1a5aac2a6c5a1e625821a2260675248596839806758d253156fb1c1da56ae8b9

Analysis

max time kernel
47s
max time network
135s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 02:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1a5aac2a6c5a1e625821a2260675248596839806758d253156fb1c1da56ae8b9.apk
Size

76.2MB
MD5

67fff717824a15937e777dc2a98472df
SHA1

7efc96bae35f14883c353224d204e9a73841aa9e
SHA256

1a5aac2a6c5a1e625821a2260675248596839806758d253156fb1c1da56ae8b9
SHA512

bac2cd756d685be35defe236da6876135c1c2e3646447f86b46f0dafeacf2d047f7c1184b2691cc72af60f33c8682d329aa63857711e75eff126049fd34132cd
SSDEEP

1572864:16qJzShywPkPnZS+/eignjMg4DmlxI0MmDS1c4sLPwpJnraBK:11mhy5nZVYj/4uu0rDSOECK

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.fmwhatsapp

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.fmwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.fmwhatsapp

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.fmwhatsapp

com.fmwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4289

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fmwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
a657fd747cda47e78061557fe2484261

SHA1
1f147eaf0e0fd8573f3791fe67b65119d9821d20

SHA256
76af555a6954e719c15204620e64b3a05e6b43e8e690a6a9f2dacece1e3b4c00

SHA512
e11f11e71c5948946606f466b74f05340e206af2aa31ee1cfb0af506120d7d8ea8e7f56412d3e18e3e3f1063f7891adf9ca1e5efc19ac27c53e01c257f6eecfa

Download Submit
/data/data/com.fmwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
1e992b0f7b7ed2c645e3d4dc99eede46

SHA1
42d27272614b536da60d106e496bf77a0d72d9fb

SHA256
e28e8a59675d708b48b5c3f909ae7c83e202af6238ba162ffda5a4ac2784d42d

SHA512
a352babb350ab3c173e59365dc1d433412504e00ae9667d99b9006cac60fd80b41efff990a3fc42ed902c7d56a38c2e92c0919186a69b13baa2d0c41522f09bc

Download Submit
/data/data/com.fmwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00005LightWallpaper.jpg

Filesize
14KB

MD5
67a24e0182cfb894751dbdad282a9cef

SHA1
a994c4394567adb2f07ef1911b617f53e6085011

SHA256
961b60b4c9317db08451e45abe2dcb7049f4b2fde64d15fb12ee0a41abc4912e

SHA512
a5175f11cab3dadb242192a62d4a4c71ddc2b620f35001c702b595315e6f551009217ed88e635bb5e01cd702bd06c22212f9544bc02671fc0b55fb49d70500eb

Download Submit
/data/data/com.fmwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00014LightWallpaper.jpg

Filesize
8KB

MD5
be91451eb7ea780d03757a78c8c89bc1

SHA1
d5c7083b6a6a3a0ab9c6692c6674e5f3206e2c18

SHA256
10909cefc045a09a738fd3ac774050600234961e19ff22423954f9781d2015bc

SHA512
511781a40a997020056c2d68ca85ca10674fba63be56760b9c8f9a9a0688049291f567738e8504a2487ffd8323c3763d4b86d18683a084202ffb5b56e3f1d009

Download Submit
/data/data/com.fmwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
7KB

MD5
c51bdf48218a48e4983e1a8f6bdaf91d

SHA1
f79dedf64b7a4e41e47ff8f5cf5d13d60112d10d

SHA256
694b4bf5af43e17b1aac17f04323214e7b8dbd0b2fad22a65225ab9e87305dac

SHA512
ef24af8975b288b770a711dcf703b192fba0f844da73298bfadcb75ecb425dd125ed73ce78db839a5ba2bcbf8df23cc434d2f8b0e1465b13ecdbdc02497831a2

Download Submit
/data/data/com.fmwhatsapp/cache/downloading-6582035448956515401.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
099992fad4d781b5a13447085f65536f

SHA1
42cb2955805e53b4ac0bc8629e65b5a3123ad8a0

SHA256
2305953609578798345ab7d53b66542b28ca567a59e0335a67de2b68daf46f73

SHA512
25faf7a9a063443cd4e41f5ac60b6914a7026c8c5843b28d40d8ef0f1ecb0a8e653526ed85c2516ab66a9ace902fc0786cd82d2f2b1d277692d37ae1b983e32e

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
14d4d19c9154794db7ecf8e350751811

SHA1
5b834361fbc8ca57c3017915691f7e275b5bd030

SHA256
d11ff69f2fa875c7fd46d39f47b42e72dc2d4f8c6041949348ae4f9c04e9f953

SHA512
ebbb346af14d57db02bd18c0875a07d64d1a9f487e6db3403d9b33a46fa8b79eb0a7e2bc3772f9cbbbcf53a34b1cd69f50e8a61503cb1ac3064322d30832ee9f

Download Submit
/data/data/com.fmwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
ca3335d1b8f9c51c9488e88ee6576f57

SHA1
8ce1b1e8c0191aab6bfcc942a7a274a5f9045a44

SHA256
d9226295265a4311161ce97cec82c7e8e0cf47ec41a3951a5f92a355563fcbf6

SHA512
8b6c8b51a7af249ffbae054c5b157e45d445d10db13e05a93501cb9af9356a8e3aba37e73dc1a69487767ca99ad6a1dcbbc778e4d1bf019594c62814d9b6df54

Download Submit
/data/data/com.fmwhatsapp/databases/EHS.DB-wal

Filesize
36KB

MD5
01bc7b753d8ed37e39acd1cc7d9a87ce

SHA1
a155a261e93d38f76adc25712216a32239ed1306

SHA256
6ead21f88cfc900ed40fc5831807af92b86ea304cb4d0246afc55802c8d06bfe

SHA512
338ab48b9e4718fdcc58db12c6679566746741e5774c6e610bc138976d64dc4ab530bd98dafc13b1a491f91eab435be5788de603f19280dc8a623555603097e5

Download Submit
/data/data/com.fmwhatsapp/databases/_jobqueue-FMWhatsAppJobManager-journal

Filesize
512B

MD5
42e21c03b03f1e68ed6ec66522053a17

SHA1
10b92988c1795400a31a9009cc16beab063994f1

SHA256
4c0e1ec14bd565fb81635673e30cee9205c7fda661cf5658aff432b257f8a8f6

SHA512
4d3c4bdcd8aa0efd38d4bf0ddc5bba7023ac253c2edbbb57db622219fe431d0b8065bcb5ce5258e0df1b4efcafe063da26ce089eb769f9b5e7f7b5bbfd521d79

Download Submit
/data/data/com.fmwhatsapp/databases/_jobqueue-FMWhatsAppJobManager-wal

Filesize
28KB

MD5
dc378e78ed66adc4e6f3d83ce5c0f778

SHA1
b89e7da75f972c153a949f9344148c6e0aef9cee

SHA256
8baadf9f70c5b4dfdcb813a542bb4deaa7fc233820fb5554dd8e698202d8f7f7

SHA512
cc517b17afa95c7e67a1a569ae1997496b517584cc5fc2f6ef14d2aa115d7063afba336c437de70e27a56e909748f4c06219e1c047fae865c67b0364b0fb74a5

Download Submit
/data/data/com.fmwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
ea1585a9fdd7d59fd2cc3d5257f1e174

SHA1
276fa682498036c92edf364a42f092f097fc7328

SHA256
7820315c02a9a4ed32f8c7f2db0e37a8b15b610c6fe485e3144c4914cf6cacbd

SHA512
1067617ed8cb550b8ef0ad6bd79ae49785b1841da8d28167ca329a6f80bf13f3ecbfec089d96cbbcabd0c5c39f9ab6139fafa453f41a3d58ee6787716647e5ba

Download Submit
/data/data/com.fmwhatsapp/databases/axolotl.db-wal

Filesize
164KB

MD5
853381cfad6931b8d1f51ef078be32e2

SHA1
2ea4616d696d8f64ac9f9ff3fc61ab38d8d12ea8

SHA256
a215ed36475ef511b7e0a1e2687a8c094890587b096ccfff86eebcdd30809dc5

SHA512
ff42683117690dae580c2b95e86983e4a43ded16c2935da4fc736735d7bc9cdc88343dcd5c747047f5f36fa9ffcf91b0f69237791cb2c90b348fb0e953bb7002

Download Submit
/data/data/com.fmwhatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
7e832ebe1113ffe154a6c296e57f3a80

SHA1
59a0343950022d3f4c6e74efaaedcdcfbc2c57b1

SHA256
eef04b7fc57e2a3673876b7713e0ede480c530ca976d1b3acd68e73e96cca2d2

SHA512
0baa3d5c2abff089c115972befedf030abf6e4fd60d4f7cc919544b4de3387b07ac95d7b9523130d6e3605f99ec7dbaf8a867013a151c5f400ac1b73ee957568

Download Submit
/data/data/com.fmwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
916fc1bbc8b51b57cdf11bcda8c5e6fb

SHA1
bdb70bb6a6b1b2244fd694b5778c83dace121213

SHA256
e6ee08cb3a50da8c2b7b904de5c066831d8545350ce2eac28965da160f9dece8

SHA512
efc2a817eadf8994cd1be7699ad5485c9105de51aecc26480516d3793f40252cc3e53f0cc5c135a9f019083f56ae10ed726f5006ed52179304b5d519457600e4

Download Submit
/data/data/com.fmwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
ff0d18e56ec0fc2498426236cb2d3300

SHA1
5ad30a4d4f49547f8f3d9dc18b3572ffed2a5215

SHA256
a21d8fec0079d40845b5093870212eb680b4a6b7fed642900c7f946b5561972d

SHA512
41d1875e8a164014d47f587df29b97a3e740e955807ea331e364306081b9924af375465262998adb57ba3c404a6b67689e8e429513307f6d5834d98296f1edf0

Download Submit
/data/data/com.fmwhatsapp/databases/stickers.db-wal

Filesize
92KB

MD5
02245c7aee15b976c56d3006fc4cecef

SHA1
8c9f4c9b85a1ed6696a8da871c59240a5c098304

SHA256
19c8cec1b11c2c93f15dc09d7c93c0b9bc6bcf4a712906c96539f374e6f5e4ad

SHA512
9c9055c66bcc9cc6e407841ef9a2388ec31805acfbfd899f61db6afc253435eeb01583a3fb3242180ce3bf1c3f3616378de644107a972d502bea3a97ac71ad39

Download Submit
/data/data/com.fmwhatsapp/databases/sync.db-journal

Filesize
512B

MD5
d954adfd8a1294b96c17c67693333c8e

SHA1
f568f817c2a5e815d9b8bd0019fa71f8cc0af72b

SHA256
2fccb03ff351c08293e82f42159cefe55fa3bdb0d994ff5b57ef47529fe0e408

SHA512
cb44522ae1c24711dd5665b978cc1b2775ac3ff7a9b0b37523f7bc84b4eb8090be087e517f5c71bb91c68be47ecdec48fe81d006961e57aa0d57d4faf21f3ebd

Download Submit
/data/data/com.fmwhatsapp/databases/sync.db-wal

Filesize
16KB

MD5
648c4bd0916592bafe380594e17fb4eb

SHA1
b4059432c6c394d8199d9b68408e844985634cf7

SHA256
a8dc39fb0dd4fe8ce313e76fe74dcf3ffb62588eec13df2cd7b8508172391608

SHA512
56fd0256ef8dc0edfe3c7f35be18e8ec2de430c9ece4ad3f6a3988e856efb21debc053f384c9b09aa82cc5b1e2ac0dfad47fe774b1f3c44ba546ede7f969ddef

Download Submit
/data/data/com.fmwhatsapp/databases/sync.db-wal

Filesize
116KB

MD5
aa4944157a23237c1c1bf1e8e177c493

SHA1
e8e7be3305e164ed08f091a4161193ceb185e14f

SHA256
46b0e3362df28b921dd70348c8404d85546b956cdf87c73108cf5224388164ef

SHA512
69ec174127296a0b4397e4a4554863018bf92afe92965026c6f7d72c3bb9b7aad437cc638bba3c6e26225269f6b430b7d98fab97a071da4103ebca9cd8e7ed9c

Download Submit
/data/data/com.fmwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
ca384ae742e4a322124d0790e071ac7f

SHA1
b86687e242673a3a1a79e4df2d656fa710579112

SHA256
936ba281cd2f77010ad342e6b5fa86c982e34e3403c346a10f394fa846814403

SHA512
ef8436d131857565b024b4b107e9d7a2ebaa8142902dcf59ef86de225a7d65c71fb4f6498390097403d1cd0aee65843c02fffbdfc9e0ff1aa7976ba5a16207ef

Download Submit
/data/data/com.fmwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
84f614a78cc0ba36e7b7884306b6be19

SHA1
a07c4e9ae00c53fe219266bc7cd5307b7f017f7d

SHA256
6416162aaaa2b34a359789dbe91051dd6f69a5631f9ef667ab275a1d879bd864

SHA512
4ffe34908843adadc4bdb751318adf321ae5fa87c2f70fad24ad3c86847aeed7079f3dffd93ed5e746854f496d75e196a30630e7b741ed4651cb84c0f37592c2

Download Submit
/data/data/com.fmwhatsapp/files/.trash/f384b4bc-dec9-4fe0-9bd8-00e63bde4be9/6506b65a-c177-4801-9f11-199b0f8dddb8

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/data/com.fmwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.fmwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
1.7MB

MD5
a7650b0ffc0e9d080101dff7d5a7f245

SHA1
14f8c5c73b5e530218467a25a77588d5b95e4e81

SHA256
17c0e0224367891e88485948007aea86ddad4b21df476ed9d099f313af16db3e

SHA512
3d96f4fb1c3eb454b75907460a34727d6500657cf41a90eaae3c9b66e9a258dfcc4d5fb32fe3bc8dea960bdad333883fec2d0d989bfe6b998a993ca1781356d1

Download Submit
/data/data/com.fmwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
77a36e9eadc3e8bd5ffb27ae1fe4e169

SHA1
d7b897a919cc3aa7b548b76bce4194c5b5ae8ff1

SHA256
51af271dc8c2c8ed40a5f3f4606689e16d2b5603b6d185fbb72485ce530b252c

SHA512
2f4236df8d23b32835e9fd96f1ba8896433e3aa2dcfe4b9aaefa6233d3d920cdb51c8fded5b0fef3357d49e13dd2b87fc1de34db63aceb517c23d63dfe49edc8

Download Submit
/data/data/com.fmwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
185KB

MD5
8bc288573fb3948a3be948e131dc99bc

SHA1
d06973471977137cb49bf06ea8652e9fb158452e

SHA256
53606d95334355c576e380373e438b85ba13b8b11bf87cdb2e273aa480ad8ac8

SHA512
22ce79397f1e403a93054139f6f51898150a0b78829041615f26c08dcff450409253d538dfac8b9e4bd11c55b6f423757be8c4935252cd563580a7788747e7b1

Download Submit
/data/data/com.fmwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
a5dcb96ad9d15ade453a8f4cbcee0a5c

SHA1
532dfed8beb933db462abd01ee8fc34da2e1455e

SHA256
a0956acf028c149bcd9aad72d1774aaeb2a455d79fedb55062b7d5aac1a7dc9c

SHA512
aa3e70b9d7cc63e2c5c7fa34a12f471d38601c717407db5ac695852cd638f9e7a0b7cbbb65bb17ce199ffae5f98a2e8fbe4a8f94e03343cbdd77f544d9df7d76

Download Submit