Analysis
-
max time kernel
48s -
max time network
133s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system -
submitted
12-05-2024 02:23
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240506-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5d223b7af16bf3ad79817c32ec6edb82b
SHA11a37d50248b358e4f3a4f83a5e2ccafe26a37da5
SHA256400ead023b472b9c4ca7972eb9b79b6712323e27accd14605afc8154f050f35e
SHA5126ec4d088d3ca4cbcd9b3067a32f0fbe1ac30285bbc6eef5eb9899df229f7378e41308ab797a7e750757fd46fe9c5ddf8bd6aaa004f776e8241fb613553154dbf
-
Filesize
1KB
MD5f193df9d89297bae06ce11d6ffafb8dc
SHA1ac16b27293799e4020b49653431e9d36f76d1b9a
SHA256b67f9c8173dd3ea8e24b41f1328fd5df062dd433f0aef462770ea989990a1f29
SHA512bad2af6b2ca9e62a17dba2a8ec68d07f90f07bd6a2581eb07b18ee180984ed27639362040ebcb01d8bcd6460e80483026a3d0452a6edbbd0b0fa24f8d526edb7
-
Filesize
76KB
MD5244592a5662464f9e6e8aa5d52402428
SHA1885e44dd3ccf643475ddb16d7d2eec0c809fd1d5
SHA25654b29062aac9ef91d03294047b7780498a2cdf0ddd75028dcebd9b6b7a88214c
SHA512ce35edd0ec05450bb08d6b47583393eea034333b99e13ad2bb6848724f09ed71334a858e5cd5ccb6909d516ae70545c3e7c98ff15673005e25c9ad60b2a11b17
-
Filesize
512B
MD599f3e94224846ae390192d46518dc7ab
SHA1fcced998946236a8628ab104cfa173b757788f99
SHA2561ef8b0332cf731520b78da8270b9ab418ea0e915a57c7b775a1601c9962acc3a
SHA5121e8c5e6f0f943894038a24065bb676ccdc520a7ad84af4465842afee389979de57d3c47aa24d8b7343753278c29437a5ad8a1ead67f13007684d2779d57af256
-
Filesize
8KB
MD5e492c5e9c3ab3673feb363374c1d0a02
SHA182196bbaf39d177f453d6cdd69d5eaa8419ddc6e
SHA2569c8a0394fd9e4e7738b60c6234f68da0aa558273372ba688c90db4f55965e6fc
SHA512386bc476a6b93d69da4d229a642199b01066b35b62282dfaea1b19264141e9409170497bbd61927b675ec7f8f311697733cfc3a755dac6bace7b2ce876f69975
-
Filesize
8KB
MD535402a3c9dbb5a0050e95c4346209d2e
SHA145668284023a5fda9be77cacb2a097891f2d6d54
SHA256806887ae3d5de35995800e6dcc7ff0f0d734cd41c155aaa8a7e81a4718f39e3e
SHA51283569685744cbb46b201dd851f25f74c3ecf4fb19646e56e8a8c3f8157acc26ad83acf926fa2fe1bfbe837bfe141dedb220ad6a20ee2e02dcc29ff69ff5d6373
-
Filesize
8KB
MD5da9af58ef2e3a954d6501f950223f634
SHA18d382df1c7d48cc16be36c2b59fdbdf75320b0ba
SHA2564664ac2801972e5eb20960bad8c917c4a24ae4c7c5cffd174192706e47082736
SHA512f1a4f8060755d41dbe8f89c1a10513603375ccc386224230c1ee8291110831fa847a142a2cf2010adb580ed09cbf30146ade992a337a737ac8559325caee6feb
-
Filesize
8KB
MD5c4ea27c081cce47d948706ba630f39b7
SHA1df2592dad0589727b781c544e171a734b5c1d614
SHA2567564227fd8050ecd6bb5319b6d697579fed0f50e83e507359c8ac596257db439
SHA51290572e0614021301df501fe2741fc123c4cdab301f20c5933df9d66d523048a8da91f4de9e10b1aa213dd6ae541388d5540b91c6996d71d691b4670eee985e3a
-
Filesize
8KB
MD539ec7f4b9a99d463806f1ac68a334feb
SHA1bbbb25c05860f69da1a3b3c7b2986ad3b469bbe3
SHA25662ec468f988a49ae025a9d82ae8d2adda327643dc78b5336db8b263ea0d5fada
SHA512ba782a5d690abf4a2df8b5ccd061e18a1dd5f3e67f665d22bf8af363a9d59fb51312dcc456180d67274c76650abdc42a02ddd5512c34f650de2d525e572054d7
-
Filesize
40KB
MD515d5b92dcbda7ef7f9ca327a903e46e4
SHA1ca153b66028a58d90346ff8abadbdf01b95c37b1
SHA256e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370
SHA5122352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca
-
Filesize
8KB
MD50b666e10a362e6695ad6205bb987c984
SHA18111a1f54f1fe0c399016e006257840fc09b8192
SHA256965a38585c991182200730235ed5944e45200f75b52e184f6baa28af803e6994
SHA51270375f4e3ac996a61885311873ed4c8889e9a1d62ed14f471f1a25b02e5a7a15de9e7b3bde1e833c035b22d331fdcbedf4a7a9027ccb27beea9024e86e2c34a9
-
Filesize
512B
MD5ffe4282552e1c1f55b9d5f69af5d002c
SHA16270413a74a684aec8bc041a85e71ba480b676ea
SHA256faef516db1dd715e4c3b33efee577c52db13b600a8e9a087a46577e4bac59b01
SHA512d53d70a2a5af714bc62358e4cc1c24c7bd9358f572192f61d5a350e816de5363c68eb3b128e23b5fc6f17736b9701d0497914b38706d0bf8500bcd8f2827641d
-
Filesize
8KB
MD5de2a6066e5a93139690ce4f0f6b656cc
SHA1c46b51a1b71588439d9a39d73a966f3c3a5bf2ab
SHA2565d00226b33b38f9786f0c9b080c388165e459fcd7bcb1eda7bc064c4e32fe890
SHA512d018fba1ebc742e1b1756ff4146f6c1f9eda526d849a52154a62ba9c3c5aee52efcfe4bee337f54f6342d0a7f1015b48e73d00eae199a1a518f9840321661959
-
Filesize
28KB
MD549aecfe8fe18b47e28cfb771da7f3b09
SHA10c3b6933da9fae25bed73116837eb9638fd607ec
SHA2564e8b81f8f0b8d37c7a54f275b8d5429fbf20c8d8d35b769a4142bd48c0bd7f7f
SHA512f47f6426e4840ad7d7852f9e5addaf0d47d3eeaf82e8820081cf428aea84d4a7618c8c29660d98032b1b65578118e1c46a8dc38c0dc84bdf87a0fb9d7223152e
-
Filesize
512B
MD5379504195ac7e79659b7032d32b49a4a
SHA11194764dd88c0242b692da8684c9761159ff04ad
SHA25658b943977207e796770440fd3767ce93eb2ea0cbeb9d8f358d41aeee3f7ab58b
SHA5125fed83d6395913c90145a49fb015f62d193ce0d0bcec769d818794caf446d716dd4606f3eb07d71a6a93235c72c2edb9b558e76e74efc3027c7c772963f72ac1
-
Filesize
8KB
MD565aef1239042a87103cac555b7e3b79c
SHA1dd7cb61da678c15e0326ebf09677cbd10fa38dc3
SHA2567438a7218096943106f3b3af009e92e47f32346d90eb46e9a45bfd4c0de4a277
SHA5128811f4ce8343c5075c3cab52a958a8b9d84dd0a0ac958916a6e273aab41f52c6e3669d62d983dd5f6d8174e3c1b3359c56d68f568c143bbb3890942a396c46e0
-
Filesize
4KB
MD5a88e7f436ac8de4f99a6b8458b15eab0
SHA15781b58135f6d96d94b34c00f787a7288bc0770f
SHA256b53e2b1193496f9a2cdf7f2aee499702a8ed5e49eb10d1c93434456eb58a1a6b
SHA512e27a03b4fd48439660898f49c6f0ced7e5947925b79589324e530c3118085f14bfc848c6045b22d79e5129b7c4d487eb4a79ee392ae1b84d32909f9e87aa5c62
-
Filesize
8KB
MD5ca45a2b9900dd9f47e0fa8a0031c8d1c
SHA1d7709f00b52cf0b8cd4957e336c85bdf0e0206af
SHA2562229d8c7395027ab69a98c6ac0a96a70a3219353b58bc47567e8272fcee2cb6e
SHA512e83ab5edf3a861e09c532d6296c2e0c300f6a071b619f0cd2284add192b6a81280da86f0a5d0bbfb2160c1ede7a07e019f6a465b3c00c842552a0e1376475b70
-
Filesize
8KB
MD566057d8d1da2d20b83890f0dc2029762
SHA1293bf2abdea73ea8fb968b8b59c66449d888aa10
SHA256ca8099673f2018a58b00911c5f7650187273f1f6fa96e4ed6dc6a7e5a12f47e9
SHA512c334ab1d5fc2c62efabf471f803642f539859d02b7a353a766ac8b2b29a03a0c8a7315c433742ff81e253f0bc33cb489b99002fbb9daade931ee047697dec8bc
-
Filesize
12KB
MD5d0a18915b8d2eb88ce8f289e29c4c28c
SHA10d0a46b2dce621375ef67e88ab379ed57f0561ff
SHA256506de5ccb8e6e6a7dd3ae72d5a33314430098be49bbfb27861a2dc857b5b9048
SHA512090cd82aa59bc48826dd2b7870db87855079486d682a6af9f75480511f92ef0fbbc351793f6eabbc342c411f4fe8334625853482b9e6d92f2e6d83b3d6bd179b
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
16KB
MD5586638cb38b47242143a10bcf7ea608f
SHA18e62ce1663147a4606a1209e5c952c3a1d861f59
SHA2567ec244824382c032844fb982271f0a05655321bc051d92074dd6941ee4e0ff8c
SHA5120b0a2a8fa2e5700a6b99efbb4993afe18a3e4eeb314f3e40f6f366eb9a3b24beb0f50b8a7a6cf485692b8e451005232d67f5302c5b2d3299945119ea2eb8b4b3
-
Filesize
16KB
MD5895a8fab31ff04ab6395e46ed0d13e19
SHA166775d5f56fa997d04e7b52203f6775470b2d03f
SHA256758aab0d3ca696e87970ac51a6498c486d42d7f0d11f5c018c3808fd7e9c71cf
SHA512522a40897f04fc89d64a013c280dc66b389b853dec0812e770ed28465997571a8b8658a1bea6a433725670d09c6a1fa217d0d53a6ab0a9b7effe70489b0af981
-
Filesize
16KB
MD5870b71e39ee68a70541395b31dddbfc6
SHA11c1fd282e4d56528028982709a486b3122b995c4
SHA25619b76151a504988c95ee737c95cf05521923fa83a7886b70c6deaf7dde710662
SHA512891df84a4f95198c94ceac29c1dbb019bd494fd54e0beac307388e150493fadc8387429b7ee7dbc75cd9b7eeab222b4be144935946afb0df492f9d6c2a269390
-
Filesize
16KB
MD5ba5bcc35a2e2b0517f77a915275928f9
SHA1962e39f2f5eb26a584c2fd3360e6747e9fc1bd96
SHA2563261f7fe6ae8e209e178b07acb773453dff43548ea1dab4e4bc2a3adeca46319
SHA51271655a9831e417dc528d8cdda06e21217e322ee90d317ee5275deb6fc1e0b09bcdb7535fdced17d67371dd25f4601c63e798f332b0fbc2abca3ce763b4c1866e
-
Filesize
16KB
MD598d6fb5c9dbab43df06e4e44cb31d425
SHA110b98fb436c1fae52c7d17de7f1308a59622adb8
SHA256eab409f55e9e3b8c72d607619afc31b8069199c890d0971c4905adaa199f3802
SHA5121d8be44f20a1b618d1e85bded1e2c194bb2b42002f96e85157ed27d8b0d7e0c5adbd774ac0281ed11bdffbcd251a8cc606fab9ed97dfe0b8c60e25b06233c5cc
-
Filesize
512B
MD51d06f66fef649e032194e056b4da6eb2
SHA1509f34641daf9a1b019e79bc649845171a0234f2
SHA256c08bb2e8e69fa97667b94f290ba1afa3b9477c4eb0f428f5282fb4a8626b6ec8
SHA5124ba3236e7d3303c38215551f986921a5adfa6a93378a4a6ddb5c55b96b9e47b316084c38b80cf05bd959794102269b5279352a78a41ed198d9e77be6b07462d5
-
Filesize
8KB
MD56b91a1214bd9ae634bd46b8ea3f98e7c
SHA15e822b2aebbc9202e953445234d6045ba61afa56
SHA2561e384f257aee1440cd829185032612a3f56427270b2b88b58b906ee86af40728
SHA51216a66d7778d2e048fbf08395a4e0988037fe2f4fb8f8b572d9bfcfc43e5c4522ff0bf413ea118ee142af3fe2bfbe44605c3451debc0ac970cd6a3ab813f69538
-
Filesize
4KB
MD5630c84de64694b48e1cd311c934c27c6
SHA18163278b9b6bd345edc534e0c34ca8b29963ff40
SHA2562125a2048b4cb1f66ff4ed4f7dbe61ca815afe5296c661b618b61adafa9a7e46
SHA512246f0cfaed5d34d7126eb87400c03b4ecd725aa0187576616a70f31b147646f6b43f8e344b7c25012aea34c935feaa18878443efc88b10a393985e867c8b7e41
-
Filesize
8KB
MD5547b8c256ff99bcf7623564615ec97e8
SHA17a2fd80d3ff723ce9466009ebbd29e5e39da98d4
SHA2563cb0f9f54d7afbe0a9f83c48cfe7577590b0fa48b8bb7018a8a1bff108cfcb65
SHA512ff23598a83b4848715ad49e2999137d540edac5f4844b987df5ba3fe10eed8e86ac253b68732183944d71bf9e57e6972ab66b0d52fc14e8e6b6d3664851b9a23
-
Filesize
8KB
MD5dfc91586920e0657718d202dcf285034
SHA119ab72d1aa0aaad0335067bf263a66d5175f798e
SHA2566bcf8aa07a682d44f516f2c1bc90996d0f51dca15a9e94c81938ba53fc26380f
SHA512972abb2a992bcc1bd1d48dd45b6d1530b479389d4b8f42bf6225fad3b619aa3a3529885f452332b06c49a517dcf7e0c110655ce4bc784fa39cceb46498b961c4
-
Filesize
8KB
MD52a1c86da5905bde71ecbb749e53f84d0
SHA1e2930548a80a160e1d0202b12547aadc985946fa
SHA256d55d4c581a81282e867bfef5e9039a5c62efd546ade9d1edc97a31b1490be883
SHA51225c93afb9cf0f6547a739a9c3cad46d908fb4ce2d71ef899057df8f92657b768284712b29b407563e3856813750bfe7789c1db373c6fb2676b64b049b0600f50
-
Filesize
710B
MD5db110f2225bbbacbae32c559cfbb2dca
SHA11b5eea933bfb643ac0631ebb9ced2a059d1c53d7
SHA256a41e4a9ed2408d9fcfd61e3a2f2c58784833cffae89aa153731db39b73ce6af9
SHA51248fb0d0e0d679fee64a2402b3b033479b6b27341c3943bbf544b6b4a3b9081a5d6dddf61aa8e234b5f7a51f3acb7eb00261571659ca03ce835d82fc65dd213fb
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66402815010A000114131324DC5D4557.temp
Filesize442B
MD56ecc56a72461b2c5d16e065e18fdce5f
SHA1989470da852832c405f6cc5f57aac7755b08e43f
SHA2567608535559f6d69758101b022875040fc707aa2e4b9fa666110e7cb5b1a3ce70
SHA5128c787a387739817c0b6b52ccacac8436928ed61c707cf67f8595a40e0bc32587ccbf150accac3b52073beef437d613ee5c2ce5f35d9df32def703aee82f9184d
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66402815010A000114131324DC5D4557.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/66402815010A000114131324DC5D4557/report
Filesize733B
MD59775024b1359aefd1bb2c88fc2b8d965
SHA137340cbac4128a65a517afd9dafc3e8f85d4d5b1
SHA2569c293880f81061725ed44683154aed1adf56a968c829df7a2aecca9224c3da13
SHA51226fb16a69937ee5ec389353d6a2845e04c71f2bffd3184ee1819c40569fab95ed90fe02eb1f38d4e131ea026525a1c68d103852da78cb0434be1d1261b581cf8
-
Filesize
564B
MD5bb0fe10588ad614678ec7c04415e2ac7
SHA1234ee6ce173cfaaa367013caa922f43570385a7a
SHA2568736cf164cb90a33dbd9c5414b56e61a714a5177c8aa61d51e04e67ad3c7571a
SHA512fe278df6ae1b43ec83174b5557f0b9f3f3c62c9805cfea0103390b3ef4698e6243cff39a4df981a54509f57b96ff6d5b4e1067ed0f7b435b600127d6e8a90718
-
Filesize
90B
MD55babf371e7cf531ecea02193de2c4804
SHA1b0a329ae73facb88492c6b03abcdcd68d58b766e
SHA256ac8c6f5e5316186d81299492155d8c1b42f1a4d6be9b519d01d5956106a50f82
SHA512a2e46bdad590c155b0b5c271a57b32e8c779d5e3c4ff9b1d89dbc8969e760f8b7629e93abfa55b233e75bf93bb525723a5ddad20c2b4515a347b713fcd8b9d0c
-
Filesize
36B
MD547d8d8719efdbd7ca5125c428cda2b6b
SHA18bf9e133cb2e913a291964521e6c633322cec04c
SHA25613224dff3caf281b4742d7b238beda3f096b1db7889f263d5203250b43587fe2
SHA51261d7b11b178d9f5a0ffe3cb3d08a2c2deb705faea7856d91db9976ef4f1d1210e4e0bf781fb562b7e0dc9e4aa5e3c4583c7bd1c965799fe3be5474c80a01c038
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD530c5aeb96c6cf5f72c906396f01395fb
SHA1dffb44cd147f0cc061fe180544061acd2ddffee7
SHA25656d723ecf45bbb23e60e9471ad4f620b136657655e56205835aa0cb69a169fcb
SHA5126bcea13e645b1167b061b7b0430e6efe7d7067f8be471f9668a8759687808fd6175335527d86201276b9d3fd04617ea55075e1c4a342160e617a1b56da5f6ac8
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD53785b83d4cb5d5efc78375b48b4c723d
SHA133600afcc98e2407dcb5755efdcc5162c8885117
SHA256c7cf0bb90c6f51b8389a1feb983233a3193cf636d9a6405e5ddf7792decb51b2
SHA512eac34f0c118d215bf8668e66e7de90eabc74683e8e1ce1f5cefe2ce469ab40eab70883c2c8cee1c12518a158efe3d183ec94b27f46979404e664da0c149b1bfd
-
Filesize
108KB
MD51919640927acdfa2725849620a437d73
SHA146c396dedb0dd587dcb3673655472bad7c52399f
SHA256827e68db2f42691221660e9ee9e8477a9b6c29a4b0e018b7f384eb618877058e
SHA5128b4fc9eed6f75092a8658033f658ff15499fdcd7feaf191bd47aa23636267bc06ca6f613e6cd37413b7804be4154cb734bb5eaeef55176d0548b9220f4e8b520