9bd71f1b80667e3c5f69ead1b6c675c37f3f06d82c95f60e0b178e0c05511485

Analysis

max time kernel
51s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13/02/2024, 03:30

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9bd71f1b80667e3c5f69ead1b6c675c37f3f06d82c95f60e0b178e0c05511485.apk
Size

81.3MB
MD5

46a418c662058baf6e7ac9fec58d2f63
SHA1

a7ebe70e8dfbf0c99244f26e48a019b68d3167ca
SHA256

9bd71f1b80667e3c5f69ead1b6c675c37f3f06d82c95f60e0b178e0c05511485
SHA512

9ae6110768a19ae19220efef665acd99096ddcd586709f65616f89639b97b9dedfac322db5267c2bee09d3f2f5f0276365528846f9fd6e6f1190bcd97838a304
SSDEEP

1572864:M8g6VR1HceM9rgIuRzPwpJnW1c4sgpavonzoBfDMVO:M2VR18enIWrEW+a9O

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp3

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp3

com.gbwhatsapp3
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/dark/00013DarkWallpaper.jpg

Filesize
6KB

MD5
61ba8a773f3212786553d7a203372022

SHA1
c497c183838674b3ceba857e00a2b81324db898e

SHA256
671727713db9b196bd1ef3066f570c0d4150c29abce448b71343a4c345397820

SHA512
3feb62a5a1538ab147e1a41385304287cef5cb3c62079893147dfd964ab0b4f005b5474a45f46c756d976d525b24ef9095e23f662f62b69cf5519dfa9a4f3c51

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/light/00002LightWallpaper.jpg

Filesize
10KB

MD5
676d050f5082a83d37ea086300b02779

SHA1
8f17f1d79ad47ca722a7d60c8e96c2bea0af590f

SHA256
39fb86c3c500835c134d3638e2473b66aa1e132665f700b84c0140829678fedc

SHA512
8b3aed029a22e22e63e8982def6133fc2f47649cb23b5605a55cba129b030bde7967dd21cb236efc1e5346826ec266b4ecd76b0a4b3af28d999e46805d52c70f

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/light/00007LightWallpaper.jpg

Filesize
19KB

MD5
3e645a27b5bc6c7c75ff0bb5a309acf8

SHA1
31fd984e28ab2c28939c90babd285d99a796ceaa

SHA256
d6eb7b8dde0e44eff01d19189adbc3766a06cfe1d9d2c374d58fc7e63c7d44a2

SHA512
7d1557c4028adecff797d463c9dbfff7814fac5697601d83e53690579e002f86d7ce927bfb0d07c3236100618708c129bf19999deaf2f22e8aa785e58180f7b5

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/light/00018LightWallpaper.jpg

Filesize
23KB

MD5
7f773558b21a74428c49154da6ed4799

SHA1
826e2c852398c1b96b4695fbcb35a3a83c824e02

SHA256
c84966910534b33b335303a7550f38db9825fd5eae9253998319308fd01a1963

SHA512
e0fe7fd942b178c14e79c3b0edef5c67d57e584b9391e26731afabd44609b4db6eb5f0644aca20622094b56c18e9a4d15def5da0e8fd94ab5d0c949f952ec01f

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/light/00027LightWallpaper.jpg

Filesize
2KB

MD5
2b95b7b5841f96a1fb717fb1ea6fad74

SHA1
7692304b8011e1861609146c05d839a6974758d9

SHA256
8410c287f91e27782204e0327223138642c6863565a64f9837ff940253b5b14f

SHA512
9f175d733ef9b71340b3764806319a3c0028cb525cb682bf7e4f54ee609f4703921a505c2107b8308faccfc0a11070766ae678c6693f5cccb66ee679719c207b

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB-journal

Filesize
512B

MD5
bccab25e5adea575cc28fe1fcc3168e8

SHA1
eb113a7d2ada400ebc4dcd86dfa9c81f72498c7e

SHA256
a1fb1b55bf97d1b61e482922721cd712af0a7966cb313b7c8957efc94d32b4f7

SHA512
395c60c616bbd5bde5ab65b164684e542b567ab45c82cf9179eae913d7e817c1d6b404322cf8add97b8e026ab83713229290a773feb3f1133349d11c0ae3a03f

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB-wal

Filesize
32KB

MD5
043236fd81ea6159086b1b2adc7a5837

SHA1
558ad8814c0515205ee223a1af0ec593b8c262ee

SHA256
342c2429e546a5cf9166bf4b28a18873d78d6bede188ae6bc45bbadec1cd82f1

SHA512
f510abc4eced02e92d82730005d03a08c97e37c9b0af29b5a77fa34fe7ee351f502ca2d6add9f7a7394347dbd18bb5b1c9f9c024393b594cd031e4a404275873

Download Submit
/data/data/com.gbwhatsapp3/databases/EHS.DB-journal

Filesize
512B

MD5
6f3037ff7cb5b1c12c8adc1b6b5fb559

SHA1
75934131e85cd33f4dc417869ad709653abe7210

SHA256
f09273f440c8a45c8eb2a3e3b5c9c21dd093a6e665437625a339c14ca739920c

SHA512
396bc297d917c0cd52219af41068624eb5d1b2ae3229095979f0de5af178a6fcc4b5a84a8cf1d5b8f165a3845096502642a922aa99db43c8a01cc9d69f913560

Download Submit
/data/data/com.gbwhatsapp3/databases/EHS.DB-wal

Filesize
32KB

MD5
1d8664e00c3626a635d1384e3e3fbe90

SHA1
86ecbf7bbce38861c5067e9dcc925d3d03f55318

SHA256
18a9a3764e42d814418fe4914538a1d7b502efc2417b368c2e6a84efa5ad3c68

SHA512
b00b155dde11234a2f49d02c21f6aec20391c792f9942d959d738433b9ab92409f6c95dbb5326e3937ccf2559057409114df093ec291b133c1c89d94d4e9b468

Download Submit
/data/data/com.gbwhatsapp3/databases/wa.db-wal

Filesize
390KB

MD5
43b4556ab753434f08ea1de09448d832

SHA1
d805f80c5d0255146869f31b00df55f2d40f5c4f

SHA256
49da1240a0543429cac523de72bf503f1f522693b1ad12dbd3423807c52f3574

SHA512
46718ca5f918cbdebe0b2fcc590532c2e7a71df138950379252ad14839b763ec59771f4e9d124f38f2a77ded3cd0de968786853d53a4b235653763e95ac1b657

Download Submit
/data/data/com.gbwhatsapp3/files/Logs/whatsapp.log

Filesize
725B

MD5
5a616e1d49d94865a951021e83020767

SHA1
198b1954895808372cc3fe38f9773b18a807bd40

SHA256
d55ce181211a02bd45f636df377e64b94209540c12b82f158aa500364b864dfa

SHA512
bfd75a5e65a2ca83ad91f12bc3a0e107254f0b28b97bbf739b57d668a71abba0bbdb34b73a9620ca15badef748eaeafd8f71affffc39350015dd34aabbdbaeda

Download Submit
/data/data/com.gbwhatsapp3/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
bc6aebaeb34ef77d7a7d209391621260

SHA1
bc1aeba27c0308354ebd837572bfcb8273c4279c

SHA256
28a3fb52534046106b2af63796da450a7a1bcb6aecdd9eaf9f991b5abc07aec2

SHA512
52ae9fc1b3ec950f947e361c1b416fbf816ab471e3fc0641fcb1f6da8df9f29ab734a5e8fb203fe82be24b1e4a4f22043c3b2c31afce78cfc876bf2b0981db5e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads