Analysis
-
max time kernel
47s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240506-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system -
submitted
10-05-2024 02:15
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240506-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5d7e14d18272332f20823115e6fb50cb4
SHA160f4c7dd8c34f2ad48f9625d28974d4dead735f0
SHA25627ba6cdb6cdaa6152d2f07978ef8ecfd40fc28e862d1a61578b0111cd083886b
SHA51296fa6affabe5cfaa425076ed7639bcd35817162e9b5615c34dac829bdfe199c0d15698a637965283555eff7d0e01c400a4a6e77db5bd98f882968bff079005fa
-
Filesize
1KB
MD5e25ce1e871d2e508cf66ee68204bc4ee
SHA1931e451f73079640fe896dd8a10e62cddebf46a0
SHA2569fe9ba28d2837f2ea384847ae0aeb8c8d6806e82293a235b07225c25b9f6fec5
SHA51256b9fe6e1056202cfd0334e258e4f9b231a3f9b050514e468e0d229ef5073ccaf8111bf4fbebff05778c5dc545b5bc36aeaf3ad509c54eea01428e25d037b73e
-
Filesize
76KB
MD5247a9a1ab8a9d50b768aea16f443ee52
SHA11b8ef45ad7df4db30e70051835585e526f7fe488
SHA2566c414fa302b351eb7df14144c5c36a7ddd181615cb540f012ff67005837c9796
SHA5126285e17579d1253b10f20e00f40aa8432e58a0e7b0b080c7ed52eafabae8f339f250897164409d1bc6512359557545998042fe41fca2e7b4ead85ab26918663f
-
Filesize
512B
MD508bdcee6ba663b1479651a64107e1faf
SHA13d825d1a47a7051d09ec3346c5094f1ffece67bf
SHA25622756eeca76c2fe32f521504cc97d4551e85ecee9ea331f517c88dd46b30dda2
SHA512ec80d0a612a15572195a5e2c9715dd3e5087d45f695e944947d1afd650ce61fdd74182f29ef2e1b8b9e9010ab5e04eda61872bc04ec416fe4dd421396be753da
-
Filesize
140KB
MD5d02a3271e69b5bf4cca7804a1a881f19
SHA17e169423c51645bc79fa5ae7d7332e85f880b2d4
SHA25628a085be61dbc7769a43bd94e8989b26a952bc84091ede8c3442be1999da6c93
SHA512bfa3bb264044b84b910404178c178d5cafea64e964565273dd1b85954a085a3f708306a52feb007e48d5a876cfd30b6c3aecac52845d6612e9e51692d0535d98
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5d860317eb4fd3730e35d33c43b40adbd
SHA13cc2b24efdc3dd1ebfae204582d702fa8ed9a911
SHA256cec2f5ef85810f80d61ba69e95dd2142a544b9795c2c7796922d91dbe4a1bb07
SHA512c4d33e45291aafc5116f42fcb2c150e843b3c946c4ba046317e36d478547e269d5550d1b83d66e5bd2ae56d4d92c46c838c6abbe9146bfd5d48bae501643a16c
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD5bd26965a89207c4d342c0d8b426383ac
SHA1db33550c871f47ceee2116dc44401c41c8f60fac
SHA256fcb8e4ac58093bc3269265625e69b91212b042ed992896f02628b93c40991ff9
SHA5124bd2e85de42152206f42df9eb43e30d2c17cc353d6440b6ca700b88398371b3b5cdcdd7640824934d362eaf8d7fc18ceb5d8f22ce435a27067a087bae3b4c9ee
-
Filesize
512B
MD5d68b329c6c696194768c7beb085629f1
SHA1d8b5d9174ac3e10f6c4c71be03a000a2f1bc9cda
SHA25643bf9f79a3fa3d368292da65e702573ff75106e3759c26c88187d138043a077a
SHA51272523a1efbb8474e1a50c39d6f929099cb97a52839f435a37d259471eb9a219328b1849ddcce0658bd82fdddbad77962d6ede13fc9168dea092902968e93581e
-
Filesize
68KB
MD5a53f5565f3b995a7580d9a5c30e64d46
SHA1568cc7dc8860c91beb9fd374483a710facb58f72
SHA256db7c1e4d259fb74e779d2178246a69dc0a58180b979c437e81c81119fe9b4c3b
SHA5129bfa8f4f529937a6ed56c1bf3612c69f71bb7ef75dc855d606bbc40df144f68f13ca7795c5a7fbb15e953d8821c644c51b53a63cbeb1e6e06915e75e67f81900
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD557a53e508f54ea01d2e1581dd95d1794
SHA1c9fb72e92ec0f81a0d704e90e96b515e30971f0d
SHA256ba136dcbef63261e053d35506c0b9f8b1ee2df78360cd516b7cc04f7a20570e8
SHA5129e345279722273b169297d7021a87b2c67ed37e51edac7a02960e87f434a267b8abfe2c81178664462f822a700bc1a82b2fbc929ad94b5947ed74c174986a78a
-
Filesize
16KB
MD51533366c8203d9813769d63caa7c3ec2
SHA1f8af56dbde670e0c50ded5967564e7cb89160c5d
SHA256ab9692729968818c430f0485857852130cdc50460eaad994af7e7af5d37284e6
SHA512fb6721b6c1480f7041a640be861cb80c795379d7daad66815ee3b4b105a10aeca60d4f1b8250748e8f79f7800bd147ac92cb14b84e3d5cc304a710828aff7938
-
Filesize
16KB
MD50af7cbd23e06400739e0687fba6cdfbd
SHA1bac369b616d7b260f90a2133337705f92c774cb2
SHA2563ecdce62d60b48bbbccf84c9f25887fab45f6b2a2596acba85a9c746e65f24b2
SHA5122494c286231261037585e4a9462c000df5fba3b07c264fce4d1162dd0bdb7358682ebce0037f9fe7c97af5cb7f8a183a8a51f5e40edb33413f786dc7d25b3e5b
-
Filesize
16KB
MD5060e6115b4506656d80c3e50476752f8
SHA1268326faee327070bed50cfa4a7323fd3c3eb114
SHA256a62a8b2346a4dceed13f898e6ea63654422840be35182e91b1bded15e95854c2
SHA512cac388703e57b07a8990001f06b8e464f4dbbbc3fc33eabe4702afa6483d085a72ec1f4d88c440d8335ab92a9cc8cafbe938d842fff10cbd468f1f8f04c3028a
-
Filesize
16KB
MD587cb9139596742358c3c3c255a7eb83d
SHA14c828cd7ecb820c49388be23f7044752b2a799a5
SHA2563efa205c621cf97960f5c1b691931bf0b983ceeebbf1833b6fa0f9b1391a1593
SHA5127edce5c507f0c3efad1c9fbc7da751a2b11de32fb23e52f21d18cea525e1172ffcdf71198884a0a5c88d84e3268d8125815fe88f78743d9a2b2fb4982a841b2a
-
Filesize
512B
MD51c5d3e1d1688a810edd1d4aff274d09a
SHA1a9ddd3e946c359be1ede1000e3c7684e35953295
SHA256cf7bf7aa3b5d312d2b7822796a581ae09a556973afecb81b81e675896dab4ae0
SHA5120eda4c7dff2ddcc74c89d915cdece732426a09b9c188b38815979838b1e10a6b209c165679e76eaaa8835aea36d2c1ecf46ac4dd00eee36a3c245ceea39d2b5b
-
Filesize
36KB
MD5cd3e98240b874c00547f35a61b028793
SHA105e9055d0ff9632b6171d7d2bd259b6532694914
SHA2568273db6f326125c8561c9835920ff3a53c83db1bff926d53222ebd7dc2414c15
SHA5128c474b825e12d21801f16774cb23a7a598652af556aa0b9c0334cef957e2f56479c29b9af9cf53a011e4aef7fdce4a3156722a73e573da9b0d8c5272f1b1cbe1
-
Filesize
4KB
MD5c427b08eabeb255c1fa95ce93f1e9086
SHA1478da9b0cef589a37dec522b534a40ed740c2bd7
SHA25680f8a3d896bfa17e875af63e10db790b062cb7fefe1f2f76bff6c173ba37b366
SHA51222863c91efc84ccde9a832f60a1253c9826ca14b67ac073a6acd7b05aa0451fbd62fd3cbca55d95bab53fb45aa3d7b30283c6968a50813ac28cf70bc12ae84dd
-
Filesize
4KB
MD5977adf67b95f5e667f2ffdca4ffe2fb1
SHA1f7d4e2c3ef602014ea5ecf33943e6a830807d2f1
SHA2569e4f19179b8797ef32f8ed272dce62892bd319efa520faa5b4e27ce8a3480946
SHA512226446305bcba9c0cbd87910293a8e9d965e6622c1ee6a5b63ca8305b0aafcee6d725fa720d7314a3809f13aed707384ab6a76bb53349ced3e15b71682e30efb
-
Filesize
4KB
MD5de5c8f88fe1cba4d7c4c5932a2faf8ab
SHA1d2206a2b69e1fc6983ffa9cb53ea683e246dd8d3
SHA25600f3f52fdecd2524f1646fc5c612bbe5bba78d3324bcf5b309405cc028f2590f
SHA512c6b34554864ba42905fa72d80ec3e8aca83e807bed2b3cf8aa6bf53771ee6b5ea87ae424931c094348ef169c475a0bd08fccd75c9a3eafc7c03945c64353a66e
-
Filesize
4KB
MD5a2b681231d3fae3debbfc1bedc02db32
SHA148a52068642ff72f471cc987b740aeb04c49b803
SHA256064b6995d4d501a9cbc9eb10a9ee9e5b2211c019a0f72610bb16579a64ad9d98
SHA512d6620a66fc17c2c97c67d930c81ae895c438fdd615092665f1025503d953d8388fde60235bfb4105661db83da87b52a1bec5797932fd03a7f80439726d0e70c5
-
Filesize
4KB
MD5b6b34781ec5da02e757e494ea0029c43
SHA1e1c70857e2c3c1effe9c5c1276a628f0ef831210
SHA256a047cd137273b3de9772459c86e13b9ffba5abcb578c551d861f08047617e9de
SHA5127d3253804d54686d90a3f00013077495f4e7bd7ff5743804e168464374a1300c249a08bdcf705267303364d17ae2dc9130a4efc253efb6f12cccc51dc8fd7ee5
-
Filesize
710B
MD50abd44626c7f9ec70b57bf3005686142
SHA18227a754c1c1e8e012fa8f76b658ad877250c28b
SHA256414aa48cfa23db15ecc235cf47cfe976b062ec237dabe158bcb080459408d507
SHA5121bbdd0dfd3ef62bd89a6114ef0e486f24372ab9070a385d618f3d903fa30f97388cfca4afa54c77501633f37eabdb278d30d5d25f2bbec1ba88e2b862861e548
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-663D8334019E000110904986F572C020.temp
Filesize438B
MD56d45d83c2d0df012d565d94721f86f1f
SHA1cbda2f3ba33421035c80167e9b762cb08d2d5523
SHA256f137bd8819c02e546fcd380752be0cb86914ac3870ec199aa968201e8f2bb19a
SHA51297ddb294edf8231423c2c5abc9b676d4b78224396ddee513b223d05a4d7e6cf0fb59a8b425d5cd72137722d8dd2214c4d2098102fceaf8e87e78b8538c8b6cd2
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-663D8334019E000110904986F572C020.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/663D8334019E000110904986F572C020/report
Filesize732B
MD5b1ea100b36b56bb7c64411b0fff685bd
SHA1766ff057dbc091e6f259b1f24388f14bd337bdf6
SHA256a978529dee4509adbacf54e0a6b09e3fb826e28218668d3d074f989e9a9d1d53
SHA512204492e61bb341ddce2e5d77247a53f2d2449c4539c4479b7d5f8e1014bf6ea5ec06924a23bb4c1b2f4e3c8b3261d9a067729ce8181f3045a44a57687f35d332
-
Filesize
562B
MD57843b0aeb335673a55044d243aaed057
SHA18b62feb819c24e13ff40186772ca5b4f8f057940
SHA25645dbb89af2625d7cfe49e2dc5538fdde9cf4640c8de3e105878ec0d673189f8f
SHA5127e5623e1ec19460bd52da335eba3431e4a5c3c36b1084ebe988ba3626b037565b79513b471dab00a7319524d80550c6158723e91d49e6a788aaf07e0f6fc4538
-
Filesize
90B
MD535d71007c29db7bbd2565539df931931
SHA179eac489307af553938e30731f84538e6d031411
SHA25671f2bc5d8146f2d1d6ec3c2d84422b49f85b7af75e35cfe899eff97a8c34faa4
SHA512efba4d134e3532d45d114c279fd7a7444e9f11b2d3008f7018d3dfa4696c087023a3ec549d29468c8284035d4a16f03ac90a601e92895cb265274a599a9925ce
-
Filesize
36B
MD54e79a674ae1b58de839eebab0d33c6e5
SHA1dcccabc0bec1202c80b1bb02d2d832b39b80f212
SHA2562b6eb459c02c7abd2705f76a71987c490580dd8b4c5fe408884656c2e00999c5
SHA512fe797ccb0f7faf71b406a8181c6970ab91a62fe43c235ad3ae69ee80db24b7c720774c3b1163ddf6cc7608523e29e654bd6e502dad9100373e30b232444645b7
-
Filesize
512B
MD5f488d0e6903e91f888d93787ac2708b1
SHA1341e0baac6a223fb1d44d6e4fd478d5289f86594
SHA256e40ac0c5c65c983c49567117c48fef22c5e5a72cf5f2671c2d1f60a9e4317c93
SHA51207ded1bd6da76107dbbaf0064d5b08347f84777542395a267d0f58e5762a91de029bece184900ec034804a11bdad0dd3aa84e337ae74fe80ffa816c37247037f
-
Filesize
16KB
MD5c2ca2a11f33a09abb85c47049b2a77d9
SHA1c54762749f8cecb35cec994ea5fa7346c4ccec55
SHA2564b0a65a04b5f7453fa10cd09af8a3ab4a8ce23ddca5fea0cdd24a6205cff6214
SHA5122dd98ae2983750f438110449ca44fb266a6aae67cef41612a8f40dc25a44ca9cfa2511b426fd86aaf0a98225abd6425ec89cfdda7f22c7cc09bcc8030bf7e66b
-
Filesize
108KB
MD592401edef63640399051ee6a0b39dcca
SHA1caa6f478da783206df7d58cbf97d431a3dfed668
SHA2560b2236185421cae1cb0c7a649e4ed947ff5d3de257fccfcfa5cd5ce6fd38c32d
SHA512dc05a5844eb92931fa8173f7f638302c281c57c45a7e816273f74880c0f0df0544c7b99ece178f414f3ff99c2ec58a0b04a6d0e70e30f0491544c9a4254af0be