1a5aac2a6c5a1e625821a2260675248596839806758d253156fb1c1da56ae8b9

Analysis

max time kernel
47s
max time network
166s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 02:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1a5aac2a6c5a1e625821a2260675248596839806758d253156fb1c1da56ae8b9.apk
Size

76.2MB
MD5

67fff717824a15937e777dc2a98472df
SHA1

7efc96bae35f14883c353224d204e9a73841aa9e
SHA256

1a5aac2a6c5a1e625821a2260675248596839806758d253156fb1c1da56ae8b9
SHA512

bac2cd756d685be35defe236da6876135c1c2e3646447f86b46f0dafeacf2d047f7c1184b2691cc72af60f33c8682d329aa63857711e75eff126049fd34132cd
SSDEEP

1572864:16qJzShywPkPnZS+/eignjMg4DmlxI0MmDS1c4sLPwpJnraBK:11mhy5nZVYj/4uu0rDSOECK

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.fmwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.fmwhatsapp

com.fmwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4279

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fmwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
5f45c5bffe84463cacb00e82409dcbc0

SHA1
9eb6df5d2f29612f883d7b5cb642f03f63b0bb95

SHA256
af877203870d3324f6e59ee34830da7984a159b636f809ffd06719d3fea561c9

SHA512
4d1ae9de61b02add2cccde24f871125ea7e4b72fa9b22e86acc4337f434de54b5c83becb05838e2f82ad06f9b8fc321d8e614ceb097369fad60cfe24689c24f0

Download Submit
/data/data/com.fmwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
a66d709ded8bd321d1505a4fa922e122

SHA1
d4ffeaaa954cdfea01cce72c6ccb98f4d28b673f

SHA256
a1e1f494cb2889f4b5bd17bd959628e0f94894d459d674e74600599020116692

SHA512
f198297b2ef14d397bfd802a9a9727f3496aa14634816f50c639a76edfbdb5c2378a15a99606f99558297e22d278bca50e5873b9e981e6e427684edb0223be17

Download Submit
/data/data/com.fmwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00004LightWallpaper.jpg

Filesize
6KB

MD5
599b2652c3cc442a3dc92ed5f43e0efa

SHA1
58a9c1cc89083946142a68ba3b25f3a5589df462

SHA256
7860f205a4a877f1241a62b17b5f749a5988b2856964e59e660ab1a60d1a4dcd

SHA512
15e4cd7a4abf76ca736dd4e718672fabf273d7f791f0aba1dfc9f789bd8fb250ca7f89d956690545933c0b157de90c598fefd1556e60f36f4aa124de5763c36b

Download Submit
/data/data/com.fmwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
2KB

MD5
531739cb649b1fdcc5ed5dcb0cadc485

SHA1
569cff1ead074612daac6f566093ba5db45d21d8

SHA256
5e412d34e495c655e36b9b6d56ff494a351cc438fb31947d54b14f1fd714c070

SHA512
7dbac549c04905e1e21022f8c5e50d82a14d3d009e1dcab558162e76bef7bda0368060e77f02a39b9c0d719ccbbb8b9d4fcda1714bfa62544ea1b319406862ba

Download Submit
/data/data/com.fmwhatsapp/cache/downloading-5402871772478604769.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
5d7597e0ec25ca08e0927b640d985a54

SHA1
636046ba4a1e22339e080b5a8e9b9cf2bc901247

SHA256
7b7cb6ef84322b5880bea6d57f9da4b13126ef55001744daacfc84fdb64fc7eb

SHA512
b105d12942942e8157e4a129d656f3c9571ea783480c718425baa511656d394027889d9f4b3410b318ed9e585a3350d17a962df1194b9e279d44aab2bd8796d3

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.fmwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
9dd9bac93eb80bf5ca83f73c76e8097b

SHA1
339b3cac3bbd0e7d0b961798d6cab79f98fd7884

SHA256
2da95fce562c950c2620e7500eb24c06cf7fd167847d16fa07b13146b343f483

SHA512
b49f314fb7e6a6d3b98b4a13e0e3356a72fd52162380ab4289992f6bebe26388341d8de360e4483b592a8f2731dbf86778aa016bcd1eaa3d44eebd231b851926

Download Submit
/data/data/com.fmwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
ae107f66a877a064fa5407d35d27d0bd

SHA1
15f8aac17dcd50a418120eca543dd73ddf067098

SHA256
810f1c56884f6cadb5485add87061632c11fc9bfa02e6f89ca32a2344e47bad9

SHA512
da6c36e24a6227b60e192da895058d658ea566e3e38d919efa8a744fd0d52ee52b73d4f4f0953b808b6c5e784a4d7fda3b22ccf8895b62ff1fa221b4c0586335

Download Submit
/data/data/com.fmwhatsapp/databases/EHS.DB-wal

Filesize
36KB

MD5
ba383e1eece628aecebc200481a956f9

SHA1
bbb70ef15ffc25238fb12f8744cc10e896222ecf

SHA256
ee3b3897fa7535f0fdeef61e4192a03f24027d3f428f67196b207744150035e4

SHA512
9de9c26cb204a6fe71899fb2471e055783691f8f0c4b717bfc4d0182085c38f3b2c2dbdeb06dc05dab979fa7c1447522927a62d2617ab6534b1ec9a5b79e4293

Download Submit
/data/data/com.fmwhatsapp/databases/_jobqueue-FMWhatsAppJobManager-journal

Filesize
512B

MD5
2a87c84549b22e64a2c1b3569f87faab

SHA1
e8c044cc063ee61494543bab75050bdf09fdc829

SHA256
a2735f6d9d8f5621be6434b55b05d26979e2872317f8c2a1495f489bbdbf5b30

SHA512
9f64667749ea5ed1585718b0be2ff8c13e78c24b196b20ccd9228a506a341d4fc16ba2e3f73b6de03e3fe37602627c943dfba832bc6c39dd24977fbfdc2c2b9c

Download Submit
/data/data/com.fmwhatsapp/databases/_jobqueue-FMWhatsAppJobManager-wal

Filesize
28KB

MD5
f7d983cdcfccb2ff3db89f127329300f

SHA1
42c8e5f094b638fd7661375ffae762d415b1bfdc

SHA256
d88495dc5ee984d4dd622ad5bc2cc686001a9cd625a130f44e0c9d26e9b9630f

SHA512
d429b5a191a429369842e18e927a40c46b166653854c05df0be52840f877add17ce0d4483e6355031a9cc985e8c04149cdcd2e0b91972bb40112a0713326f58e

Download Submit
/data/data/com.fmwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
b4993c319c421d6fafd9015576f86973

SHA1
3eebdcc054a068f5a0dc5d96cdb35d86a588ea57

SHA256
f40a2acea4321844b86b8cf7d34e1afd0359239f0b081e7f65d48829243af4a7

SHA512
afcdee6b05d0b2d2baa28fb5907aa38887b94ef4170fc24c7c4b2548e1a9042f4ce90efa3d62f92f887ef2606f61052cd762e83dd175b5638c5c9e8d0621e707

Download Submit
/data/data/com.fmwhatsapp/databases/axolotl.db-wal

Filesize
100KB

MD5
cf778a48b4834d557e5f5f9cfda3bb9b

SHA1
0dc13e2253e70daa3f54f62fdf84ee17e4e88ebb

SHA256
d5e1deae8d6261f8b8dcd0dca337561f4c55b7dd28d80773d66e5c4f822467f0

SHA512
c89fcfa88b6adc3e130e7e7bee309db22f11fda23d0bb87eef8c6d857af3ce03611ca054a4b8eddfb707ca82ac446c4e3da2e480ed463eaf0e84bbebea659247

Download Submit
/data/data/com.fmwhatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
28ac0b17c9f4c34304197c82a7d2905a

SHA1
e7da3e3d9e91d93f895a7e2936dadccf05708e2c

SHA256
4f3f13346c800a25ea92ce460bea07069db7092d599740bf78db00482e775ca2

SHA512
c3660b8382edeb2da1a902cae686cf6f04e405f9255eaacd77fb31057945d58c835e32ea274cb660540fdfcb9260ccfb711a42c0f9e2f8d97316e4eab4dca1af

Download Submit
/data/data/com.fmwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
f5f76b0effb792c380e82372c0d2aa68

SHA1
80ac8b996774ca9c26c735588c512c0d137f5086

SHA256
377edb2c263d6a5dfd507728e4e51006443ed7e88e0c3e3772e4421e986df519

SHA512
cbb32be1b6533c92f8e9cfc2ef3abb3d9314d934067dad498e23ebe910db57e4576ba71479aa3b90fa997bd289798c9f4104e676050c6c9668b10a23e8b43127

Download Submit
/data/data/com.fmwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
c36698c6acdccea252bb7427381d9f0f

SHA1
e340af3397d78a44a2abf47afa0f31072e45b838

SHA256
e37105e9626c7b1c6277e4f4c1d0794b12db9644caae717e308bac9e7af79b2a

SHA512
ad6ac7343d0d21a8942ce22309b1848d566979d50b853f76fc3fbb9079a6a85bfda8b8ec47a652f3271220e711bcc575b68a7ea7229baf974dbf1c80b35238a9

Download Submit
/data/data/com.fmwhatsapp/databases/sync.db-journal

Filesize
512B

MD5
b3d391a06dfdf7b74506fe4dc75ea9a9

SHA1
a20f14ca2066d029d1512b46d0c2f9283a53a1de

SHA256
dce166879e92ead53e8357fd5df6d65cc0294c9d437c03d3cd0dc3c038212e46

SHA512
0244932ce03f9a06564bed754f14154ea6b60a9858f696b59744451bf2778066981bc1c467ad21d4ed6fc4e9cc169cb54c912964ec0aed61eabfff27151a024a

Download Submit
/data/data/com.fmwhatsapp/databases/sync.db-wal

Filesize
16KB

MD5
e77468b37496e00b4643d163f4d56f49

SHA1
bcec7959a4e4c19732d080e6d339fb91bf1b763f

SHA256
a36ff542af0e382c0b3798dc10a3ccaa214d65a4d0015fa063e2595fd5b6962f

SHA512
638657cddf0caa1b9c405081c035f9edcea781720475ea43103c85bd23b2b3983297b141c92e366b961c9ad57815a4e1015a6df52135bea8476e672e9ae45e34

Download Submit
/data/data/com.fmwhatsapp/databases/sync.db-wal

Filesize
52KB

MD5
88d0e7b35890162354abf04e325bfb37

SHA1
a9f05454b0eda99fc8a2e5c88319227169ea9cd7

SHA256
57d02f16c9eacb94c6f3485115daa34bbec256e16243b088c5e20e4c579c3eee

SHA512
980039858d34d7c33d5c40b7d76c0358aaed5a1bc501de950972205c61e431ca1f3e7971a6bde87232fc5a340a30d3bc45f1620e594e683d866c279efc47e967

Download Submit
/data/data/com.fmwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
7cbbb20d47144813af753a3ee897777f

SHA1
857ba752dc6f36884a52a055aa4e0ad217e3466e

SHA256
a3d731ed7b1e1af73d411c0378d73af6a8470662571def8425b88950370f0f4f

SHA512
e791b0ff1f84327cddc8786fc35028c779a999a5c74e95e331ade90ced00213bf4c35c4b42d9ba7653c02a98fab48ecc8d4b54f50b66f28665c5462564691fbf

Download Submit
/data/data/com.fmwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
771a1f89dffd2503fdc9d06df71dae9b

SHA1
29dca57f52bb314bf3939996f1645bdc3dc634a0

SHA256
85566395a30d0ad1be48b4973db64b862bddee025149f80921a5d240e493fe34

SHA512
e7a083e7c3fb1ef1a00ce33c5695c4e8a429ac2841417a082fc337865b13c6f0854fc213cad1c579fd730175dd0eed780fa6290b529c61965ab06da6ee8789dd

Download Submit
/data/data/com.fmwhatsapp/files/.trash/47db40eb-5734-4440-8632-ea97bffbe409/74ac6a60-7d08-4281-ab9b-6de8bc628c41

Filesize
526B

MD5
2c0f856d7250fb18c8dfe900ec9bd5d4

SHA1
10c62e9db2bdffd3d76829987e50d0efa5e0a72b

SHA256
62802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6

SHA512
ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2

Download Submit
/data/data/com.fmwhatsapp/files/.trash/47db40eb-5734-4440-8632-ea97bffbe409/9f781dbb-f6f5-4f3c-9b3e-53654755088a

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.fmwhatsapp/files/Logs/whatsapp.log

Filesize
187B

MD5
1a9e94cd7dd32cbd8d00ec5c8d3f668e

SHA1
03bc559d639874fbfe6208dd6c950c61b41e2f71

SHA256
82df9a81b477d7c60602680fbbb7259080fc1a820506310439def17890be85ab

SHA512
95edc06973ba491ac43ab05c40a2d8f3c7e0008b87394eb21c09efccdcbab4e129388aab274b723a3263ca508b66db3ea6eabfccbfa54bb4da0bce0a9ab53c7d

Download Submit
/data/data/com.fmwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.fmwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
404KB

MD5
52557ff2a232a88cc7c4e94b68cd210c

SHA1
dc3145c5d7703d41457e03b9f46dcd4a6c37b7f2

SHA256
df7e81d48dca8018dd6a594486266bcc622d40ef0f89836eff217530d4d54b88

SHA512
c2951698a1fbdf83b599aa2a76fe9879dc1f9377c753993a9db3373bb39d3cbc250b34f258f3558474918c6aa063a971c45cb64243f944e993a90981432c92eb

Download Submit
/data/data/com.fmwhatsapp/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
ce240777ad953950f0af01d474356c0c

SHA1
cd7f354849a36198e3afcb663809a1ef62b163ff

SHA256
b9be3110f57142f936f0e20e01d260a8516071db243a2833b478cb94507a16b0

SHA512
610cb2e0d9a38b754771ac083869170020f9f76c1549b6b1c55b10657fe1f4accb39f2a722c29535e217c3792a9c681aee6b632d085110a2c491b96900f4a9e8

Download Submit
/data/data/com.fmwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
2c95c137e01f19977f046f94bdb1ba14

SHA1
ffa9460dcd1da617fda61fa6e5c74c5674ddc25a

SHA256
99b2335022fedd70b51018c69d4f996a4674e091cd69cd9541e25d56cd74cae0

SHA512
c2fbcfd96408b11fc0afece14e966634690830360391b924a04426cad0b5a216dfce13ccdf3a68084c034298d3d70544f1ede5602a4fc1242e600149d5c80d88

Download Submit
/data/data/com.fmwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
cb6645ee2ead3728527b88d65d3563d3

SHA1
4b21f641164094afdb17d0b01a01196e67b5cc1a

SHA256
7e8f70e8f475f4c328b26606c00f9c4ae318a4afc3cd724674c6c12ec0931877

SHA512
c6b955d6f3d54090463f8214de042a2724a2f084b04a5c90c725e1fbdeacbb386fcc693d28e80fc41f904ef1c85eeea6276d1af45d7ffdeef52c34d8806f7492

Download Submit
/data/data/com.fmwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
185KB

MD5
617d09fee9848b8599f9e75e12793f8c

SHA1
f5f605c6ca80c6d525e6197e88f207ff1c7e14c9

SHA256
5c5a8af555ae9b8b3c227b44b1a5abeb06e715e969108946a33a812a5321f33b

SHA512
b0a8d9fa662834f78d3c5464db2b020f59e5d2a7af5d773b012769842cf9ddb1ed1c2eef6747502a01bea67ced0f937401f5eb1eeb039a5f92f8bab8d3ef6525

Download Submit
/data/data/com.fmwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
3449e6c3f25a4c9c00677454bf1a3b87

SHA1
d9833a0efd5ffcacd8a53de509657fc534933735

SHA256
b7ea492417b148ae822508420d3fb3305a966105aeebb1921bc1d8923558a4e5

SHA512
3c90d9d39f793dec26bb38724e93129748aa1edb5bf0e42d0b41d8c656bdacb731cbf38eab8a5636755272c73c131d64412ac5a61376bd9209feb83618c231d9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads