3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
87s
max time network
135s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13/02/2024, 02:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4282

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
f5dab7a0205f92cdd353c31f8ce33cae

SHA1
6f430924c0f823b7c779d70a2a78e2e69564008c

SHA256
ba19570ef9da00435bb546b1c80226709ce4d19130caa3f2919636342dcfedab

SHA512
a89ba408455a05e02075aadd79722a9079957e4251b021443107ccfb4a11d41b2680426b11d2aca796c81fd12ebf06feb28a496cd02d0d0322771046d302bd51

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
05b31f2e66da81e789f4117f5ff4e2d0

SHA1
f17274c3bce83f09012c50c0e91f27dde30cda16

SHA256
22019b94eabc7169309f20bfc1745a9ed2fb49f99e4f3b5578e87d3a6a4eac56

SHA512
8d84460fac296ff391aef8e09bc748474e2744dce5599248ddecbce5382d984c0847ab2e39d6f16ef8fc3a570f1172f8864dfc0d036aa57f62197cc9a9329c64

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00004LightWallpaper.jpg

Filesize
18KB

MD5
3b42c4d2ec86906a21443a33167617cb

SHA1
ca6add9834290605034fadfb33c51d41f55e4847

SHA256
f56b072e6ad0fcce9bfc1672813e26c61633173b855a77d1be7306e85adeb1bb

SHA512
2d6b7ce88b2c419bb4f6822e69fa42189698b8934acdad5d7e2ab9ca5e32045af01d1804fb4a38410caabcad8b078365a06a79ece0724785b018a6fdf8127fcd

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
1KB

MD5
4ba6e61e82395d082522b0194fb1de9c

SHA1
84546115a9bbc54e7a4c800e08cb13b818ec3c02

SHA256
704496e97d97d14d96613d879945113fb81530594986006486502a6339a08798

SHA512
da85c57295e79f3fd0f10b516f3e8d75fe734c96d7722857070b777074b8b14e99e6abb7bd65175811a2a5f2dd64ef85bcc884761c9228abd2d535c71d8193ee

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00029LightWallpaper.jpg

Filesize
18KB

MD5
2fa3c69e4d0cec14248550027f84fe1b

SHA1
3134f88734005d30310b4db7f05e7eaf6889b8f8

SHA256
0261ad4bbb5d653eb29509e333fab2f4f34e9fe71627e6a868d2d9bb1b73128b

SHA512
77722e810c9279e86bb998017c666eadeced9d73d8455e5f21f0f1d062b260ff926ea2ea0f894ddcafdd29e8a31c0d10908da338ac27992233f800aa3ad1f890

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00030LightWallpaper.jpg

Filesize
7KB

MD5
fe0ed07e199e266b702d4757f8e06421

SHA1
fc7e31ee95c99c31f94feb02f2c26c3c919f294f

SHA256
f525a31f00eb4838876bf1cedb04e786084dc358d65cfd8a65c8f346c41bd734

SHA512
f95177b3d62bd713b513d57fc0dd8880aab0da5cb72171b9fc45538abc731bdc60abbf7fa04a855ab63f9a2494d4d4d451e59c33c912c6e037b554b60424b6b0

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00031LightWallpaper.jpg

Filesize
14KB

MD5
0159191d2394c5ce936752f4c749668b

SHA1
a080e2a32785fb2ed639a95a04b68aeb338112c0

SHA256
6eb69ba59e9afd7e8126d02dda6fe60f8893b4040f4041fa55a80ec15fbf1cd2

SHA512
8d48d1389010b9eb4a65adac9aac0434d27a50cf52b5a2437e5dbd4a27851a73ea628a9db9b8d98496d987f7ed70d1da62f81c174c59a54c5f1a4e476882c6f9

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-4509294048970548485.tmp

Filesize
32KB

MD5
7bed7eddff689a98c7b70b73ced0a388

SHA1
abb746a2b9aa06d9e1b5bb24a3a458a80ec3ac08

SHA256
d1eedbd46245ef55b916be48960fc008a8d52cc7a9a5c3d27689b5dbb02e6772

SHA512
2a7e3e8f3d9d4bb1a64203578105d08c683ef34147c89c4872baf50b717d4cba7732442a9266d5f40b7c67f23831eaf76a6edf6ef96a07baa39420682e47cfc4

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
93f4e11d0566ddcbb712a2fe26f5179a

SHA1
46f079a7c56222e334e58e20aef85fa4723af21d

SHA256
e26836d753e4f72abbcd3e1cd69e4786450b991aa69a1c62b6d60764a4a1c0ca

SHA512
63f1768087fab2a3b543950f92b3cfc48b917906523c0aac782d284c84b5855266cab4157b57d19b75f20890adbf1161c2ff8fafcbf8ce3f88c8a2653c58536e

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
10742832e481e6d29938140caa81c427

SHA1
4d80119d2cc8180b7eb26dff546c55353f00bc6b

SHA256
9a641de87985a8146609cbd60648a947d85ceb98e218c05dd80c1ded2525fe66

SHA512
469e8c8db3b42b7a9123f7bf23da8c1e61caaa2cb581f54c781a5daff187941592170ffb36f19b680c9508a6f8360333eb2b1ab637b93967bc6e858976e38e71

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
a6febc94a82e43de3f08a2170695b189

SHA1
1d13da1b34e8edd83cc4c61ce51175c76638f62f

SHA256
e76ae90bcfa23c16e1c6f250459bd31a127d0da18e4905b04d6e8ac6d425d139

SHA512
777b68f1797d81ea3b0c807fb65e0e99c664e32e5b9cc18e90480d76d66a15950be12d5692bb455be3389273497d3c81fe6024b5b05abe60b036711cbc1bd841

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
c3e0ecff5a13b0c5196946f8742f1697

SHA1
22b10648a18403659e485615310189efafa9f918

SHA256
43adaaba4d4168e222f4e4e3642570afdfe2a6d2b36a9e41b90e374eae67bbdb

SHA512
31b7cc9ca663ee58972b3d7dcbf0645fecb030aa92bc173d680658b6efb1a33d126546f9318b982c3b5b1e5d91a5d288c19a1eafc712fbfcf785afb583c00a75

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
92KB

MD5
a893680cfdc040b536e4ca46b40afb6e

SHA1
7f50ec291bc605bb872bf09e3c577cebd51a746b

SHA256
6b7465ed5cf3159e4b30be44864ed75ba964c2e5fba0289b1d44276e59870819

SHA512
4b8f6316c359275381524a00cf4e3a72b8b11474c0a326642c99d58815e5b9a8aa47e75567b1d0a9fb5d5c704573339c66c62cc075775190bc771d470ad3b8d2

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
a9c5ae04d2dfc0754b749216f5b7ca2e

SHA1
3c92005def49538a0fb5b727bffc888e1c033171

SHA256
83a83497c3a521694dea4802fa3766209f6f4829c399b3a8ea4f6784ec3f22a6

SHA512
3b3fa3fad69c4589cdb00db8c7035f0ab57570c8bc9939c8ed8648f340dda599486c51ea30ac5247fa79313dfc20a1b94baef7003e9df19abf654ae2c1528e1b

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
e867928a859373a9d7f4e1c97bd68cd7

SHA1
f6804a24227995a8ce1ff99bd597640cd20c991a

SHA256
6d79eece502837d68d110ad78f64f589840dc7954609f925c2fff6f6b93128b6

SHA512
4723d1c27a38188853b19a43d19efc4d394712e5666bc1c6b86ce836eca3f25da805a891fe4047e2b4781718424a87aa9aee80c4a33c396eef6d9a49cc7b9659

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
88KB

MD5
264f3201f3ff9cf868a6a3615ca7ab3b

SHA1
7e0bdb7fb87bbc19919a01c849e0e7eb2934b121

SHA256
b3966331675b4c8e2c582061f7a7155f326039901e60ee5fb3d6ed8982a048bc

SHA512
3c53ae071f8d6d2fc958dc4afd17aa5a2559bda12b7be9b611db1df2d2fd871b6a56b6a586cc8db3719e6aa3648bac8d050205a36beeb597401632dedc99d438

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
1f1fcceaceed7a4c764c6a094eb65b79

SHA1
df608a31d9beeec75795c4eb073b84694f447570

SHA256
484b1960f35c847ddf1a7ac7a3bfd2262a17196f1a1ec6c514ca3278c0b7f6d4

SHA512
afff5d44da0f704e6ea6fd9035b55e6aa3543910372d4c90a05d05fdf931e61ffc04fa60171327000125f01db4c4aecc4036c52a157455b076dd8f63f1cba910

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
3f3297b769d2733a298f128a03e556ad

SHA1
1095f7cc961f6b14a5e03b25f27f9091bb009e39

SHA256
9f7e601a3bb1b09a898f3feb8f7a3be125091a4777b898cb0e467299af135121

SHA512
8cc992fc4251b9df40a50ec4307172e31a3a5c5d77631478c1631a3e5e2503431ba629c293850a906743d03f9f661f4357ae80d1c6c6af837510f953d923b8de

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
169KB

MD5
228842f0bfd87d1569e4874d535e9dbd

SHA1
149414470887aa074344b387acaf814db141a9d2

SHA256
32c6644ddc5a7b7bc4e2b11101b2c1f718e58c02d163ef85a3981c09278f5ddf

SHA512
5c76113ec4a70debcd7a26476f6581dcb636d3d82b1d80cb6ee4aaa566241f6a2b6acc05b8721e06004af8d1daae6c7aa1a2015de347da8638a2d8c9daab7b93

Download Submit
/data/data/com.gbwhatsapp/files/.trash/d6898ff8-9cf2-45d7-be5c-65c5b5055dd6/25be5fe5-3d94-437b-99dc-dc58bf4a61d8

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.gbwhatsapp/files/.trash/d6898ff8-9cf2-45d7-be5c-65c5b5055dd6/ff30bc33-47b8-49af-a5dd-2a8f06a61c7f

Filesize
526B

MD5
2c0f856d7250fb18c8dfe900ec9bd5d4

SHA1
10c62e9db2bdffd3d76829987e50d0efa5e0a72b

SHA256
62802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6

SHA512
ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
2.7MB

MD5
8fe3b70da4e84c521fd12c6d01cd72ca

SHA1
715220dcc8c42bd67fcf53bb734c61bdf4964d6e

SHA256
fff48f69b1746eb84c9736217704856666e48b45cb96755716f3f284ba2a7524

SHA512
02fd83f1783fc6ee4c7ea8e7ea3df6168c28bbadb0c00d3ff3ff044221302f34349e09340b5b59088814b5d4c27f718fb59ebeb8d2211b8e017b203ff0effba7

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
aaf6623c2035ce6b9432b310e0336029

SHA1
42f87deeaabede37e40573c0b90901123a097cf1

SHA256
deadf25f35b9afaf08706a1a2ab141530231a38627812fab404abb5df1e8f657

SHA512
5b75b1602d9722d12ea13b1dc87809a64789a8c05a52ca62efe3d34669c7d63cfefa0deafea41bcda36b324876af9a6ce016e361f88c5c650f3ea072405b3272

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads