3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
47s
max time network
137s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 03:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4243

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
b2c06ac1a9544329dc3bac7d64828556

SHA1
f8949eb5873fbfb0453f0a290cfdd666d0123599

SHA256
f6b183ef29287a711615d332e16707b32cf0fbf0efd36caba4209e84f8e34151

SHA512
10e131d9667b5d4d59fbd0a8aaffbf358664dd9af14e266a8fa69fb3c9286545c0cd725b61fa10a79bf093949adbc3e23a903aa2b904a7b58edd0fa2fce02af3

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
e53a5b4436fb456a8b33e56f563da9d6

SHA1
b9cbdbf0ca0ede6605734fb934076c439580d2d1

SHA256
c901fadbec98220395f8083ff56c5f165eee0fd5986c855a1b23eb858b27d74f

SHA512
55349220fc1d937333f76f6dc2fb6bdbc25ccd6f1bf4089bbb814205b905d4f0066c949cd7a2bfbb9d95e4642af013fcda6a179922f1b613345ff5e309c5673d

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00019LightWallpaper.jpg

Filesize
526B

MD5
0e263de600db5eb4d88a4e4eb6d9cfab

SHA1
71832c7049c690ff6865eac4bee3394b2cf47c76

SHA256
7b9bb05d62bed043a3917be4a79ce0f951a0ca873438745e15fb18323c2b4842

SHA512
36fc753f746692cc35098036485349a002fcb7a83c9717fed005f36a6b85cf785d159261657317e181abcea465c97d20c58f31f835e321754274d1e8f5592c01

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00030LightWallpaper.jpg

Filesize
7KB

MD5
27ef76e051f5135330eb4509c028a291

SHA1
3cde7e83a696a6acec55e104d0d7f851751953cc

SHA256
c4037d053ce830c74d89d35207987cee9a7c0318269ada70803d80662de173b8

SHA512
7d3f565b56ecdf55b9490357a6ee331a8e00cb3fce2e156513828e69582bfb7841efdaa510b24520a1006618ad06ddd43009a2a07770a82a81d1f8292e40f972

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00032LightWallpaper.jpg

Filesize
2KB

MD5
4a092c67f561d60077c3a8fdfa518869

SHA1
3da189bc8035d5f361a0b875251a2a613628ae3f

SHA256
0d64355d918b2d4ae729e0d79d47e4a3d6a87abba265403498f64eaa2e6e3dd7

SHA512
b54fefd4a3ac564a29834fd47e168b2da15b564c0e616cb4c45d483edbe48885da9343a4cdf0ae865d0129cb339fe8b01e440ae4fa467d7bd0789d3e3ef43076

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
72e1162a540d10f3152606ad5fa73d97

SHA1
3c2b63208044cf0c4d06a4a3b9d05aac955ce283

SHA256
8a05d7596d84260cc85f7b0dc573c7ea39320b66599a9649f8d4d6908aa93c66

SHA512
7b4efa31af9d0e55f5d93768b877717a4d0f1b8e1147e4c61c510f0d5db26932f887afd669d8b8c47469a8a363ba17f362fb499cb6493369be3b99587eeb59fe

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
0d5e2792cd168714fdad6a2cbf18d879

SHA1
46e89524f1ee8beeb4c362a75962f7279757530c

SHA256
7f4f16e9de1e2f07e03270c592351bfcb9c6b22ff50017f3b9d3090d24bff027

SHA512
0c9f9a94d100a6484ee63a983c71d6e6ca9c4bfae3ebdcd6ec979c73cbfa563864716c62c30bd75b677241139312520c8da6a5f3cac26ca9f417d76aec89526a

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
96740fb8d36ef53114f25f5d81e6f9f9

SHA1
68c6a05e513d6ddb1359bcb58ae1f937eca02c0b

SHA256
c5bb5e7e7305eeb80ad8fabb1f84321209be538e8202e6df2e901400ea0c4e9f

SHA512
a5918ed77ac6f6c6bf80717eaf00405d0191cc3cc4b52a54b8d18b8ff9780c104ac44633c7edf7adee955fb001acc56ee1a00ad7556e43d75577352222bd01be

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
cde2b197425421bda7e6746a86cb1f42

SHA1
56051bebf1d063d747db8b00f79cb973b345970d

SHA256
f5ade492368b649999c6cc4ce1f2a2d5c177d44f3c38e989452321c1bb035b6d

SHA512
f3a8c81dd56a898c4d02d18fabcc6f809615863432cea3a4019182dc00ea85ffe11d33cc5fe752daae73133b0f7e0b2ee0d7fba783a1001e2a2d7b7751d0a290

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-journal

Filesize
512B

MD5
289ab63b7ac969a11b809a052b527879

SHA1
ef9f2a8f977438a24521a9fb207cb832a4c46dbe

SHA256
5bc429500b86c740821232f107018513fdf30f021582da8d56e55e92f24376cf

SHA512
d1064b4ace6ce946672e345e1087bbe80fab931f9b4c26846ceeeb02491c5da15020147b18330f7fbc045aea4587e0a88ca03ae35663bd233c347e0eccce7b1f

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-wal

Filesize
28KB

MD5
6d2b13b871e11f260806a04f4e13b306

SHA1
79c4d873e6d0bf2a8aaaedd37fa38dc091dda1d4

SHA256
332ba24a345f593926a74c559042a0ed6618d1b498193313e76a3f1222d70e66

SHA512
83b1dd9ef4a843c17b0584637ec825cc5305029570f8e9e7eab5dd4013bdf8ef458a4e3cf6ff8ba20a3a20e757f3028ad070c3ace695d11e457d00ba29e4b2fc

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
1b407c1ce8a95917561e407297b5f67b

SHA1
ce08a413fe5703da6faf7a607516566f5eeff705

SHA256
67f2ab4e596ea2d60328ed76d1aedd180f5ec5c48805a46a211fcf013a1326f6

SHA512
fbc9b4f4ac0836a92506b8a11f13eb9250c7c0cec5df269ce3aa71c1eeea7db52b1dc8d7a0d6eb4cb296f2629996552dad45c1b670481e87662682fb8a4744c8

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
132KB

MD5
99e983fa8e9e4e25e4a37f9dbe0309b0

SHA1
ba6a2737ffcff5652725a4baf11e53f60f599a97

SHA256
a417d00dc814a948da24bec96c740a0575a9d9fde91e2ed1a40168043b346e89

SHA512
76f44a1cb938c4d0f4761916e81cb1887e326293cb09f56b59d605e73a4599c34b7a8e4611d14f23162ccdcbec6fd174186b3b080e09828f803b105389a450f3

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
3ad91c56b4a92f5b8d8ff1ef0f9e38c8

SHA1
3b36b14717b470a58990baa3edeefbea92e642f6

SHA256
7d6489ca8411bfe92b27f172e72d8c9faae574f0a27e7e0bbc488d4215a3bd99

SHA512
8cbb07f04313fba6a6966c347f06d3bed90a5052f29c1da4c3e84940af52465e743cae3c6985ec7065bfbeee99877e5aa109a072d7d338f5a7de7e43a32b2eb5

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
3f508e3fe77747f9cde7d4c642505313

SHA1
2641db4ec8ef1fdb677d5dc7db2335795e1bbbf8

SHA256
014834b9e961dfd74673ba0dbc2177dad2bca39c62600c6993d08db9748ac02b

SHA512
def26f608dc2213a41db0d8c37e8996a97516b2a1eec48159efc08c7108098e2ceb4a5628a90c0f206b1c8ea93cc0754245f31c0e937e0ed7626c41e47712092

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
4fa2716886619bb139ab44bac6c338c8

SHA1
5b326f046c461144aa83f7c95a780530ba86f9bf

SHA256
c1b7cfbe8bcba9de9bacd0b69700b96c960bae203a902c2a60a9aac853f17069

SHA512
1532bdc6995f118a2f48fd09da4e07e2593fa9e38dbc53e960762890bb13817cb83ade0872dbdb6eedd9a5bedddd126185ba4cb687c75fa5c1b9d0d69bc55cbf

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-journal

Filesize
512B

MD5
4a93d3c97e4ece1718c264112b8ab752

SHA1
19278435420cc1944d37edfeb75842e8e7ed6a56

SHA256
71c4ffb3df91443b8570bd068de7299bdfc4a7233ed887fbb52d2cde3f9e5c8b

SHA512
c6a71db0eb8919d60c6865f4c89fe317028aa3b25b5751cb233f84c04384dcc51e75982a9f6b827327394727910d1b96eb0100f380cd9d8026b7de29f63330ac

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
16KB

MD5
0ce3e63e602061bb5dc03e1b515a7850

SHA1
41e8c874291d387a916b75cdf5f31c75cf1b8470

SHA256
7e740fd7da1501d30a012241bf5b9fcc4e92b478dacf513f34df9d71a591cffa

SHA512
cbe028d556dd1a49830cdf5f9d92991d6d128c081ac3d8bb61b0174e4b402ce0a0231063ff21126c6e7d3ab11231f62ff98dcdf91209ebb67e91b687b133a889

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
116KB

MD5
a32e4fac11eb90a228a49fecda73a206

SHA1
d8cd785e7bab0f36225bd785cb3da080076f5382

SHA256
586f2b1cb2b2ee30a3a2b45ea2eeec30423adeb1a803d697d78a6ea92dde310a

SHA512
1cc3872bd9c4ca17f92aba859ab4ad462bf13c8a7c369500ced80ef099e783000fc37484da191c2fd20d9538741e4e81b80555cf68e020a90b7d882736663a7c

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
854634855019f5bf475d54499c5aeeb4

SHA1
56b0ce8c8b9c8ac9c8e5700afa98ba0628e1a54e

SHA256
094378545ff5875d0709035a7b4436f6071ee3cbe691a5af7312e0fa56dd3244

SHA512
dae1baf265152c04ca450cc1419a7380a3d196a83be2935b4c76eb0a36bc5b9ace8cc485e9e9c40968599e4c24a631a8a07147a0d0155dee3dbcc58c269ea21d

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
3dcc6356f966bf3f00c70e791e1f7a0a

SHA1
f5848e5f5fe3952ed6a3db1e3a5c36336120f190

SHA256
4e4008eb12599a852e8621a705bad69b7826218171077510ec99a24e4aa466d2

SHA512
63875538511f51bec766e9356e81bde9865f8f03bdca695d650ed0e25f1eb15af8158c58b6bc1ae2c5f7bec94a98a8ab77b3787b2cb49fc6d61a563a476b4bad

Download Submit
/data/data/com.gbwhatsapp/files/.trash/9ea48869-75db-4cd7-9ca0-a1343af7f97e/321465fd-a434-4059-87bb-594b01cd7b66

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.gbwhatsapp/files/Logs/whatsapp.log

Filesize
725B

MD5
5cd145713bf2a7e871af9808df5eb0a9

SHA1
425ecf48bbdcdb19ff81e6fa8a7ace50989ee86b

SHA256
19b6e0c664ec6d8890f387e4e7b76165160ac92501e3906e92de67ec0e251970

SHA512
a752eb2b24eb6456a63c658b1a6b2095a107dbc746825c665212334a199cc678ec54ae8c56fc9b556ae343798b35980b93a9d451cf1f19a45d81af62b8110d05

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
5.1MB

MD5
3795be0aa141de5b9215a11deee26a1a

SHA1
1a422ce3ffc2bd7170a7d4cf150ebccb0ee55a57

SHA256
2790bfcdfe7b905cf2074440139d51238160ae6bb119795b3fef83b559582705

SHA512
00dd27e7c64e43cd96275e56126765396ed6ddfbfccf8a3d5ccde1b5ab8c29d27fefc936fbfc81d224731d1be3e564eb478b4f143304d49627d3e1a90a3fe2da

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
ff53ec72b6274b5986bd06114daf95cb

SHA1
e40b733a15ea3829946db899dbc2e6ae77f4cc5a

SHA256
3d9da2fd504859d2e1fc4d096436229f6577e233eb8833454a1698b6f5d46ef1

SHA512
90b5b76a7f1eaca1ea65d6a6fb40b871bda41071ad9734f2bf51415bed9399b7f275812dae79d93ade4ee0d201e70fa87cd00f779c18bf689ddd1841410e08e0

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
7e4df2b38690aa41b0c423554e2d427e

SHA1
e46f8b6fab1c0922f597f9077b1989a9365805a1

SHA256
e9fbf1fd5dfa0cd811a6d607cc6219f9f781a2079d6bac28bafa6b2ef7441594

SHA512
91e3e0a5fdcdfa1a539caa2aea09cdcd01f14b3fa16bc484336be1f7755a72cd96f992cc867a6b53341bedd44289f7a8c9a18932d24933ad89448c3a79cafc21

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
9136e5179f31cad521fd7e8967fee62d

SHA1
a7f8ed72c1470e7f8bb820141b427c11e3cf70d7

SHA256
d66a8362ea3fda0b7837638935bdaf61ea615acccd3e00afa4ae929fc618cb7c

SHA512
7dbf436a2ae71ba438bcafa9a13784e027473626cd156f2869c087d44239c6b6dca7bc400563285b9f9567ecb7b25f61980ce9af92981c8b69002806f9b71a8c

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
169KB

MD5
224aa0b00e951897c1be81c33b4765a2

SHA1
0c94c5917338abaa15e22eab2a2a55dccd3d70d5

SHA256
e7a904cc93b0db3dad9094473f9346fadd9c90b38bdbfd5b328f47a2fe992287

SHA512
0bc687cfc1de62dbeadc794a0864f30e5281881350e77674bf075d71c3c84e55d804e538274d5a8e540c172fac7a825a20ca3b290644ae832b9196906a7023e4

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
d3e0077c94808bf904848bbd981a36aa

SHA1
58f7579c6b1d172375ea78f865bfffbecc50f255

SHA256
72a5b5d769ce97e322a5c2520425871b8c9adcb43c74f936e1cd473995834235

SHA512
1e2e37d5e1007d4d6cd0e581cc4e884b480a1ef128fde38301662e7e6dcc19e173a13810f580f619e02008edb73bbd78d72dce0fb3ae41d7877c071aa7e49d70

Download Submit