Analysis
-
max time kernel
48s -
max time network
135s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
19-05-2024 02:03
Behavioral task
behavioral1
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
-
Size
5.8MB
-
MD5
1398c9c6999be6f56f2364ec680f8557
-
SHA1
396c173b4c084afc3a2c89044ffa42a3f0e4dad4
-
SHA256
798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
-
SHA512
49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
-
SSDEEP
98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A
Malware Config
Signatures
-
EasyLogger
EasyLogger is an Android stalkerware.
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/app/Superuser.apk app.EasyLogger /system/xbin/su app.EasyLogger -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo app.EasyLogger -
Reads the content of the SMS messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/ app.EasyLogger -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock app.EasyLogger -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo app.EasyLogger -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD59ef3313803469a4eb8b664328b05ea4b
SHA1491115d227938b983309e7dc49723c3aadf53d5c
SHA25629613b039fa7a51f4be6bce3440b333c009679efc7bbe028f1cd0a996f722213
SHA51215920906e5d3700bc5c8a413fb41017e1b37c035c6746074ea481e42ad09966fff690b2ba62b23d58cc192de26951a8c53d9dd812401df4f2c5bbc57f19bfa93
-
Filesize
1KB
MD59a3eb9a678568330f1e665b576bc014f
SHA16488840638a6e78cab6e2c54e0a2126e336b0c28
SHA25695699f24359df60b2f65b2907f11ee6ce6bae425e232d2758d61d9a38a51bca0
SHA51237f7962b01f05503d661d20c2aee481ea9b1793f3d7ec32bce0943cead4c8155a62a69b867849b485f5265f55b629e9d0556a414a46111934acc5bd445803e18
-
Filesize
76KB
MD565e41370cf11c2718cf78e9ad13f1f86
SHA1a8a58e529c8d41223840640778bd8961d73505d5
SHA256563253ea278be27154c894cb4d7cfaa4a653509f0b1ca54577988d92b381f9d1
SHA512c7291142379de850dd9b5992882d866eb50969dfe531a530f8f4144c67c7d8b39f77243cba13cbcc731658e192cd845ab817eec6c37411d7029b83668ba47069
-
Filesize
512B
MD556a71a0d7566040607c5d13f2956094d
SHA136f1c1c55836df155bdbb01702b735a2ca3ca96a
SHA256eb85821b764bc8534d399ee7f260024db66e092f853d2d4a4cff6f5f99350edb
SHA51291221a4d13a69a68a2607e0c8d2400c35e683bf3971317fae74f0853fefba6937606c14a291f18c0a7c5ebd0b7ce020abe620dcbfbed58f66c83cc61f04f166e
-
Filesize
8KB
MD51961851e577c31f5de5edf45ac795df8
SHA1f0ef51b4c067a7ccf74bc54716bec90933f4da7b
SHA256195b02b89e7d7b4392de51cf552d5e69703a00fe0e95ba408eb4b191ee590306
SHA51240c1910175166482050ef82fc006e8876f7e28cfaf317acec1384c07bed361cc61c983b80aa4f07c93f4ad3d95797074b8307e8d7120ef917af22fc6bf93ad0c
-
Filesize
8KB
MD59f47d209e61a6414d646738ff8dfad33
SHA16fd92e09a3e5915b3f584147b565a85edbb46604
SHA2563241e0762946cfc6a211af50109e3097fb9e1f380c07db9ca81c2f6ec0176a1d
SHA5128d213bad4a29f10b227ab6235b1922d23884f7b21cf0d805988b9d5c29ce65fa23fb14b4fe192b271b26768c82457b14760b8784cec7b5059624095b4ec64040
-
Filesize
8KB
MD53fb0a8993117312a990392561e6ee533
SHA14f4083516ea88ed35d531073ed150b84448139cc
SHA25643af02572841e12d890566c23d575e15315fc4ac9c0f5ddf7058c508c70cf616
SHA5121ea626a28347ed637b728703d37434e397bf914dc1aec409b36f44c11b21c567fd4a4bc7a2fe7104e414795c985b32b5d78d0295ca7560d0c3af5ff9d92491d1
-
Filesize
8KB
MD5ed3cfba5949c9c819f88376519119405
SHA14db8efefaeadb738cec34bd3c0caa823e59fd15b
SHA2568ad0fb410f53a0b61e00d84e134da6c92227bb663ab50f3604ccc06bc6131048
SHA512513f03d17d186e2d6c4d4213b3e1d7acbcb97dd975fe5929b2f39af60ce473070462dfc21c84e0e7e83d758488d5dccdf70c8785c4bf72bad9bbc1013b642b98
-
Filesize
8KB
MD55c6fc221dcf3d4725d6772b2133ec1b9
SHA1956ebc63d1438318b24c54a30cfc741adabcb451
SHA256ae61bee83b368a9aec9796d1e575e6c5dcfb439817afc353914be2ea99d6dd17
SHA512e620345d49add217b3668b41077f6ff68eb6f72ac776b5d0f6a7a4381ccc797ef23c36f34c01e2c3bcd791ed6985214d48e7903becbfec230067054a5fe515a1
-
Filesize
40KB
MD51cf3f63c021d755a21623e6d0e86dbc6
SHA1e40e0f1faa61abcca7ba3394c54c92ff7334b49b
SHA256100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895
SHA51238d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466
-
Filesize
512B
MD5954fccdf0522d810ed5bfb7f83f86a6c
SHA120bc84d9a7503333b3cfa32f26987f21ca09dbdb
SHA2566d4207bfb5a913c55333718e27bd6fd18a982e4284230a00e7f5844d27e5f7ff
SHA512f06c9fffe7799ad348d4a780741f15573df4b64f3007786d682f08562954d123b442b9703a1dea6729bd35d162e499c895ec94c6a7f1438e32e4bd12b98198e7
-
Filesize
8KB
MD5035bbdd212b7a4594b45efaabcb3dbac
SHA1d3813219dde430eb378a3eb6c8edd8d9edfc6827
SHA2564cbf641a43e7d33bbedbe5b080ae2b1d4389f9becf1d25564b7df6f7d2436c4f
SHA51292dc2a59beb4d2924fef9cd381dd6ca0b6b927c763b782224ae024a602f812eec9eb7acda3e03773434834981966cf6cba713283dc6d4c235893235455892f8c
-
Filesize
8KB
MD50260ad16e0b2edd70a38d721665355ac
SHA1d841e864359a791bba42fb18081b2b5b4b041af3
SHA25651b85a95f10c17ffd8af8dd6c109e6315f9613a5db1ba5ffbf9027ea6351c617
SHA512eb15448b5322f06bfbd3010214fe35d705ba56f1c8189ec95f71c66e18e56ceab76b72c67e2cf09c99351b3a185539d683183a09bbbd17e8b3bf52e513732c2c
-
Filesize
28KB
MD5234e936faf5a929de464501319b1dab5
SHA17327005b807a41c1b77e7274c8526790fa64bec6
SHA256a6d675db448a6a3f3c01240fce6c19447fde314da56b23b614c82bd49ebd356f
SHA51214599fe7cb15964a6fb8c0d5f933e949776c352ce22650fe4d71a8aaedcd1c73790494535ef8032c7f608ba79684f98dc1430bcc5e777c403de2c55ef46dd45f
-
Filesize
512B
MD5fa5b902b051f41007b7e14f0650da2bb
SHA18d4e583aafff41c0000a68f12345ad42bb238774
SHA256fe20e604342e25125a0dd554db39ef09e2d2ecf568462a14c107468c7120b9e9
SHA51272dcf55b54fefd2c0af55352fe40efd1e46db64c4f08c787fef7f146df42bd544e7b0514f4a9bb4d775c46ded1ee9c6efa47a3d2f17dc9c2e5635f6190bb0adb
-
Filesize
8KB
MD586d483cc91e33945db08d53cbea6660c
SHA15488e91a14f2a8448538b66ae59808f1b77d3626
SHA2566166af9598dbb791ac4f6782e520664228c1754a1236c88d6948da6a17e77c49
SHA512fd8d1162e1c2da3f1a9ffbe330267b0b712c7c37bd5c9169b757b127dd50cbe1fc0d64ec660ce694887d8fb8ba6348a0b00af0f8de98c03457bed996a804af02
-
Filesize
4KB
MD5bf216242c602b4fe713aaf994e6f75a0
SHA1be3fef1ad1cc0489e30307b3cefc0cb72621fb3a
SHA256bcc0c0b7c804823e04007e3e40024fbc3bfd77734898eef3c9d8748910872c3f
SHA51206d65c5bc7f1e3ef50316ef420c6a6329185dbc26aeab09b0311ac75955d425f259e8a3ac1bbac24176ef7b8c6782589c461f8447f86baef9ceb039d76ec1a40
-
Filesize
8KB
MD53d0114534979c5764da70d7fe5a5b3f1
SHA1aedf7dbbcd5d6dbcc94968d037f104d7aa00ebc9
SHA2569e0385aaf793a97f66afb91f9072d35090e01d71b84ee460a1185b367acf215d
SHA5129642b931f8c9c2a9f6c9d41bb5e9f24cec67864ea6552c90bdf1a48358dc4e72534939c3d69c44916e0dcc43ad257959ff93d37c2dee0ec65db090b9674018f6
-
Filesize
8KB
MD59bb104f35c238aa9265d0670b2cf176d
SHA126beba8122dee40067fef2cce2079ab63b62b9db
SHA25686fc72a2520fef0fb5b2bb959c64e99f67cedf05979492434973ee6624180087
SHA5124517977a4aa0ec37bcf2a4d34e0a31d931f631e02184cf1bd8f3cbd29216e89042130de09eadaad4d03d2cb2bcda973cea81b6da665b48e9890041d6fbfacb25
-
Filesize
12KB
MD5163466413b0e140266d994f6f4270a4a
SHA13400cc2223ad4ec1125e886c4eb06adbd8513f95
SHA25694534e06b10690124ef5451d9ee06291b3f974046de66f20302f3088c533156c
SHA5122d3ccd51ab0f047f6e899c1246f03ce35df470045e03341c768e8303146e2f1a558b620ce7ff264af7796ff93049722b8fb0ff97a5b04f1428aad601184f5d42
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
16KB
MD5b8075868fcf93495e2ee0cde090aed06
SHA195ce369b2a323208806197b240caaab26f2abdac
SHA256e936b5f3de449c82b31876a1983f3c35d659cbb1bff50174bffd81ca7a4af4a3
SHA512c4b0bb98f79f6eec165f378f147e10e118d5d088d80f4fa55f630eef61b3ac4a43ea3a4f587d037cd6cdbeb26cc035bdb2ab857b9b2925dba6d3670a111f5160
-
Filesize
16KB
MD53d4f4e38b48a96dc038c4e1e4f0c5d18
SHA18c1298cd88ca76c7680d2e6629b139970e5e0e6b
SHA256a79f51a5cd23403ad65382cdd9942baae6c0ba7e51a1c5b83ba6462320f78cd8
SHA512b929ad1bdb4f106bf41a65cc356ed3b43e824bf7bf1b10763a9252d560effa0f31d87709626b48c3fd398f9b80e13e5400a754fc34295140398c110ae4dfa183
-
Filesize
16KB
MD5c31475320971850469d90d6179ba817d
SHA1f52031ee702608ddefd68f50792292640ca0d7f1
SHA256d53d97e6a04896e6b2357de9b4b846cbfc923cc1ad7a14898256581e2806e336
SHA51247b390d2cd8a1b6069fb4373fe44f9b3007555ffdd8d4a7248c47d3c39bd7f9d22ea860124207a6724801748ed209c32afc14fb842d5ba4b7b7511511c8ba249
-
Filesize
16KB
MD5d83cc78d0991d93fb18cf34717fe0a32
SHA1722f6b59fa54d9f74f05e436049340a17b2a0121
SHA256dfe06d0fe7f5192ba5ec9d4f68e6db55455d6a7cdec435a3dcbc828831aae1b3
SHA51286ee7773ea561019f566f1dbeaa48f55d0629b1d9fb0532efac31d26785c8ae21af687c44bab54dd857d7b8a8567ea09924170566db701df37f704a1677fbe71
-
Filesize
16KB
MD5a0325ff5668f4474177bf7958d70a597
SHA1f9471cda55083be6cbe3f62cfb230b2b317cc4de
SHA25671baa9bc34c3832c1b0a51c8aa3bf03424c6696ae37147861da52fcceaa0f688
SHA512c8365efeead343b31fbb858caae4f8b1b6c9fcfd04dadc3bf4e39a600eda4fc4540a727a023cd06bfc28374a21e0655cdb14a680e202383710823032c8fcbc26
-
Filesize
512B
MD57b190ea898c63fb026c8e2b2b61df1d0
SHA131fa383d2df29f6b6daaa34b1843bb67a40ae346
SHA2561413f1da390673ed4989e7f15e0e1e765c4d924f25b9ba3a50ba0e3344f73728
SHA512f34ed8061007c1598586fed3b182ad7a18ae30171b3782ff9d6abe6e02bad40464b6e12f56f85e4ff0af9675e434b4cee8ae0d2948fb75994abc72e45d38ce35
-
Filesize
8KB
MD585cab379d8ec9d34eabe632f84ad9126
SHA131c1e04212c56c779ca8389f850ee27eb2b9e767
SHA2560cc48d1298be724d2edfc3a228fde0a8b75fb74f073fe707e676d64677d3990d
SHA512eebde996f4663800c5047bc76391153f86a265e08b1a477ffb830fe0b1f58afb33c686acea1f9b86c3bfa8c2e9520f756e7f84b5ae7660f5b5464cf3b922a074
-
Filesize
4KB
MD503c34de7458b58bdc2f22fbb22791103
SHA1dd092a562904e3d7bb42bfb0902980c55e15913e
SHA25612e400e6d3c1625e7d98781b183a89a1c5ffa42341bc3b3125ae8b5e30910e2d
SHA512edd4ae36e8baf886d86b50332ca291ca136bb1309c8664fc4c4f805c1889c8c1bcba875fa0d46b825c5d0db93cca238b608031fe9e57e77a4488ddc8325733ef
-
Filesize
8KB
MD57a2f5fcb3b91690d513ee364113aa303
SHA1706def236874d0fa3185a58a7e5384d4c977d386
SHA2562c30674837359e1bbc1f3d5a662c2dbf3c30415fdccfef985d32508cc5938de8
SHA512146277a1e37fb3c22b95f545b565ded3e4b67b18a5c52b3f6104abd776ac61265b91cbe34236c166712d65f65553887ebe6d4a66175a3dd33420bf0a73bfa5ed
-
Filesize
8KB
MD5a098cf2487688816db8a668f084919aa
SHA10c2c3b97f1c5cfc5f7408d6723a79c97ae8ef6b4
SHA25689c997a71bc7559ecd907f33ed2afef5faf084d0efa5d8694ef2fbafb831dba8
SHA512dce1f2521e77b71efd8631c1c489684ae241c2209eac82348805d983fb417d1332e46105794ea12be4b7677d2662df2214b7d22d08fcf085d0c259ef419cfc51
-
Filesize
8KB
MD563832f7c6900b593943522d89ed6bb2c
SHA15360a63b4b8e08c61a3e84e845753b3456263042
SHA2560eec9c4a3d5a65fda502244a823201ff3d5f0b22a4a8f29da863c03d22d34539
SHA512115511ce067f982bf27895deef24791f32f04da9a7c162ecfca09eddce319f988aa274afb2c08ca0a13f62e680e164aec6daae428cac89ccfb31551128692103
-
Filesize
710B
MD5b02feb2c0cca37cd0e9f72f15fdb977c
SHA109522653bca89f0a328623f6a7a882061a3cf59e
SHA25673127250a7f92be87c4a3401c39ae800b1f1b60f579090f15897fd9283b85662
SHA51221a2d8d9ed5ab0ff3bf88857137507668aba01c885d204f7af4672d53ca6e293ead15a3cbf7fbb9f1d15d14a4a659f8174a83d57d779f24a49916d650d2c28cb
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66495DEC0215000112209D2811512F29.temp
Filesize434B
MD54c13730129e8c100e7012628796bb69b
SHA1dbc458ab03806e5448438dd19f80a6d5a047aac5
SHA256cf1d2cffabeb8b178c3a18a6e6918140c005565c1f428a9a703304263e1372be
SHA5121051339a89779506f6fdd1c63a7d613d6579b0ad6b4b4bb94b7645000607fa541e7937fe2322b39c237fdd24414a55afda62387e8ed04e391a67e8139c0cdaed
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66495DEC0215000112209D2811512F29.temp.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/66495DEC0215000112209D2811512F29/report
Filesize733B
MD5b07c788cb23df85ce0ab24ba28e5eb36
SHA172f90065f29d5cd76186a6335e7295e6c10aff44
SHA2566492d147a5714862d38108e69928fef8d20f0de2e245da94753df2b516fdc02a
SHA51247d48270af282a140067700b98ffe8dc7333a33601fcc5e13f3dd3e156b5df8d4e5bb3683ad2190fa6049697f87d9a9a87f1646dc6c20a6c449bfd6e5f93c0fa
-
Filesize
90B
MD5c4b6f214642316c30bc9c98bc71a07a7
SHA1aca0d8d358395c592ccbd46502c451fc3403f983
SHA256e090093cf49d1609c3c0093aedbd0352d410f4e81331d827cc15386e764cbaed
SHA51262299deb97673b83be629b66b50b7c7eb7012300fd17a4e7a541bc41f3265c91b49bbb8b2736126dd88405d0a1e46e7439152e3508c370f250e70562683a5f6c
-
Filesize
565B
MD545d9776794b7f327b6fbb9cc235f0935
SHA163f9a1c71684b61562315c6b33c9a8706e7bef58
SHA2566a11895ce97bb9ea2a8b3e47ea6b766d8c4a69bf2f69d8cb0977421854b648da
SHA512f6877617e9e4bd41badb9b23b014a1f42191eea9cb0137154c1f72b7c8c40ef8821ac72396a9b5e4444ce760a6fc20f28869499d1f5876df772164e632584c48
-
Filesize
36B
MD51e5aa0ead5b876f4c18959b31721502d
SHA1bfd7c9cfebc40f4f5c1b8390c7347bac3fd57d95
SHA256afd187528a0c2454f677758a040a149fd48aa6ff4ded1187c18b2f3ae6d14904
SHA5124f1dc15fa99b41338148dc072889f3eb470be3690b04004da5271d83da5ccfa33f5dfba99ddad097ede3521bcf0f847674bb3bd108bee05841456bd06eab2f1b
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD59de108956b977ce40d248263078c158b
SHA101c6898688b839170ca108c032b875c3edf08cc9
SHA25657af3b8ab2be61fbef1a3c75a4945661e380d37b9c9f459a23f916b283a19331
SHA51254df2168d0ae675bf6de48b60de17738cc5c8567b603e442f308f503c2c508ef7df030a2f0a06231355602fa5403999dcdc9282dffdfddb859a41079a5bedd80
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5473d9950f8c2ba744fff21acbe58f0aa
SHA13a2bf8fcae3f833a4a6edf7b74df551040a6a673
SHA256d9887e697b5015ddbccc5b3cf8a19c0b83104353df725da984ec4f3176fc4f46
SHA5123e91f57ef175e76f6c7bc27e6a3527bba44adb3ecb731e8baeb545ff31683343850289a85d74701a32a05326d326c0bcd5fc502e8ed1d96bdf0c9e7947b818a2
-
Filesize
108KB
MD57c8c62ae67af7a3c71a72a732b2adbee
SHA187ca24892e4fcd78e838db04e89f6dc9751491bb
SHA25646ece6e3e2a384e48906c5fcec15b22b31901fab20f3758d456bd33ae76b62c6
SHA5121b410d34ed1fb2be679a700ed14c37288bda39ee274a860fc32492094f7404e4313bb50d08b7a6abff1db8801ff6d9c4869ce8254b6af8bd037f7f03ec6991dd