Analysis
-
max time kernel
48s -
max time network
138s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system -
submitted
14-05-2024 02:09
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240506-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5b22e27eef4159886212fe56adb21f3b9
SHA1b77e50fca4da465e232ed72e74e16ebc1608c27a
SHA25649feb8a9d513cdae911bd407aa62b6b78ec4e1f7756db064acce6cc2104c4624
SHA512e2474e71e3fbeab30d420e5abcefcb2cb629072daa5b63abe94485a5e0de363504c85e071ae0f46583cdc0a8d775c14a2f55462abfcd915cc42c5ab910f4f2e0
-
Filesize
1KB
MD535bfdec848f97483e0ab73bbe9568489
SHA1ef17364e3db3a93397844fde9760725fdc996c63
SHA256b6d1bc1fc859ba7b0dfd15515012e5bc6be35934619aba109147b203414cd20b
SHA5123173356df96fab49df277c26fb91057e9a2caad7f3a9504be8b98e58767031198928d05605e57ab98d1cb5f21dee58aefc76a733cf885d8b7156530de14afdfb
-
Filesize
76KB
MD5244592a5662464f9e6e8aa5d52402428
SHA1885e44dd3ccf643475ddb16d7d2eec0c809fd1d5
SHA25654b29062aac9ef91d03294047b7780498a2cdf0ddd75028dcebd9b6b7a88214c
SHA512ce35edd0ec05450bb08d6b47583393eea034333b99e13ad2bb6848724f09ed71334a858e5cd5ccb6909d516ae70545c3e7c98ff15673005e25c9ad60b2a11b17
-
Filesize
512B
MD50bbcc2ca97cf0b162be05a1dbe962a19
SHA1a5a81c2aa1d70359ac2b85ca61ffed7a701aee5a
SHA256c1d04de9005eaf1661b064c6299522837d1d7af989747fdcbd0b49137163bfb3
SHA5126715940c9ceab9ddf913dda2de4b15d1c033b648bda0c2573b81eb97e60d8192706aa4647bce734773a9a9551052bbd174e7d8cc74d3e877517f13bd81295a93
-
Filesize
8KB
MD5e5d83f548298acba1e38104166db78e1
SHA1e1e6566da49764beb50a9a6c0da4af64381781ed
SHA256820ec4289af78ee4b25d2d940f3bdad2c991548a43e235bd696c9ff13ef0e035
SHA512be7054b6b02398f271d40d582db7196d4688011624a4cd8d267445d56331ca5610dcf6c1c4eb6ea3d457ad7c4df4905a25f155f8c90ad64c5775e355259965fc
-
Filesize
8KB
MD5c357b5468615e76b5b1f20cb7d72630a
SHA13a83ef6d90072e2af4054a64ad5d4c5192ac467f
SHA25691096d0e5530f77ab189d11f0c0324c56a7d4aceea56481180128079fbb895d5
SHA5129787c73fb2da04cce1d50c6e00972e2529429a9ad78c61ca18b52e15b77de00e39ba6684c237e9577bfc32401680af14e76a970a703f22ea042c718757520537
-
Filesize
8KB
MD579ccb0ab67c272f9d4d53b7a0ad3e556
SHA16d3a6ea71b7f085569455d2f9430494cd0ec0d36
SHA256a16d78ba5276818a9bde7be7950b2a72d929904e43521d7c82afbd09439ae13d
SHA512863e25309be43fd091f55547c7e2a5b03bf7f745742cc1dcc6235d44f65f4b04d77a5061b5c9ef43162929497d584f9f34fe36e404c346a63be941ffd7e14f16
-
Filesize
8KB
MD5757c69931b73872b08f7e2bf91e095b5
SHA18daafe120d25da5d6dd64d7f59d6313516983382
SHA256947b25d9abdaba51c21301216ccee411ac38baae946da066c5c7d8e16afb87c6
SHA512ec22cee81004c97706ab80c33a7d803d31b1bc4a88d0e2ef27489c406db7921f51c4e7ff4c4709a7634e1edfd229634af9ffdad2803ea4a17ab61f287d7e08c1
-
Filesize
8KB
MD5e734be9d4422b07fb8584ed5261ad853
SHA17c08f2230be3ce386a86ab62f2216bcfce22f6de
SHA2564298eae572ddcb9ae2a0fc5b45ed946ad21569b1d36f51a515b275c083544ceb
SHA51296a111e57650ffa29386f3851b265a7a4729d54f4428e317eff3183fee63d51594a5af2f2e46a359bfd156404e5fb27c90d28b8281e600640dc86d64cd1e28b6
-
Filesize
40KB
MD515d5b92dcbda7ef7f9ca327a903e46e4
SHA1ca153b66028a58d90346ff8abadbdf01b95c37b1
SHA256e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370
SHA5122352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca
-
Filesize
512B
MD505fe79ee033bd56937079fb58a3ccc60
SHA145d4d85fac6786f49caa2a4777f76e2775262a97
SHA25647041500501be8ea9f20fe2a299ca7ae1a6467d24f2bf9616f7f6a74ad27bac5
SHA5120dca4b97827a86e3bd437c58a8a815d66ff009cee3ca5fe31ae9d612a60a326fb46acbb498752f10148602b7c50db142daccc1bf0439e841d540e59f62f72d86
-
Filesize
8KB
MD5b95e4f17d367c5dcd1a1a7d3b8b1a172
SHA100b94fdb6e13f2af013dc2e724c92abfe0575dfb
SHA256f14486578f2eebc4e5f490c82a5cc3ab52438d43d90e99f609ffe0e36c8af2b0
SHA5126a8352a0470169be45a63ea13a4817cfa8b8c65dfa7da290aaad52e3672cd65d08711e39782168829a2187b8355996f146f7133790893fd1eedc335570613239
-
Filesize
8KB
MD58ee093052cb0529ff6ae3fabb6d64dd9
SHA14496a95fcadea703febe71c9fb8c0637007997f3
SHA2567d8ff7c4c3ea58bfc2dc59daa2f9d3b5efc707b9ca0dba5126d67f0bdf3ddf9d
SHA512651cb1f4c22e250e88841fafd9a220f6792c263fb548e36f08400bee96b47af188a226804c54a435cb95a444e0ab8a1926f5464d39ee06fe3e829c00f3436213
-
Filesize
28KB
MD54da43652325e384706b065aa0e6fc58c
SHA156bfd0d50a43ede3c27f0ca3b26e331bd1181809
SHA25650d0ead94f825f4d95dc713dba330d376e11ac05661d111f661474adcea3ac1d
SHA5122feaa8438b41633f94e84fe08e6a26d615d4fda9721ca347c2202594ff193d9a077f5b97693bdd8f344dd57bf2934a68a2db2e52f3709babb7db74d2b9ff48cc
-
Filesize
512B
MD55cec9b0645cd6d5d0a0a674140113e82
SHA10283e64cb22951864cbb52e1a8bf77bfb8ce7811
SHA2560b78dc8000c78177354a005bb267db7ead0b4082d3d8992fd641a8214d6bec66
SHA51274c78f4112788853df26d3332089c5c39bcbe4ca1e597e779c65141faea632560e032c3b813a9350ce8636aefd3bb389ab9f5a8df5cf723b6ff8d41d9580dc23
-
Filesize
8KB
MD5d313df81fade295500ced8744d56c151
SHA198475b2d1de346a38212a93549ed010d123d4005
SHA256d29084f575fbbfea5914c173bacdec757424237b731c5e019803780222447ba7
SHA51221d12b5dcb37ce808d9689c1ae8f6f573360ed8b0031b3a50d931c9b7933ec5b9d1309252ab7bc85955d732a2554f66baac3eee8485a15099251853284c3b636
-
Filesize
4KB
MD593c72c7619f28a19a84675d5c514008a
SHA184d9c60b64593bcb8873ee8fd4dfaed7884a045a
SHA256e42dd9eb3aee0463d4dd1be1f6432159baa553ee3338ce7b77e6d0a752c296c6
SHA51266a03a83ce455976942c4fce05214509cf2c1778dfab62b1c0cd9256775a7b25ca3140b8633cf2d437cde2452cf6a559168a9e377b24c9a61084653ddaf01bf8
-
Filesize
8KB
MD5b1035311850c4bc630d10f3763fb6756
SHA1019be3f66cee3e59be607bde0153538bc219a506
SHA2566e1081ae7a4c8c5d1c6ff9c865d6023388b4e00fcd7c38846519b4e1dd207b56
SHA5123c656615130563b015a205db7a3c027dfcd3242d9311d3895645ba74672811323137189afdd316a647d3ae8f041f4f240442a1b0644dbcfa38255a310442e7fe
-
Filesize
8KB
MD5ab1e312fbd8fe26a8ef1ff8a56c7ea55
SHA1d370fcb406f54d749e741006863f724ea997add8
SHA25652304a55c850fa2d8968a1180fb294db5b775d456d3817ac947c3b85674e7808
SHA5123e005d34af5f8da7e3f2ee056b34cff91f0ac9b0eaa8015a52dfcf7e20683b209524080079f2e5ff0af79e16b7b8a4a29e69cea82c43f519ec7502babe0909c4
-
Filesize
12KB
MD51b71d4dc57f7ea2b9fcd643a88321566
SHA16de4b068dfc3023e3eb7f01d4f489411857da5ae
SHA256ff0df25d8ddf89951ffddd867eef0e5fd97fe09d703982a26e0c566263745515
SHA512f650fd716a0c98e4704b97c9fc635d386ae2f021fd7156d7b027ecad1381eb31cb75c9432d08856e2e38dd819c99ab41b10d5c49c8af334e27720a39d0e191af
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
16KB
MD5580059f40d97f1f27d858ef1e8bd4e98
SHA19a99503013909357a8906ed1f4176d0bb4199d66
SHA256348db5f1af23644edb641e7a69abe2b4dfb130f802de1aa5c8c6af716980aaaa
SHA51272e2cc39a0b41227152949b2224fbc5c1c5042abe0abcff35cafb4bf2c10b589b6fe9fc00251224518e8a3d4bd8833c0592e9568f8e079bf51a58b888352e855
-
Filesize
16KB
MD51d532b78e3e19b884b7c3914e0d786b0
SHA14ccba12d5b2147600e11915d4f2a202c8e035d72
SHA25697195e78f730093417bbadce7bca877f702052c3eb59473113ae8c29eb30efe6
SHA512e82efc58bc379d33a0191d47ac9b12b1354c94593a6f80924322d09e6b9f4bce6e3d8b4cca89d527aae958d6bb461ed62e4bbb1b9a0722cc70f20be433cea2aa
-
Filesize
16KB
MD5e86608388d24d69c595971541edfbe05
SHA15fc58d0dc08832c5b1eee890d19dc1f7845606e7
SHA256e626f946bf0b3adfa12d08b31462632d1f968c84bf7b6a38a00ba6e19e3a9ccc
SHA51275b217f54f8a87480043ae54001a7e2e3be161aba160fb27f11a4342ee5f6a4bc51f202cb06bbf8c6db050f4c241a1c90de54fa597e2785e231c8394e0c6c109
-
Filesize
16KB
MD5dd09636d05a655b7f25d5368a370ee1b
SHA1c96efe0c4445a9e4aef2b9c74f2219107ebfd289
SHA2564e5807961a36237557069c8e4ec58182ef9bcfd6359dcd18209549262e8146f5
SHA51234fbe3dbc390a10424ec3928527aaac6ff89612c22ff6fa8d79206da93afc89a55727cdbac1f61e7dd0dfec06d2290b1e176dd6094d021780a7bdd75fb6ed978
-
Filesize
16KB
MD5eda96559b53540b070e486f526a4cacc
SHA1ace2f4645a2297d178ff849a13c95b9432445307
SHA256b535b1cc36838c013324c98e411f043cba25a911479a14bf498ccd52a51b3968
SHA512438403f921348431cd8fd0cecf380868e2dade89978c25a038b86447017a3c04f78f3f1ff9ff610cb1adb12919854ca66656918526333896ef39e6a2502133ae
-
Filesize
512B
MD5410e6bad24db57f79908a2be11a04ee0
SHA1d3db24a6b36208e04d65101b1f19f737a840e451
SHA256d1559e94cdd5c9b6e80f5d4945694a656a108d71bd63b25e74143f0919a8dde1
SHA512034101112aecf0c29e924b05946333a8d7c650182cdec215b105f663d86b0e1eec637acfc8a7e29037fc5545086c60dd4324a632406a21125585724c2ba41184
-
Filesize
8KB
MD5c9864adc69c2cab576762101828611a1
SHA18306da8cb10cc0ca05b2c59e14757003145d599e
SHA256f616076f481a6a87ced1fbc61430fc00305a737e0af4fcd77b723c44f18ba68b
SHA512494e3ffcfb5cf28cdbb4f12b53630ce9e098c50e9dc135adc676cf8b329fe8babba9f6daeda277237d4f61f8d3bfa7714bd9cd6786bbd694369671e5370c8060
-
Filesize
4KB
MD5a140988b05d43b51fb3b7fc572c68e10
SHA19df7243daae40cd9970c4c79655c9eab2a00707f
SHA25604fe818294ed457001c9132da4daa9d24e59ba54d0afe808443a3a6fa5ecdfa3
SHA512df7db3e3dd5ddf3aa5e376c67585bc20a6906d47d45522ac2c87616cf680586fb8d3a8bdf6c3e6d959f894c7a27e4ed728fefcbfac76469bc044d2dd10652d88
-
Filesize
8KB
MD5a10c8afdb2d2cc2578ef65a0df57d425
SHA12f19bc80592cd3f54d62b951671c41b7fe8f7547
SHA2566357ab2a1d5d3035d9e9b88eee543060bfaacaef03dc9fbb4c087cb8e36f6b82
SHA512ad49247a070e2ecdb727f969b8a742672e0fd851e09c0d7fe3709f3522fe7ce24f5821fc46816d71eda7bebc4beefc30b645bf81790f7bf21673754df63076a2
-
Filesize
8KB
MD530173e5f22119be6c306726b06dfbb16
SHA148ce31b3d63eef64ba8f74bd116df0916963286b
SHA2567a3c3cb75ec838fc1e90c3b01cd85bbe1fafef71f7ef5ecf5f8bd1344ff91837
SHA51248bbca1d0f348e56daffec88ff833dbf0912ef43cafbd0e239d2e8ed2dcd246f93c1065f63819ff1d71d32ed02276a28e1dd294bd8de299c03a5acbd3f7393fa
-
Filesize
8KB
MD5b47000a648e3dff9b0017ad232dc8de2
SHA127b96a727d9f6291d380b2e85f394bea170b121a
SHA2569c32eb15dd700d76085dc27fe461335c0210cc05d25dc8487c9be2ac349e6667
SHA5126c27acd32331496e9153f3a92969994457d9a6357a2d937a5892a8d19b598109756c24b5baa730125a3bfa03a929c45d9d7e543a41b2c25f43127f30b2798838
-
Filesize
710B
MD58362018e0c78c80d1df040bdb23898a8
SHA1755a18e83dcfb297cf61fd3cb87d33945079f1d6
SHA256e844697de096c5542d0cf5c4fa19ca5761a19e5e5d31156ba28391d1f4e5e240
SHA5121487f9a853be5d8fb429d7f9d8dfa7adc6a22125673afc5cef912c7b3671de04f2e243f8775d58059c4342a2f0db5ad8d6adf46a4d808f2da1b8984ba1e7276b
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6642C81F0045000113D552C240D13BA3.temp
Filesize444B
MD5dbe57f967f7ef0d9a964d40d3b78c209
SHA14941a158da975a9e49767a47a19f83c706db380a
SHA256ae79ffd93b082e3c02309da4d9d78f4ff78ab729757c6e9b135ebcb4addd0381
SHA512d5146dadc8e3df3e1345c4957fbc10ee39ff3727c0551b22a1bd0a668dbab1d343711ec5e03960e9a45f9b1af35268e7fa038606112aa920fd9ecd55cc9b8547
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6642C81F0045000113D552C240D13BA3.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6642C81F0045000113D552C240D13BA3/report
Filesize733B
MD55cfb1bc188adaaabdb025c27945800af
SHA12dae5e96280f0d615a7edd09e04d573593c3c438
SHA2567bb452606aa126c00f905ff69258fff33499eb8d8ac8f59da3c21fef56707197
SHA512282306cddb184f526ebbb1cfb56be464b059ffb6e35a99421d4207096e92057d9520bf1ad69312a070242213d1f5b943ed2d061dc5d7a1478c730188d9cf233b
-
Filesize
565B
MD5b459eb91a86cd59dcb1dad93a72c40c1
SHA12f655340a64a412c345fb579714ab0d71156d348
SHA256c8f7878b10dc9ebcd8972e57084e10e2e42fa851345982a4cdec7913013a9a94
SHA512050dabd01a94ee14be0551b3129b35ad36588a433d8212a8951d78bc3fcb0c89a7419e421fa2e7eab8a2ba762ee917a079555ddb2ede878ede8102841ed5938b
-
Filesize
90B
MD5b94ca9de25fb761aedeaae9a80663ac5
SHA107ece2f13951e7f08c55c7da3684742022470a99
SHA2567d2b234a96504555974229e5bd10a27b985f9b21dc873d174c30554c22136724
SHA5123ebd63782f0ba4d78f8fde9bb04b9f7f48ecfc6db029f67a1b2be78c6c5fb312b2800fa56ecbfd2c241f23dd5521cf3bc7dc15ae4a0c7fb80d0fac55cfecc5a8
-
Filesize
36B
MD5f6b2a9252d66ad7b277d1ef6f67b500b
SHA1c6bf52952ca2ce23ce55bff3ff94afb3c5070c66
SHA2561121d5c84f810906b773e49b6a851128b312f6710c6910e35e51f78679ed6bd1
SHA512981821a88786d40ee64ba336b5b654935684bfd0676a30d0ce421bddd9b23f9f71d401b4140c631af2e6abcfda95e4565d9d5f13cbfdd6016941cd1210471026
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5e7fabef4f670f6eaf1401bd360a3658d
SHA18bacb772626aad4bbcb828206ba854bc41b59736
SHA2561ffaf1eca5d66a19db89bb8f1773b90df7c7058e50d4de6bbcd8fc3e94ece6a9
SHA5122226f0f3c81c97912e80bba85e37a2445b95f0946a638eb9b093b97275e8ff5dfc39ff5e647cfc55e8cc5e4936e8c605468013408d78f33de540e4019a1a9867
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD56bba0441ab224455bbfbf05fd9c6dec2
SHA1aa541f48c9cdbf19b0e4313c6b121df178ed6c8e
SHA256ea729fe50137ef074979c09cef252e8e7a60ee78c230f316c02f21d58cb8c96b
SHA5127d69bf26f537b276b5311df0edadbee878c22a2ae67aed5fa035122d4d61580a5ef295a1cf7ff69e2f4f7ef1af61a04f38c0273ef2a6402d76a08e2b51dfb9e9
-
Filesize
108KB
MD514d89f752588ecf5b48c5756765902ed
SHA177cf975814cb21b9e126962c25c01d707915da4d
SHA25645b7e5ed100b714e941ac63843e4c617115c12fa1a98eb982a3482a14cd80ec0
SHA5120773dde3532a6d6e41c7b64411411ba226ae433fa709ce0c825b51f0c583adbac4b8835823cd94cbaf5227c2b74bd495b6939e659830713bc22150a27f9ff3ca