f6492497f6c4a2bef8407388254f2a8bdac33bc2038fce16c13b94b00f03cc1e

Analysis

max time kernel
47s
max time network
156s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
19-02-2024 09:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f6492497f6c4a2bef8407388254f2a8bdac33bc2038fce16c13b94b00f03cc1e.apk
Size

51.8MB
MD5

0db60e795ae00550b24f8f0f9cfa1f6e
SHA1

066a86a3286315232be5cd239222728d1b71fad0
SHA256

f6492497f6c4a2bef8407388254f2a8bdac33bc2038fce16c13b94b00f03cc1e
SHA512

95b3ccfdb484bcbe01a6a22200b2873f089447b76153f3ff57c041ea38087923c3641f2c7f8b798d0e7a57f5180bf5fcf2d1d3cc34935c0f4c0b5b62767a0149
SSDEEP

786432:b0GZbgCap/3Uzp8kab7pJHMLDfGThm+Vaj9UDWvU4IAWdu0YihAbFsspDt:b0GZMlqPapJHKvnj91vU4IPkJihspZ

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.whatsapp

ioc pid process

/system_ext/framework/androidx.window.sidecar.jar 4489 com.whatsapp
/system_ext/framework/androidx.window.sidecar.jar 4489 com.whatsapp
Acquires the wake lock 1 IoCs

Processes:

com.whatsapp

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.whatsapp
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.whatsapp

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.whatsapp

ioc	pid	process
/system_ext/framework/androidx.window.sidecar.jar	4489	com.whatsapp
/system_ext/framework/androidx.window.sidecar.jar	4489	com.whatsapp

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.whatsapp

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.whatsapp

com.whatsapp
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4489

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.whatsapp/cache/downloadable/wallpaper_tmp/thumbnails/dark/00005DarkWallpaper.jpg

Filesize
3KB

MD5
73a86bf812966a7c6ad0be9e8bcc1a58

SHA1
0ce4bd31324d287ecd21d138063c9510dda452c8

SHA256
781e06e41a1020793c3c18a337443f367b544bd3b37adffaf733bf0ac80af128

SHA512
a61fe84fdd6e74aedd03e25c5f5af5fe628eaed4bab6ac226c1c65d142c3d23407f710f7ae31ed7d32db53d30fd2d5d2a7fc5910403eda15616bf13ac2012a63

Download Submit
/data/data/com.whatsapp/cache/downloadable/wallpaper_tmp/thumbnails/dark/00024DarkWallpaper.jpg

Filesize
11KB

MD5
06f21dec58fec12197f66b32d2b28f2a

SHA1
62e336fef1ea67f022e8722d232719d35e99a7ca

SHA256
da9ce86503b2ce777a93adf45e24809bf350e5512dd87419f44f9b5422643873

SHA512
abdc1f4c8c5652188a8d658b0fc22057a984cee74fcfd465ebc80c43bafecece476815a18995e0e1dfed3a7a62f4a6fcf048e0f19eeb2f85e93a0947a76d9218

Download Submit
/data/data/com.whatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
2KB

MD5
531739cb649b1fdcc5ed5dcb0cadc485

SHA1
569cff1ead074612daac6f566093ba5db45d21d8

SHA256
5e412d34e495c655e36b9b6d56ff494a351cc438fb31947d54b14f1fd714c070

SHA512
7dbac549c04905e1e21022f8c5e50d82a14d3d009e1dcab558162e76bef7bda0368060e77f02a39b9c0d719ccbbb8b9d4fcda1714bfa62544ea1b319406862ba

Download Submit
/data/data/com.whatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00031LightWallpaper.jpg

Filesize
1KB

MD5
2fa04a97ccf93b0a705a3773039daba5

SHA1
849490215f82dd84c0e5a092e93706f0d4357eab

SHA256
0626b6dae78a4f1366a90e3337ab8cc2bf65b4a335313a112ea5c060c85ad7e7

SHA512
6c6e188232c7f2af78c9189582f1a8afddfd22ca9e3315ebb6ddf795c2b2d9c5a782ff3833bb47670dac32aefd94299c4cff5c5d191a2048a0c31fff690a0705

Download Submit
/data/data/com.whatsapp/cache/downloading-543845676383651877.tmp

Filesize
48KB

MD5
b66d016b01deb8c481f339b0e6c0bef5

SHA1
62cd4520aebf4914eda5e03aa9888b3e67a637fd

SHA256
36fa4c68044523d55e90ef81abefd6280e31699b7dc26da2a1acc7dbfdf76ef4

SHA512
33c276203168c8294582a3da1a958fd63bbaa106938429d55e4de64db082513b26f4213b751a560b4126a0462ffafb69027840ce8401d8fed68226fb9c9e4eb3

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager

Filesize
16KB

MD5
520b324339bc541aa166437776f8f844

SHA1
09bbf459c4102a341897b2d227f3b99fd5fd9f60

SHA256
fa1f4bfd86170104b8ead147da53735afa2182c930878f98740a4c1f0f20ebca

SHA512
4d91fe84a338671b1bcca164790faaffa8d2029478354f26bdf7a693da1f62f89926e0a34637d664f48afe2b1cf9647139065014f8b71db4a923d575bb571ff1

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager-journal

Filesize
512B

MD5
14356a58613bad296470223214272d49

SHA1
76187a1a934a3214866f26123b89c4b732520255

SHA256
af5b3cf56ddb782306e84d1d828bdff5f108a83c8a7fefefe871b1bd289e9531

SHA512
50aceb77529f2c7284a6b2df20d2434f6ef8eb5d1b15c8dd64e4c5fb11b62dcb4a872615d35e4b7902abbefa55a6f1ef8b5c564a94975efb9ae8040631a091cb

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager-journal

Filesize
8KB

MD5
926975bdcc6a4bc97cee38f64c8d9778

SHA1
f94be432551cf8997b333d4297370c25a0302dbb

SHA256
13d18403dc082779e064ae18c65a6ea65b27a19e0f47f5c64529ba48e89faf86

SHA512
1512da9d9d90f5860f337a93aa108fd67e007fdf88c92b71ddbf46dfb197dabe06f6f6ccc5437104560350b20c3d2d1948dfb14a7e0410c83d9acc01651763c7

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager-journal

Filesize
8KB

MD5
cb1f828d6a6feb5b4816ddede5b4a3e2

SHA1
3bc9025f72af72c95e0c5420f4f2edfb95124377

SHA256
fbc3e45bae9b507fa3bdfb06fb0c5dd47c3780c2b3f18967229e3ac2b635fc08

SHA512
574740d0f8b722ba4f821ea21f51b26f4607ff9ffcbe660c84f9bb31c7da34ae9a3d133876a621925e30035aadcca8f15e7a2ee7ae2ce06e632fa655c7f248aa

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
4d547a0fccc9c51a47b656273a2ae29b

SHA1
2aac4a4f13c420a85fdd089e17c68900b4cae2df

SHA256
d52ad3caed6da5dc1a63ed42c387bd02df99709cbca0c6588d4c8900c5e71618

SHA512
d3f22ed1ceadc0f055e366a4c098eab5d6941cb753e3acb59c2178e812efc081ede396a4a8e65dd54dd5d8e1581060a7a94c06655c146414ba034878c81313a3

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
a0d5c86e615c0603277951974f68d73e

SHA1
9c3cc4e15d75a7b316442df9853ab8190c466b25

SHA256
e1632952f04c348fe9622ec016318bcafd7a819ae0960a60b6be93174946f192

SHA512
bc65bb5bd56a93a4a777c25673f0e10c15c79bab2dc3e176f4e3538aaac8323d3cbb5564f5a6c5c9f34a5f24636e6ee53925c823f43f062f5bd4ab710c3935b7

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-wal

Filesize
257KB

MD5
07786e28aace803a13962fe3d0e4da62

SHA1
ab8988eb1198e32b888d4a61f5c4c2dff3336717

SHA256
8a17caa71f124bb4ebe5dff5775cc56387a82ba1f21e41d8347a3a79d76daae8

SHA512
1ca4fd0ea44f2a0ae881dfef769475db240aa0b903a3b9d5deb0d8fb8525369b66a56b4e57372bae46734192a7e136b464212313668b96b7783baf1c980b84e2

Download Submit
/data/data/com.whatsapp/databases/chatsettings.db-wal

Filesize
16KB

MD5
ee70f2378b7c48fbbd1c4ddf30f432ae

SHA1
bf4d50d4dbe136f0562ff5d7e777bcfef4c2c558

SHA256
3fc2e4df680b9ec33b356185cdd3971041224300f0eaa88efebf3f1d1423b250

SHA512
44a7a3d89c6359cc4c73b121f15568c714d75cb336613bf3d28b8826ee081f6f72387f879cac0a9abbcb6e76686e839d81483f2cee974e98347f62fd75be5b4e

Download Submit
/data/data/com.whatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
5e691ad520689bfc2ec7a4020ace6e44

SHA1
7578b67c6b3efb5d65aa9d3dd5b51d240cd6abef

SHA256
f72017d92f06bed5b95df7a720d75d1188eabd60bc19c23d0e8e799e5a75cbdd

SHA512
5d566ccf0e927d4d8b80497cf95795b701cdacc617e4c478d7cc9fb6de01b08e9970e062afae522270b702c4700df4b6c6c2efbde6ebedcca22de674aa5bc866

Download Submit
/data/data/com.whatsapp/databases/sync.db-journal

Filesize
512B

MD5
9208fd2be49b1b5a6866f5959b6da65b

SHA1
882fe4e303cc514aa79e4d2e7f9a31e3c30b2c42

SHA256
087f5156c2e385d8f74a56d70780e736177d8d31ae4a4f148afa5768590cfa7e

SHA512
46a404a3f34c59a75976549895f97c084cf57e1f373fc6b835b55193ba32351e3f492e0af538c9d3bab994baf6f4dc901319a81d4bd30477ab11d30a43dd57c8

Download Submit
/data/data/com.whatsapp/databases/sync.db-wal

Filesize
16KB

MD5
9f5fed8fd8eb100fe66ea02dfa4b908e

SHA1
4a1a0e31fe2b4b7964d072e4663fed26222193ef

SHA256
651d024a48228ed942e864b5ec985e3224c6ae542196dc5f767407b1b0354b54

SHA512
49aaddc785ac32aaee6239ef03ff3501d7e79ca2be6ac7471f6d3b19e77a5af9c3e5a4649c91d9c34b5a0d53e2dfe2c789b65464874d52ff9284daf672f380b8

Download Submit
/data/data/com.whatsapp/databases/sync.db-wal

Filesize
116KB

MD5
11ca6cdbddfde9fba9cc446394cc26af

SHA1
d232cb76ba814b3b5657971d4981f76e7ec0044a

SHA256
1b438f95869d22de86b81205c46cc6a4915c1f47b29b6d21d80382555647ff1b

SHA512
a3492a5bbfd3eeb1a77130e89069813c5f63e136534f17d2236f93e356d259e3be3c0129c88ce3eb0a529adf020cd20f929fca5b6c667a45d50081d546c0d3de

Download Submit
/data/data/com.whatsapp/databases/wa.db-wal

Filesize
16KB

MD5
8127595ca9574e6cf80f0fd695511ec4

SHA1
29e56909d2d594d196f49773e3b9517a5ff516f7

SHA256
3cea883cf673b1bacabd5f1351317c4b8ee4840a8c56fb314b36e64541b0f1a6

SHA512
6ae282f42409a501b0c4cd14872e01ff32a7452fdd65b495c9e25aa174d2ff404181adf9cae74291000874627bc0d94b428a05fc4721f44de8a681613a6280b0

Download Submit
/data/data/com.whatsapp/files/.trash/1466715c-d943-48a2-8340-49e4f64705dd/c432c503-807f-47f5-9883-6113fce17bb7

Filesize
526B

MD5
5548ddebf64b4026bad21a2f9ebed6cd

SHA1
a218cf42a6615f28dc94fe043094bc05493c5872

SHA256
b1b22a03ea7e16806b5e485119ea9724f34d20aca0f3d368382d8da63ef4e23a

SHA512
84841169a9942348d0cbadf5efa8ba10095dd5575601038caab45f260e08d5d29432f623d5b18aa52e8001252f38a61488104742c735fa9dcc545db627b1de45

Download Submit
/data/data/com.whatsapp/files/.trash/1466715c-d943-48a2-8340-49e4f64705dd/f27ee120-ba0d-4bd7-9c89-8996155a9520

Filesize
67B

MD5
4af21a5fb11fb6613d9067230fca3e30

SHA1
0232f799cb73642fd4f0dd0380d5e7c172fc6fcb

SHA256
6690518197cc5e5a46afdbb2310ddf15c9156afad2308d01a5bfa39e458511ed

SHA512
316edc901c8364319d8265f58187488af9e395acce1e7dc86fe0bf24b160222cb03e170c3d5676083679f4f27af236cdc94b2b0eff06183a874335263632765d

Download Submit
/data/data/com.whatsapp/files/Logs/whatsapp.log

Filesize
606B

MD5
a3d462bad8f41a868e91bd55f809f0fd

SHA1
367ba906488a9a780bc995c8b3e19f68bed0f687

SHA256
8e118563505d7b388c1ae1fd4ee821f093eded9bf79742e4aaa5e4662a0b1ae3

SHA512
7e15b50b26399d9fdd52bc4efe5be72bb54f83cd2893d3680a599ffa15b747de18c42c5f6e147b11bcb1fd65335b8b6ef666c8b353aee4cb68d4c3f594debab0

Download Submit
/data/data/com.whatsapp/files/decompressed/libs.spo/.superpack_version

Filesize
30B

MD5
10556ad3d2426ae4eb3d0dbbc7dd10fe

SHA1
3d749ae3bb92ad6f4c259df53d93454109371efc

SHA256
0a32b373fc14f803005eaa3203f90fd91d0f2a546be9da4cd04b203f721672d0

SHA512
fac6413e2d83b4002dda45c93fd4f70e1365078862b8d35a2e09240ff376634ae5dfaa0be85d30fd2b68cb95bdae66ec2bcb4cecbc00b64f5d6b6cd0b870d419

Download Submit
/data/data/com.whatsapp/files/extracted_pack_file.pack.tmp

Filesize
213KB

MD5
79a7b896132e3425306c22ee9245b1b3

SHA1
c2644a692a75b291253d84eac34186e627325fbb

SHA256
1dffc9205463e064a73076f5cc8ed4f688250c06709ac3d23324aa29dd70e81d

SHA512
6cefeea15c0a4086e13c3c6d09e646c473a301bcf25dbc2f8c091d2988d6fdc50d069ecb3c3cfa9908773c77ae6a8280581ccc8887c224f1c729e974097d411f

Download Submit
/data/data/com.whatsapp/lib-main/dso_deps

Filesize
376B

MD5
4fa2567e158a438748f4dfbde7b6c4c4

SHA1
160092b751bb0939f17963386eea3e4ea1a0d439

SHA256
181e917e53e6285993d9d94fcc672ee7d587dcb71f9c2d55fb37ffd4e4bc137a

SHA512
e9c27aec46d3b468f7ac895a8ce9a0356e582eb083d5acb70638daf9636fbb92fe1b0cf5c0525f98e57c7b1b40a4e202978bbb04c6ebe5e440626709d9fa9d69

Download Submit
/data/data/com.whatsapp/lib-main/dso_manifest

Filesize
5B

MD5
c06857e9ea338f3f3a24bb78f8fbdf6f

SHA1
c5a0a2529d2deb60fec041b4fbd722a2ebe31702

SHA256
957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

SHA512
29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

Download Submit
/data/data/com.whatsapp/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.whatsapp/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.whatsapp/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.whatsapp/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
5d8b224ad49f6802e56555ffe797df8c

SHA1
a7da82a1d93a6adf60077fb79f2da9e9c14e4227

SHA256
cfe83ef61c407c6e7ff77ddc24944bc2877c4732eec115127e9df8ada66bf3a7

SHA512
5a543da9cb9ada4650f3369f0bb1a950c648309df2cd9eafc845b3c4af744ae22c9e2248f2b79c3a3da71c72fa324f175a3ec840fc8938cb23e9781abb4e50e9

Download Submit
/data/data/com.whatsapp/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
e819d1484f434299f17c698e70263ba4

SHA1
137717f3e3bb5582dbb9b5a4d59c044c64d11820

SHA256
905d13b8de9a9296cd6780f9cc9a686b85f580636875f5f6f1859ea165f8677b

SHA512
832fd6d3d1b87bf347b844eb951c9f81fc4d911d7a8ff83c44d4126cb84d153a8b322bc09b69681d487956ca6e54c9dbab8f6847224992d0011406af9db69d41

Download Submit
/data/data/com.whatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
c86cee13c9a485be629d10f77f866714

SHA1
5bbf2814c3f3ae0be51f782be72d47f393884c4d

SHA256
387b7ed7ed104d2b95ed789c1850e38802cbcaf9f2469552c3af84a355fd0585

SHA512
72897ca539653c333368a35e741eb423df24cfbc56422db18e9f79d52b59f652202e42ee39ccac002cb58df16f59d3ff7ba4a119bf014f47b4344d84652adb39

Download Submit
/data/data/com.whatsapp/no_backup/androidx.work.workdb-wal

Filesize
177KB

MD5
032fc32e1c12e03dc25f6b1485fe2f26

SHA1
c876430fac3d77f65b89c833185911c36856ae21

SHA256
1d80b6e7ef89c5e99abe2ea1412c9fde7261e5e878f842c09607e20f5276dc2d

SHA512
146db83c89325d3d57a70bf56d7bd103198ee381915ef646191fbe950bde891f789005dde400b020eaf6b172a26f999db183c60c89d7fc5f25c239236b839d7b

Download Submit
/data/data/com.whatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
6f9ee92f0a593a3541d8f567504eb355

SHA1
ca21ec706dc6b21281701735723b74de9126feea

SHA256
81ed5d817637ca7561a2da7e76b74f611e68a1e32551cf3c0338229c799f56e8

SHA512
2d033281bad926a8f0733494a9e09dc522f43c8e83fdbc574660947c6d48039ce85484fcc2881600786d1761297825dc74753d3ef88d7cd2ad6170b66d3f8d52

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads