Analysis
-
max time kernel
50s -
max time network
138s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
13-02-2024 03:08
Behavioral task
behavioral1
Sample
3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
Resource
android-x86-arm-20231215-en
General
-
Target
3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e.apk
-
Size
75.6MB
-
MD5
d73fa603bb7dfbd53f2ec4d05617b9e0
-
SHA1
86f18b9d0ce32f3ff1c608ae4317329e4da44e1d
-
SHA256
3e596694e6c74a1991490f4bde5e2404fc1b6d57af8499b7fc67adb44e17394e
-
SHA512
4e004ec348e58f8229d1e3b5d2137b64dc09234d355425d8fa5544e67a4d4d80d3e098c2ba7bd5659e443050bae7a404e1a35a2341cd6809b5e83e1078d8bbc2
-
SSDEEP
1572864:2R4YowDIMNvpPjEYr3V1c4sQ0MmDKPwpJ4qHSXKTHcvmM0hV:26YoEXEqFR0rDG0THSmZV
Malware Config
Signatures
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.gbwhatsapp -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.gbwhatsapp
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
19KB
MD5bf3cba69f8d03926d7fdaa1d0a545883
SHA12bd99c360e6f8474fbaf6ce28662c75522558104
SHA25645de3ecf843a7a19fe590d1cd44ee5d325b87d0899a41f46168a253796a03b39
SHA51298fbb8d9da6bc4572f6db7c69ffff888f6b3d74c0bfddf9faee2f8069453cb47364126b831f637fe1c075956220984e3d9c9da7541a6ca12c4b3d6e5254d0b15
-
Filesize
9KB
MD529e322724c1d2ee0d4ab20a64e854a09
SHA160879d9f441a38935fb488fb41c29d38dded1879
SHA256920bd0fe8136b1f1505bcd4b6d145ca3242b66104627418004b460a9d1ad7e5d
SHA512f12f713dd5a570a8d067cb08a7acd5417caf0a56b6d288676b3b44aad861e875c53d4a11ef26bcbebec2d2ea8774acda71d43c2ef386f6788b03c6c340a6f2f0
-
Filesize
23KB
MD51fd107feb2179a67c8fc144df0a917b1
SHA137facae383998af190322d979f3b44d17b8e1554
SHA25656d07b625ab5610f5fff0058e1f5ae7b91eefe925ee6e4760d306bcb67380dd9
SHA512d0c7487d99a4c33fcbe27101f2efbd24b0cb825ac9d4ed6a9af96d54086ea306375f4240ad970f6a7488c3e4cf82f3bb6243b38cb2a24dd5aa25f9f6519ab9c6
-
Filesize
19KB
MD5af5c828efdf154bc9ff2df7ebde687b5
SHA14d1ef48ec16d8aea8ccfeba5de7be1db308cbd52
SHA256ff86313cb9fc21ea005eae91fbbeef2c6b4e3529cbb036da240bbadc4b598caa
SHA5126034c78226d03e161a6215432c35c07459333e68a1187b85a3c832b12dcd12b7da10fe91d65b075f5ee9121e7bfacdd28ad94099629d7bb3ebb1dfa440f3b7de
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5e734187ed3539c31a840a3ce641a966f
SHA1459fa488387a5e67fb75bfd9b0c45605e2a4132f
SHA25651c5926bfef79f2de2c5834ad192767971caf71f53b8335bb089c85923b95a0c
SHA512da0ce9bb18f7f34573edf9d0a7b4e4b242a2a0067ecedf39d1e7e0be88e163e43fd46a2374f2eaba5c54a7dc3b94be5c4f0efd6f5d139f9c2452b70634c3761c
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
32KB
MD563cf987c92aaab69893c78e8ff9c042e
SHA1b5bf3842d11858e7b8a176ea3853523333cb2f9f
SHA25667c2774cc9d0a887c13c539687129f6dd1a509b05bd61c7996eb87add38f528f
SHA5127279f6ab0e22746a63faec12de884ed931ade43ff17ad799ab4ef920a65676a34452411bf45b24f36c7e3b43115c3b01268355c015e822f14c51d73fc1575967
-
Filesize
512B
MD56daa0179c2d82ac29827a539898b17b8
SHA1db312b6043c1d2704091929aec9e62dfc4cced9b
SHA256955cea39826a3e62f27bf30262ae462a1813a17561dcc64083fdc58900268a5a
SHA5121573656289a27925ce49fd9bc87584fc1d19519dff6a0d65e4e4d2ff7272054a8053041e6afe6824523150dde2f8caa7efe04325ee18a731cafa913977727536
-
Filesize
32KB
MD5d02fc576ea831ed9eb82024d694af8a2
SHA136ffe114c30de607fb9508344d9a42428cbb28de
SHA25617a5204869490f3b451f75305449f65a3ca73225a898d2437217ee3ddcbcdc0e
SHA5120b4dd9e3ba7be66803c49a8ac058d22d2c4cc0413ac97277a39cc5691ed500e81968c1d33a5e6aa7d520589ac54c2f041e6e2c8cfab5303ed5dd8a8f17efa0a5
-
Filesize
512B
MD5209d9d9c7303d041a64d31ae3dc03952
SHA14cb6f789e9c2ea84b52e019d4878973041adb408
SHA2561268af954de4ced840fddaea9019a25bc492fa6a5fb4189952faa4572f21c53c
SHA51231b0410870f743a6a418ace64a22f2eca5780643a1518a291ff55ae656faa6ae7be93d03245a441df21db450516c9326c52660ab6aa8f89364649a342e7d28e2
-
Filesize
16KB
MD5a3f025ee053d599a5c282ded1dda3e9f
SHA16c19cf4c968186dde8c465fa95f533e933ab1ee8
SHA25693cfb93da638d8c103830bae088bd544120c9cf1a03ddab57766dc9cad2c4864
SHA512a4ff6505e0ee4fefaa1bb831b3c901bbc012c321b4b0129d3145139c7966dfca536915dac55e8340ad2c2527007ee6e0b5f2bedb2ea0bacfacb933cb901a996d
-
Filesize
16KB
MD5d5303fdcc35dd259d0cf199518db0873
SHA1aade24c439d0e3b628ae8eba863773350ed294c1
SHA256de334bd6cf1fe1f78ce00ac86545446fb3e852db67600d042955665d0cef6c21
SHA5127c706d1e0a016986516dc0ecc5d886ac89373375487bec6d0bcaff9fda6236836aa784410f685615d4366afbf564369752aae5891a3ec262b0894cb9218f0cfc
-
/data/data/com.gbwhatsapp/files/.trash/62b262ed-0352-49a5-8a0f-2917c5eaebfb/32310fbe-9e87-4571-9beb-0058db34fd18
Filesize67B
MD5d8141b97bb6b8752f676cba953de8e56
SHA1b65fefc908682f7027ea3ca34ffd592a6d81ae87
SHA256afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21
SHA51298915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3
-
/data/data/com.gbwhatsapp/files/.trash/62b262ed-0352-49a5-8a0f-2917c5eaebfb/9de4dd10-f817-4a27-89ff-5d55e04124a2
Filesize526B
MD52c0f856d7250fb18c8dfe900ec9bd5d4
SHA110c62e9db2bdffd3d76829987e50d0efa5e0a72b
SHA25662802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6
SHA512ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2
-
Filesize
4KB
MD501254a0fb0ef0a0a5d70c57fc15a6c11
SHA1944c44e9bff90e91b258e732903790bff7a38727
SHA2560ac78fc1f39ac4212376071a2fb445e6ebc571df5c8d52f7b537ce1a294317e4
SHA5122e14fb0405a9d9a71e6b64c0c0bb5a0af6831aef237a5587e57e0268245cdd5c5be4e13fc0618ecc211a296d2a1acc36744396cd5ac15c60ea3a1fcd6991353f
-
Filesize
3KB
MD5cfaac46a9b3c925a53382f453c8c0d81
SHA18e82c86b6d77d7e1ef003aa7796b83ccc5efab7b
SHA2560d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7
SHA51222c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2
-
Filesize
591KB
MD50fcd388534bbf6d89c535aa3cdca6f3e
SHA152af9c0afcb742ea891c97de922b8875591f99bd
SHA256a2f826de7408a22b604e91608e9ab6aa2191826231fc2793a0ba7e5e9c008c69
SHA512e29f342a570ea21f4e803fb9bf77148d8a62a82b7833d118f5323df626c70d61361172ff56efc88274fefb8f1929c4652c8b4eb5698905be4d1088ac8e726be5
-
Filesize
63B
MD5bf782e5e8b3ddd7dfcd876b66df1e00f
SHA172010516d98e36cdf872138cc28ad024753c525d
SHA2569a324ad0548a93bbe1d216ff7a5c70e94b71197dc50b019f2e339e29bb4ce406
SHA51273c65f6d66a1529e7604028cad21d7b5142fa3f9811c256108e206d4af3c7571c86368c4b7360f97fb5750d57cfaa54cd72bccbba4529c7dc3acb2341675893a