Analysis
-
max time kernel
48s -
max time network
164s -
platform
android_x64 -
resource
android-x64-arm64-20240506-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system -
submitted
12-05-2024 02:23
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240506-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD54f35721c21fc49b26d44ba14545fe277
SHA1a406bcc8b3792ad32594d536da8162b511f72186
SHA256b8e02d7cf1af16afe5bc1f7e2a81da07864671982cb33f73dd763fe19bbc478b
SHA512ac4d9ad7c35d1a7e589589bdb4f57c44da69fc202fa2d636311abd937f68b2ba17777d39015b30b696c1fca6d2dd3006cd04ba16a0aab0bed0a82e43b87ecc94
-
Filesize
1KB
MD510d1fb4573049b8afbf2fc813f65ec10
SHA1135596adaaff6b0657e211753255095e3818f150
SHA25694f32a0cecbd0b5524fd0ff8890d2257c8b78a88151c40b27d0886ef7489bc9e
SHA51295ecf4bae47ef812a919fd9be37bcdb3eb9b323b61bb451aed47825d85deb839d76e83a89787caa56b5142b0ac136c6bfce79863b5131f891e94fecf8e9eef3a
-
Filesize
76KB
MD565e41370cf11c2718cf78e9ad13f1f86
SHA1a8a58e529c8d41223840640778bd8961d73505d5
SHA256563253ea278be27154c894cb4d7cfaa4a653509f0b1ca54577988d92b381f9d1
SHA512c7291142379de850dd9b5992882d866eb50969dfe531a530f8f4144c67c7d8b39f77243cba13cbcc731658e192cd845ab817eec6c37411d7029b83668ba47069
-
Filesize
512B
MD5d21b936a36793ad52ca4d0ded35f15c2
SHA1e85cbf5b6fcddb41c8ad13223012ad7a0185f64b
SHA2561e1983ca5f4d2dd3cbb71937d78c2625ab284994671f3e603d72170aa10d705b
SHA51243b1ebbdc64214c5691ab9004bd97320c440970aefe7c2ff658039bc93b8170fa6672ad22432a3f3727ef2b97e6ae4559b7c2ba08a661443cb8378eb786db49a
-
Filesize
8KB
MD5c047872b4bcc17c966960fd2a8c8005f
SHA136a7f32903e9a84035152f00d5b554ef8e7cf48d
SHA2568a4282438b17ee5ea6dce3d0e77e0e23be9f8423080e55890a6db4be8aa28885
SHA51241ed219fc5fe3d501e52cf86cfb067c74926fcd67bc4ff12c81e4e3914c787a691f7f390472a9c4795d9bb7624853ec6e2504e6db6991aae8cf68cfe286d8ed0
-
Filesize
8KB
MD581b619943f02168eec83cd92e3a6630d
SHA1cf6f8e1493e507eac10da2c24ecec8f18744056b
SHA256dda81cb090b0bb1eb6c7ed35c7be74309128b3ed50e9ab82cf775499bfaa763f
SHA5121192f76b0a29437eea557a3bfa72dea251dfcde60a7f1ac67b38e065bdbf7c935747e5c0569a3247cb565b19b09ff46e22c32651335ff858e8945edd4abc056c
-
Filesize
8KB
MD58aaf78e4588d8c6c2742b825588fc487
SHA15482716974845fd6a3ebe40acaef9f52299ff748
SHA25661d92e17625e52ae2ce8bbf396a879524ec6116b3a6a57d050e00f8ff8f25d02
SHA51249518cb50765b7cfb6c84be42f876e9a92d7e71beda7aa191d0fcdcba310d44e50e9e9a9d957474a1bca3e847b6ae564061b2486dd3cea89aa512e1274900e01
-
Filesize
8KB
MD51c27887439e9089ffa3fcab39ef241c3
SHA14bd1ce0630c093ec5a5bc3d3e20334a29171c28f
SHA2565b333d28b252fa32183209ad3167e9efc06976b4ea512cc3e5f00938568e6bf0
SHA512415ac622f1e7b38a9102b8384bfa995876a033f8a1ad49783ed0590c0459e2bd04877dc897781b5630d99f4bdddf62c2bd9e11a48699468f4373154bb5cdfa49
-
Filesize
8KB
MD55a2f1ad84340a9e640703e1b034ed688
SHA10e68885cb5e5f6b738ba324064d7a34449bee58b
SHA256c18213cbd1a7dc23a3f351f798032475321406b06643896a61e1738ce51e2de5
SHA5129ee2dac8a8bece923dabe684eb34d95703c1e9fedbbbed8655cda0617a51b973908f99d2c95bdf3404873c48b6821c5ec69fc6558a12215c8bcce11e51ecb5d5
-
Filesize
40KB
MD51cf3f63c021d755a21623e6d0e86dbc6
SHA1e40e0f1faa61abcca7ba3394c54c92ff7334b49b
SHA256100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895
SHA51238d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466
-
Filesize
512B
MD56ccb8d8c5361bb0163b7bbb001061eeb
SHA1b571f024fae1d8708d050d531a70e805f3f9861f
SHA2561ea17c4cb77cf8cb5f076e50c346ce433aa022ad1ae45d1186c20d79354a937c
SHA5120778df51a133f4a6459c5c7fbbe2316bbfddc178c9728b01469c840225066c5fb9007ee4a29f90b6ffecc54d9d226a140fcf387b2c57e2436b5a79432dd62862
-
Filesize
8KB
MD5f62471a10852768c79f4e0ded47dca3d
SHA1228c78aefdd5a94ca8af167de868fcb0384d3579
SHA2562335cd145c8ce674ee377ca367f0583674f571e245bd4d84932d82bc1528e5dc
SHA51295ecae6cc192433843e2b0581397e680b6dab7d16f48aa269586e4fd3f578375a50400df18688b70dcbfc9d0f6a8a69b6f9f8fcfcc2353954ce5b43f09922236
-
Filesize
8KB
MD580a848690e5829d9783e7f1bb94e57aa
SHA1f80b9223591db2f84cae46050253794a7cc3d055
SHA2565570bf21eb4fe9264b0159f2c21f62bba5a0b19586fb431459b53a9add0114a2
SHA5123be8ad2c33c657f74abe76a0304de19feb4fbe3f488bbf97147e2547798273722831b29bcbac5203a5e1fed58dea4ef5763d1276f35548ce4493d8c7a0c2f1e9
-
Filesize
28KB
MD559055c4b09480794806cfee901d521e4
SHA1e7327e08fcd575c4f2c48f99ff0449e82de366df
SHA2564818076eea15c42eaa5fbb79b7f1b14156ed7767213add410aa050e709469d5e
SHA512b2b933c794b8cf128752c19bdbf8c14f6b1fe37de92563de4d2d0066b80879a46d0833fcaa5288dc04a4a4446e741eab5718a744ad717f3ca65a86659a549596
-
Filesize
512B
MD578115b99368cfdba538f18d74a84a74e
SHA1eaf0f6e901384af848045fcc7072043d9d79469f
SHA2561a2fe5024b2bc6dda732244d371ebf98b565b28b46eeed037b80e2f8cca12b84
SHA5129e8de0325e1876ac4a5494f55cdc587ffb355828eddb82f3324b8800ae8fecd76d0a6fe29efe4f247185a63c472134a3e59f82a7f23071b1404e21fc5a66d4e0
-
Filesize
8KB
MD52570a660b66fb4b129edf98d826073c7
SHA113dc6783397d3aaebfd632798c4d7877c04ab2d4
SHA256937d4a43899109cea120717e3cff52375d76fad7f689a69a5057b70816d4fbae
SHA512a67e52f6f32722fa922595ad4dda0454038e1332a3082d3934ab73406e4d53aa5cfdebea7a8fe2917d0c357108a64a2eb78071bb67594b9e1b51d002a018de80
-
Filesize
4KB
MD5d1967466a9a681efab3aba9d8b7ab2ca
SHA15199d1af26ca6d29bcbf732b156a2b9b8fdfabae
SHA256356b642840b22c6c0da44f5cb0f83e054bad1b5cc582050b856868f90fb2f47e
SHA512514e5385f8ee81607f283b65efe64d209666f5ae5d4317456bf122ba25fba332faa5b8e20d7270c93b44d04e247ae2a0eda4bc475aee018af4954d663cbb9983
-
Filesize
8KB
MD56f8fcc12b284b01a252e4fdf78734abd
SHA17a8143040b9521f6bfdc8991692c9e8e292077a6
SHA25659c6b5ed17a07e48f584dead9defc9f3b51227db4ce5d904c6c1c05fa9812b1c
SHA512b2088a8717c96feacf09940224fbdf98b9586f538abedf39f45d473d59b702fea8b0ebd3dd1d79b5eb1cb4ecea6282f8da5eaba757df66227ba4c051ef8d819a
-
Filesize
8KB
MD517aac26b27e1ee3bb5f4ee164871644c
SHA16dd9cb1030db9249e2a6da0f5df2da1d430a92de
SHA2562dc072d3e9803ab02e28653eb1452635980ea1796e80cce3d443e9c5611bde96
SHA5122ebc990ed77b8ecd430a4f4f618306069d47ae330cafd50b14ff2ff15cb3314dbd8e78a8846d052e22bd1ddf30082b68a853300946faa517277b2c1936fe9f3e
-
Filesize
12KB
MD53b259bcf46ca07aa210724949aa0b474
SHA10e3d2c279099320b0dc11fd62f461ebd95bce37a
SHA256abc9ccb1180c669f66a2f8c30d18de882cced117c61d3ea009647290f5ebd6d6
SHA51203a9783888a89f2e935db3caa5ccfd4e779875c0adc8f6f5114234892aff69a09cc5bdf79b78376d6bdc5e934c2486771b29a455070822a73843024669b5c531
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
16KB
MD5575f75063e55fb666d577793f02bda98
SHA1b97a1905f237e4f181e619e0c3b82fcfc0fb959b
SHA256231ad566a653ab897c5984d9d7f8c9c4ba77cf2fcea26cf750aefc2de580345e
SHA5123b1205c957cf93347694b0db5f79f74b31afe91a7f0305039462a2e8ad27c57d3f91b5898b6b81bed91d8c1d88f2cbde7e166c008246c2797ea1aa75e3cf0af7
-
Filesize
16KB
MD5834574c92429eb1fe1e236a8b3f3a665
SHA1af68610c8327dfe1f95a73ae2a89c3508546d3d2
SHA256c45b3cd84e6eff3e10014a770121ca35a1e6505b51ba4be83af7cc3c3971dd88
SHA5127da8637bbb31c811318edbaf617f71356381d6b9e6ab407919409a7be8cf332b6b154d8041c08a4f64283a7038d9ed3c626ec397b88bdafa46bc3c2efc99f703
-
Filesize
16KB
MD5280a41cb77b1a13aca4e530e76212040
SHA1d22bea0cb885ccb8616fdca47beb1332b28af6ab
SHA2569006ef599265910eb0364f657d177b59885b3aed748b10d71bdb6d4a8ba0681b
SHA512c36b581d031c52ad162180b0645a4c80ca2b7a63326b078047f0ce1c2b360aae5995c6d72798c05639ceb105df748a931d145f4922948cbab34db9fc512117c0
-
Filesize
16KB
MD5c7b8299be3a501a1212fcaeee1cc02c2
SHA1b3a7481ee9bb218ab319fdaf31991c0d9b9a99bd
SHA256f5ddb122c8f6d4e6b6f41a83a14abf8a55ce501a2ec07fe0cf3836970cc89234
SHA512b760f329885c7c73f52c0c1e30ae601e954708f95494533f6b45a9aef8740e84ed3639c445547197484b12fef5aa552563cdee10247083053cd680c46604c066
-
Filesize
16KB
MD5a0325ff5668f4474177bf7958d70a597
SHA1f9471cda55083be6cbe3f62cfb230b2b317cc4de
SHA25671baa9bc34c3832c1b0a51c8aa3bf03424c6696ae37147861da52fcceaa0f688
SHA512c8365efeead343b31fbb858caae4f8b1b6c9fcfd04dadc3bf4e39a600eda4fc4540a727a023cd06bfc28374a21e0655cdb14a680e202383710823032c8fcbc26
-
Filesize
512B
MD50c43b0f808a00063f4d058b3d2b9b166
SHA1eceded28eb31ba0995e331942fa2cf0864da90a1
SHA256f90f1fae4064fe17d2f0eac21aadfef0a8bc6ec27ba57fa86419506358992fd3
SHA512f4d9f9943d53c684dd8a1393a893ff0e464641f1d3ed56e89c230116a0f5e51b979cb308dff5cddfd45017e7e23beef845dd3ddf2500bc3984dc5505fcd304f9
-
Filesize
8KB
MD5a28f7374cae37b8c9e15eb191b37e397
SHA1d7fb1fe7d0611a54d9fbdca0c2674bc17d1d9062
SHA2567c3c81eff5b3d64e2aa9fbc69ad84770f69ec2026dc5e97be3e6b872abaca20e
SHA512999b2e22c2713ec97db27f8876cfcd881b7b817b1c617d850a85ec9b1ae041eaec66e8152a51ee50a4721638614aff418bb71af2e96f2fb847441aad96a5bc20
-
Filesize
4KB
MD53910dffb36893051fda60b8a48bdf25d
SHA1385bad98726e64b4994ac73f861027c0c52738cd
SHA256aa4f939cc3328b7bd322a390ef30ed2f9beb16348ebec9106594ded0d3801f09
SHA512da1c0bc8188d784a5e4630e4d4acbc21af5d544d40867c3f3bdd9ed27691390a28220a6f358b5449dddc2481e2296521bfc19a67af45f592d8060f1c937cd2cf
-
Filesize
8KB
MD52b9aacf12898c823472ff2535788b70c
SHA15cb22a3c08db2c67d21dd8ffc801403f19b6cdcc
SHA256f85dfab42cacdbbc6a4b78262e461b5e8100c65622eb649f7f06b86f87907bb4
SHA512bc4921c6ded22ef31c12fbe6279f4c001cf5f95d69ef09a5ed4bebe6ef939770570c03ac6991ca44bc1aa834ea4fb57cff07e158f8aa52b2781e9d2241ab45b8
-
Filesize
8KB
MD557bc2b834f2fd628fb63069993fddc21
SHA1b623eba150a934a5235f8ead3a367f37842db38b
SHA256b1bac553623e1c7fe945a9b391690ae303813de4d00a00ec9b361c64599a7325
SHA512b128e7d3a73e0cf80d0261ac9711592fafcabe6e5d97631e3ff4f66fcd619fa595f498bde88620add09fed3fe0bac2136ac108e666e086625a9f72da9e463f58
-
Filesize
8KB
MD51aeb2022d7c5f9c659eab00995d10ed9
SHA1ccf3f6a6cd52af32c8514a8555828c29e9091ec4
SHA2561dc2f4980b46fcdd7a35e40dbff24edb55e9e82d372789bf68fed0ffce75256c
SHA512c8ec7330a9ce7116f9217f06d40749df687c44fc1c64822e2786ce0fcc6cde8b2b591b60d274dea85739f328ebc6ab7ee4295ad1f9eb09b869bce0e3af9d0063
-
Filesize
710B
MD568167b64c3f950af639ada1a2694c44a
SHA1d946c15584ccae8c6c52a0b688214205dc0ece1e
SHA256c7edc05c7267b21e78d280693ab88ebfc1af048bf10f8fb591f6060ffc11b2c7
SHA512b250c495f91fccc5ab5d98a316d02809f673a020933455664649ff7dc7bd909db3a1aaa1ba0d40427b0277f16fc3b5687a81d0e6c56f25b77e52049ca614b4b8
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6640281402820001139591EA9CA7B6DF.temp
Filesize437B
MD545850ba74bf2ffec5296a3754c3dbccc
SHA1ee113061a9fc1f741057930e3fccef462d41ddc7
SHA25699db287289ce0e10937eb6fb6b6f47ba5bd8e19d8e44949abbff8d3fbcdcd27a
SHA5128de76ad7200edb358fbe39310a69dc81d87d7d6bf251264f839b553723aaa5918f528eaa4a3f4b42d8a0c15ccbaf62dbf1db28cbe35f84de862e95623c3ebbd5
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6640281402820001139591EA9CA7B6DF.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6640281402820001139591EA9CA7B6DF/report
Filesize733B
MD553160fc21b59587951bd0209654ceade
SHA11f2a8026ce1beee50e177a6e020e641741bba480
SHA2562c10533e889823dee8ef26ae36e2e4890905db5c6ab02667ee2f30808ddbd980
SHA512be9429b098af81558cd31034db4df6fc57b220c1430bab28a7c6b378009e792310a832eef80599551d5b6bcfa7b7ed942674607ebcfa0c972da92b62d2e70db5
-
Filesize
90B
MD532dc3c3543c9310b60ff9368330f05a3
SHA113e7285755b3dde972ba70c02bee718a6c568b45
SHA25611db7ef55ad5ed41424789fb4d966768699a75c794561482ed7fd27a86be0943
SHA5121fcc986b54eae082512b1dcf6bdad5a0e8d4422d66562647e79268a351ee8ecb189d24947e407420b86c85096f84aa1957ac4d10443586226485bb784f4a2109
-
Filesize
564B
MD5c62cd82c460c978f053bb60f8e1bf2b9
SHA16bf3fab8872498a97e0d9f98260f130a34df4b86
SHA25652828673c75faec0852d789bc3eedcf60ddd09e8562c613c9fc09d92fcbcf51e
SHA5127d97ca491d732a7664510431bdeefc6a52403b8219b67f71bb56f3d0794ddc75304974539ec8feef016216722df86b2a77c5dc5ea46bbff6aac67281417da92b
-
Filesize
36B
MD54e30c60c770fbc47a825aed58754e715
SHA1861626a65afbac49d395ddd144a2d1af5adc286f
SHA25600008efb6ae6d5c65500d38e95a7407a4b8810bc37d2fb9148a0eb5fc4a8eddc
SHA512627318d45059352aebb451cb613df689e35edfbe5a2eba3f513fcea4bfb8d5f1e14a25f4d04addccc67aeec59d7c0f336f11d7898780b5c0759f7a3b458001b7
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD56fd3030698d167d6547b2a9b7c7f5c8d
SHA1b73c0bb6eb36a6bb848b66e02b20140d7d779db0
SHA2565e77060514cd57037858e502e856d71cca24e963c45280bc4225776f2157f904
SHA5127828de69913f6cdab3eb404d2834b60dd774cdd78356b6c5fa06ad41611e6dcce893fe3aa4367bc42704c8fb416d108bc497f67953991e2df3e37ed08f4a88a8
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD514ad63af55e18f4a036a21099e9f838b
SHA115769431216b80ef00d24352d1de4ced779ae9f7
SHA25670d829969806ea8c59bfee051a4f98b2dbd22b49ddef9f1494ed41fb6606cea3
SHA51250a91e3a5414ca4755702c0b16151970e98a76ed752a6b3722086bab820a75bb8943adc91a15bbff693d272cc2d43b1554a8eda19a93a8b62c4d44d1a3a07dc7
-
Filesize
108KB
MD52b46b71baa5f1ba94f572b9c50743b9e
SHA1a0fcb617269b91605eccbd90fac30cdd1b2ecb61
SHA2564e8194683e1ff958d2fb6239f1394b8b9abf6045799e1053b2ec1fbcd9d24801
SHA512a231c0c9bfc8b2ef0ecad2a7b9a83f450956781faeae6c52b956544dcddea7e897de3445723cc3cd47fdd2e7c51c9bb57aa617e4be94ac64d1b5986dd878a32c