3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
53s
max time network
131s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 03:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4287

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
dfd6f8897924ceeabb288e3c92bf5cf5

SHA1
2ea91a80a02df91616e9d8ff0a0392e1352ea66f

SHA256
e38ebb4f84d9d54ba3147c0163545e08c8ea307959d8acf4bf8024e41e5d5cc3

SHA512
d82499c2be33c3c95d50b149b588e9c83f4a46fb70dbfc79cc1da9451d3c3eabc26eacf822e05de8fd45f95e5a1b866dbdd93f55ea2a3386f94ced7b15bd9bba

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
f3af46579b2410e482c9c71460a6a944

SHA1
dde0e4ed4197a6e3e2ec5ad9f1a19010b98118f4

SHA256
a1274d8723995d6f5f8b82d64dd1ae5a7e30bd0f4a80eb8778f6bf9baeeb3143

SHA512
1e9bbe1baf7264e4b7a9757977075184df692ab465fe7f9d3cb40258107efc2ae6d31ef1acb439a4d879ce448dd10164e743423f8b891fd4ad8fe2194e86ea8f

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
3d6bfa684c85677d8d0242bb64c49c5e

SHA1
61b79e7634ac85317429f6fadfab593033a1221f

SHA256
6918ed1927a506e637e180e0ede82891f1597c729d64089cc3353ea2e66e1f44

SHA512
f6b6a7b1ddc175b29f363cbc1c2c368bcf8afb2febc812460aeed38bfb63d26e2995f251a947e62561a67fe8355aa83be594be785d77d8e9f8378bd297929739

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-journal

Filesize
512B

MD5
ba14c1812a2fd899bb7f7ba57eee3d59

SHA1
dde5166e60c418813c276251bcfc40fcf7bf04de

SHA256
827d46d7f1c93d1d58c3e1a600bac10279f3baca8f32c7adcec7ff0512b1a902

SHA512
11641c04b6dbf723a41075620e898f0855fa41ea68fb60e1412689b39f69d87dd37a321a05ed6d2c3772707f0556d9826bc8c53b30991970612800acba1997c9

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-wal

Filesize
28KB

MD5
61489c4a20750e885c974d3ddbe41a5a

SHA1
62e06569a4140160c68d96a6cd7535a0f8758c10

SHA256
7799a7057904f75d3a7e259c886e2e440cb111d48c9b23df95ea80f2660f630b

SHA512
ea1bf1f8af2e41d5b50ef6716aa1c98ae135bbead9b4f66160378cfb4ef5411a67a03b0a0755f4b057c58a38adbc923981fef533b0855ebc55e131dee28828df

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
78fe9f2db17d81375f43926b78f830bd

SHA1
2aaaa414f20fddd0792f16f776904333e378aafd

SHA256
628ba7c88f749885b470aa075366fe5a338861f5907361e7026e949cd4a456e3

SHA512
7d84ceddd47423525569987907444f0972059129f156007c66ab991cad466afeb450e98eac8d1995695918a6f645dbea79c60806c0d1a3e4288508417a24acde

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
0e10d5c68a50a1e1d8971258d7f06679

SHA1
abe0a551c0c2bbb335003e9c6687ab205b12f5db

SHA256
f0068aafd055c6f7902fc50987fa637aa95430cda56764643165fea2523f33b2

SHA512
3b7f112db1f4b80f4e86ba6886bef2c511f033ca8d4a1e5de04c6f615f12dddb2b1a5d7e37fcc5365ba8cb12d2dfa34b5c1f4acbea10fda08a168dda46319b9d

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
af3ab5195a0944f9539c56b51e381555

SHA1
2c745af41f671928a755206a613c124dbe4a3c43

SHA256
0ded666a50a13b941d7ce6e3485de8a60261924186b725743366513c36a5b257

SHA512
ccac18d28b657fd2631a13ec0f8804059fc219e3c6b84fa9fb069033f68d872a38f60a98151b7463fa57f36e813441046a253aa38b72ec95232d5fa1b7988a12

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
43KB

MD5
b3e08cdf48332aa7c79d24d07df16a4f

SHA1
c11f76247cfd8c4f6ed656b73280f1172ed50da7

SHA256
612ad1a3ecd0fe1a6427ea484fd4aeddb0c2b85cf13f9328e5356ce14dee20a7

SHA512
45dcf4898422371bf5d9896e778cf5a6d775d69e07c2c5abdf030742c9b3313d18d101c5dc8735e90cbd57169959810ad9e67f47c497d696dc819c549acfcc29

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
16KB

MD5
f7112e09a539ced8f3114706bf2abfd6

SHA1
df80ab592fe18fd45f69897024efc5ae81cd5b9d

SHA256
e90ebe2c755a02a88a74035f20866bdfe13266871a7aca73760eed3f1f7d28c4

SHA512
356016d2a6dcd1a3e3f5807ad699bac1e683c0caadd800884b0cbb6be65e57ab9c218d6594bb08e09e42d383a0655d81a6fe1348e8cca268e1df748c08e83db7

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
116KB

MD5
b05f3058c49e9d9d065c19872c2f3561

SHA1
73aa41dc6bca029e8c206d0bc69f4aca359b2247

SHA256
ed06354fad608d8027445fdca2702053fd27387965f288d4af45db4bc2b4b95d

SHA512
51566c135a934f1e5462c3bf3e01b1c6c8c166b72a76b2f0eb19e43632e6e8924a33393509a7a5003c44f40af1d4ff1065147f9a57d73cbf46b7bd904dca1924

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
12KB

MD5
c806f5f51b385a5402790e300f202d1c

SHA1
5c19d2a49614c7907aa7927f5ea0584860d5209c

SHA256
9a5a1ea0e49ab16f82739bf136fa40f82e7e51e12a7d6350119fc9bf51293e84

SHA512
b5b7decdbd4cd7172f64ca1322711760a3364c25c68bbdf1cf577dbc9332feac703ae77833b95317fde4b531e2efcb182dd56c4e5b39b317c7d8a8d3f7378261

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
68KB

MD5
87f423ed59cf4911bde8cb2d59a3a073

SHA1
b7366dc76ca1180477566f786a1ed2e66ff8f44d

SHA256
7a4327c523c6a0848a4e33b66eeafc53f79a62a901b0be0be5337413a118ee9b

SHA512
19e62a502d01c564d3c183db3a3d8d9fe8a9ba7bb16ea613678284c947fffadd6cfa1cb37314d88ae6bc893aa9fc678f16828aa4d26f83452897716bde5cd8ee

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
1.7MB

MD5
ad05c9b3c7dbdc556d4cdc4f2b37c407

SHA1
d51dcd5a4da2ce52d4ef2a8f034f4fe97f43aa16

SHA256
c2fc2e953dee7274017f6f37df20c9d4953454df04050bbc9f243a36aee1cbd9

SHA512
a70a45960011d9486b1687555f06b230f9a57edec7d4fb1e93c978bf1bdc817137e7f3fce270531d4a2667a5b9150e21b91b7247823601ef08416d83b8c604fe

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
89f37ec2d19fac0b4c7a9c1ca8ae75af

SHA1
94bf63c41d8a4f6c5df7da82b524515911882d3d

SHA256
b17469089b6351d26b97bd1464c541ba3d82a24dc8e0cd60f42cb8effc7acdfa

SHA512
366fe4888861151257f4b87b4756c2fbf9ee2265b51d2fa72b5d1215dab6a976343c34418ea1b40d1b336b1b218092029a9c923d3f1b23eacaa10c51613d66f7

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
169KB

MD5
e81f85cc169a6377367ca76db0ab5857

SHA1
581023a4d9eca1f357720b041b3a5765dbb43dff

SHA256
9034dd05dbae9bc434787d859681f1a05164705b8de7c72574b73e382b2c08c3

SHA512
4cd666308b97af4d7f2148a21b9a6de59c88af406acc4910fd128ff6d3fb06dc7b1e957e5eb8a0ff8ec90c70c161a0dd451800fa394833da006c4321c75af78c

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
79b8b3d0bd6c6b523a0bb4415dd57be3

SHA1
6d2eb5cb75d1c89f9dfb93f0f939a18d169554c8

SHA256
3a8769069141f366fd737b6397c9ff7807fa00ebc1de8fe8f9faecc08fd1eb9f

SHA512
a8fc88c2c93af5c14fe9227271cbc30ed42cbaec693e03f0d006e82f0132ab2ef62d7fd0e9c6acc49b9ff0dc77fc2f046bb6d2684b1aff83718116457fa31788

Download Submit