3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
55s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 02:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4285

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
0333a2e4e935803c64d3cc4467fae0c3

SHA1
d193508a6dc9b55df894f974ab28f6a298e01365

SHA256
7b55899243db28468539cf96658d783bd7923c23c1f67c55600c56a200a6a323

SHA512
7a23fc4b18bff6f66d54b415eb303c4de6eddf58b05e5568e04bd2d0dee581907ef999b327c66db7eea2414116b80560cd1ad55d96c94fea8e70512e1a705ac8

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00004LightWallpaper.jpg

Filesize
18KB

MD5
3b42c4d2ec86906a21443a33167617cb

SHA1
ca6add9834290605034fadfb33c51d41f55e4847

SHA256
f56b072e6ad0fcce9bfc1672813e26c61633173b855a77d1be7306e85adeb1bb

SHA512
2d6b7ce88b2c419bb4f6822e69fa42189698b8934acdad5d7e2ab9ca5e32045af01d1804fb4a38410caabcad8b078365a06a79ece0724785b018a6fdf8127fcd

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00005LightWallpaper.jpg

Filesize
4KB

MD5
3e7b95316651aed73a1dc44b83bc4be5

SHA1
6a152df8ef590018d541579497a5a29bba5ac084

SHA256
1493ba7478e984701e91d9915c42146a49808dd9d4a83821261ef23c7ed3511e

SHA512
17764f489712d241d333cdc56050ea2853c330a8be641630d1906a299b886951231881177c84018a313be28cd2697b04a9aaf56b3fb3e361392fca06eedd0e91

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
9KB

MD5
fb9b168a5224ad8ac79d0ac2a05da6da

SHA1
82852b2e992306121e31a81144cda8a1ac2f8e27

SHA256
8507e48d67270c95797a4d6fa9f244f773629e8e37477c3c72d0135d4410adb3

SHA512
b1fb8ee860f80516e025028f1f14209e380660c013dd9529abc1c728ee8b0b0c7c0a94db1c295bf42d676f8adc3b78a724454e403eb9d78014ec50465d449f54

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00030LightWallpaper.jpg

Filesize
10KB

MD5
fe9eed98b0076cc9fb8f080116d14e81

SHA1
3957eda78e3c0dfe93dbebe859b2aa2a077619ca

SHA256
0ed5e42401d36f6360bd806bfc6eafb44961304f7524e0e75385c1a7d8f811dc

SHA512
a9bda9ae680d1f57169c08d21934ca082f50d863fb7adb12ee7d6d5268ff883c8bd51205fef33ee8ca9cd09254ff0c272d901b0da0157af437173c1c76e57990

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-4360654468675041727.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
b17e12abac74e223f102b3a7f4939348

SHA1
8bacf28f478dcf3c2cb638d53dfaac5dafdb5978

SHA256
95fe80b073bacad4242d0bc8c688874973a6cc14b05a6a0f63d223a9f9f64f15

SHA512
a62edb97802832b31cc7218c0bcddb46af5e999fd64e2aafc45dd3a95b15b8a7bfccf903fcdfed5123e91014933b3aaf2515b8f565fd5fec8df578a0991c9fca

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
d8f1e5305a6f5687e283c54f6bb1f08b

SHA1
afdb4aea48686759b4f1e3710a89f836045f2797

SHA256
32c8dda0bd6d2ad7849ea29b2ae9e6379eb07a0b11a7616930100406c4fe5d6d

SHA512
ab881b0fff44592b57159c8d9c6959f3eccbf58d336557336e89b7f1403c0969cc47a6ef948f3a9a025c9812d296091b71d759042d02fea3fd8e3dbc0680516f

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
876b8759743abeefa37745ac9fb2a1ca

SHA1
a616878518af499e1324dbcd268c1e54411db2f2

SHA256
e9cb4d3c3e25771b4f03105dc65672fbf8623f17bdd7ffb90c1554f86a2cffc2

SHA512
1a7185ec26fa5d27c7632a33434f29391ccb1aceb88489e10310bdc5146be9a94ca89aa739b74df229eeb4a4cbaf3787dc3aae32eef7df62645e025fc7503d74

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
40ee6bca4c4f89877c058145407d60c2

SHA1
7851017f87c6d6d0866a2f4561dba6d913af2a8c

SHA256
a43721f15cd9692375654115e7ebf11824749c7cfaa77907c75b26665642e152

SHA512
35aaf8a1fed4225341f93fae2f9210ee539b74a11df36058442b70b71edc8e4c1ac4ea02cd9f9f537cb30f93464337629dc3a3cea8bb516dd147b90858f0d3a3

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
156KB

MD5
5582232bd9abe2c8d92d12ad6fa45b1c

SHA1
4bd5ef533e569717207dd03ff9b1290a26ef71f9

SHA256
6b6efaf6ec8a1467415890aa9934de99270224f7e6af775b538a4666e4d44531

SHA512
ebca8f1ce8770a2782137698b3b047c3e4f3b028ce1568ddcd363bd689ba2aa3f5163231d2da85493f4b4d57fdd6a995e09d04dd92a344d81c6fcbc279ecb525

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
615KB

MD5
e1c5787f90358b84660b106b7dc1671c

SHA1
647627b4066043297ae2fa0ae21827a836faa27d

SHA256
34ff370bce249c971638b66c1dfa7198cfcb2ea6273e7a948b3c027b9d44aee3

SHA512
bf4ffe8d6b82250e8675997f0e4fbbb53f6906d550e0a07577b5c7caa9ab749e0903b500decd677362f1caaf3becf8a3cd45014d66c73a9d47f4a845c8a5369d

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
e2ba2ea893fc02f1f315877ad011342c

SHA1
168e5006f053918077bc7fe7950b4f4e74d2eb36

SHA256
5662a10de369eb6ddbe71e359e18257570342da35fc783f24ad4662e6a078ee4

SHA512
d49cee12208467bce24d62accb61968fd74ea613ec334f037e6ee61e07ec96967ec4114b3a6e1e5b9ada983110b88b36377e046c8c300accce52a7433e2c9ed1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads