3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
47s
max time network
135s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 03:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4279

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
a2a18ed273c91297f77334e2c10a0bed

SHA1
30c47d63959954dc08d76f32453a7521e78e15f2

SHA256
2ce877fcf0cf5c7ca184c1f6a60f7c03a1c68a1db069d4250a606581b0e68967

SHA512
8ba086717ebc57f17ccd0195e091e9dddf592b0f6151e3506c7a475ac75964185560e4a0afee67f4712ef1fab98507ac6f2c37bb4ee8834e442cb1b54d376658

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
4381d4f1e9114e9295c1adf882f6d200

SHA1
5e1de2ddb12fb2568e0291907d5ba233c0cfe75d

SHA256
6d6fbe821547c0b114494b20a8ea437d612f3bbc42a8c405e2eef2ed8d45368a

SHA512
ed32b510b280d0b4f685b6292acd95a53e6149d5a703444e3a74a56f5981528831d53352e82e936bf2117798a7c80c5e958bd73796d436862c510cc7cf2dc45c

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00018LightWallpaper.jpg

Filesize
7KB

MD5
c3fe540699c6c5d7ee55f374c753ec64

SHA1
a43c57595df0e9518acd00f6e186d753c4e06eeb

SHA256
b1899b2b0e9c198ec69000bd5427ff80a0b16c241a36d37a13e2f569528ff0ea

SHA512
eaa51214513e7833ea49550fd57217e798d079372e2769ad8ccbaf99711e75320782e7ae0f81640be86e2ba12bfc38ee46c6d3960d2fcd7dd37df0a13f5dc4e3

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-41369804589544610.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
d577b20d1fccc661aeaf14bcc152fd09

SHA1
cedd536be77c610e966c8e95a4abc8814d90605e

SHA256
9a78b60bb6035647c46f729d8632aa758187885c3e5e7e11bb96cbebb6b9526e

SHA512
a0855beb170370909a611dd99e4a2bd83759703830031ea0309c821695255e0cccb9feb702128e28752ffc01d11ae3a9525f8c4993257c27d954575b371c2a0d

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
bf23cb65f727eed803b2e3bbaf68f8bf

SHA1
74468f7e75ec7ab51d7f17c0d09dcca4001b0b5e

SHA256
3ac2989c86ae565ef8b236f57eef51140048b52a23c1cc4cf280c8cbb614dd1a

SHA512
3ffdc198473fdc1f912a24847d5db043370797e13f0a6dcb8bc6f9a1685975ddcf040be7d0bf186d9917fd2459a873078bd0b219b268316aafb88c2df8837cfc

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
5b022ae01a5a62b2b70ab230604303cf

SHA1
5f80e025fd5c8507409ddbecb5dbfcf1cf774ce7

SHA256
af52cd148adc4900c4ca3d9717e731ff12e00df6de1aa29287ae0a5d7695e62a

SHA512
dd9b97ede9ec214020bfd1cd5da00351cc0d3759c43e2bf128ab0f5dfe9eba99b32b0e20506f8314286336c5e13ced337e93766f2dfd03b7fca46db9cd97fa02

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
69a160b534404f55f81f00654e7e0211

SHA1
498f491646ac6742c85eeb1e16d756876bbec247

SHA256
09549ea5d5eefd370dfe7a80d3323c43956ba259f48d43d81f3c528b28c70822

SHA512
f0e6069d1bab8e7a33a5f320f5f210110337a3d5106586be4c523041b9275b477f5b361b64677bfb5c7f169ff184bd3bbd1a7536ec4a66c27d679b2941a8ca2e

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
100KB

MD5
bd31732022875680fa0377e1da80694d

SHA1
a02114f48c437b1479777f7446a539abe15d8fa9

SHA256
eb9551e5abda0a52fd2f3433c9b4fb1fa87c7b9902c037b60d80107c9637dcd0

SHA512
5178a192d1f16b035e646268d624a19ffb70f94419f6a34b8bee5d6e9b756c41e822ab0621252568235b6a25141f93a662d63537a8928b5e249bff0be23f4a8a

Download Submit
/data/data/com.gbwhatsapp/databases/chatsettings.db-journal

Filesize
512B

MD5
f5b22fd09e9a00cebf480233a2674ca7

SHA1
7c6e1ea155218cfe05bd9e6cb94c9bbdf5fca3bf

SHA256
51f9c09b94ae36a45b577ee866f40851ffe51a54d4c8662ccbe9515284c8eccd

SHA512
4d0d42220f2f53f555353a25b604cfe442681642deed494e75deafbe2158cacfb77702f9e267e350d0156fa30ef3713d0aa599d5ff0f107cae179774ecca1ea3

Download Submit
/data/data/com.gbwhatsapp/databases/chatsettings.db-wal

Filesize
16KB

MD5
aed662ffa5d274c5152b2cc79665dda6

SHA1
578bb5e4d22df61d5d72accbc397b0481cc4ea88

SHA256
47666ca67ce2168d3a750f16ebab0aa6d482623b4450f0abe07e11e8ef23aa75

SHA512
4f1fe493994b3433df8e3d27b104ffec53e180a827d40f0b0ef2be589696a896fc37d62c17dd8d4053db9a303134981e429c491eec12f3d1e9e7d7b9b3f1fe8c

Download Submit
/data/data/com.gbwhatsapp/databases/chatsettings.db-wal

Filesize
36KB

MD5
2c94466838a3f82965a14e8ece066fef

SHA1
d8da841ad7e0eec0cad99a843c3416944101574c

SHA256
513c9ffde8780650dbf82fef49ec4db7d55bfb579cac5f72f23896046923dfd7

SHA512
d04f96d3df6f5832c8f9c3999aca812db5130abb270b129ef68b4be6c116fcd91f188df1ca66e128d7a9a716b23f11585a19edd4b6863d4caedcb575aa5a93cc

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
8e7ee8617ea16866b08805513df7d4a6

SHA1
5886c64167c754886dce378c2c585b7c51033921

SHA256
b18cc28cbd33cd9801d654ba4649836838832b53379b7e38e5b09159e54e1328

SHA512
b3dbaf1b07b139981cbf4dcae0b1d6912ef263e115cae33376e7de0488d056673bb46c59e58cf2a9a1283984efc423118a62189b6aec83c073c6172a09957f45

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
2e2f5954104a1dcb0b47034c76449ac3

SHA1
03a27501f7fbc67039ab22f767411ee7d33bfcf5

SHA256
080c7eefd8150ef1dc29b615c011d535811f0460b91ceb9dd50f99a007514956

SHA512
99a204639283451cc39a11fbe1a12f13bb9119358dd3984e5f667f74396d297b9ad88abbc4cbd57c2b8f3facab4ce5965d3aa1024ccc85df4c2249d6436e5e0d

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-journal

Filesize
512B

MD5
4c58544e0d4fd7c6a9b0cdbdfe480196

SHA1
3e1cf70b6fe363bbdf6cc4909c83bc778db2ddc3

SHA256
0411c711847ae822ad7209058e7b22d08be25570a6c455a0f1b7d34588938d97

SHA512
6733f2ba1a4eae6a927a9cdb91b59210e365cea67c8583726330b279a178a1c08de2b40c57c43d0b70854a0ed3dea18849cde78c612d974b21d9ff849bdbf884

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
d1edc1d59aec01f9fb45c2fba83ea325

SHA1
ce5aa988f74bfcc4b4563dec3c05d51d74ba4220

SHA256
d26d1f35e5642303f100b1f16698e443179d44852f22f10104300cf767b6555b

SHA512
3da9188f0fbfa5e997ae5c0c9f158ab0ff2e00e9b9fc9359b710a89309cfd10c199cfb7d85756f7f8b019cbe4d2578149d76ce89b1c2ff26741420913d3b42cd

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
599540254cc39db0d6d3eeddaa7fec96

SHA1
1152b894b4e195ac3d51f328159e7ae934633be7

SHA256
2a309c58e92f1a95a87e0103b838a84f22b253210190b58a36aa0605318002ac

SHA512
8d3c46cedd08e671a85eca9bc9f5c80d326c7b4bcbeb3b5f0f5d60b1c19b6c155c27f39089ff64b50367ebe4eae6c7f22b7fa057eb7a21f2cc9c4a59e9176539

Download Submit
/data/data/com.gbwhatsapp/files/Logs/whatsapp.log

Filesize
4KB

MD5
52b6b6fe1551d1aacd6aee2639a0997e

SHA1
451fd234554ecbfa05455fb429585f271bb5eda2

SHA256
b15a774fc3e16e8602fc26c9751d56785f583668832f727658a03117300378b6

SHA512
dd907c64b6c9be0d01c5b83233e2a0437b7c39d5f05372d36056fcda749504a8d754fc9f3126a2e4d729f8e65490e4b657d7937b30d6dfe696c5e7aa40464ea3

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/.superpack_version

Filesize
33B

MD5
38be04b6fea00207c66d0478eb4f50a9

SHA1
651164ae6684e5b72d1b7270542bfe60f0bc7b21

SHA256
639b8cb1b54b81a59e9733df0a21223233bc2c7b646e2d30e3b8cc1778588a7f

SHA512
b23e076e538db7c3b16032b355453645ccd542c49128d4de89c3be2415d50bbebd3e3ef749a07d434306f1fbe999ccc363e263ba21ab7a064e6c5c4c9867ddcb

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libtorch-code-gen.so

Filesize
979KB

MD5
f54fad76ecb9fc89728aa123e71419c4

SHA1
d9de4c5592a87c3a5614766672800bb572532eb5

SHA256
e5623587400de1ba49a1d41d88892c2c6dc42626c74f53e40d9ac15e98db7f99

SHA512
7dfa09207bbb6a95263f9741d619e913e81932281e5ec66263311e6a5a5a4136deb721c1d851d907469e0c26595ae1036ce28b182660ff49ef85e15fcd631040

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
310KB

MD5
2bf5a5294e027b0e233d4188d65f1d34

SHA1
d9254ca96852792e755f0f1e0e90ce6e87e64d3b

SHA256
124a9a84ed2a99ad53cd8117616856b3ce61984b491fd22d20dd5d6c78257069

SHA512
bd2e8633938bcdc43c30f874d5df5356680e224abdb470e909bb5b07c9aaa8584976598252cdd17f51748e7b1bb120893936482703d20c9ac7752a82dd71941e

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/strings_en.spk.br/strings_en.pack

Filesize
14KB

MD5
ad4f03a0de28bbce17fa5fa6ffedcb87

SHA1
1aff1f5f33a089bf98545b47a12571e782bc662c

SHA256
2f4338541405123620373068dce99c1b5a431705354f7a6415fb4871feb185cf

SHA512
b60df609557a394bd6fc5f4da46205c3f25f8576ceb3b3a63fc35de1bd08b480164d301e533365ebfe030c3dc61a96fcdf8dbc9af5198fb0b63fa7cc02f8aa98

Download Submit
/data/data/com.gbwhatsapp/files/extracted_pack_file.pack.tmp

Filesize
211KB

MD5
0c723e248d4fbd04fba6b9716c4c4da7

SHA1
a665110bf4b35616b3678debd41e5d7ed86fe4a4

SHA256
fe0b20920dadfcca4b2dcfef21719bd39f5db5a4df9f69e11e1f6c178795cdf6

SHA512
f718a2d52c84107d89d7476555f9dd193c4be7e16b75c26c1081aa93ebd2c56398035c7882328ffb3aa2c21f32b03ad223de01eadf786cfc6e023f9a2f7df8c4

Download Submit
/data/data/com.gbwhatsapp/files/wam.wam

Filesize
97B

MD5
e77ead208a32ce40ffccc0f2c41f3668

SHA1
c7462f8102bc6e2c620a8c198688c5b8bdd6b5ad

SHA256
bbee59e83db5ca40daf7b235c70f696b44ba060f708c15e8a2b4d6f0eb91277a

SHA512
328a19e1c719eaedc8902ad3d2a7ffa556d536d222cad07fa8b884db7798db2ac4a81431e533efc4d1b8d1479b8f866c9479fdb6bf9e60cc39e003565d9867b3

Download Submit
/data/data/com.gbwhatsapp/files/wamprivatestats.wam

Filesize
97B

MD5
a33819b94dd0d2a419f7c56ba4ddc2d2

SHA1
6691508bd3c3a0ce80a54e6ba0f065d3569cd2f4

SHA256
7ec3c9b55ea95da34f9cbe0519ac3d684af0c7df110b6a6a2f93ea3199c8782f

SHA512
2b28b0c800726632bd3eea84e26646e3422ce76bf53ec0f8f32ba836a71dd0b118a4da87c2456b289bdf409d0b27f5abf9aa8fd1f6257c7c2c35f20bd154e7ca

Download Submit
/data/data/com.gbwhatsapp/files/wamrealtime.wam

Filesize
197B

MD5
22a9d9c3a11defd795a708f503b65fef

SHA1
d34ac45b697a6b6a1118dd4103b4b0b92a4790bf

SHA256
08402965d1a9f96a0d91e81060fbd84c87abb057b16515eb958f559e69cc3e9f

SHA512
e59c684f6eb3827e20e3aef1b283a0ef48dbd65144649688030f7ae1bcbad6d4c2d9845f331bb6c36d8c1723e75d1b9c0043403e420257e9df660fab41eafce8

Download Submit
/data/data/com.gbwhatsapp/lib-main/dso_deps

Filesize
272B

MD5
aa97172b6f87394080ec4940ca84d4e7

SHA1
afa4fd1d1e64e157cb562e4b5925f00e20a0d25e

SHA256
34e14d5918f20b96b851ba19102e07d4917dbc991f0e2f4b4ddc7c3b8a3cc3e3

SHA512
f5d80f7493a806699b49ab0ff78d24ca2aa1bb27d4d8b7b6581821e2f0169976d3e9a77e9ff9e942c527aaa3d540d53ac9217be3cd47e9aa5f9f616a4aa364a0

Download Submit
/data/data/com.gbwhatsapp/lib-main/dso_manifest

Filesize
5B

MD5
c06857e9ea338f3f3a24bb78f8fbdf6f

SHA1
c5a0a2529d2deb60fec041b4fbd722a2ebe31702

SHA256
957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

SHA512
29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

Download Submit
/data/data/com.gbwhatsapp/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.gbwhatsapp/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
2c064ee1a8401807e4ba7d2b70819951

SHA1
7dde9b2a9d117582618e72003db32ea520b313ac

SHA256
0f5e7695fd2c83fee9344bec47881acbb1a973fcec0939cf62aa22c4b7371389

SHA512
61dc55d40c50fa62b897cce97ef2c35ac613a6ed5997d5414be6724888903050e8de510b89a9e1071d266b25d7b2ed95f51f31a40894b44868fc828af62ff8f7

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
d93be0c860dafa1b545c46c7121b2f31

SHA1
71cdabc5c795dbcc533ac3eba809519bf0b9ba88

SHA256
3509843383fafef1e18d65c2c5bb335825372c8a915ae3b86211b18499114143

SHA512
48f8e8bfe8106e82e69ba242f58b3cd7804c48765d028e0f1d2674d0ab81f226eb45510bc123bff91ed52de209def1af37f7363c01b8220f8de328b4c9661687

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
9102e93ab6cb9b46ecf8cda05c38e472

SHA1
8dad85f0a9f90698d62ed70af4f32bd925607cd8

SHA256
d22ff0544343b4219df59bb5a2758d5ac12cdd33a4a6ea212d017fa9ec668e98

SHA512
8e1ec611a9c1e6867c5aa079f42593d5a1a5d4dbc2c55f2bbb4ba8536043186d3deedfb3b41d30ccf309b527c6c83beccc5dab8d4068194be337e0eade04dfcd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads