Analysis
-
max time kernel
47s -
max time network
146s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
29-04-2024 01:59
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD531cfce641342817632ef0dea3993b8b3
SHA109ede2a539e10a78b37a35d8163a912584b1ae1d
SHA2563bbb123914452f0302c539a0d61d6e726e0027591c2a0419f3c52adc9ad9fd21
SHA51297d6733ecf238f1fa4c1fe17945f7e498665689458236cbada46edf792f1c9fcd640f1fb3eea20af406b57caa0ec0cc7dab0ecdc4e381823182fff0795e84795
-
Filesize
1KB
MD5888a5a91e20901be583c5b767fa91f4c
SHA1b5700537d222f37c385342cabb1174c8357cac5d
SHA2568c3e16454be5bfe2cd00f9811e266b11955c293a226627fdacd242600a2da4c4
SHA5121e0d11c3161b8fb16081ce6ee1e3c25c995926f71cfc19f1c6e4f53e3345cb64567b1c6dcffb001044f324fefc01d430cb4111adfbcc54006d52368b5549bd31
-
Filesize
76KB
MD5244592a5662464f9e6e8aa5d52402428
SHA1885e44dd3ccf643475ddb16d7d2eec0c809fd1d5
SHA25654b29062aac9ef91d03294047b7780498a2cdf0ddd75028dcebd9b6b7a88214c
SHA512ce35edd0ec05450bb08d6b47583393eea034333b99e13ad2bb6848724f09ed71334a858e5cd5ccb6909d516ae70545c3e7c98ff15673005e25c9ad60b2a11b17
-
Filesize
512B
MD5638d0773117449bca2611284bbef6060
SHA1f7caf17c196580dd759393595df85c6587247b7c
SHA256721046bbb76c81e13a5838e4402451dc526b466bc8097dcaeb24b57c902f8829
SHA512adfe8cd96653e584361f28ac0d483c7f51631956071d386a4d88b93e2b6f60ccc5c756005582a3bb2851eaaff4767383efd86d4a52c868fb77385f41d79bcb60
-
Filesize
8KB
MD55a5cf65a765a4f84b61e3547a32850c0
SHA1da780f65bb92520ae0bc1a53d079c8d276d25e31
SHA256a48dd0af49c097244fd1be5d313acd22e3d80a8b9d24b357ae433e27417c1639
SHA5128c387e0d90fae9bd80b50ec19dbafc31c1478bc9c64fd8b5858408de89893efb9cffaad195ced86fee166391d93392fff44b7f7d977c1607378482a34cb683e3
-
Filesize
8KB
MD558965beb751967e6bb90625f8a4286fd
SHA1176831c4f6da9775557aa385738f4d978ef6701b
SHA2565f1d6be7551bcebd162618721fcd7f8b69d7bf8ee1710a20fe76371ddf87032c
SHA5123c54402cf56f3a83bc45cbb181f1e326a86655803f413831c019e6775b66f525206636f12c40fc90e809d65493df75aa93b4e83b87d398454401415f478d486e
-
Filesize
8KB
MD5b23bde1e471a4e877df222d5407c9378
SHA1ce8b446fd393bf2402db94f542dcbb996c2a468e
SHA256b392140da72d1982c986365026c155d58574ded103c5f14a539a59889768357c
SHA512d59a92498614f86e5a8ab2ae3eec853975faf978ba132b3f0465cf7887c9ec9c7a10666c052610b09e05e0d3e06ec95b8701584ca63afbd000ec396c708b96c7
-
Filesize
8KB
MD5a94c93143fd1720474cd34e470d8bf17
SHA157004a0475a7936059c74ade76c01a2325c7e96f
SHA2566b7cb1d636975ac4759a0d73829885dabd3a92a44ae9f83883577803a78c4ef1
SHA5129a95f9194655abbf9cc0d1cb54aead25c74c36f33fa484c4f7765dce462bbc5456d6cb66b1a74db87fa38656d2e19df814f84c6aa8d356f0ec29434bfca70eca
-
Filesize
8KB
MD5e8db1cbc877f059b32ab9443b690f369
SHA1e7a3f6e2b14e6dc16b66cf903d406707c4dda73f
SHA256a823430102aa3e0caadc08556af459884e31b02a057dc973b19dbf3ae1158a1f
SHA512b38c9cce3e2a9d5d1dce5a4b7cd633b05861be4f5a783ff16df3cc807e103df4db98062e5f17e372022ce573d0235bb90fc6e14b67ece796170b759d11711e02
-
Filesize
40KB
MD515d5b92dcbda7ef7f9ca327a903e46e4
SHA1ca153b66028a58d90346ff8abadbdf01b95c37b1
SHA256e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370
SHA5122352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca
-
Filesize
8KB
MD592852877029a80638e7a259844d6ddc7
SHA1af44a95f44ccf079d13997c70ac2005fe976ec57
SHA2567ff5f1ad75bfaa0ce7658b7e0f1a061c4cde5fd615cb9274510750049aa5b6a3
SHA51277a33ec63f5c308d2680f57f6c17429a7baea738b3c6fb94754e575dbf08f793463e6480e45d4b77746baa3d0d7d4b043b526b4540fb91887eb2050523ef3c16
-
Filesize
512B
MD51b60b0875bbedbecbeb31a2ee0718fe6
SHA1284e8590eb653748d05838d20d1dc955d06daf5c
SHA25678cc0f2d859574edb796f5de93a25c58dcf410f9c65f1103aa7f388a3383afe7
SHA512a2bac1e7194cc734e7392d88328cb639f7a585cf46ac18a02cbf64557de958baf3dc3f3442f46c6391a64c90b4aa89930f26425dc09c0e7a50f9428d6865f4f5
-
Filesize
8KB
MD58aee61b8f7f017451d7989decd526f93
SHA1f214a1bf7aede6f4fe7d0149200af2e52f4c0b44
SHA2567c785606377538168ae4cc104d5c6c94f6c807c4f65d0aed36bf3fccf3e26285
SHA5124109b10b327185038d2763319705c2eface537a23f2d571f87446744324f46d883dee9f74df430f5d026ca859b48d54c0c0df3777f3f66adb3d0d6b28b68e9dc
-
Filesize
28KB
MD57c7b00f97b81963f69f3c7eb87b6b8b6
SHA1091929e5bad6c4057b4f7ef88d9f5b82a5a1c072
SHA256545f93e409db270624c8d98b3d61b834a67e4c2792b8580c985ef07076778312
SHA512cfd3f80b1fbad5c2df90fb54a66efa7191e3f1f67f817ce833a1d751a60372abaf58bc171a6814352c8734cc44541a6f64e283a07bfae40ac3a1c4e12b002b59
-
Filesize
512B
MD5830e73851bfcc72bf25b7e8c5f21c3bc
SHA1095e1d2d4413edd6abf9ca334f85c2eaee3aba8d
SHA256ef03583586dc982bf533288f0eff6ead2a767788b184749d2d0928526d46a192
SHA51259b128ad494d71b3547e16852a82eef3a79249e3cc3f3e2b08f25050942eb6174d5bd202cac8927330ecc2749e6c3cb8530b8f68d00cc96aabfd84471d9f849a
-
Filesize
8KB
MD5eedbe0f06df5be66f60fb83d000dc9a9
SHA1f783a65d0b4b70bfdc1108fdf0854c6f7bae8172
SHA2568df49d3a4de5909ec10089f573534204bdf98987882650d28b3f1404ffc151d3
SHA5124996327b6464743bd5f0df6b771ae4c939c6444ade333ad590758dbec99f3a8726f226f8a2201a88e5bd51baeddcfd33c5e080fcfc75faf764d5966e726ff684
-
Filesize
4KB
MD5274c5045f4c435dfc0bbcbe0e1cef72e
SHA14d6c2f17ebd7e580cb740a15baa93b4ed41ad414
SHA256dd90c70866db5f6d6f6f5ad49537d4eb65c91d7e51db853d2650074c2b633558
SHA5126eb14eea2fabcf0e525a4a06ebd150152982393bf96b89bd1138d34f5aec2e97b3efe1591772261bb0924d2fb78710dc3b0b966f361b0f1b69ab8967c2bfda86
-
Filesize
8KB
MD5908086017eba2dff256c11eb04a4c37d
SHA17699ffcca703e5d739b45b899f2097e64c5dab07
SHA256a261359a3a251a88f2162c43ed8f875050ae6a86b83b89e3fdfca79bfe4b29a7
SHA51256039500d0bdce4a1cd6472cd3624bba26e669008f7e0679bb329f2435dd152a91a25e7301a9a095eab63df5a042acc2977a017324b342fbc0ee2273fc2c34da
-
Filesize
8KB
MD5b71dd47103d1a982115f12c760fad51f
SHA1622fcf6873582f4d9579cca390ea310e80d27bb7
SHA25656e643352717b997b1ac40919c58bee1c6a1b0374b9e6cb1b468832935638608
SHA512fe1f5078ec0827d1c271b523649c4039fd06e282cede9877f1163c5694ea18e778d2dbf0a92950d81053d3ea7a9e1f936bd8f0690aa4d5f6e6169da911e7bd86
-
Filesize
12KB
MD5b480f5c500e7bf631b9755e21c6712b6
SHA182386be3eeb8352c22921218a96b59430b1287af
SHA256b802632bbfabe70f403d7888ae556c4e39ad7b86564b60259885f08032b37f13
SHA5127213d71c81382d522b07016701f32cf1b3d9397bdee3cecf4703731b604cde40656d439d8bb9e59d6a22a9c306270e5156e13e51939052c65c23918289903880
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
16KB
MD5e1866b69886c5818c7e70c7623a7e88a
SHA19b2617329f83b7d759fc93fd654bb03e759726fb
SHA2569f59bf3c61006a4e23e7fa6cee46f9f07d9058fba73a9d26c45d9dc39df935b3
SHA5129a2c050f84d0848c6f40a5da8831af028b62c3ed7b1510919990d51cb9fcb61eb45816c9341ef14dea308da5d21ee97b6c3b81e27150584b50fc3bb9bbe38239
-
Filesize
16KB
MD5b21562038c4b869e264a2d2348f04de9
SHA168f944e387c2f8cb4ec2d400a95aad25db5b7a8f
SHA2569c6552012a4f8ff0849956d8fb912e63e51c707c511d91b789e7e41342ff72a6
SHA5125da017d628201d00968abbe5f72b22286b863d7ae5051e71bb32fed01f123f520b7217b8301ccb92a165a99a57823556d97bb7bb767ecf5dde4e49de79297644
-
Filesize
16KB
MD5f4240c0287c55c2e943ea88fef45d2be
SHA1796cef7147fa19317b91636ea94330a765a70dc1
SHA256633fe3d4a083368eb9c3d4c17476b836437c82d4fc1adaf368667d5e60f468e1
SHA512a0b381e316b25f195a457114ce81abd114816fde5ba2bc12d4080c60f7ac65d8adc10291831764f7e9392002dc4dea3001e0c59edc4fa0b388af36b9015ab255
-
Filesize
16KB
MD5fb19832ad4f58de0830d28941e3f13e2
SHA119983f34f8b777ac98cf97eb3931b33f390bab89
SHA2568befc8dfa84e5a0c246f5faa8fbf1b19a358f39c8516a0dca7525d56e9925c30
SHA512810ebcaf7676f7547df14a9f097cf9af8c97ca79fccf3d62d1c7f9a2176625e8f08f0023610bd2afff22530f1fe3d9516dcca759e95e6a10dba4f465a312d7da
-
Filesize
16KB
MD598d6fb5c9dbab43df06e4e44cb31d425
SHA110b98fb436c1fae52c7d17de7f1308a59622adb8
SHA256eab409f55e9e3b8c72d607619afc31b8069199c890d0971c4905adaa199f3802
SHA5121d8be44f20a1b618d1e85bded1e2c194bb2b42002f96e85157ed27d8b0d7e0c5adbd774ac0281ed11bdffbcd251a8cc606fab9ed97dfe0b8c60e25b06233c5cc
-
Filesize
512B
MD5641be539f224507244e04839b783f623
SHA19e1039c4022a7ebebfc66250793e52efe58a843c
SHA2565bc570dee83e3a474536060c2c881f6429dd7ceffbca02a78d543975486afb13
SHA5123343635e4da19488edf77ce91280d71d44e518cc599a15ee9cdb74d5381afc24af6465234f2568a6b4d9dad46dd3950ebeeaf50b2ce3c36f2bde7644505b3e04
-
Filesize
8KB
MD5859b08931c1b8c194d4173eeef3439bf
SHA12dd3149a5826028ea15c7875f148120c157776f8
SHA256a2d7fd3886b42a4ef4846b2de26042805672f2897e8652817792e6b40d49f9f5
SHA5125a27f9935bd0bd25207e7dcb54521f2cc53d9f517a16e08e870a493bcbf8a6da526721904cb4cab80bfe350680b7e4fd43b9c6de93aa71cecf3972dc4a422f28
-
Filesize
4KB
MD503360e13a3f8233850db9edcf6a001ea
SHA178485d44bcf4d3482adf2c921fb4c506f3aec0a4
SHA2564449e9fa4525da87c7d85ba716194817eecee3548b5f74056ee5349720e7a115
SHA512bf0306b09e8b79d44dc7787528b2eb1f5a065fdcc1e50ced9c348b1769353386a08c693cb5eb3d83f8dbd6f0b22f6f65c487993179e7d25ca7211146232ba2fd
-
Filesize
8KB
MD5232b17a4d3716db6bc60c4c3d5c5eba3
SHA1a318658590b26b63cab3475c31080f6e3896d097
SHA2561b1699d25fb5289c181798bec92e145d511cfb61fb2f93fe5051253ea5515edc
SHA512d432a095912256ae3b2c8c042b50e67c537718426e4323474a4b58f00f4616bcea0f88913a3bfc60ad0bc56ceba542557fa86c216fb9eaae39709e483abb53b3
-
Filesize
8KB
MD5fcdfaa6c1d74765d26ee933300793a3a
SHA1bbb0ca284e8a8c56e421f4b1fcfa9912aa894738
SHA2563d556ab8ec3f43dd431bb492499105ba2941ad426a1a1241ee2e970435885aa5
SHA512518377dd23a279cff069323655ddc0dc34c2299af44b83cbc129e50ed8f0d8265d278c41590a332b81bcd05e2b76d4dad343d881da21940c8b8fdfbad61c7263
-
Filesize
8KB
MD591a3bb91b6368565b101386a41b7810f
SHA1cf19b75f4c839ddbb2a661c255800b79644a55c8
SHA25607fdd6ef55ca02572939a693559bb471ff4377be7370d11f88dbcc1735937c55
SHA5124af1590136074c3fea2d76b663476343ca639cd3e8e642e2428d4b9e93a24d1cc9eabcd1a21a0e994dee1bf41f0862be16556f7a07a8c3e729acee0f33f61394
-
Filesize
710B
MD58a902fa3230117a264bd200f60349082
SHA1f2099445c161abfdb9d86ded5d0876da1dd46115
SHA256ec990fa54d83995270630644c5649370090fb2189a5fa757c705794cc3a31109
SHA512e05f7e888f028c42b3620582b0839e02debcbb1f8e6364b5399133a9bbc73f308d260807fa6aa5d71f60eaa5d8b05f86721657977693a843fe9926621c9169da
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-662EFEF90301000113A9566D96248E44.temp
Filesize437B
MD5137b44b63ce0093727c8d9876a85f5d3
SHA12c9e0c87cac39b4207f2d06d03165e1a058625b7
SHA256ecfcdab2b1ff6fd5293e0a1a05d98210b6f74adbf59c0200e39260df289afda5
SHA512ffcf221317d8b84c0bec3893657e26ad9fc2609ba75efd3acb83a190ce49e4bd825d33e1c3ae92e4656e494e60e573f9325909d41c8e5bd4a2807d2d35f4d587
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-662EFEF90301000113A9566D96248E44.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/662EFEF90301000113A9566D96248E44/report
Filesize733B
MD5a894074dcaf2a3d6015cf50386eb530b
SHA106b84a26359561c7a49928e9a342000f81455d64
SHA256fe8d11531b161bf4c3b22104bcacb2e90c98f7c7eede409e21a998d31f389246
SHA512cddf18397d503ebc6dafaf4a41ce66a25a10e9324a07e13b67fcf191d7b69b739068195c0bb1ce9a46c48e0320589e8931f7b24a0233bf10c01b9d4ad49364dc
-
Filesize
90B
MD558f4b899fea04cb1a6c90254c23fae67
SHA133576ec21b702e0a06b7e1ff996b7baea01ad942
SHA25621a127011ae86fe0bdfc5b5ccfa3197566b3a0e6f8c6cd6dacb78ef7ac92ab34
SHA5120d82327c3d5795d3e107fd0d3e333c314bdda84d8a70a303480bdc484ec7a00397012ef1d10c44010ed073a40a5359d2d46c82de4f370482413f2ea3cd4ee575
-
Filesize
563B
MD5966afe539e60fff2b1e3eacb75ff304b
SHA14ad6b85c5b2b4d9bf3fbb648338df3c7a77dc560
SHA25633d808f472515e8a014bbbdb94c4e1ac31e2d58f0bfd7c6fc54617314a00a5a5
SHA5121aec89693f5725d6a4ff244a64290078da9b591531885082232984a9fc4971e645fc418f6dad9e2d3d56737c8b9ab73e39c5b50f3a018a07f1ad028f1fdf8328
-
Filesize
36B
MD579514729fe0ebaf6da4a17453dd8f65a
SHA12fb91d32605985a160fad3e660d3c281f7868486
SHA25651ad384cd2c4f89530e80763e606d024a9526a5c400f1df79472c106820ecb14
SHA51215b72a68763fafe8a03e1398ad5ead5aa4d653f4b99e3b67b62c1c05907bafeb77bb2a90e4797cf27af38338cbb7d0b567f936421e6c74d12db86eea65af9458
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD51cbc86698304ae7563be2a5841dde880
SHA15da7d77a87dfd3a21c4b349f7cdac52f6a410325
SHA2566aa7654ed06504e112b875642d6eb8e28b5bacee59e9aab1695b096268eb037b
SHA5121f5366614c29e589d424051540df70f5fe6664a989d692b305fed5eb39061b428c4849ffa47be903a8d2de4e17e80b120fe45d7ac027dc9c49ead059e8d86581
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5f11ccf2d8ee7564160ad92a547ac42c1
SHA191ca61fb9aa0538f82a3d91911535043b6c12190
SHA2569039c14863b5a3f510506eadcd036a8a7e2444bef4f4ab921597bd0b455282f9
SHA512313ae3e335b3195fa03ad5109bc725b5d42d4d2ccab7cb7d5c3395cd5eedef0b85855211c6c6b0ce0db32e96ece2f37a2b0356d20714e1995556884480e0398a
-
Filesize
108KB
MD507c819c5e4415bbe76753a5c27b4d08a
SHA170fd1e868301912c4cde01e3a8877b3332830dd1
SHA256b1223fd567363036b7010152ff69c3c71b320d1023de15024dee938c4a999e4f
SHA5126ae73ff4444217be6e427b56a01a4b3ea2046d016b3cf08e1588ec13ffbc31bf92fc0a13c0d49b1069888465335d02adfa261e283d26df04fab3fe1e90d34bce