Overview

overview

10

Static

static

10

75f804d346...f9.apk

android-9-x86

6

Analysis

  • max time kernel
    50s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    13-02-2024 03:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75f804d346dc48de24e447e262da09b75bb20405095bcee2ab2a775800158ef9.apk

  • Size

    69.6MB

  • MD5

    921ce55fa82f0025debcb7cb3cee27d8

  • SHA1

    cca091918c4b55d00dda82221a198023aff27dd6

  • SHA256

    75f804d346dc48de24e447e262da09b75bb20405095bcee2ab2a775800158ef9

  • SHA512

    569a25d5c9488e1aef22f064d5f751cfb2cdf5aa2e56747759cb7fba17facc373d8e31577a25a8025e5b3ae9c884f3d9603e4db7abe99d1ed3af2ed3dc0ff8e0

  • SSDEEP

    1572864:tHMbZg+KOS73QTXvmpQWACjrXS0CYZZW+jApvoG+oQP1o3N:tHmhKOS739QWAGXgYZZW1toGq9mN

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.fmwhatsapp
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4291

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.fmwhatsapp/databases/BTOR.DB
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.fmwhatsapp/databases/BTOR.DB-journal
    Filesize

    512B

    MD5

    10c6354642e38affd0e9f8be2157a394

    SHA1

    8887fb96651c0e6899dc8e96d8c28d51b707e419

    SHA256

    7290d801389b509259a619f8f6c6469e309946af071f2b973f2f82101074c2fb

    SHA512

    115ea5f00e72713e57b16c66ffbe6874e11a7e0340cd01591e90de365699554804c4d150ac97fc9702853a87f1ba7f053ebc130e5c8396181205ac26304a50bb

    Download Submit

  • /data/data/com.fmwhatsapp/databases/BTOR.DB-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.fmwhatsapp/databases/BTOR.DB-wal
    Filesize

    32KB

    MD5

    7f144be1e5b467152bedfcc3bcd54713

    SHA1

    76962c3e902bf36813d82b79228cc73948ab47e1

    SHA256

    c99c28574016d7855e2187a1204e2ee96469194a63f0046573a718df55b255c0

    SHA512

    311f791035d69022f6bb769875b4e37d2645fc4c0e74952cd92010de6a0f354e004533ff7e5027fad3a0fe66140c6f8c22787b701c4b1fc1a9b488bbc7663f6e

    Download Submit

  • /data/data/com.fmwhatsapp/databases/axolotl.db-journal
    Filesize

    512B

    MD5

    ab8fe08166322694adde18606d3ff069

    SHA1

    da24ad3fa6fac8987f30e940ddb5e5f51f327d7f

    SHA256

    f409c72e3a4deb3668475f88e3781f431039e400e85a550c7ceb57e4da5f3d5f

    SHA512

    88504bdbf9da4c3a46063478bbec84258eafaf0d027d76edd27dab2039bde8071785089dfbb97a378d8675d6de9986157437e421bae1d2b6d235123b9cdbd474

    Download Submit

  • /data/data/com.fmwhatsapp/databases/axolotl.db-wal
    Filesize

    16KB

    MD5

    983987b3fb8167769f1b02dc337d03bd

    SHA1

    19b96989f3848372c5dd445babe5f65a1e5e004e

    SHA256

    5d293e51e940d6f76ad8f5a5bcc18e66a657dbde49120ce33424a72988384034

    SHA512

    4e7195f600e82f97eab9468dc00d22928a9d803209796f5dce3401ec0999b73fa9a6c331c6674b84b7e0b0b248d46c9d66ec33a07ec157b59914852f5dd6fcdf

    Download Submit

  • /data/data/com.fmwhatsapp/databases/axolotl.db-wal
    Filesize

    128KB

    MD5

    442ee06b37004f053d1650f27ff49cee

    SHA1

    2f48576e4e866e4639558bfd72ae9b79f28d86e2

    SHA256

    796e4e12da9adc6632dbd54f3ca11f119bef4ea1089297260f67599a9407db19

    SHA512

    12540223a1f8a6f947fe57f5c5f7cef24780e6402e4fe415d43e42f36d7e7d89e01e72d64c2ead8d39fd265eebadf783221308b28a44705414bae585053ea63e

    Download Submit

  • /data/data/com.fmwhatsapp/files/Logs/whatsapp.log
    Filesize

    4KB

    MD5

    fc24d3e8edfefddfffb42fba97b42f75

    SHA1

    5fa23a8f75c5961143b68683cbd8d82dba12491d

    SHA256

    ed53dc1795246708c9c0ce25d8c69a78566b310d716bb5dc0036551dfe18b880

    SHA512

    63a5c0eeb529bac02f3ac1b4ccbaab985f96632e9e843fb8d4b1e7c139fd642f6409b470ab028ca9db2ccb3efaf3ffcdd87c63bd42ed9d4e96ce13de464e23e8

    Download Submit

  • /data/data/com.fmwhatsapp/files/decompressed/libs.spk.zst/libar-bundle4.so
    Filesize

    730KB

    MD5

    12a50ebcae2ffa1ee0af3b569976dbd7

    SHA1

    8dd4c167d769e3bff9eb49f234f567b4556e9ff5

    SHA256

    58438148e15420c0637e7d07ac3e11036f338465996f2998777be177621620a6

    SHA512

    cfdf86c37f0a388ecb938fea339018803647a17c41934b2955355cd8bc3f0d313a1698fdb557b671a343d65d7b1ed7fb7ac7452564940ec60ee35385226b9234

    Download Submit

  • /data/data/com.fmwhatsapp/files/decompressed/libs.spk.zst/libar-bundle5.so
    Filesize

    1.4MB

    MD5

    d9dd28714e9365fa71450d7f2ca16ca0

    SHA1

    043d945f6c89f629d358c83faff396590c0ab464

    SHA256

    d0cbd1f681693717fdbc280149838e1aa97ceed581dbcf5bdc8cf9bc8b44d484

    SHA512

    67e634278056436861405419bb4d82e14e491d991bae0c0a8fdea3a0bb9f5ffcaa4cbc0dfa30b3a8f22866a69f3dd61d32ed24480a8090379197f4e9206c7837

    Download Submit

  • /data/data/com.fmwhatsapp/files/decompressed/libs.spk.zst/libvlc.so
    Filesize

    4KB

    MD5

    331c11e688da3a05a734d35e6ac81af3

    SHA1

    d9a7033164836dac45aa72f0a9f3b9a72eebd863

    SHA256

    98d89ca3bc05942d07d1f621fa7001b6f2d6f7ad8c5dc9cb9ef1e4bf1fe023d3

    SHA512

    5f5d85afb01d18e63eae6b12b8f777289136600a0c52ed11016f8cca1d99a654dd76d73817efe58a98a7a15815975e10efdcf65342239e07b057bfa09a4618c9

    Download Submit

  • /data/data/com.fmwhatsapp/no_backup/androidx.work.workdb-wal
    Filesize

    169KB

    MD5

    c04c4373f8ece6ff8ba779c0ead6c82a

    SHA1

    91f5824122eccbcb522804ae8239636b6b08538e

    SHA256

    1a2cb36bf4c86cfa47968b3f5d9243b1d963cfe4333610a69506a95a4a5e9559

    SHA512

    5532ec197c0ca3569da8003c9c72c4a5cb4d1c86351da33808ca029b36a311c3864d08b9ea32adf5a914188a609f4177418220e43c0f459bad880f87f262f197

    Download Submit

  • /data/data/com.fmwhatsapp/no_backup/com.google.InstanceId.properties
    Filesize

    63B

    MD5

    dc561c9f1b08192ebb06db4caf45645c

    SHA1

    23e15ba00080ebeb35950c376f2ecbaed41ff1bc

    SHA256

    81997c698789f53faa8e3962e19bd270b1639f7ba113d08c2fc91425ce1ad66f

    SHA512

    02c7c267ff9007e636588176c1e73ea4bed11fd7b8a34590e55765336640135a8589ad53f3899cf974a4a0e96524dc48627dd0b665c5f8285402f11ec15baeb5

    Download Submit

  • /storage/emulated/0/Documents/FMBackups/com.fmwhatsapp.zip
    Filesize

    442B

    MD5

    7219d95fe4becc7210b86db5ae2d435a

    SHA1

    39fdaaf90a40d8beb03d1ac83620f5d8421da30d

    SHA256

    e05bc2349b7033f5f83ffba874e98cd9f88241001d165448153bc22575fe3dbc

    SHA512

    2bee7960aa9e355e360bae20d30248d5e2a2b98d4864a927bb2c1d3d7d1c516622c4f123af6302ddd2a3aa0507e9902cffc760eca722c5dd5da8d6c8a338c22f

    Download Submit