3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Resubmissions

08-02-2024 15:23

240208-ssx36sfa5x 10

08-02-2024 06:20

240208-g3s2eseecj 10

Analysis

max time kernel
100s
max time network
138s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
08-02-2024 15:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

GBWhatsApp_v17.60.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
8d2cc54d9300e79faa848a1c93241f33

SHA1
fdfcbca8027a0d95b7cf82b0d1d8c0d3da04f19d

SHA256
c4b4f4753ae424c1b9cd7950a2b62bc826b98d1217e23f3f4a3e701e7bb11336

SHA512
8a907ecb53a99f8c1cb74e72622e25658864c49cd393168c6f54d43cf1071186893573a062ea1beb34c1957c4d6ae1c280727f313c8f3244e62e2f88ae9890ab

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
0dd6123c4418f7b709d1a4b4cc786c68

SHA1
a5df70ab6283ee47bd9aef0e8eec124313cbe29a

SHA256
d83995b4757c4a6993c01093e399b4498e03e86ea4273c365a8d3747ebe1e106

SHA512
dc7b523cbdd65147e1e8bae2ebeee517a5146d820bd1dcca94676ade611640e9613ec7451db6fbc61a44a0bd307c25411d026226dba3b7c36302f4f0813161dd

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00005LightWallpaper.jpg

Filesize
12KB

MD5
b6522312846c41116cdca0eecc2bfe06

SHA1
d2a583b81a94634fb164043448ca7f2f58d613b5

SHA256
19f33889fc5e2a3946952598e342f2d19dc8ae232d92ff2f928265e381c94978

SHA512
a786a9589fe88295c02adc31431f4afc8bfbdb9f55365e83091a8b6e570ceb99aa3a40a9e56d1a0a75264a53f70e8c6be537f3d76413d042b92206c234449edb

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00016LightWallpaper.jpg

Filesize
10KB

MD5
4b1cec394f36eddb57e70f194af2ef96

SHA1
63f4cff9969208d431b4496baf0ebe9c550ec70f

SHA256
1cb3b9f0b06b3f6ab921c908db4886082a0bb6ee0daa695d65e9cd4faa68f16e

SHA512
3059b6da07b5c373d3f8d0214d9bd2fc76c673e4a9edddf7bfc36f904465efcaff3b8d8bbe1ce8fbf8e667ee02b8e5a6c9fcc476fdf40eb007beb97271588dde

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00022LightWallpaper.jpg

Filesize
11KB

MD5
5db74de1133d28a74f6f35938e399c41

SHA1
02120fefb72f533eef47ad594e3c17e508847e5e

SHA256
8e1b6c2b97dfa24c92ac68198a7a5fc8fa7cddfa23b00e263b06f588b5b2fedc

SHA512
01b2fbb6e51595130ed3eb735535eb0287928075c43582bf72ddfaab58e6d7c3ff75941c16f58c6d5746c93a6797b840578095c512bde64bec20a0a01d404cd3

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
5KB

MD5
9359a5e3005c5f56f3df3226a209db9e

SHA1
d910115dce36fab59dd531aeca7d808d1647444d

SHA256
cac6a917a1725be3765b3017140a12dff8c85105d7a8e0f40e5f4bb36e5c8097

SHA512
cbb906dde47c4c117fc4c8e38938c980fe333b17a6f09cf57d406ae7ca43a06c018fe68f94b6d54bb1d6772d21722fe23f8949436c76cd074900a739fd43335b

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-1090024573594195406.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
ccf5e51b4c6e5907e1d7996f6e643e75

SHA1
5c786242954bf9aaf67cac1d732b6e81b5997009

SHA256
6d56cba5cdb74db1c6b51e0a7bbcf93961054539baa34fa742ab677888a8f6bb

SHA512
59c5bef25cbbd4bc1e47d23504838be062c06b4be56260c8bedb349fda5749e8f4fd3ba0cea7cf2fcabed4a03dd6fe8a849c61991add1b40056bbff8464635c8

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
7850388bbb1fbbe8fa41333ad61f0a61

SHA1
6b2a337a8cdcf222ce88803716a2c9e4a30b67c2

SHA256
e31b4039485fc4023ff5c22b3a327cb502b76fd74113009124b4091b85c63ff3

SHA512
3e617078f8477d40bd8b1c5232dedd03e6f14e1906a2637b79d41f4ba36b9f9dedea202cd318869bcbe9148d9cff1719fbd90119d782e75d079a24c9a03e7310

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
64b471dda66553ba16bda638f0c89853

SHA1
3d925315b33ec8e8428fadc27a06fd246bd18f07

SHA256
c56dd388fbc0cc80cae26e32b92b069b67637f4cd27491ca44dc57fcd90b1b6a

SHA512
2f6df6471ad6917bf76b3f367805e76ce60bf10eba129a1f4da1a1dfc55ef4fba63e8277d7b7de4956cfb3c07fd3109e125c294494234d69f115c8796ad86b70

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
0c712a4efb24b9b68e8b4644b6b8cbe7

SHA1
409c42167a5025c2c6e646dd9b7cedd05a352f68

SHA256
90567d626e5c1967d7bcde1aaaa7410a0aaa6869eaa9807d4d3ccda1cd225c4c

SHA512
d2192f0de58b17834d110ac68084760b8b2445b80c27e740d075725e4ae166fbb69d4c44ada40170a5e4fc652e08f9bf70e56bf2daf29bee1cba5b4f2a8fc0a2

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-journal

Filesize
512B

MD5
f36cc57bd9697a63b2126bdcee1b52b3

SHA1
5c78e0f9bb7572118fbe87f33a08aa1488ccfb89

SHA256
f4800b17d701c4b6b6d82f72151c43ccf2d404f2c38a2509ed0aca9cf540f80e

SHA512
8f6a1e9eab4a36b6e5d303ed949245bd7599013f1dbf2b8da6fada52ce7453eb9c03d82e633a0f5487eee9a1c2bd0768e14d4c1b53d4de079a29abee51a67bfd

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-wal

Filesize
28KB

MD5
7d31badf2c1f4179ae6fd2793244fed9

SHA1
3a8fe355af42586ab728e9606f696d0a34e48f8a

SHA256
6d52437036d3cfea2fb9afb1a958309613fc926f14622ec376eb800dcadf519d

SHA512
f5e40faad8b4a755e5c7f3be15008dbe20ba6d2a7a15d0b195e13f872c61465259570713ce44a4df4ec5107165c7b49a48847f1b7ed74cd0531f8c5d790d0c57

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
14a4b324f4d7448306d9bd0c841c03ba

SHA1
23bf032721882d0fca6d06a5ffb6330f36239b33

SHA256
ee3cea5451e4ae22d81dd31ce11f982186647d7b312c8d27bd5e56c8305c2532

SHA512
4636d8ca7b5fc0f6493c93f1bff90aa77cbd252b2b7272b9b8efbe901a0e0130bef2ba10f16a8722d29cda00ceeb5abfa484b1bbce2f0694aaa18ca313ca61ba

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
7e70685c5de464a394199dff63eb0f2a

SHA1
76540136e2dfc24b5d31f665e7ebd9a31d1c9374

SHA256
a7e65bc3ddde3034cd858cf4eac39129f7c07b22a026b43b49a4580de31116c1

SHA512
2c1e6f6ab1aa31a1e5592f80dd87cf6fc87baa05300bba7aeaf60cdfccd757b17e6c6b8b8d512ef5ff61e44350e3be2b98976f560cb97638ac41d3239686b3de

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
7d2a4fa9cbc9761809c3a182853bd39d

SHA1
05e7be96e76d73006fa2925ac5cc077402f7fa23

SHA256
409a52040c9ba6e77ffa63fd37ed59ec0b528be2c9f3f5e59c5d0347afd29bf7

SHA512
1b73d73b810e10af24f1e697444ddee5afa3fc37ff8242016e3162e5ac83858f4eb3d8fb8dfc453e8d40b52c1c2551c1a875c101a090d625525aa530d34d09c2

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
156KB

MD5
bb8ea18d3b3db9d4992d617dd77c6ab5

SHA1
6f784c69f16416592e5f6511e5df09760ce72cc5

SHA256
a24ed776b9956b8e6b994883adb7426559004f4e89ab4de9643d316fd984a3a3

SHA512
94d2e3c40c8d2a3a8189bc830c7234ab13f2e5771494745c502c8d3f1e3ba6688ae2b04abfc504a28c03238abc7314c2d1ebb8c861d3fc5ea9c0f63acf822e87

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-journal

Filesize
512B

MD5
038fab2cc8e90e683d1b53a43e3bca10

SHA1
b4b1c7cf12c69e842ecce5d361e615d11f82537b

SHA256
8bcfe70fffcfa31cc86a515246a159e181ad4143e5696fc35c22aa1bebbe89b0

SHA512
9246f06661d7bf8008991e712f586d9f66ccccd15fc94f9751044aded34ab4244e45e6c099c8e76cf13706069ccf44cc1672ff10913f5d03d873e6069ffcea24

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
116KB

MD5
466010c4a238b2cb18c700c097f8fa96

SHA1
530d069fe78bf7b4f615037b03ad89e7adf64580

SHA256
abd2da657690b4d324f5cd810b8df8387f6ffa9efd22657d122e2c3ae001b45a

SHA512
35aca172bda4678f4d47dc403e8b5dcc31dc3d0ec26ef207243c25a9b7ea958a0182342aad9db8bb08477610e6e6fd65139877666f718278a5515f56315a25cb

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
a030526bc9d4f85a1c20c2ba4403833c

SHA1
26c53377dedd3abcdf3b9328d4f8cb628f042c8a

SHA256
3756ab708393257e7dd35bd6c8403697c0776865ae36cf6308346217741c7df1

SHA512
7cb8557e1f89d905b972eb9e7bdf46517908e528d3a173a553a2a4398d9c63434e527b59b1b6a2dba82bfe7f497da852689981ebb528760a39bc1efb1b43e003

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
007a026b2210f8ec7da76fa686538bc4

SHA1
8aec945131cad043e826975667805fae810a8efc

SHA256
57790f51f809d3f68f959b493607e8c79a27d0a8bfc6cb5cc2cf2953577980a4

SHA512
59670bc79fb8ba576ab29d2c76886ad17f2812d67b8aa3aca22597fc614e90811a8d07a68c1cd46689b27fbadffee006c4bcae6c0c771ffdba2d137d5c9e4513

Download Submit
/data/data/com.gbwhatsapp/files/.trash/ef79a130-f0e7-4a33-9fd2-55f9ac059818/58e6645b-3ec8-4bdd-94cb-01f885203e23

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.gbwhatsapp/files/.trash/ef79a130-f0e7-4a33-9fd2-55f9ac059818/e803b5bc-7111-4ee1-aea2-69f6c5d27585

Filesize
526B

MD5
2c0f856d7250fb18c8dfe900ec9bd5d4

SHA1
10c62e9db2bdffd3d76829987e50d0efa5e0a72b

SHA256
62802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6

SHA512
ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
2.9MB

MD5
3881495b3885e73fffe657ee4e9e00a0

SHA1
34848818aa5485d41e52dc60d87945198cf8f699

SHA256
b2e101c270474049c73124498fa7e59b078270875882670d508ac0b93bcc1f77

SHA512
b355ffcf49783d6f441f03becd1cc62b1be28badb102a4a9184f21c9d1c76c64f3fd42d75d4085c84d9410a8da10925f046c151ca091bcac5e3e5dc891b2e7bd

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
a9e09ff358fa73bad60973d54ffe6305

SHA1
ff704157ac447aedf4fcb1a8c2b516290c73d61c

SHA256
de45d517018e97eb8dba6c37fd47ef90f38f59ccc194c6f21dba4d181cbac609

SHA512
98b670289600819102ce57f92e36e31d93de8a904dd853dc2eff883fc402d51593d42eef09c26b682bc74c8e860b1fc522cde3509eaf0eff659a5a55e4035a0d

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
1d402d7d61d9e2712468dcfe3d9e4790

SHA1
1dcfeaa1b9764a89444489c304d786b3205bce23

SHA256
8e66fd1da5a38cf74c27b642ec26fcc65926483328b320c46ffe56a38a9b158d

SHA512
7c4adefe736310447923d3af0cdca887e13b5168780301c1c32ecb85a1494f5cbda03c9af163b0b7b93c7d384cf26481004918156fe85030fe3fb82af2baf4ec

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
185KB

MD5
908459faa2bfe71935f55fb2f417ae5f

SHA1
45dd015877112cfba48cafb2c0129f0eec998a0e

SHA256
b2db2d9d7fb4e6b6ce9adf4c73c358a4d36b58bfe189f5a9b21984a552e7cbc8

SHA512
cfdf9215f83c6a401114fbaf1284f3995d695d58da88f76cabc7f61cda606f0724171dac61382c93a1cb5772e0e4a8a4eaf1af33092556a13d4d92e141368902

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
d3571d68b97ae854d7bb209745cddb5e

SHA1
d6f86eeb0ce725b1c7e27368b5ca82fdddea8f67

SHA256
e6e3ef8bc79ee0476bd2999c157eff08652f2854afb1b9a542fa4065406de844

SHA512
4c618dbe19753f8f99ef2e957c1b9df3a036c578c3c3cb93f196469093da021fae20d7e464502118d2b9e883affdffb1be0c6db838f5ac3814227ad9a286e668

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads