3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
47s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 02:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4287

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
4dd0094b73c37589488cdcfee7c13e0d

SHA1
d609a7357ccf34ff0bf51e1f03c5650df453ccc1

SHA256
e0c0c3f90fe10d3d397fa2607dee153b36ee2ce5a4953dfb6d59211b241b3551

SHA512
d97c70e56d889573a20dfe37efb48c0dcda2ad45c04a36fb80718ae1109249a70ab4cc63bf9f9eaadb06af9b861ad90882aceb34b18f74e3150963ca270257d8

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
3670203898ec4da89ec2b9c752d7641f

SHA1
396c59991ffc730ff863133755c72ccc97641137

SHA256
2885d03118f16165820919205f9801390634a5fcae0704fa3cfd147e95fab21a

SHA512
0fadf9350a2c8fb92bede0c292739a0f18895def1f16929751ffd3cbe5e8c494da8e950c8302be0556128a008b96dd94b585c384ee10f8c1f00a1521e4d1c613

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
1KB

MD5
4ba6e61e82395d082522b0194fb1de9c

SHA1
84546115a9bbc54e7a4c800e08cb13b818ec3c02

SHA256
704496e97d97d14d96613d879945113fb81530594986006486502a6339a08798

SHA512
da85c57295e79f3fd0f10b516f3e8d75fe734c96d7722857070b777074b8b14e99e6abb7bd65175811a2a5f2dd64ef85bcc884761c9228abd2d535c71d8193ee

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00029LightWallpaper.jpg

Filesize
13KB

MD5
b00fef4c83cf8054d65b31db29983f8e

SHA1
4fb172171d225f18237f0c4738cd58ccb8102a7e

SHA256
25339cade910706549477ada10a6d878bbe6ee79e983234022a5c9398f5f2ce1

SHA512
c195a5104d167e0dde781e7f34a455abe7ded73ad39a041278ae7c25b2c1632311c6a3f476262a3e40a99c8c9d78eb4f5c5e16c400cbbb7148eaf3aedd75440f

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00031LightWallpaper.jpg

Filesize
7KB

MD5
f616315a0cfdff4659ebec745baf68d0

SHA1
8f2134f5ca5de8ba461f1d7ffda043f2fef648dd

SHA256
dca67dd0c616e0c8e7e8a496c1d9ce307c244a6cc5e2f42b30367dbe7cec057b

SHA512
264ac06daa5621595d39a00a166777d901efd72d12b93e250a07d0aea3731edd59d3df62f7025ca76f1727c7d507870510e6f8a3ec6e31558f546ae6e53c99a8

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00032LightWallpaper.jpg

Filesize
3KB

MD5
553f2a76a108d06a1db5c1e9940472b8

SHA1
9c24ba8e6bb3a540151705d7e6103613363bf764

SHA256
8e7e44afd67c7644c9087a103c77701937930342152dae8da5eb6fb1717e1828

SHA512
6c192b434ddcf9c6974f99f79b20d51ecde3aef41549d2798e510ce035ea4636bdbf6f89caa91a13c2707e1cfe658a87029c0f581ca12eb648e5cd37dd302517

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-3579326365049213634.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
6bd77b713ee35eb4a97c53b36bc14af7

SHA1
ad5c5b294177b9c26d12f3a4618f2e74c958c907

SHA256
569220548a0b0cf4bc6e86606867dae7e686318c43e588e897623ac6387e3892

SHA512
ff2021c3e68cc581c4408bec87625ce0bdb82c17a7c655961e0b4f3d76b426c14303d4181c11fda22629e3b2770afbd718f2a94a160db98f5c38c07aa0e2322c

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
84b4d07bb229012fe0a121d2d4d37b93

SHA1
24eb32cd07efc36c176889cb9d12f9a0f691a130

SHA256
bca5f62c51557b5e03cc31e00174d61db55d4420b0f424ba90a7907fb18a8462

SHA512
4a8e5612740e352a5b1cc3f3f8d9a0ab4bda81d4c2968590aee16f72e7f0246c9301d393d3b76b497540ce5c7b7fe9618e3f2b82231d9ddf985a3908441671ad

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
5cc8edd32e6d00f8c2437a889fd00c52

SHA1
fe85a865a5272b9e979c91ca5103b13f6272c0b0

SHA256
6682cb693ea69b9c82c35cf630b23fd0e37f689e57184f1c4fd7d441e967ca56

SHA512
4c39e938822113e5b8b558d2ec723e7360853bc4805d5842117e4fc1a3a188da55b9b486ae38945dbcd22caec1188f1a89191cc70e83fe3b90de87ac1382efcb

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
2347d25c8e67b82cbc17e3cdf19d8b24

SHA1
02a39684507605442822f7cd0929c0f21b723d20

SHA256
ced6ccb2e22445fe513c9890a7752929f11f3e756f192d2bf2abcc0c35bc0248

SHA512
b18b77e2aa7fc3b5d19834312b3edf6bc721fd70b7055796c5f5ad6320ac1b9d40cf70ed65ba0d129b0cbfa5bf645df898ee7d0f16753c2cd8833281ea11f2d5

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
cac4615963289c5efb4f600a58ace749

SHA1
efe3c8d8369f5742690b142b58e3432dcc2d8df0

SHA256
70f642e5603e8aaca954d42b5bf793c515c4015a62fb0b832e790c6de355a931

SHA512
5fada615a9244081dad52c201c3e3379cdf3a44bb50bbaf6b237b6328e4714988f3e7328d65e4bd4a0048ff872c9314abed54021a5277ffcbb969648a31f147e

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-shm

Filesize
12KB

MD5
4072783b8efb99a9e5817067d68f61c6

SHA1
7cb41fea50720b48be0c145e1473982b23e9ab77

SHA256
f3cc103136423a57975750907ebc1d367e2985ac6338976d4d5a439f50323f4a

SHA512
b9b362ac8b88c1eaae1fa87f8498050450d7aa6c7d07698c3aaf8a355b603b6d535e74b47f6da4b4798b04df58b3b6eb1dbc4782fa07756bce10933ed86017d3

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
16KB

MD5
3898a421ceaa906dc18ff693dd07b774

SHA1
929125095cb242cc3c29c692104ac439b71b73f2

SHA256
bc8d48321ee4fdc6a0ef6c23b97714cc83a9829edb1450317bbb77ef36c3347b

SHA512
44b63d38558178108690c5d812ad8fb1909379283b566a64d24ea62e7b1a1c81b06765659ed920167c45cc338edff6ae210f75f0634a8bf6f5c501d42d90dbcc

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
40df67aecf9f5bb5e0998708946c5b5b

SHA1
da41ea741350c0f2eb7f68f9c72eec001d6e91ec

SHA256
a8c106b107b13c29166f8ea09eecb03e2409364dc314f4b0c57be88f21d621f7

SHA512
4049705691fcc4ba716f6e10bd910de91f6c4b65cec6067d2e2043e190bfc7699ddc3904c202f43d2f84ddbb61d591dd9ba2ea52e44352c6506fa6a85ee0c929

Download Submit
/data/data/com.gbwhatsapp/files/.trash/26750463-a79c-4d1a-b632-1cd8ab3c0054/5e551def-78b8-4331-8799-4e48370c4dd4

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.gbwhatsapp/files/.trash/26750463-a79c-4d1a-b632-1cd8ab3c0054/a8aacf38-aa1a-4f0f-bf6a-957201848a68

Filesize
526B

MD5
2c0f856d7250fb18c8dfe900ec9bd5d4

SHA1
10c62e9db2bdffd3d76829987e50d0efa5e0a72b

SHA256
62802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6

SHA512
ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
3.5MB

MD5
9a35c07accb4e88a09d84b2526c48e1e

SHA1
59eb45179cff9fe784fe597004cbb50991418fcb

SHA256
459c628fc17e8a01da98273ada21de5f24637ac1de623c61f95c41105f334843

SHA512
4bbe4bca841cc764a04db28573c1eb1d4ed72b56c7aed077428c0dc90a332bd25aca541a957255b22d17febd130e2fdd500c77e2738f54a6890eab5c107ae89f

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
ef13aad2fdf8ca1e5b72f7ee21d296e0

SHA1
94862fae2cc8abc7e8e408dc8d641629d66c5833

SHA256
45fbb60842f7c8352783098ed6cc03b0fd5da18b4cb2b4e4936d01f63c67ef3c

SHA512
7bc7359b61a93c7abffb3d933d03f9dd54667e090d0932f9ad1927a9cb52810d511b254e5c7ec4e451839eb7585621a8c9ad97aa1cbb2f9a225558d8bf5e74ec

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
1550160ea57ae2ca9313ee4469a45747

SHA1
496e61975379340143460932975fa4635dceb908

SHA256
66e2bc925bb4c3583509441abc74d713c967fca980862e41ee6937c7576dcf55

SHA512
b6fa1484a9a1e0d333e0ff890d5034d69f7ba0ea388cab0f04b251e718e14c85b5bffc1447d55180b8be3d48eefa49c407ea2111d4d77c3aab7a17d832099107

Download Submit