e0283ba5a
SHA150dc2c6c159ffd1142b0227eb079e94e90964692
SHA256bffd2c611a545c2a706cfde42b9a0ec3e42a0d439b29dde7b97f04585eeec3d0
SHA51214001d11deb208c3c9a2a2261fcc6890df0979a120fa7fd71983e03f04d763efaeb4cccc517f58e4640393e1a01f93955f9436a5b78eb05812cd81dc67c13b1e
-
Filesize
512B
MD52844e56fcbda96299a5bec39f1afd1ef
SHA1062a9829e6272216547881a0c52381ddb673206b
SHA2565e47b000f0bb4fe6410ca3eafb0eca8c12b6a436a27a332d96e77883603dcdc2
SHA512ee91a3cb2ebc1138171cbf6c6eb5d52abaa517683144404f6fc695e9073ff273cd4ce0f2b059161561323fb32655e50731e6163e24c35d132433220f718444fb
-
Filesize
8KB
MD5c3bd1191254163ed4643e2d9478da98b
SHA1d956ec7113eab9b818e3c1f28fb593e9487a8b9b
SHA256f0989d7aa7eab50e42f312f97119394e212441dc77f27959a3971930f1a650f0
SHA5121262b8de2526a2731b6c832b0dd32b45f2f257267c1314d7902dbf30d1795cd82dd028f77cc507d7b53b7565fa51fecb05c2e7101131078fc2201e4c5c8b1c96
-
Filesize
4KB
MD52c9cde42e6dc727f5f97c9850bb20e4f
SHA115c162b920913d0e743725dee805215c7f1dcdec
SHA256b368c3b1c8942ee123278ac86c1146366fbf16913d9d408d27aafc0e9ecc4200
SHA512d25e0620524cea3df71209abf658b6094c8642b710479b201300c815e4ac73359d0e7859f84def57e5d7789bcd7f797a6abf962115aaf4b5ef0f6c0385d43f45
-
Filesize
8KB
MD5bef99b19baf7c7de477a32a7c6f59d44
SHA1d2d413a6118ae19734620a573845f38ccf7a9f9b
SHA25658b5a134a33bb9d6c084fbb1a27f8d1bf55bcb59b80315f765194c9024523b72
SHA5125d7cb9460b59bf46503965cc4eba541695a5749f86c77fec8547d63a6b617799fd3cd9a4d1125436a7cdbe9687da4105ed796f700a3b5257571420ed8186d710
-
Filesize
8KB
MD54207d3d3b12db439a6d4744d19b0177b
SHA1f8f9297b4f6db3d32be81a1d07b81db341d6b3ed
SHA256c687e5a33873bacf0e60fab167e6b409904b6fc18b347828843f2a99c4ca34ff
SHA5122ec0c08919b088622318414f39387ffc57496975fb9229d7f9af2dec2bf374aea526623bddcb72402c709a05739cb6cc58852cac331b56fd1a5eb02eede3718c
-
Filesize
8KB
MD5f9ec6126f110978f205a86b4e3dad0ef
SHA1263049a2e6ec00aed597d2488dd1b5a705973b3f
SHA2563d65ebc040d5842525c47a96e98883fb9940553041a4180370c35b8ae9b043bc
SHA51224e38f56a0799f59d0570892619ab67ca54d2694f05d0091ec5e23c2e1e7f339ed794233649d0261f9bf49450536599b52f1778111104af9bde9dfce29ebd16f
-
Filesize
710B
MD5c46c9fc6c1196a4891a38576fc9839a3
SHA1b02d880414d8d361dd1856535c217a0a6646ad65
SHA256c01d100cc518d69b2deaa223f1ffb222c492c2d524419601848051f9e3ef062b
SHA5122699cf009524ef51827ef5412074c09477d717b7129b90ca0675f3539e07ecebac3f4c97ecfcd9cecf3fc676f83af330a5000fd3b6435ee845cc2365d7a90e3d
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-662C5D8101550001125ACB2AB2A91F6D.temp
Filesize440B
MD517aac3b9950456803a5711a10fafbd12
SHA1bee50b66aae1d130fb2345fc4c79daa27925069d
SHA2564cb23f68041325757f3ccb5c28f2821432e5aa7bef86fa3a974f96f4a2b2d3f7
SHA512364779a2deea12def7c36141755270ec94d638f7c342e64eb3ac7e9870da37bc0a7149d16195882be9449ed47433d26fdf209de3c17ee8e3cb0bbc4e9adcb2a7
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-662C5D8101550001125ACB2AB2A91F6D.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/662C5D8101550001125ACB2AB2A91F6D/report
Filesize733B
MD57d972fd46110ee1350e7b657ab7855c7
SHA1e8b0e54e310e49a76a8dd87d9d37e7b97b0ba47b
SHA256aadb10ffd564f974877b5fb09bbc26ae546eadaf6469ad116f53501ceefb2376
SHA512f423c86a76eae7cc723755385b9a4335c25a9e2d81ee0500c87b5ef2d814d4ed5fbb4bd8002d8069f9520eb6d61806a29aa089c4d7db84c913534bd787b2e002
-
Filesize
90B
MD5a5663e100d2b204c4ccfb174bbf13ee6
SHA1e30fc224bea3ce5a2a5717a6bd843c1c102697f6
SHA256118e1ecadcb5b997973094b8427c65f031839560b628ff54e1a17a4821b86b83
SHA5128deae9b510ec2310361de320091bc91996b00e69952ebbcc53eb204a3b3d5352282d0546647fa3f76b52ad73d50a513ac9d15cd904201dee99a5752826801d7b
-
Filesize
564B
MD5f31785ca3a063c34ae49b01e081d1d83
SHA1beefc5a5386e355a4f7003ab527771bf28ce9424
SHA2562588a265ff87e4eed18b06b606b005263015af419ae25dead32e87f36fd10517
SHA512a7e6094c5966936d87dac6a89119d578c1b14a76685dea22b51cbc93ed9125d88a04878ab3a8d0885fa27640b73755cf184d18572b3ef98f2fd2d2f968f5e34b
-
Filesize
36B
MD5e44eb2b0a31d18cd43360e7c0e2db9b8
SHA197dec6846116e5d79086b3edaca1cefea123c9ac
SHA2568ac51269016fa9d8609346c78a7656e9049d394b98865f36d2d3d31c8aeeba11
SHA5126c9143fbd2531cb8b7ed8fd271eb9b1ea7e4332023e3dc79a782c1a112a9ec7dfc2c4e9958e90eab6b562aedc5375430147ee6994a7f0074254081e217897aab
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD56abd09c5f05ad692a5422ae3f0df9226
SHA14f89aa75fb04802df99e0fad081901b59458dcfb
SHA25673b2c81926f4f17f73137fb4c25ae373d522c2e3414a0229958d3854a7363785
SHA5120e04137e6076133396962a0cd4da1aa13a47a22fc501ce67c807f5144581113cb16f165f6be1a2171606d770c8641efe37bd13113395aa3cd27547edf94c6329
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD50ba46df0bb0e5de955506f74e8f0c2b7
SHA1e8c70689665f753a6fa4bbbacba9caae0b2a39d6
SHA2568988d4266b2c796061be7fb6c4d17b64747c2aa0762d952678c6c5f69d6f5ede
SHA5126fba1d314e3d685fa2025e3d04eec6f28c7bd39839692b5d7c7b1aa43bd910777362cafe6e7b34988c4e5a45b86bc602e76def00b2c8b20056fb08689836b032
-
Filesize
108KB
MD507b26f4e7d042cb75654389caf8b16b3
SHA12fb379c8fcd6e0c519728401ce29edf2ba0f3abd
SHA256c02df48a6b215ce891bc431b622802e866d8bc375d69c9f4add48a10c92d0efd
SHA5120a7744b1585957b3376b4ef88c568e6380a285982f3c515d52c7dcf97ad9e910eafb5b9b6f5a0f218db714f38de8a5df3f0901507c95deb48534fa522384e2b1