3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e

Analysis

max time kernel
47s
max time network
136s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
13-02-2024 03:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Size

75.6MB
MD5

d73fa603bb7dfbd53f2ec4d05617b9e0
SHA1

86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
SHA256

3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
SHA512

4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
SSDEEP

1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.gbwhatsapp

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4290

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
2b840bf3528969d1d8ab30f136f72cfd

SHA1
57f8398080a7db03b1803c88e4582ddf18077c17

SHA256
556a7934e34b3abfcae535e786b1adef3386cdad90f233c4a499f174e2f8bcd0

SHA512
c45bf04ff35d31661670344297ffb600ea28e33a6d4f48eb309f4dc8d29ab2ebe941c688c03a1cf8b4964be528a8dc2537128c341650ee9efc62b06a0ef9dd6a

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
33322d015b13459d5bb4ebd5c1f0732d

SHA1
6eacfd55c00447b73f593247bb62e8be148f595c

SHA256
6e3fe8364baa542f52debf25bdb1638d55bfd22123308fb5394bcccdc3847691

SHA512
0d1b32eaa77aa3700ecaec24082d51b927f267ffbda7ea081dd1f50cef942f72491d941de70cab37cbf2b7eb36c7c05d73d8a9ceffdf076937ada2881cd74895

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/dark/00005DarkWallpaper.jpg

Filesize
3KB

MD5
73a86bf812966a7c6ad0be9e8bcc1a58

SHA1
0ce4bd31324d287ecd21d138063c9510dda452c8

SHA256
781e06e41a1020793c3c18a337443f367b544bd3b37adffaf733bf0ac80af128

SHA512
a61fe84fdd6e74aedd03e25c5f5af5fe628eaed4bab6ac226c1c65d142c3d23407f710f7ae31ed7d32db53d30fd2d5d2a7fc5910403eda15616bf13ac2012a63

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00013LightWallpaper.jpg

Filesize
15KB

MD5
c6c2fed91c2a1f694746428d5d4727b2

SHA1
ad4d05e6ac201124a926e55f5297c1b62b8d4a6c

SHA256
eb9c4cbe5a5c4bc6a2da5dd6b0789afb82ab0ac533b172e2532eae0f4630ba83

SHA512
6bf91f9f72b6f470f72137cb28abf3c8c8de9aa41ed35b8ad0611bc77e42fc095991326dfc66873d8433eea910a210232e79ce3489e4bfb92a92d8e25dc5f31b

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00016LightWallpaper.jpg

Filesize
16KB

MD5
ffdec085ad4fa2d5485bf0c5c0e68e89

SHA1
074fb430c5e78558fb59f4bcdc851f6a1c14a906

SHA256
059499c43e66d3acf9b7a5b96f00a21390cbefc5047370444c07b7fa7dff8997

SHA512
32bfe6bf9d2e1cdbb7238b5998dddcbc2571e506d42a5ea4e1da3576c4cab749f7f846962c17cea5f6e5d47a546f9f2c54589c631ae8377fe9c4e83794818bab

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00022LightWallpaper.jpg

Filesize
11KB

MD5
5db74de1133d28a74f6f35938e399c41

SHA1
02120fefb72f533eef47ad594e3c17e508847e5e

SHA256
8e1b6c2b97dfa24c92ac68198a7a5fc8fa7cddfa23b00e263b06f588b5b2fedc

SHA512
01b2fbb6e51595130ed3eb735535eb0287928075c43582bf72ddfaab58e6d7c3ff75941c16f58c6d5746c93a6797b840578095c512bde64bec20a0a01d404cd3

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00026LightWallpaper.jpg

Filesize
14KB

MD5
5f3b551a3b0d6c7316eacd3c91fb760a

SHA1
a493626f3c5fcab924d3d5652691f1cd7f01caf6

SHA256
902b37c27087e30e770ad8e732a8d8bd5948f983372d364cb17d92d311b2ee92

SHA512
442423f4b390bfe31253f736ba60c4c516c39be0d793f1cb649d727cde82fec839a9504784f403c1decac1389309b5a8f814cbd3448f8ed51a307424b0471421

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
2KB

MD5
e774eea78e12abfebe0b892f91ac88f1

SHA1
8a3909bcccb9e76b63701b654c50843403fe08f5

SHA256
1e82c480967814ac8440495d93e302fedd1ea1cc6c97f9ff390a0437c7437f1c

SHA512
983639d783fc9431fddc6cd5ba5a211f155ef1d6f05b6816b1e4e534f1b2061663c638f92f0d6e12d0e659db98d642e2e78ee38a84e8e16f89d856617fc6b01b

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00029LightWallpaper.jpg

Filesize
2KB

MD5
498060431540251cd72c94f03dda6aa5

SHA1
abbab222e677a832d6ae954e22e308af84f1fa6c

SHA256
66ebefcc304ee297774f81aae8eb37e43707f8217d726c34b41cf36e968a377c

SHA512
f99f8d592c1b33842ef4911d2e84f81319aa2b5fca27db994093c1bae86c2835938e0a7ffcefecf85a96637395dfe6ca84524819a54ee293baaf11ce638f9e04

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-89240149086375698.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
f1a9e4e1d14ba00e1dcc57688cd81c32

SHA1
872b5e9fc8d06774fb31de1d6aeda119f84d1ad4

SHA256
7e21b56558d3bbed5b6894a0e99b28653e81c57b13516ace4bf04934450a76d4

SHA512
aba8094012eefce7084616e0c84adae290a87dbf88b3699534c4cbe076749aede7339f39184bdcd74fbcc1d5973811421a58f780531b395fa2e94cff2843cfcb

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
bb2d12b30aba2f068521c71b168e73b2

SHA1
8371d33b8aeb71229a37379607668c61ac421507

SHA256
ecb8b6b1f0aeed1fa7122656c5ee2cae9b2a91072e89de3069ad9c893aab8985

SHA512
509d2dea163abeb46fa5faee9b3efd0a8a8b88e84dde7e61e4656c416515f3024156156b09aada995e5ab9f4afb854fa17606e19493e9fdc3d4c569c88c672a4

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
c36f04baef2725f159444a030f5786ea

SHA1
80e283adbebefc0fbc6ebc21b5b85faa1e35d8cd

SHA256
02088e1331f8660a68b9dd00ec92019a962c2eef2b3a58f7bbc329fa58f68839

SHA512
046f73f4151bbabb51e9f0fd778a468668434edcf5d0e4215fc5c81fc5c7f939603edae6578fc5a29cadef25ed1b48dd2517a674af3175cffbbaa2fa71f2573a

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
32KB

MD5
8e6410eb4f98b0f61d3810a9ff1d7b2a

SHA1
b4772c233222fb0a539b28234b776354826f9ea9

SHA256
d1242533d76e5d2657e52c5efdadb2b2213972ac49ee00846689204195c6eaec

SHA512
02830943ef94fea771f9b265ac33172c54904d4386de86324a761009f37d95eaed862483436dcddf0f219662d5d3204e785abf098beeadfd2d1e5d0cf9c53fb4

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
e495e7363d673803afa7ba4ab0ee3410

SHA1
2a4cc7b7b544b3938e45ce471c1336cb9fc9d9f9

SHA256
31ad9af45cb1633ad92faa740d00e4bac1014ee292a723aaac0fb28b48aa9887

SHA512
afce982fe40b1237e7fc05e5ab5900aa80722d05eebfeadc14c0dda458493c241269718e46aab7789ab61b04f3a7c33f44ad1468c7e2c33aac0ecb8b23e04a3d

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
1b5fd21c645fc11818c4b748f4a62c8e

SHA1
60e93573a690c63b6c40cdd70d159cfd199a439e

SHA256
af73d90ee3561fa45f0564638be022c13f3d8826dd7df4159d2401d8f5a1df9b

SHA512
5f6ccdde4125fc07248b435d29768382afc8a963130979e6ddcf9d945fa09d8618cdea49ab4e4cf1c9216d77240575950c825b57bba6373d1bd61f03ecd29e99

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
4a4d25cea880d68323ce7c7fa4f8a246

SHA1
d68b74c8561958149184c350eba7f5f9a94095a4

SHA256
60bae604fa4927520519ea14d7a128a530b2b7b67c589297a1a43ae6aae9d25e

SHA512
aa572a391f7f673a1742c4e2008bd0d1ec0cf86b2f17bef1a7bca2828e46e20884b030b986e3de747dcf678a28c9dc463de5ff514cd189546c6fa75f2cda4fbf

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
85433e45449b4eb0ca7bf60245e566bb

SHA1
975b558c8efd78cd53120f6f48b2e328a753dbc8

SHA256
0180f42ede5c5bdc523dca00834bfad24c28f76914358208365b104a0d289631

SHA512
3d6923ea4552ced0e3bfc8bdd45d56906989a485434fa43b43da20448a176a6f87f0a05a5ebc6db3972b9d2cb42f9f9d303dfe5c88724228479cb321c0996694

Download Submit
/data/data/com.gbwhatsapp/files/.trash/c3e8390e-e35c-4418-b0ca-af3be8f7463c/1e13839e-75d2-4342-86b5-6dc6c052604d

Filesize
526B

MD5
2c0f856d7250fb18c8dfe900ec9bd5d4

SHA1
10c62e9db2bdffd3d76829987e50d0efa5e0a72b

SHA256
62802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6

SHA512
ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2

Download Submit
/data/data/com.gbwhatsapp/files/.trash/c3e8390e-e35c-4418-b0ca-af3be8f7463c/20a0e5f0-fbc2-45b0-9961-13df2f681836

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
984KB

MD5
a006dfdb1ec2f639bd02a3cd4f35cea6

SHA1
3598b3beaa3c87e02ffe92ca4c6647afc0fd5da9

SHA256
5c2ae21954794669d9aa25cc4d39df5bd9f529d945646398d2dc8ab22be8f2a5

SHA512
1eb6077066a59878cf69311a46aa2b05d0058828203c59d2fa4ae89e5953f59e2ce0728eaa393330b90982d360f44c2db51083b4b3fcf09b75c735f246d7daab

Download Submit
/data/data/com.gbwhatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
70ff3b300ba6ee812052a066470ab2cf

SHA1
3960fefd78d7fd1c849106476c1b14c84b5dacf5

SHA256
59a728bfeb3bdad2a41569ea147fcad46416f59a2e41f890a1fb9eb85a04d85f

SHA512
4a6855f37776ac7014f4039db1c6300c060df49a57ac9fe2143bbe8c1890e311853ed27d872a41cf1e6349511e2e42d9b63b4236de212bddc0ec86245e8f24d9

Download Submit