3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
47s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 03:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
102896b337926a503645250ebeff904b

SHA1
f9e3441e4a3bd07cb45a13742c5aeb5aefd2c651

SHA256
e6af3b60fafbab813cc06c35aa815578d7061f852bfb49666026dc559deedb06

SHA512
f48497a936dbfd938ef393752c05c2dca505934e53b569719a9515ab849c812fdb55fc1c601a690a41b793ac04c4568ea08ede91c09828ef36c4499e19eb1ba7

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
809bc9530c4477674badad6c8f6a984b

SHA1
a2f0f603b0fb620192c545a60614ba42ba9553f7

SHA256
cc7141e75be7ef52996dac33cd1efc3c2a7c90821cd496780c1bd0c3dd673cf5

SHA512
98d138f6af9e0adaa9fccb5c94848ba639f779c5884b1c64d4bc88424d08da835fb1c458148dace7a1d029e30e67c6a72b4b45a85a23a909d9c6f731d60a8319

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00004LightWallpaper.jpg

Filesize
525B

MD5
a0d6c946f3d57b2baffac8b7b1480be6

SHA1
f166df9ac3c0a141d30d33cece42003155623f8d

SHA256
ba299afa2be966df64eec3b8c1ff88be223667a10a8076c49a1eab9e2431adb8

SHA512
c140defbeeefad018475263c1ca7680180bc286fc9b1351e331cfaef77e0268be70b2864a67afe4afbdd6557f49955f5be0b7303d145ab79475e9d09c33429a8

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00008LightWallpaper.jpg

Filesize
17KB

MD5
92920bde0447c1a7a27bb8142ca0ad7a

SHA1
bf0bdb3aeaaa208f9018fc2404c2d2011c9cf537

SHA256
0d86c583b397ac86f1ac942e06cdda5398e93d5963b97ea8d490e7534fcd90f9

SHA512
e427f73e1fc207019bc8601622568803d42900694a9feb413241f62dae5592f0eacfba923c7497cce7abadfe7a3678daf42d583c70ba1debc0941a2adad81cb0

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00020LightWallpaper.jpg

Filesize
17KB

MD5
ae451a27b925c5b4776608cf82f7f304

SHA1
be2d9507777010bdb08f5f831ea4bdbcc1b29d50

SHA256
c0007b387df66d1e2b2c8893c94cb0883f2bd40b3dc56ef014a13eae6bc5fa61

SHA512
8597c9efc9b26a0eeaa641275afdd6adefa34dc420465f78c3f28c8e09cf480025ff7d54f01e26a1e1dce6599b2ad1b28508cef6a6f3462930e465d7f3e1c5ab

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00029LightWallpaper.jpg

Filesize
9KB

MD5
54c7d18cd193d84cd6f287af822f0f7f

SHA1
0bcad47015a779cc4929d0790697ed0ebe86a132

SHA256
90bb33603bc8dc9ab5a8be8317e0029134365b477de396397c3248711bcccb8e

SHA512
91c4570eefc734f0fd02fe47cf602c2a2cfcc7a2c25540a2e5abc6aaa8344e40142e894d7850e2af98f60351bcb11afa86c27a485799e92b2bc1d166cfa8089f

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00030LightWallpaper.jpg

Filesize
8KB

MD5
dcf1b4c7185d8ece5526419d7723e48c

SHA1
5bdeef3dd9f0d80dca22f749e3568601f29cd2d3

SHA256
82a125872be3fe364c32824abbcec7e2bf9df38422510e3896fb078aa8ba2766

SHA512
3a52b582fd43fb7c5e28ec9bd8e39a590880dcec7bc56130c9a569d88d7b94ae82c872917ab7a1c200ef50a914566449f9398dac79800781ae3da2efccdcf163

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-2562021356593609512.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
55cd16f3a059c3e78dd769052fd84704

SHA1
b696fda8442958f5e667c33497c01f8c729d1cac

SHA256
bceaaed134b45bf0ad8347b518645e70bc7332bf8af469db47429f153726c730

SHA512
867722a3626787f7cd367c82755b585d3405cfca449280611df0792f5f74aa8b9c713fe304255bf5cb54c35fa44313a24d1e1eca7b4e479bf12d000c2e1f9fd2

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
a0e41b1f821090bf2f4ab06425bc33dd

SHA1
f11ee1947208a107ac0e3190e8b6d7d938894e1c

SHA256
d5eecdab3f1eb3d2997c3c2dc29e40ca989aaa12e2bf88721d5387eb89e9bf11

SHA512
5fe9c6d41f8f55d38c9232414063ecc734dd97892f85f01d03f3746da555743be0f92920a84aa4be87cc49a8a0146bf653e089508073ae2e23a67c4662666905

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
18fac33bcc4a3c9a6d6d6cba7c9de343

SHA1
f09a44aa628e4c90a6f06cb928f0c92462491193

SHA256
0b3fa791f4cc312f8b43ab8415c75cfaf118c06d4092a6313c1bb86423107faf

SHA512
6a5ba736befc2aba085946657432d0873c3f4acb5deae3b3f1e6e39cad041dfde263d4a588f12c1a61b5c88a448579a4063c9d827bd022651328993976cbfb2b

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
56cabe288bdaa500733c62d14207f6b7

SHA1
10dbcf49b3bed4d9cc37350de94da18db21fec35

SHA256
f5d27812bd6049c52870f5036de0bf24d5f49b9512687302fc717c6294412cce

SHA512
d550a0d24c8b81667c07d664cec565d404423a0d77d0960a9a15d5aed0ce492d414fcb71e4f065c2f2609b6bec7b2adc788c349f1a861e2bbacbf0da2be27ad1

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-journal

Filesize
512B

MD5
cf385e3ed3473433fbf6d75a08bf3d59

SHA1
011c0c726c610cd21a98e613e13bf36fb05bda64

SHA256
3ef3f7a3d11c439ce19bd281f2b7d7fc01d4fab384e4f38cc329279b207fbd28

SHA512
cee86d749b931dac2d4578ca5f7b0cef4d5aa246b452eb695f2ad6dfd4913f069550d1b9faa9a994c3bf35b5f1a3a73600be2d304b1839d19db9589efff09e81

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-wal

Filesize
28KB

MD5
96f47643c587f2dffbd14f85358c1075

SHA1
c70d4d02a05c9d30315e83d006e5e7fdb845ec92

SHA256
0021dd08cc291fce33b5971f7d373babb6676e1f8ea2252f3c107e59d0f39899

SHA512
4d90e63c6989310bff88dfd8dc9a4799107a2653c4ae01080befa764b1ebb11984b7c5b805333c1b6a5f975cb13e0b30292de40f8f3b7f027475a3bf54f84dbb

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
50629e4e5f42ae0d2cbc9e86d41fc45a

SHA1
36e219fec6753025f25eeeea35a28dd76b100797

SHA256
f7b48c0b5837cf8e17bf9bb7a5d393aff5a6462a848b30ee2a1f4ddd12d2c268

SHA512
98788a506d78594f4c6b2bdaad174f8faef2ac99352db87215eead72fd5d77eb0ab4b457296d41386addc6fa291190e7a38059cde1e103a5a26a137535ec847d

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
60KB

MD5
d8cdf7627f088d99dc97b3f6b6e6133e

SHA1
e3b858eb170b87290ebc65b73895d8be3fd9d532

SHA256
4d0b44750a7330d75c660cc90eb444fa3e722286969b0e332dd3c729628ce6f7

SHA512
2ac45ef7772c1d07123bc86da563717dec1ab7d278a13d04b51607e21ba0a8d97bc196bd0f3a14b6eb616012ad2857abde906cf0d97843a040c0b8d1c90fb061

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
82b52420f084c2c7feb4d31357351e53

SHA1
17004750c26cae26b13f295aeebc32f1f930848f

SHA256
b9187b47c66a443499330c9b988182e8b775af64e2e668a343468b02eddc61c0

SHA512
9461e0efa14c73a08ed9c7da5f73df077990ad62fedb565b9848d647c9b5628767f910e31085fc7d0c2629f95e85857ff45a4a4dda97c91cced31908d85e2d5c

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
87ac7c47b26cf8acc800f80d742e45a9

SHA1
efb7604049474e0b2fdce75d139ca82c1e1801f5

SHA256
a3a5ffbdc235bbe44d8b76d2136b6fdf0b4b74a2f50d22476b52cc223838a12a

SHA512
fa4de28ea9b96a08e874cae6636d5144139744d2e1fad2d3c80345293c24754742731932255b2335c00bc45ec7a5aaa6122a064654a28efd5a27743269c12b49

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
91cde833b059ef665b8e905615cf710e

SHA1
ef3d66a45794813115db4b6e444cb512ec72ac62

SHA256
d9878d04b480c2ef0d45a12e2efeda3f954cc29339bc344b0785817af11f7ef2

SHA512
f7285371e7e517187922129355680293f69ae75781a24253d4e8d894212157da0c04bcb144ca508ade0145a3f49e31167632375945e72785d0d628f26a15c623

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
38KB

MD5
381ac8d2abfc4f037e72be3942f763d6

SHA1
240711a0021b403fbe596ac00040621e74d2e1dd

SHA256
498626a393f4a95d70fb60f29d2314954974700e8d933c3fd866e027258cd268

SHA512
abcd26c596f4d14809f344761ff1b97cc8385e4688bde47f7b8834a213d6b9a331668a6ad0619070a209b996abb77a03c4fabfd9d2b8b9ef894e6464a4d339c1

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
854cadf18a1939f8248214886e9deab0

SHA1
04f504f4826726865588140f43cc2f987c3da0dc

SHA256
cfeb0caf6bb9fdece9b807ba56c48c6f05433f14185d7ee26fd79e64a04ae4a0

SHA512
020ab961060aaaca0c4c4fe90bff1fd51f12848b5fbb6ef66f4506df3bc4dffb63626352865b4f631582e68cfeeba51adfabd0f85d0b685b5991bf49df1ebcbb

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
17KB

MD5
b77968ab78b3b84861ccf9837e234160

SHA1
aad3f74f7ba244f370ae66c3b14ec7768170a6aa

SHA256
180429eba77e31d26bbe1cebebb375c0e8f884e23e8a74b490fff600f0f4e421

SHA512
d77d7a8d9ca506879d4cd06c194d2af8e99b346fc66a572ed2cfebc5e52d56fcfac2431b703d89a91afbecf71e0aac78df13736ecf97a394475e02a9a2aa4831

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
1.3MB

MD5
8d926391ad14e6790c287d555ebcc9f7

SHA1
51d03ed6629f69e7ba980841f496e869df857dcc

SHA256
c688b3aec86ef450a0ef43429652fc9c8cdecb08212b0c2f6a0106cba92924b2

SHA512
cce9c57eeeaa302678b877ef0b30bc87ff1a017962ce2b633a49bc41ddc4eb95fd3c8be3d79134f8361935d5838ba1ccdb0fefe4c5469f79302fdce497bb903f

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
169KB

MD5
5352348f6597a905d0018bd7114eb153

SHA1
42a880470f94b8cc3d8bec76a78d451b135c98a4

SHA256
599db9bfe11b216861f41c52066effc6eabffe61aeeca6133159f1ba2b4e77c2

SHA512
daf44a0c0140c40a2dd86ded2913a811e681fb46909ec41165aaa3d9577d170fc146d053afca5746c56c9c4e049dab08d50c3478f9dda7d431cd754777703a98

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
7189bef4316db0bc1e4efd19ff3a7cb1

SHA1
f33035f2ff56079f54a54d9d02e667d526d1888b

SHA256
d6d3cb9b99688c9787cfea721f7e0483e3ea09b65996cde1ce63728933ed421d

SHA512
a60843d161ae99e67feb603ee4598a4b771ac6beb6477f4ed54aeffa2c8b3ed7ac596bd4e420cb39fa9df3ccf26692cc9cef7ce4cd1263c2b1b37094350d0f44

Download Submit