d433b3e709bada59ed7d44f291b56585414bc89780ac5e6730e6232798fa445f

Analysis

max time kernel
47s
max time network
157s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
22-02-2024 03:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eb5a94e8c5e781fb8395474d4c319e38.apk
Size

75.7MB
MD5

eb5a94e8c5e781fb8395474d4c319e38
SHA1

dc3f21b9b8eb575203a89611d4ae0b4a464ec761
SHA256

d433b3e709bada59ed7d44f291b56585414bc89780ac5e6730e6232798fa445f
SHA512

59961db86c5678f8c9ed6703897cc94e241138a175056699705db6d0b7d8811c5412bbca86e285f4fc124161b7f3c8f7be667ebfdfdd5909090ac536caef6377
SSDEEP

1572864:qzJO2zKKkue7ftm1c4sH0MmDMPwpJaUrsVaFjMPkM4RIrT:OJO8NeDsu0rDYYFjykVIT

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.gbwhatsapp

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.gbwhatsapp
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.gbwhatsapp

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.gbwhatsapp

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.gbwhatsapp

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.gbwhatsapp

com.gbwhatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4269

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
2895bb75350e026e0fa9282527b48b0c

SHA1
8f0b90a7a9e77f67ea3a0f62d3f6ab00d0378142

SHA256
5266be18ab2060c0863a45a9bfbd78659b005112945bab882ef6295b47964bf5

SHA512
c2cd179f0a368d06cf73a1ae3f550851f20625d9034c6e8c21692aa64dd760cbaf50f3bcc6cca3d04dfecf23517549357e221d1369dee288b89896f41ec7ec67

Download Submit
/data/data/com.gbwhatsapp/cache/SSLSessionCache/static.whatsapp.net.443

Filesize
5KB

MD5
5366277415d5c741bb0edb4940f328d2

SHA1
20df3ea9f27238bdde670b3c00dcef5c4d99c424

SHA256
9fc03f49618d73cfa1ed5374160803be26c96c417a7bf163cfcd31b01daca610

SHA512
0f334446a2647a65d64a8e4307366d67b552271cc5138849a4a9e6d139ef1750cf8a716c7e86a15479825989b467f07fee47577625c4a4baa4e14c8775635630

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00002LightWallpaper.jpg

Filesize
10KB

MD5
676d050f5082a83d37ea086300b02779

SHA1
8f17f1d79ad47ca722a7d60c8e96c2bea0af590f

SHA256
39fb86c3c500835c134d3638e2473b66aa1e132665f700b84c0140829678fedc

SHA512
8b3aed029a22e22e63e8982def6133fc2f47649cb23b5605a55cba129b030bde7967dd21cb236efc1e5346826ec266b4ecd76b0a4b3af28d999e46805d52c70f

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00003LightWallpaper.jpg

Filesize
12KB

MD5
3bf0b92edf4db6604554828d983d154d

SHA1
86980ce01d87da26057e30e52f5967e5fb56271b

SHA256
707ef8a4b946419cd1c307a090c89924aaf1a5a72f4fc23c58e7a837a7efc566

SHA512
40162c0fa8ffd17446dd02209814444e6dc14e76983fd4045e3b56899788f350a0ef988e67c56a416504ab808d7d4dbbfda7e193a241424317e717e749908be6

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00004LightWallpaper.jpg

Filesize
17KB

MD5
56ab65dfa9ad5922c4d9ba701fc45b8d

SHA1
f1a20875b6af4c437c398a4a1702ccb59f8e4794

SHA256
da630133e9ef05553205acdaaccfe51be03ffa5275330500ecdc7a8344c1f3bb

SHA512
ca0b2965f6d97eae5e0b276057cb43ad1513f106b77fe0b7e2ef14593ef10239479b883c8002b85e7aacba7503526ca373b6ce156de185b3df00cf520d56bfd1

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00006LightWallpaper.jpg

Filesize
26KB

MD5
0fc379931037bbd3faf17eaf50917bb6

SHA1
a0e6ba9c8053a8e99443115e4957df52734619b8

SHA256
7b3e377f7dd1ee2c41596f4e8e3ff874546ea3c06fdb89265e69f2944861abd0

SHA512
9828e44556a7f21cf2657bc622f4d48353c3e951a9dc73ffd05190e15b7cb017407790a3b2f6d10a9913db4490665890a9c369b38a3afca3d98f01fe6e61a73d

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00007LightWallpaper.jpg

Filesize
36KB

MD5
5478917f86f83638e0c2199fc8ee6c84

SHA1
39bae4da6cec4733cede64673a13a03bb79bb0ea

SHA256
833bd11f148d145dfdadba4fd8cedb0a2a125e1f4e10411e613f4a70de3ad2d0

SHA512
e8ce7068e926b7e0505a9612e93b6adfaf768e204362cc3dae8fd45637ca5d09e3c27b52b650588804cf383742f2099959a7a01dc62f3afd76d61f46c83dca2f

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00018LightWallpaper.jpg

Filesize
23KB

MD5
7f773558b21a74428c49154da6ed4799

SHA1
826e2c852398c1b96b4695fbcb35a3a83c824e02

SHA256
c84966910534b33b335303a7550f38db9825fd5eae9253998319308fd01a1963

SHA512
e0fe7fd942b178c14e79c3b0edef5c67d57e584b9391e26731afabd44609b4db6eb5f0644aca20622094b56c18e9a4d15def5da0e8fd94ab5d0c949f952ec01f

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00030LightWallpaper.jpg

Filesize
25KB

MD5
e2822df83717e4c2b5d5275dbd641639

SHA1
a9900a5e52a4e4ed532d78afd648b39d59dd88d2

SHA256
9384f8760799d1d207946db885cf5dda68edc2f0491241acc724987efd711ff2

SHA512
36bc22c5b23f6a101c89fb03b6c061ff6cc4aeb734f8e4826b966939659c4a4a79c0fe3e27ae2bf88f7fe3114296fca449edfd0fed96986204996945ac2d84c1

Download Submit
/data/data/com.gbwhatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00032LightWallpaper.jpg

Filesize
27KB

MD5
816c283da71d7566b746c3edba82b492

SHA1
c7c538f46c15dc911230a8d610cd86cf43051e07

SHA256
12867bc5e60114169b5375fecf5dea3efc693326b5588d7da5671326207fe6d3

SHA512
4540b592ffae6a5ae6141ebd3022794cc27b68cdd295ad0d620649513371eb405283df332f3b555215c14eac1863d2e3cf665bcd11464374ccf0abbc053b6468

Download Submit
/data/data/com.gbwhatsapp/cache/downloading-7739581658139260649.tmp

Filesize
24KB

MD5
b05d834a3a2952542355ee221e17df29

SHA1
e3f73b4114816081cdacb1ee7c84096ec70a06ba

SHA256
12390d9346003ecb9ac4680b717816a5cc3a9600a35e1dad387642ba61e705c9

SHA512
78977fa1618ee3c733ed55cc37c3feace9b7282f50df7b48c4d894fa8ce7f9c43a2b1377e27c74eef1a0a88017ff65f3869a50fa2b5f356f6113ea248a6e1fc1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-journal

Filesize
512B

MD5
89a8ef6a99fc7b753c9a88a40bfe6173

SHA1
4783b073863cbe2e3b6cb4173a0089dd719fac26

SHA256
bd1b9f6c8f01dc4a63191c83c300766f63c1204de6f8d5b634c149477b7ec52f

SHA512
30b190279c4e5ec32c1350bd416f5826bbee987bda770a6b67ae5d1c475f838fb81f2f8925c632a7d5814e2066d26aab55fd5e3fe04618d37cddc14a0ab61798

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gbwhatsapp/databases/BTOR.DB-wal

Filesize
32KB

MD5
2ee7563cad196836f8620e09c9d62b03

SHA1
d72a785b82a59ba5da4c28309f206a4945ee397e

SHA256
4b42ad0376ab347de7cb91f5bfd2be4f49814c027875acff67cd310f2cb87742

SHA512
f6acbdde0dbfc4744598e32dceeb885d714444bd0aed8bb0512c149c80f96617168b4e28f369dbf8a29e4f0d5d142c1fca1a6b61bf3f66bdbcc47f49825b2c94

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-journal

Filesize
512B

MD5
04360b8a85409f8917a9f7857c1470a2

SHA1
346aed7d0b5062df3cd0e78af14aa21a523b28cd

SHA256
98faeb8a6efd8e426857ea069d50531172e0e77390a0f3ade3e72607d9fb4861

SHA512
e4d8038b688684b6f57fefff34ea2121ddcba8316ebc6840d712da9eea596dbe798ab910863dd864f48ac8d086b13833ff0bb7865c0c6a6c6f1deaaa4dd1a024

Download Submit
/data/data/com.gbwhatsapp/databases/EHS.DB-wal

Filesize
36KB

MD5
7bacb19bcd271efcb9c8977c2820a006

SHA1
6cab125cffcc10b5baf201c7112d8cef161d42cb

SHA256
7bd299e71f20a21944092334d35c5add56181fb3944e9efaa17185173eb5e3ae

SHA512
e4ae58ef5a9aab3888657f42fe93173ce9e75f7442ac457cab2c6ee3d8a4002c3cc0d4f0acd184f7f9edc444dc53e9de62dec612313bc8ba4ef013e900ae2a88

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-journal

Filesize
512B

MD5
095f30fe0860055ce86a1339aa6e5e6e

SHA1
2d47ed8bfff505ba845a14cdf28ac50108916542

SHA256
1dae058abb0cd1c335ffba5a9bcecab554f786af24de344274c089c33fcedf69

SHA512
cd6e2dae1bb2eb9e9823f063ec3b116b407aa2e44a1e0f2f675a6b426eb8329bd977669c8cac956ec501575d414700c1303e7195ceaf5e746937c202992fc8e4

Download Submit
/data/data/com.gbwhatsapp/databases/_jobqueue-GBWhatsAppJobManager-wal

Filesize
28KB

MD5
4e62c230cc07bb2a13c75459986442d3

SHA1
fe709df80d84c3466f5e7ce79a420d1ccd954a0f

SHA256
0335165866bb36a20640bed622c898b1657c06c23cb125dba33117f1bfccaa52

SHA512
b3e69c012c0c94d3e4a09cfd5d7204640a72d1832d3bf7c40d7771e26b1bc205777d1d9ba034b23a76dc02b31ac19e1f8f1e3bccde1d1c6148c8d70aeef04c1d

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
d8e65013e60ade0688b58572bd17b5ae

SHA1
643fad31d43cc42ae29e72250abd4a3578445537

SHA256
0bb8f1e38ef52e50008800acb050c6174e5965e4f7f23b0654f8e0f382bc8903

SHA512
6eda049ae207d73f0b8bedb4f636d9925620db0cc05e162125cd01499a3d7f76612db42f6b519dd3b5d6eda571402f5fb7ebe657387d359b1c5a4bab7546919f

Download Submit
/data/data/com.gbwhatsapp/databases/axolotl.db-wal

Filesize
26KB

MD5
d63aec4a9f96b6a85d1a9a00f8c88678

SHA1
fb41bf1e48c0500988e9d20378b8e25ec619038c

SHA256
0a98f326c5d3a01ba8ef2af761446906382f1d34fb6bb3de1eb8de79d23ffa52

SHA512
65e5498199b17e34e94286d86cf7571faa8d7f83d1a93d15d78d18a668cc9e652420a837b364ae2540a87ba907bd7859e7340dc64cf128608ff9d1a13c4f270a

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-journal

Filesize
512B

MD5
8c85f8ce10aecccba06da2e05eff6195

SHA1
0f0f5a35c4989c631fcc891d471fe9bc658130ac

SHA256
323b8a4afb2cbff8c10bc0993bb14d1b6371f59075e5183e0ee3bb296aa1468c

SHA512
0b591a953db0cb46644e24286e5b6eae1f4b7ae6f1734ffd0a7d585b46731ffcedf443d159c9b15deade886772c8252511f1951666c28559e76fa082a20a85ec

Download Submit
/data/data/com.gbwhatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
9f1c1cd89f98aed0499fb113e29cb724

SHA1
0e4ce20892962b031971177a71ed34807d8447e7

SHA256
3cb0fa20170af4f8db670733f893c0016a6d8557f4241b1691ead73307c49f5a

SHA512
0ccefffcdf43fdfd7b7f9f87fb50507c720e5fa63de079575c8ecf27b76a24e113d6314ebc4ec25cb9dd1bde379668a8a354a965921013f267a5f6d53efbc2a6

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-journal

Filesize
512B

MD5
7d96c14c93761832096ab60df6463065

SHA1
78bed9c5b6ea981cd9460717eb15647e3b7f95b5

SHA256
a7e1ab787be623d88d97317aaa5e49dcfcd61df4b749d758a283fe9755052812

SHA512
675c4b77221247fd1a8db11076059daebb9f50fffc3094d9cb5dbfa8aee55a5a1e6ef0e7877c21d3dd546864c912a4687eda80ef1635490078ceeb6711ad23a9

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
16KB

MD5
edd8c7626c1909645b05707f004ec06e

SHA1
cc2c4162deddba9f364d7d1feb00dea16017b145

SHA256
8ce76cfa7eef1387c5d679608a18a4104a71126567a7514c8fa5f586990eba06

SHA512
089fe3db5bf0a10d8a56001a95e868dafe17dac90fb7a915ccc3ee41edc47c380499b27960714fa16dbe70f0022947fa158437113b8d4dda9df198e63cf9c92f

Download Submit
/data/data/com.gbwhatsapp/databases/sync.db-wal

Filesize
116KB

MD5
e6bb341b1a9a5842de50c118b0938e2e

SHA1
5165cd54318d58642b0cf861362af6034fc043b5

SHA256
6a35682cfacf983b12a44a227b97ded22ad7b64b040ae2e0d3825518d8a2f9a5

SHA512
2a1c44d2fa724fd32bb90db23d1561e36579c5095ec762bf54f308c8d76e0e7dde807b020f68b3cfd63316c4948d645858d2f35ce641e6a2c35798133ddc4513

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-journal

Filesize
512B

MD5
a60a85957e709b2efc74e7ceaa0e7dc7

SHA1
661f1ada67b12b8ba7ec91a3786fd21914bcde67

SHA256
491aef9ed82f44eb5f00965761056e5dbddfd9675f1fda22f5a68b2f1671d053

SHA512
ba4fae8ef03c155392d9e8b08186800182d2cc7fe8f3304d6579afe23bd47bee703a0fe76675df7dfc173d3344d96ba9a188d02156a23a598bc38ca3890f01ab

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
16KB

MD5
c0b782ac9d0e6b560355dcb98bb6d955

SHA1
667095c7ae034c9e79dba305f721d39d19a5075c

SHA256
8ab350020587690abcde96751a981276209968d1c85446f47378cc2ae76c7dd8

SHA512
6e509a6a1d28ca51b5260d7e133d6a1804c52a0914d9ee9ae0d1f5b22a479e2b17cbc66c5802930f9d0ef88be503e535c47b56616aec63dd7f05d0c7a529912b

Download Submit
/data/data/com.gbwhatsapp/databases/wa.db-wal

Filesize
390KB

MD5
6ee446a5fd5a8933c1370ce4b3021a4a

SHA1
888a12ec38f1100bb6ae1a6030e7b443963dca08

SHA256
4a69d6eedb8c55bff2d76ca8faf1adddd5a49c8b4774ba85f63de7379482f99e

SHA512
6be4e01f86eae191129ce718524710d48e969d087eb4cbff5ffda4a8181f543df64290cda5b88632bea41889f915fa44354f0bddc3403ff33e3db57230ff3685

Download Submit
/data/data/com.gbwhatsapp/files/.trash/c5f321e9-9a0a-4a26-a321-fc2bb2727f5f/68b14491-737e-4ab9-9593-64b1b9d914f9

Filesize
526B

MD5
2c0f856d7250fb18c8dfe900ec9bd5d4

SHA1
10c62e9db2bdffd3d76829987e50d0efa5e0a72b

SHA256
62802cd5039ff363156f7d4dd4d7360d095090a6331131f018abba016b6e1aa6

SHA512
ef5d4481e27d2d6053a224f685b983e52d7ae0d2dbae4f349c1ed0191e4d5b737ce8e2f0d8a393f2384ff9bf05af29f47aea983d57d0b151e89b3cc8c6ef38e2

Download Submit
/data/data/com.gbwhatsapp/files/.trash/c5f321e9-9a0a-4a26-a321-fc2bb2727f5f/d834b72b-d898-40cb-821e-bf36f19d2fe1

Filesize
67B

MD5
d8141b97bb6b8752f676cba953de8e56

SHA1
b65fefc908682f7027ea3ca34ffd592a6d81ae87

SHA256
afff045ccff4a25dc9ed283acb206e37fbcdc6afd5adacc86c645d432e032a21

SHA512
98915af0eef59abcf116818f4398cbd5a0eaf31a65110422e186872f48aeb7400948d51d5b22b0ce82c07764f21dbcbf1e252bf5a49df0dea3951bda730092a3

Download Submit
/data/data/com.gbwhatsapp/files/Logs/whatsapp.log

Filesize
4KB

MD5
8ecccc53114aa6839d15563bf43476d3

SHA1
32ac491cadae8f90667b213ba2361c20213e517e

SHA256
2fbf62bd32ef6027ba3e3e2d368b1c900b734bd932960c04c685d45a8293eef0

SHA512
3b35b067e6b5425a9ed5ecd299b8bb377d3ea48d5d4da536c6b4a79c76c49a94ff2afe04ec6533dc4d4f80158e6f5c8ae5a3e0bd85ca7790808a01faccfa7312

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libvlc.so

Filesize
3KB

MD5
cfaac46a9b3c925a53382f453c8c0d81

SHA1
8e82c86b6d77d7e1ef003aa7796b83ccc5efab7b

SHA256
0d87625993ef963e9bebf8f21f22525807d48dc26b3195fe94bedfe877f376e7

SHA512
22c8297645c4ffb8ba08e44e1136dcc3b3c16100ff837d7e3ae7bf3a1f181c12e9aa33f3f598d6d7e001536b9812106b4785c01f91a76874cd220a6229e787a2

Download Submit
/data/data/com.gbwhatsapp/files/decompressed/libs.spk.zst/libwhatsapp.so

Filesize
1.7MB

MD5
8ff667aaaa9451ee87e4815adfc76b03

SHA1
00d7a19e8647be2fdb273f673d6ca0c1807ae20c

SHA256
3c15955de41f7e9dc108d5473a4633e346182e41ac7b1b25e801f0e3da05bf03

SHA512
ee05657eb5f910c7b2a0e6d07184dddd2a2503d6aff65e1b7ad54607739f228e6af694cce43716d52bfab0a323e8a13dd71caa202c02d8d94683ccd7b9b3afcb

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
dcf1b08ce9dc3ac4075f57355d1f5180

SHA1
81059b1cb2accf5493b240c41bc3ba33618ed7cc

SHA256
a523d2957414cc62376e43437da74a1c51e8258af92ce581de93922219244cb5

SHA512
fb9da8ea0f11e7507d7c4d8634f225ae71652d3178d165cbbc1724d30268295006ecd95610808c2cc0446a9fce730a39749d385121c811ab6c171cc2ab6c232d

Download Submit
/data/data/com.gbwhatsapp/no_backup/androidx.work.workdb-wal

Filesize
120KB

MD5
1905929aebb0eb8a1e0a69891bf02819

SHA1
4249b9be2b06f7f712da56c803d269f94b7735f0

SHA256
98e69e90b56773c44af7cc5da1e3a163d48a0446ef59fce6cda992e5e91c74f3

SHA512
000f0e0195341da3bb015ad1e603b8ce1f8a2c625f79976fc4f500b80648f21e3ef01db746b4af314b537f8b0802ce692cc5fc7356b331b0f03e04a72567a6d6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads