9bd71f1b80667e3c5f69ead1b6c675c37f3f06d82c95f60e0b178e0c05511485

Analysis

max time kernel
53s
max time network
131s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13/02/2024, 03:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9bd71f1b80667e3c5f69ead1b6c675c37f3f06d82c95f60e0b178e0c05511485.apk
Size

81.3MB
MD5

46a418c662058baf6e7ac9fec58d2f63
SHA1

a7ebe70e8dfbf0c99244f26e48a019b68d3167ca
SHA256

9bd71f1b80667e3c5f69ead1b6c675c37f3f06d82c95f60e0b178e0c05511485
SHA512

9ae6110768a19ae19220efef665acd99096ddcd586709f65616f89639b97b9dedfac322db5267c2bee09d3f2f5f0276365528846f9fd6e6f1190bcd97838a304
SSDEEP

1572864:M8g6VR1HceM9rgIuRzPwpJnW1c4sgpavonzoBfDMVO:M2VR18enIWrEW+a9O

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp3

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp3

com.gbwhatsapp3
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4285

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp3/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
2099f680271d9f0b1fc0254f6fb91d39

SHA1
04e6589344295ebb5adcf2f929fe4b9623bfe32e

SHA256
e5bf1c2c0c7e7eb12edd63d817febe80972ff8144a70415b858deea45320cd54

SHA512
fe8404caf6d53b2dbab5f9ee47552548ef726b219c20d1e96588d3b87aaa06e155e440d63df6136ff622bd3566988da914c9a6e62eb5d39d5c8f313088b9e429

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/dark/00002DarkWallpaper.jpg

Filesize
3KB

MD5
965008f6fbf855293ae61ba2a9007212

SHA1
d985e8e9446044d9f23492869fbe95f806992102

SHA256
4a245140e41f263466a5c0573ae875b4058a6e0f9dcd77df3787e64569c4a778

SHA512
cadcacc0740779d0c215539c7fe0f0087d4b6fa50ba675b26733ad66cfc1656ef6d49a7b88f2c308ca2fd1b293930c14ed2339078b6ae143f3b44d8c4d8b9d35

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/light/00005LightWallpaper.jpg

Filesize
533B

MD5
3b3873100e8bc2c3c48e47c573313225

SHA1
8e7683163b00f72767b0cd5c4b8870e2deb8363b

SHA256
5a4c67d20613f036f6975d0575f19c080750aa26ef024d08bb134e2b6b46936a

SHA512
335a39a697c8a9967160555b3c07ef616d2f34536ffcd89e712238241129db3c4ddad2f67e2f489d3e86aab345b930810225e6313aa1e84674bd54241a9a2f2b

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
9KB

MD5
fb9b168a5224ad8ac79d0ac2a05da6da

SHA1
82852b2e992306121e31a81144cda8a1ac2f8e27

SHA256
8507e48d67270c95797a4d6fa9f244f773629e8e37477c3c72d0135d4410adb3

SHA512
b1fb8ee860f80516e025028f1f14209e380660c013dd9529abc1c728ee8b0b0c7c0a94db1c295bf42d676f8adc3b78a724454e403eb9d78014ec50465d449f54

Download Submit
/data/data/com.gbwhatsapp3/cache/downloadable/wallpaper_tmp/thumbnails/light/00029LightWallpaper.jpg

Filesize
3KB

MD5
3271e389cf7c3bdfe7fc158651690dd3

SHA1
6267e99b9cad6ad0b138959eaf35d55d89d814d9

SHA256
9b4ad40be8c97df32736d1a0801d2486ba888ef94169f3825822e97c1bf87d8c

SHA512
36418010c527d8ddbb75525a1eea81ef66d552aef9a3d9f9202dee800c8030e781a3f6d06beae16d444c2134d033a369c68f89d035e000b9d95d7061fc4fa07c

Download Submit
/data/data/com.gbwhatsapp3/cache/downloading-5982685458545088113.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB-journal

Filesize
512B

MD5
0957c9c5a32e6a386785de7f05235231

SHA1
cadb5455fc3943e4df45a5140322682c64fcba9e

SHA256
d75e7d8cf83cc1c68af0c16ef9460cef5e5307881223a5e37cde36674c45cbbf

SHA512
1cee2258efc20006aec37d7e68a1dad15f2dc7b3f505296fcf9d368101dfe6784e1e11abb49b59812aa9b4bfa9d347ee6cbe2183f5335f01858e030c9338ab9b

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp3/databases/BTOR.DB-wal

Filesize
32KB

MD5
f8dafb4eebdc29bf8b77b8e4fded785f

SHA1
f84e1cd34221e20e7bf29fece79ad24a993ad658

SHA256
e58ed6dd31d5ceb50d490ba892f830aed35636d26f3a7c184889764018d9d947

SHA512
5c4c888339dfd4d1e484fedaf78e7ed62028df6d231a1d418f51b47998f1de5fa7fc126fef10703497969e716299ba3d0ec293b54c3a2c41e1f845c11450fa47

Download Submit
/data/data/com.gbwhatsapp3/databases/EHS.DB-journal

Filesize
512B

MD5
8f93aff91b25d0f307b92595f364683f

SHA1
08cf5c71b5cb2815f21051e4214543dd09288230

SHA256
f1c0fc80d5373e3cdf6f781cddb3f8ecdb1029dce041870133df9deacbc5a31d

SHA512
63e8ebe26ad0900d631b031b58351f061e5ba9e5bd108c45e7e92d0d2df0f8cb1d2f0fb036117c16612000e3f9c19cc8e11710c985b04c93445f5ae4a329a0aa

Download Submit
/data/data/com.gbwhatsapp3/databases/EHS.DB-wal

Filesize
32KB

MD5
52e225ab0f7d5c167efbcfcb6db7f8d8

SHA1
9642b61d1726a1e4eb520c2b5b61a38ebd9c8b05

SHA256
c68404fb5035056c04d9054df3d8ee8fdaf32781e7c982a9deb59ea7906f922d

SHA512
c39bef9d3f033c0aeb0441af155c8b3b8cd16a2c896433e16de7314bbb122ab4356ec603d3752a0a5a181b857aaed3b12f13edcb1a9db41c87af5bcbe03f7ba3

Download Submit
/data/data/com.gbwhatsapp3/databases/_jobqueue-OGWhatsAppJobManager-journal

Filesize
512B

MD5
68f3a5b71011d83747658000ea72b1eb

SHA1
eb7cbe23eabe80ca8a3bc0603cc604c067b9671c

SHA256
931da9d4e1d54bbbf5bf2dbaa84c9af9c106d19fdb3923a01506e7d2b8e53d9f

SHA512
8f818e073988f892ef089a5184480510ad5cb23beccf507953de3ae9b015f1009e693d0a54e59073e772556801114c9d719b59e8a9b1bf06a77f285a35f60e01

Download Submit
/data/data/com.gbwhatsapp3/databases/_jobqueue-OGWhatsAppJobManager-wal

Filesize
28KB

MD5
7e3ca8e0009f6bfe0e3862540df16f54

SHA1
609f872c1cb344be7dc3250b61ff5dc7dda83315

SHA256
2815bd66f4381fe1f1bd203698611e2000990642a602854aa65265c03fa1645c

SHA512
746871bacc1e781d975b6d352981194c45f826a6e183ff4c644ca2221675d6fc0faf1d3d753eb12d076b32737ce4135aee1245bbf97d9131ca9befd7ab1eb329

Download Submit
/data/data/com.gbwhatsapp3/databases/axolotl.db-journal

Filesize
512B

MD5
ff80c9e319de596f5c47466ae6b033be

SHA1
014687750d45884a0dce70e1a580f192690c62ec

SHA256
b22270ef00b8b75b21ff39a11e0d0979811a84085dc69d4c05baa0527316592c

SHA512
fc8470a2035973ae0cdee05755662a32aa95857955f605d79ced736a1995f92520ed66905ef05b43958789d7dc8080aec4b45d26a6d9ba378f0960bcd614f2fb

Download Submit
/data/data/com.gbwhatsapp3/databases/axolotl.db-wal

Filesize
100KB

MD5
6b54c62db0596f590ca92ba15eccb008

SHA1
d787437326cde574fed142b23def64b4b683e88e

SHA256
94efb33a55f498d76c7777e3df8f2db7684f55a79a991b114f7ba44e38f6bf60

SHA512
53bd7d882d37f432d88a6eb68fc14d26ce0e2f299cffed9706138d524d172ebaae24d5135f545554172aa9662ff09b5089d26e26e8122d47313b5061039d8af6

Download Submit
/data/data/com.gbwhatsapp3/databases/axolotl.db-wal

Filesize
16KB

MD5
31f695e7491785a32cdbc05cda3e08a7

SHA1
9fb4901423e2196d7b9ae499e76b502253eaac18

SHA256
08c12b03ae68f5173b4597a3880de4685be9bdcf52e445fbae18b4a20960d257

SHA512
a36a707c43b7993c625e3f7539ad7fac2c3460e8eda453062aaec97445d3a0c276f87ab923bb137e1764a76c86caae9ce7620d2fdc1048631e78a0240740111a

Download Submit
/data/data/com.gbwhatsapp3/databases/stickers.db-wal

Filesize
156KB

MD5
8beb8f28e971b7491b8386e098744d62

SHA1
86f7a0444725b7b897a00d789340ea6de897b438

SHA256
d94544c8d9121c1b3f69a86206a7668ce5fb6ae33f5d7273569c6bb5090bdab4

SHA512
a23cb4aa158e90631caae43ca6f51f9987651f49551b3edd483592719795dd9f082ba96b2da90acb88aa9e517f16857fb7890b126fc7cb4ef30675dc399032af

Download Submit
/data/data/com.gbwhatsapp3/files/Logs/whatsapp.log

Filesize
725B

MD5
fd38c6fec0395e3a85b0454985b5a1dc

SHA1
afd13862cd28f4c51542b3eb56c7a17ab58e11f2

SHA256
762908ea627eab9e51e256de8fc527d5135883751cd1c833bf333f740100d989

SHA512
33486dd705a3238c1c4aba5823dd150f1fddd9a059a92a4ebf30a04940af07eead0c91763235246f00e3858624e5756150cf58ec0a93009cf8ac44d391226f57

Download Submit
/data/data/com.gbwhatsapp3/no_backup/androidx.work.workdb-wal

Filesize
185KB

MD5
15d27a8f075bc623a9e41b8184b4a6f4

SHA1
c72d8a396a4d84050b11ab9771d09d3d459b9eef

SHA256
cff0fdc75ac3a7e14911ae9ce225301197199442d7e0d680e7e040228f13a1b5

SHA512
b90712fbd77ea8b1f328b52a9c583ae3009a81a418cec9be297821c7d2f80973e0a9eca3350e231e3c92bd7ef4b819f74e9bda7b002e2149ec77ddb646b5d8af

Download Submit
/data/data/com.gbwhatsapp3/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
afdc6feb2dd23a7853345e492238d5e1

SHA1
f83926b26c6652b278698240fbd2d5ab3efe39fd

SHA256
0c7407f27532f909b28e3b7d16b6010c952218011c2a8b5885d4691c54e74739

SHA512
52c2d293d76524deb54597aa6b4094f6995841376a1a9abb95021119d0ae801b338d417cb9a39ffdfd2cbb411c0ad4f35c4dcd58951608ef2ed7db2b99a89a1e

Download Submit
/storage/emulated/0/OGWhatsApp/OGBackups/com.gbwhatsapp3.zip

Filesize
9KB

MD5
0a49aecb5cd02c26fc209efdc072ea60

SHA1
ead3c2fb5c67178a6c54f1f104774c4f19a38622

SHA256
9719a42f4124c560f371174ea831aae684df3f133a441b645e03859beaaac5b5

SHA512
9af65c6d1e5048607d7c835ab0e10bb589ff37cb39d8c1790099d42332a3f2f2436cec83e3c8e022cf7ef47152363da18c0844efc06eef3e723cdf8461fbbdb7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads