3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
50s
max time network
137s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 03:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4277

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
6d19d9fa9d54806f2d076cf1be8e4ef8

SHA1
a3756d6c93060c213b4bece058e68680aa14da4b

SHA256
6c0d1737513d15ec19d402f623a44f89031d701c392b169893b4e8e3c1a397d1

SHA512
71d3c5a17a5d942df84301532d69f6c314a24eb3c0420b2fa18c2fe93c07c21bcfdc7e382cb899d762f1b4ee8b3a2c0ab20f46cb9bb23628b1fe71ea0e987616

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
82c5816c794230a0ba7198e0acb6d972

SHA1
5c2bd0432e5bbba2a3e062f877759adb80fe7a5a

SHA256
bf66c128a5fc6e3cfb27e30d6746ddbce3e169f6a19e556136455bb507b54140

SHA512
6b37dac2d7b60d356ef249e4418d57cb8be597bd2feff66deb94a2be704629e6c60e53df1ad6bd9f4c0daecea5066cb03557daf60fb2943cb15635d185377883

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00005LightWallpaper.jpg

Filesize
3KB

MD5
0efa53fb7ad927bfac4c367333f60167

SHA1
5a2cf6a8ac86975f3cdd001f9ff736eb2c81cbd9

SHA256
880e3a25bc7786f4a480408f2c0dadf89e142f371399b8b6a3e3bf68da7bbac4

SHA512
1ef60245566aef9cf4601b01327baab2fde0738fff343302f11b0de67bdb4714302ea7becdd2e23d12fad59c9d6b5cbe42685ef5060f3bb9e9da3acd55372f9f

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
9KB

MD5
fb9b168a5224ad8ac79d0ac2a05da6da

SHA1
82852b2e992306121e31a81144cda8a1ac2f8e27

SHA256
8507e48d67270c95797a4d6fa9f244f773629e8e37477c3c72d0135d4410adb3

SHA512
b1fb8ee860f80516e025028f1f14209e380660c013dd9529abc1c728ee8b0b0c7c0a94db1c295bf42d676f8adc3b78a724454e403eb9d78014ec50465d449f54

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00029LightWallpaper.jpg

Filesize
3KB

MD5
97cf67d0f1823c9669b0181b2a5b0d76

SHA1
658f350c4ae374e334fa94b363e75ddf3c221237

SHA256
c5ba88558c24a43190d45689a1100fb7f744981e84870f1449979d355ea782b8

SHA512
aac13a7ad301ba52685f6fbb7034b168734d4332111d81b051f79e750e83e558f37b5ddf181c7da5a4ad8b6da4bd387ec3bcc1dee050b133e84e4f4f437f65ca

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00031LightWallpaper.jpg

Filesize
1KB

MD5
7ae722c351d8d504087e65d53eebc587

SHA1
0d524ecb5ca152d58833bf455b7cc3a24c92f1de

SHA256
d16d521b3023fd1b469844cdd443f919be8fc9121cb7cbf9816a3691a0039a9d

SHA512
ae6bbf4d6bc0773931df6a0d33b4ce27d047db06aaa404bfa19c0922925101247f0638917938ddfc106b88eaa36b3d3043f12b45289c2718d23024f2d27ba2eb

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-7552637658212919428.tmp

Filesize
40KB

MD5
e936d9a54585c723a59a051399f325d7

SHA1
ef1586b43c464d2cee1606c7bd89351305566387

SHA256
cf5fb7a1f09d564debc3b389a48239c61cb07efc68f370dc9dedf1315c144a76

SHA512
a97f5e8818646963626acc29fc93b611c0ab6304a0ea262b63ba17b7a266767858b248a1da4bd813a25f29bb5f67fa31d615e5ee18fc36442cc4ef3583fbcbbe

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
735ded35542d22d6dd01f551c6ec6785

SHA1
659bb8daf787c1d0164bbc941e575535bccbaee2

SHA256
85333a2648d616dd6aa307498994ebe386370edd00ce44c1bf24853d86b2417d

SHA512
01326a6cedbea6c5743174b687a4d4a5d579de0a6ac12a9a64e6ffbdb201d77edc698553d50dd68abcd60f702cecb4ab2e8e547fac276dfecdb507ab825506fd

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
b214778337e0811f7cb69f4f38098217

SHA1
00dc69109c5d30b57dac81fe18f9991ba3270b7d

SHA256
663b9ed73e5f107a9b5f2c4dca98d0f6319789856f8033851aeffb9064eafa3d

SHA512
74c724f54af5a1f41b561bb4c4b78877b74847cd6c8b92b6542f7d906dafae15a8cbbc612510572b259d9c903f37b33537857ef7540993e236b6f87d7cfe7410

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
7f6944a1040baed932adcbd384d1203c

SHA1
e04117ceb378563bb261e025fe8531d649330d7f

SHA256
2dcc7e3bc72a48c4fa28bd8c4ba0253dcff51c884c46b12357ec048b1d1654d6

SHA512
4cd31eb9e8197f9024a1d7f37ece1a2a2f75508b0bc7684b7c65a2123377c16515a50378898691337842fb87cea12c8f19524739496f558643c34ec988761b3c

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
fc36321d64a251ae7c5ee8933636ca1c

SHA1
e951bb20474a5b2826603569e5eef75de2d88656

SHA256
69c81f7bc0c71578fca36f626257fa027b309933921a08d0d7cb68c4e88ac62d

SHA512
0b249034520e486709c87e61dc60f58a5de50dc320a60321b7562c19c97e786699edc0e405b3ed02577c6f2983535afb2e3c94163adfb2658dc178e93ffa1fbd

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-journal

Filesize
512B

MD5
f086413ad92272945787049d2b81d8a7

SHA1
cf82bc794d73dcb82d504f122ad1153fef09bc2d

SHA256
2b98d0c31a42708571020007d787169058943684cdeb558412c2bdfbe4fa3b9c

SHA512
50c9f0358fed852b33677856ea9b2d0d988da6d5e8224f0085ed6f0001f9a7e68e1ffdf6580ae50105575e4a2d036d7dfc2c123c8f64661133d9b80fa8df6a53

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-wal

Filesize
28KB

MD5
27fd8e02e73a914b4b9299b3ec12aa32

SHA1
15d645c97523feb71c79531e230595c671211c0d

SHA256
b637363b977bec0b72e4fb59034a5c47eca667049225f6dc9fc7eab35de734f2

SHA512
d23c82f08ff7ad168b61a6ae804134581b87720a5cff3ce94d803e519036a92928413fa1007878f32b34747451d282dbe9f6b4affeb6e59233b5b83a5f977638

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
5f522bd2e360dee193fefab6fb0f6e2e

SHA1
37b409cadfe16cb73ff1bf76133cde5955f4713a

SHA256
1c0c20bb3684de222f5283078e3b9ea0d403c80b0e45c0a69a990ce75fc3937a

SHA512
0e4684b7b7c7bc86dbf2a9b6472d1399bb433464414fce70b0ea2d3b465e012a5ea73b18f341145adbc48f255f5ee1a8b29bcd1d936a010835f5e2269e2a093b

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
0a61e0d23f72a44537eabb88eb0371c3

SHA1
005a089d50c35314d20cb43829bf7cbc9e96f810

SHA256
84690480a8f5bae62a135c53aa0122884df085568687710664d6b01c10524fce

SHA512
ab07ffdff17eebc396b565541c309ea4793d89e1ad76f32ccd5ace4072f686e171529a88c4ffcc7e30be82578ec8a33255cc56d922a3ab7c5e48358d49668a35

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
f2d4da75e508381a5a391bceb3be3d98

SHA1
1ff73be129973f531165768cfdb7e4cbb8c5a72a

SHA256
320279f4c3d696845c5099844c4bdb32639fd52513ff06d0d08604c9602b1fa1

SHA512
db43a81edca285a0858a43d29ae110f4460e7993e08cf1ec182a37b77edae303dc2479d2e1c3c9f4fe1fba649e47e57672f8d5015476635768e76f223b215da5

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
12KB

MD5
cc36b0473215b82b419a4ec4acc55283

SHA1
d0b2ca2c6789f129817e0fd04e25a8021c0504ea

SHA256
e68f6f68e894d361829f60f0e3009b1509d19d07f43c00ce35b4c116d669fb0f

SHA512
fb35b59136ffd7a82caf2263379389678b847bf9d1db829c898aed02984776e7d4dca55ccacc322ae1926894b9ad0014bf1ae7707db188f219c06a0d9cd09d4e

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
80KB

MD5
f793919b7849e172cb44a09c59129203

SHA1
c1f35f152bdef7a098f587fea3f48d49771101b0

SHA256
be1261b6dc78acaa5c8d907f928e8ee5d27bd43e31d1a04ae794bcef08942156

SHA512
dc335efc5f16917cf43af1ffffba21913554e6ba418dff0b71f322e2e64cfc0803378802831c6f8da1c0358fdaa6f44272fc830efbada55c85d63a839cb54830

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-journal

Filesize
512B

MD5
aff81687673d432302b8d4182e3f6709

SHA1
a2d6152285f5d1ea09cda0cfe950e0333ec2f8dc

SHA256
87bb95199659e2f85bfa1e1cd29426ab268373278df7672a160e7c23294f7257

SHA512
4c2bc2eb307c85fcabf56b9d852d5717503dd65f08bb0aaea7a495256f36a4982710d528fd0346540fc5d89b78949a8d9d4ed7a3e8ba1161697ab01f433d0a62

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
16KB

MD5
52d851ffb31ce4e9f06c9f80beac7aaf

SHA1
d69aa73c06afe4bb46f0f57c182e16ef897aa891

SHA256
427f9d0dbfeca259673be07f8f823831c3d8a1556b6172bbcbe3fa2d288fd0e7

SHA512
b6b78b9d6fd82643ac717a77e23f0e9bccb962025dcb09c9a3a02e7297fbc29bc47637e80199f705e79b87f580351bac43474e035f7c9635c60e47d2adb2fba8

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
116KB

MD5
38a4174991f1171392526300c8733ee1

SHA1
5d2c576e9bdc1e1288ad7ede04d77c60fec8ca1b

SHA256
3722a0c05ba7d5c7e4557932347840d1591a417c3e75be26558f3d26f12051d2

SHA512
e174ce258ca760ae297697fa22387876904610e8a9c09f8f19b7a7c594e9757fe136bd390eafb016a9d5a1e713c4844cf57c745181c0753bd88abd977f378570

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
b658a442e3039e6b00df9239d2390f85

SHA1
2756e0f646fa089c2b60a60fb7b7eb37ea482fe2

SHA256
ef99b564b1be616feeefc12a5f2b509f7fd6991240a3e81c4cbdedca77a8dcb0

SHA512
ab0112203baad2b8566b012028199ec65a8d2a108665b99885cb5cb6fe06a79b4ef0ebff54d0bc9b028a356521c0c63bab0642456f0576871140b94f9d009d6e

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
52ad6477b26db71b10eae2cdc34654a6

SHA1
89447a4cd16b4917be7f843fad14bb81246c2ddc

SHA256
4fd4b9de1279f29d4916e23975f29ba96965e1af3c4759ccf0b18a4d175e2a9f

SHA512
669e77624a12a7230a25688a5dc6a93288b12fdd0425ec6bdf39f89077c86025fc815f49147df33e593acffb2498819a7462c053fd39197964aacb9bd4e133e9

Download Submit
/data/data/com.gbwhatsapp/files/.trash/96199616-e7d2-4d41-b3fe-a541eb767956/6eeab509-f909-4b0a-ac7f-fefe88fb5f5d

Filesize
526B

MD5
2c0f856d7250fb18c8dfe900ec9bd5d4

SHA1
10c62e9db2bdffd3d76829987e50d0efa5e0a72b

SHA256
62802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6

SHA512
ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2

Download Submit
/data/data/com.gbwhatsapp/files/.trash/96199616-e7d2-4d41-b3fe-a541eb767956/9430e3c2-558a-4aa5-9184-059f5936d6f9

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
5.0MB

MD5
593bd16da5b69e74cda8b52b34c9c38f

SHA1
5047fab98bcd92f45f81577196e48fa5b37fa0b3

SHA256
7827e740106f5abe81713a713494d8505ba50c61979b249a76d9659b97589ada

SHA512
439a264749f57d0ab60714ebd0e595dbe5569c1c595a82d7ba6e9448ca2c22327ad5590c7aa1e054a27039630949714d90bd0a4e110c127627621392ab182570

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
deadbcfe7ea37b9e9334b2c52cb03284

SHA1
f6b7049dbfd82d410c14f18d2a58ff3a65698399

SHA256
e15925b57d9fa71c7ab2927f24b9c235ac8d3b09ab804554cb436f96a3136962

SHA512
6bbcd83ea6269f0e4a83d9ee325a714f492c3c1ef00033c19629a9f6a58358f235bdc0db74a5fcc75165345751afd537229dae00e98e1ce1739a372ada2abdb3

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
fb3dcfdaf82d06f106a1d00526898d43

SHA1
0a8b1033740aba143df33c8109fb998422ef0cc0

SHA256
a1581aef1722f603f6f15689e885d6975487e7c0fc523fb9d98ef00121cec08a

SHA512
97e18f0b70c04480621e53526bd576fe2145bde8e5c30bc0a893cd5798a953835ee1917c50ad81c0486a0ebfa80a228ea09df50f7f1186cd4510bc998faaca8a

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
2fca63cb59dafba273efb582375152ce

SHA1
e49e1c29e9499a68ec0e186ff410b6fec4428b06

SHA256
0512d2dd0277c6558e20f7216b34b150c6c6855ca7b3c5e8160a18f052b208ac

SHA512
6e1e1fe2c9ba4f82304a3dfb685269d832fb012ab3c91c1bb495384ca04a77ffa8631589acbf9e935c747aee00a923b605febadc534338610d82de0d68838a79

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
169KB

MD5
bbb2e85b6ad987187ed13b41e004607a

SHA1
eb82eba16f91524d83e2fe1b4416bb705a1801f2

SHA256
e67605d1fd08dd70db7c59ddab50c4ccc4bef5746293385c9a4b9e0af08388dd

SHA512
a14a7471a90be58740e0a770adc9e33b735cfc07f6277228de7dd2391235c62b852eb9b1a221f1740d6af184d8d8aa50558d930c0b9d9f32681713c44dcbd2dc

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
b06638a31079faa896bfa09b085bc29d

SHA1
c6103f16e6714c2900ed210b7d4e83208ff61faa

SHA256
29c2cd283ba33df5d0fb35da5ab71c98f9b5a778f771356ad0cf5eb4a27cfa46

SHA512
b9d43b836e115cf1fefb38d2f011eedc237712796cec5292b842d4731d6c54abc2f7757be717cecce81be0f67cad963a02ed61868d2119447e9c8a187003bbcd

Download Submit