Analysis
-
max time kernel
48s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
18-05-2024 02:17
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/app/Superuser.apk app.EasyLogger /system/xbin/su app.EasyLogger -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5d77e7991a35cb31fff3df51f3c391fad
SHA15305138264d313d7b2a722cfcd45bc98370df36e
SHA256590c32e642e0270559f77f5a7466802810633204566ab9b9b77e7856e043472b
SHA512ce4ca822526404bdfe262374f778c5d40d0a7e6a998fdd25cdb2b5d7d78a286f1c63ed15306392d55c30acdecbfe058c3a87e87420315abe5cec7f676d18a893
-
Filesize
1KB
MD510755ca81601aa29ee8339bc557d3b4d
SHA1cb9e184307b37bfc269d783d5e21359460da24a5
SHA25685bb39588234527e69d5ba8145417d637cbe0e01969829915d2c56e07e39ac87
SHA5126bd0b74d0c49fd71946956b7dd7768ccee199f240239f0a09ebd63448d2fdd280e2532baf5846122bd4cdb445ccdba4f639a69ce17cf4359023812ae98c80a11
-
Filesize
76KB
MD565e41370cf11c2718cf78e9ad13f1f86
SHA1a8a58e529c8d41223840640778bd8961d73505d5
SHA256563253ea278be27154c894cb4d7cfaa4a653509f0b1ca54577988d92b381f9d1
SHA512c7291142379de850dd9b5992882d866eb50969dfe531a530f8f4144c67c7d8b39f77243cba13cbcc731658e192cd845ab817eec6c37411d7029b83668ba47069
-
Filesize
512B
MD56d5c4aeb889001a7c83b10e21d8dbfdc
SHA153d0097a087563c9391020be7f18fc7994c26c50
SHA2563e4b00ffc2af01701bf1cdcc862c75cdc302b6c26b849050e4a6082fa2491d45
SHA512023bd59d4dc1820ebce115a54c151eb8000b6b4865e1390e22c2745af07d8b331daa50edd04b1df4e959ba1859f91c1c7c92d7c9241c95f93fc3a829e1f77508
-
Filesize
8KB
MD5934dc6e63b259b6747253ac1cf48140a
SHA1bc889570011febdb734f2c05e7c11419a91849c7
SHA2565617cb1bdf54bbf5e649a89617508d810ee5c7c1a684e581347115091b3d8829
SHA512c2db498b11ee78fd4410f0bfc27fb8951eab3eca670cf97be14f2a3986d30f39a4615077040c8ba22217cb49546d3b0ed57f82916f00ccac4a606c31f4f26d15
-
Filesize
8KB
MD57dcc87004c19346642a1214a32e96618
SHA1b5233c44f9197d381b878e5aa3c346c58f384d99
SHA2565bed809331363aabaeadbf03fa121a1b288c7b9e157e29f52c9d09d5c319d21f
SHA512bf35f8d8d09c6f40ecf04bf88054eca81543e5e8fa6533810a6bc0293b0c401339a20a68cedbca87564024c6742ecc7851c67532e9d4b88b3f7bf7a67a1a18ca
-
Filesize
8KB
MD5b8f8e7b27fba5f74cd23a5957bcc05da
SHA13fe11679b326ac542a2ceb01c0b8ee520e62ae9d
SHA256751512614cff5f5f8a563b87bcb1e375577a125791407121fa5fb108451052a8
SHA512bdcc3382139123cd8e80297e99123e0fe54039d884a3fd799a992b5a8b4842e1b9dd94f4946e090b056e0942e7b5a88f1e726dd72aef4a8abb4e722608142174
-
Filesize
8KB
MD5e706ed268ce4877a365aba2f28f2a9a5
SHA17c991fe24e3e146c1c067770bd39f1c897283e05
SHA25680176e1f802b4b08d3645dd9de2c7e8f5aa6e1d60fa0035e152c7ab50988b074
SHA51228ab91db7ebd7a04dd2d1b467398f4ccc5dca52a519fbd9c9871be83b0c2be9a64dd261c59293688c29bc6be97521f36e2f2df0cd9acf661e2bb4486385ad912
-
Filesize
8KB
MD5f3dd7eddc9d2fcc5d2872dca675ed055
SHA1e4e1abf5fe5206fd6429cb58b19a71342873d3d7
SHA2560a411e66ce6338d9f3d51637bd690c18096decc2bda1ff42db16240830171fcc
SHA5123f4081e1647c3d1ee7ce4ef098b469d3188d0cbf88a6f60d495c2b340304a626499c5587e416582863d26d4ac2d77755de29a075ae6ae39af590528f651fad49
-
Filesize
40KB
MD51cf3f63c021d755a21623e6d0e86dbc6
SHA1e40e0f1faa61abcca7ba3394c54c92ff7334b49b
SHA256100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895
SHA51238d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466
-
Filesize
512B
MD5cf888eec0498129547163cbd40f7ee38
SHA10fb40ab209e1841149f8f58c410b356577808fbf
SHA2569fccb3ad8ca789f9a40ed7601c9cfd871d1ade19e4a7b2a9bdc9a7d1c0d832c6
SHA512bc1a889edf2c80e8b340f2fbc25310e38235cc11742393b4e081ad95d0b1f7a41dda1896ec2306c64e195f61717ee1b601a8f641bea538f06db8083b2585a865
-
Filesize
8KB
MD50e9c2db2ba98d521d7265cc95ca226c1
SHA1043a0ffee1c366b2a56b57920dc2b924205915a4
SHA25623a12a74d21e20feb26a421f79a24a2879c29867a036423abea90f744bc14715
SHA512a0e53ce0d98a6bcc5c0bb55ef59894b311824479945facd1e009a6b26f763dc61355b83abc19cc2b835d269fbc8946a6d972c179d09f995efbe8c6c10b13b42f
-
Filesize
8KB
MD5861da0105b42d2e6d6623f280d68b7bb
SHA1271a35ef2fd311cdf32ddb77745a5f162f05e4c4
SHA2562f37ef4d2e2b4bd37cb584151c66ca3229194233a21828ab62a0e53f3c0e560c
SHA512b34e78d1b60909171671197d437a7deb78b2d7f41b3c04f5ab76dbc0d7235c4f9d4bf5c83359d8e578dd1d60a396cd6b1d147c3ee1b07257b592f00aad344e3d
-
Filesize
28KB
MD593dafc35c9ec6595dac8c9705bd7e4a2
SHA1aaf6f48ed3a5be0735ea10514d0ceb9dbf2f3540
SHA2568a6b86da052ded8a862386f258f17fe726e69e0a6cb85a3f1366b822f39fae57
SHA512e2b4231ece2b970f9c864e04b2877577aeb8d67fa3983ec0482c51697a95c78fe69596122b2036eab1678c6c73815fef598c52e83f32f5fd522c765fef5ff500
-
Filesize
512B
MD543441c592b258cdbde03f2c4460f22aa
SHA15bf0c644559aeaf5c18ab5453b93c594c8bd31a2
SHA2563d68bbc593e203c25deff8252c3de74a197f79916c43a4dad20ea7da9ea5cc74
SHA512a5fb93414326a8831188701e81ce4a17d7dd007232890eb8b173f3c9c35a203146c1839b5ba2416a2a005378f232b35927ebe847cc5d1f3e6fce19ff8249d825
-
Filesize
8KB
MD5c8bd3fd71d786222d8942a359ba2608e
SHA1a1374e83667b8d45bafa0bab32802b4e2c9e78a1
SHA256e04c7188161d63ac425b21b398f411eaad1036275597c441e91877a2bb3cd9a8
SHA512043280d32c6eee6aac30251c0b0b2d8c1451a7b6df80ec3600ae827b357fc4d2de94c9373c77a589dd280bfe0b6e30d2e7b3d386258c1dca51d60b8088b718f1
-
Filesize
4KB
MD5f432348592311acdf51f79d3dec063b7
SHA1cd5316dbe5019fa71b6e4c456502c08bdd499615
SHA2569f048c4455a6ad802afa81b27a1472eb96ffc22dd39dbed7af33d0797034bb30
SHA512ae3bc05ff80c2a57b1083d11a72f687350793b2ddcebaf2381d1f360c3aa27bdfb88e0b52bf97ce85d1264b0a3d397e7915715a79d084f7ad1d90110c3264d7f
-
Filesize
8KB
MD5a69ab0c60279732f3da69415cf1e4c18
SHA15f8bcdeee195fa70e28616c40b8e2c6ef55740d3
SHA256ad47d9260f9abcecc4c941062281524f3282cd2365cc4c9c4ab06c820b042c65
SHA5129d9f3eba9741adea9473bd92b0695c9d06d75d6e01894908c1e38e5507980e809bd53164ce8a567a107346e2b44e91bfde0413c215c286576b6d8092b76d65e5
-
Filesize
8KB
MD594562d53d4f1ad990ae6244b8887f514
SHA180ea5d5bde2879f2307dfb70861c04218471330c
SHA2563a26e97f5b83b36f5b58dc7ba75db542d7fa0a84b3c9813bbb088fcfcfc99303
SHA512183ec5e4e0a179af5e7a3168f6b1e6af7fdcfa1e22b404a2cbdb79ba968195394fa86a13a688b671c609aaf517945964382ef421080535de2776e1a9a27c9b74
-
Filesize
12KB
MD5b89d708ad0b0f42422598ec065cbac98
SHA1701849e21a9073484dbbd9e6baea0ec2142bccb5
SHA256a7651f06edbe13be17271c6e61069faa6fe8da51d2767ed6cc6d1e9ca4e7e66f
SHA512f2f5373224f6dd446ae99c736b039e2a59093b4c8356a134c9bf56bc8ae993974877964aa036f16f0cc766ad29e5aa254fbc8124bd6ef932520587ceefdd9120
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
16KB
MD57ab19bc6a1daaebc912b33b7297ce479
SHA1f0ded32c7a3c73f5375c86758bd5234f88b880c8
SHA256fb783a30dab8f109c9dddb0316e3bf3ef2d8245dadd0312791692506d0905160
SHA5126b2e290fffef15801fb94e3157e41a43635f3b4d5e5904820f7ee8eb9b04bd8ce0326e86ab3412acfbf86192b4532705ebaab740b60c1e3515ef05ba6da8bde3
-
Filesize
16KB
MD54d305c3803045455cb7c520c9a0ccb1a
SHA1edbf985d7f0de4041566b7e1bc23740bde7bd06e
SHA2563e1286952ef42cf762dc8078887d015481999d4e4015b0361ed178a9718afa8e
SHA5122d852127449630496c74a62cb6ec0c919667506b9c40d68f0ee825c6a48289753509cee0b5db157c3592ae0fef7a834158fd805ebf9df30db3d9b2254bee023e
-
Filesize
16KB
MD5b95b05e0dbf71d5a9ffc69538b3acbef
SHA111e49f17378b76715ae3778745f4e2e08eb0514b
SHA256450ef0620c03362c82d5f62629d9bd4f08c2bd362638a21708288e61b56ccef6
SHA512c6ff44b4df079f93728045a785f0a7216e549e8e96590c9a53822fdac23a7ced3f35409622879a6997642b4519abf01d76cc62fc27b44c022196356b56b9e4f5
-
Filesize
16KB
MD5bec001fbf48063e29774be3c1948d2da
SHA105f846cd217472f0a1eb62c54002ef241c0b1a24
SHA25675de9580ba68eab1b4b4ed6abf69d70b520dc27ec4eb2c3b7b4b6275b38f641e
SHA512b495911f7914cbb37d1ac5f55702ea0063cd43eadb0e105fc4974107f048c8099a922cc978594d7f96c986a3b54efd8290eadac2551005b6785f6100893a0f19
-
Filesize
16KB
MD5a0325ff5668f4474177bf7958d70a597
SHA1f9471cda55083be6cbe3f62cfb230b2b317cc4de
SHA25671baa9bc34c3832c1b0a51c8aa3bf03424c6696ae37147861da52fcceaa0f688
SHA512c8365efeead343b31fbb858caae4f8b1b6c9fcfd04dadc3bf4e39a600eda4fc4540a727a023cd06bfc28374a21e0655cdb14a680e202383710823032c8fcbc26
-
Filesize
512B
MD55f97822d023a7be018f210a18bf06146
SHA1c000fb5fa79aaf7cbc2dd94532b285448b569a84
SHA2561217211fc7caaa6c1c84863a817d1dc66f3d3976dcda9850db1f42b404308723
SHA512229782f0bf15a96ea7815a1e68bbb2886231cb3aa3da9825b58070fe14302f950e083a8393f4790562b08ff9fc95459f7586987ee8456dd568d8f4c7cfffadfe
-
Filesize
8KB
MD5f28e9ac01dfc3ffdc9d2af41d3c02f65
SHA12fafd54685be62d67af6cbc40e2841cc5fd40101
SHA256851afe849461ccdb6c8f9f43e172b7fc851be311539f2c005cc3e8e2da659d3c
SHA51240963ce65ff6b0995a91624c649e996216605c13a709b45508084d06cc45c8904fb826c583ccea1aa8a8ccd74636d2bcca491f1cdd8d836386262747552ae947
-
Filesize
4KB
MD5693309bd6a9e646bceed08ecc104d82e
SHA1fdb2b071510ec03c1ecec4f234d109cde13fd5be
SHA256dc7587d36582d2b91e5171594530e29bb58aeb0d2bafbe842a441df30a1c7511
SHA51262e9443af52a1f1c2f4a076cc7b99c8cb1e7f57135299bb0cf84cb7b69c46c78065de0f72528e3d9a00c0d65adc21c0c233f3065dc0275c504b98080468a4c8e
-
Filesize
8KB
MD59f320d9397db7aa5cfc70a0d20f8685d
SHA17a8ef3540724312ca1f16cadb1a003346de3784e
SHA25640a0cc0e93e4ce0f7710250ca6b5b9e3cde66d0c638c6cb2290a3b460f3e1236
SHA512d8051c1d2f9556c8f35a860218cb2e437eae11026a4b519d1ad5da29bbe6f50a25733607d2d3caf011924933998af4f20fcf7416a8daf1ab9798388c8cdcc278
-
Filesize
8KB
MD53ccf7a238b6760e4f99f3cd734aaa8ef
SHA182912aae9dec3081b4ace8b6ce27a105e6bf6be3
SHA256d59f27be3ee7848ded16127443daf2ac0525522d9f3410376a0d34d683ba7a25
SHA5120276d294b66236c6c2abcdc68f620a7168862f76fbd27a8e75b8129ffaa2f6cb3ce2d768acc498db5cb49c064645d721cd912aab1d81736e23600871b8fb26d4
-
Filesize
8KB
MD5dd24e60c41d3c2ad79cf60e817273d28
SHA12edc29a195bab08f7a630f16b4f70902ba62c39e
SHA256b21e7fb29d16dab1e2514df78100f2691e26f3749db1ed13fab4c95550db8c1e
SHA5128cd0005982f96022b0254adcb151fdc5a7bd3fb32d8bd1960a70c804d6944c17c829810ee2e707cd33dfc133f940885217eb0ddd67b0cc35992517573d2475bb
-
Filesize
710B
MD577c83e0733a3f5350cb4a7e5a5417707
SHA163d5c56b9dc6ebc020c2c734ebe48a986aa9b16c
SHA25698cbb7845ac0f05bc5518db3e57265b6718549e0bb1ea98973e721ba1f62a082
SHA5122b1304b673a1605bda3e3bfcccc31e3320d2d0e95f08e10602eb5d048beb71010a6c9b653561a397a078b1dcc61b350049e6ba0b39fb8faff796d2b8c4b4d466
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66480FD103690001121DA7664AC4BF98.temp
Filesize436B
MD50976fbfda42617d6ffe7832e34c2eed9
SHA1c069314a69cb711ea78fe617f89ac6491245ccfd
SHA25620df21a32098dfc95729e35d3fa81edb197d779a1ca29c2cd363edc25ece718d
SHA51227466430271656b1669465ac8fe461dcc53725bcdb0eff09523993e8e43024faee4d56d0ab74867bb1bf69dc1e77a803bafd3e9133454defb8ea0cdd2a39f5d2
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66480FD103690001121DA7664AC4BF98.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/66480FD103690001121DA7664AC4BF98/report
Filesize733B
MD584dde1042cf7c1074c792fbc5a145d74
SHA1d70748853181cc2560681b8b6c9531f42b63fc48
SHA256db382860a02daf9d9fcd8abe5a100fffc5f93384cc2294756d24a8f38500297b
SHA5122ef0c5e82622f09c163a088eb3177c4e260e74c121e12d7e96f20bd4463677d3fd04a25f2cdd707b7126f3c7fa6c946b3aab56e583f2d50ce66c1175c0e569d3
-
Filesize
562B
MD54bbb2c6dada759b7373b87d74d7fcc2a
SHA1986dfd165a6eceece375e2686eb2b8b677ac2403
SHA256420ece2353981a41956f3e74f6095456536f9f03b1cb21ce6154c533ec851819
SHA51276d9aa40494d6934d3118f6abd2e231b4b29c53e49ce804ff29a0d898aa7d0800b9f81af12e11e312d754b4ef114a0dfec29ff3174854b1f4a78e0ccf5f895db
-
Filesize
90B
MD5b3a9a869c9a3ca242f04359dae17557b
SHA17d2bb192e80381551916152f04a048ab95e209fd
SHA2566b9995d64bd72a0229ad03864c072198d7cb833f00c1f6d66cd379c30a0e1075
SHA512388278c1e26b27ffe3e00743b4643a4f81cfc465d10a3dde8ea774a4bb04f7aa05bde4cd348f1a463e31a76afbea3e174beb1ff4e9d97208542624142027f38b
-
Filesize
36B
MD512d6ac846c9b2be37ddf445c0c29e940
SHA1d3eb606cd204aae7ffaef62fe85d0a8f6dd791b8
SHA25677d3bd99f9634f11d0550d1be913a3310cce29f84726bb7c73a94804a9e7451d
SHA5123625397118016b8aeaf9b63148920ab38b9c5829f29a69a95345abccdf2b9bb87f92065d617edad84cfa4c89f05303eb9c27007404125f38f32070122bfbc06c
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD59d72cd8307fb7d4c4bc1ce9a7f2f27bd
SHA18ac98d8e7792b8d0c119a9db34c35be20f251164
SHA25674eb03d7279c0e55e83cdeecf32fbf0721c58534f814ccbe32478d1667920168
SHA512e47c69e47818323e3ae848e8c6920dd2805e1248774d8c4229c3e6293d65b4aa6cff6325f7fa753165e47db34dd4faf87d419732a901587aebc04cf08f354e45
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD52db34a0215a74cb387388c5547eb82c6
SHA15c63d52273a9c4deb4e0bb641b5dff198eb1da6a
SHA256e8009fd4a3146aefd7e77d6eb827bb2359b733279c7f8bc8ae73e0678e2a1cad
SHA512b1a7e819b44e45e923148a6791c1a9a8a0967df43e862233bd10f85850c8e698eadbc1530ef7300c620e3459abf9703f8e352658f3d83cebee6ca5539cae6cda
-
Filesize
108KB
MD5530d83732a1aedb41d8119415d2ac1ff
SHA1617eb09a472fe04a8b9c60997646f5275623ee3f
SHA256b2d9e613019d66adf4372372b6feb67d293b973fd784476b2e804eedf1802d5d
SHA512ff0341475190e35e6fc1d76a73c38b5b4c0cb0e1dd8820d4a77644abb34a1a965042d90681915884a7ad83d359d829a2217093aa8195b2fa16472cf38eb58b09