65e8cf69ec4bfd7384c8b2803f833eef79dc2999a2ed16c1b172d904bf4ec37c

Analysis

max time kernel
47s
max time network
166s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
21/03/2024, 09:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

WhatsApp.apk
Size

88.8MB
MD5

963485711a94230ac9b4b9ad38a25dc0
SHA1

98137b60e751368e86e08e5d35685684dd49d40d
SHA256

65e8cf69ec4bfd7384c8b2803f833eef79dc2999a2ed16c1b172d904bf4ec37c
SHA512

aaacbcf35f5b7d1d6ee464f058d7703b9faa0daeca763d1ce631a1ff4c221544dbbb7903fc3765a4a31f05156822fb9b9faf32babf86ca24efcea11d2797d60d
SSDEEP

1572864:d9tcbPtPapJH/LuezW2wveN5hiuzcllfzpAJY29WwSwRR0Lv7y:d9mbPVQ/LAWpzcPOJYTSR2v7y

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.whatsapp

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.whatsapp

com.whatsapp
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:5131

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.whatsapp/cache/downloadable/wallpaper_tmp/thumbnails/dark/00005DarkWallpaper.jpg

Filesize
3KB

MD5
73a86bf812966a7c6ad0be9e8bcc1a58

SHA1
0ce4bd31324d287ecd21d138063c9510dda452c8

SHA256
781e06e41a1020793c3c18a337443f367b544bd3b37adffaf733bf0ac80af128

SHA512
a61fe84fdd6e74aedd03e25c5f5af5fe628eaed4bab6ac226c1c65d142c3d23407f710f7ae31ed7d32db53d30fd2d5d2a7fc5910403eda15616bf13ac2012a63

Download Submit
/data/data/com.whatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00005LightWallpaper.jpg

Filesize
3KB

MD5
033211178942b0198b9f6549c26e87a7

SHA1
5fcb4ce18615a586539a7a1b0bdc7c250bb9b9e3

SHA256
3ff51b1c6e9a829e60499c4d9b15e2792263166f6be6ae997b6f2ef9d1272d6f

SHA512
d41bca07134428f90325aea460db0b1014b89b2b2043d938c99d3da4cff249e1b1a85e8afc04eb47527eb23ab28dc1926bf83fd03dbd30502320a2a28002e47a

Download Submit
/data/data/com.whatsapp/cache/downloadable/wallpaper_tmp/thumbnails/light/00028LightWallpaper.jpg

Filesize
9KB

MD5
fb9b168a5224ad8ac79d0ac2a05da6da

SHA1
82852b2e992306121e31a81144cda8a1ac2f8e27

SHA256
8507e48d67270c95797a4d6fa9f244f773629e8e37477c3c72d0135d4410adb3

SHA512
b1fb8ee860f80516e025028f1f14209e380660c013dd9529abc1c728ee8b0b0c7c0a94db1c295bf42d676f8adc3b78a724454e403eb9d78014ec50465d449f54

Download Submit
/data/data/com.whatsapp/cache/downloading-7965875504979330456.tmp

Filesize
73KB

MD5
26f985184419c9baf376aa694c5b9cd6

SHA1
5cd7628417612d95940e1b26b21b3112f938abfe

SHA256
5a89ab27be17e625c094159b40f68b6714ea3cc3cf8de1fd84ef584b725cb8ba

SHA512
2a5d9dd6d7ed5f6818417b6bcfed89e47c1b0e25242aca496e6356e62e3beeb02e3f168eb5471fc73a39bc56841f2109b753ff2c55be116774859dd0185d1ace

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager

Filesize
16KB

MD5
88d8e404d067e9cbaf85197a56ebea8a

SHA1
247dcf7f44d6b76e044317d861c436fe8915445e

SHA256
8d5f17042c5726822e829008fad3ebcb93d40645877ffc7b77cfc352b4c033cc

SHA512
d41fc0102277c3113d849dfbc7aa723fc6c1e246e0529560bb484c910379837bcc2d499a1f2ef3335b6579de1ac3f0a2f4832259ddf728cc72a637607786cba5

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager-journal

Filesize
512B

MD5
b57e62482201b1b1e207f5383f024e84

SHA1
67656f02204e1636127d278db19d951373880073

SHA256
f1cbe1b6cacd48bc115dbdfb365fdb8ce68570174eb88012b2b2742ddecc881f

SHA512
d153cc39c3c78e7f6f28251a6014b1b11465f6e366b7b7d5e6ecd1047992610dbab8508fae8bc3c2419d7d6f94859e7c9f779dc57d0afa22eda2ea64af2abcf5

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager-journal

Filesize
8KB

MD5
deb5fbfefac0930afd836245c919aa9b

SHA1
e02ebd67e83ff13c20f16637986f96b56eaf8633

SHA256
82c954e62d446107763c3694712202f754302b41039654881cb523935911e04f

SHA512
1136570b2c1bcf0c0568ee4686e02f2ac29cf5d95dcf22964601dbec52dc86dcee8d9d2c6c8552d2ac7fd91525e1521509b29b249b1013fa2ce114ff487597d9

Download Submit
/data/data/com.whatsapp/databases/_jobqueue-WhatsAppJobManager-journal

Filesize
8KB

MD5
ec35da1b74bd824df73f67b908db8556

SHA1
eaaa9704d403b4196e0192a379994a98cbab2792

SHA256
ada559010fcfdf3904056703850a57c870df1e020f831545cfb6b006217d5bee

SHA512
0d819a2089e671b16426f7bba2aa8fe006cf1a43a0309a0174932f0888b900eb5a488be4a39442b8113736b67b7806808fb85f33d05d9e59e9d917d9976e9b6d

Download Submit
/data/data/com.whatsapp/databases/axolotl.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-journal

Filesize
512B

MD5
b34122b65508bfde45d01b2785b2183f

SHA1
5dc8483897f7d0e023427caa43749bc3f7101c8f

SHA256
a236a103eb207a1a1b415e1c51b144b45c4284a7e75ce8111c7e9d7555c75ffd

SHA512
f10c5b979c032e28aa1042c4e958e469f7767870c4a5fb3f51b0c49a1770e10d42a6f2ed7eefbce8819b0c15d5665dc4cdd05f58bd7b80eb27cc01b03e3ea443

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-wal

Filesize
16KB

MD5
e36c869a4f50907cf72bda65fb43f30e

SHA1
35dede54263d0c0672c806e7bc65f70dd94db1f2

SHA256
92a240e287ead5b15a8cf2992e0a619cb91bc5d7ed4c8f3bbcf6f8ceb173b938

SHA512
ed5646f72eda15e2efd107722bc8ae2d1d2ee32d0925466afa6cc7bbb00bd88b6822285feb3dde27208ea441b31cb5409cdb1595b7e5da309a2474736d21174a

Download Submit
/data/data/com.whatsapp/databases/axolotl.db-wal

Filesize
38KB

MD5
8667ee33ee3585291afa7dc67f0e1837

SHA1
b1830feea541191c2c9569cf63d09484d97e87b1

SHA256
951c586b9bbbd8ed3678f7e9a2db1d7a48e9b76352e858b489a91ac5da034c43

SHA512
3a089aaaa8353a3c76c112ec93843eac9ac16cbd3267f165f6bd65cd60719d671223b2bfb4e27e7d077a9ac89e08fd6d7894cdc9cdbef83e430e4f05ae9cd22f

Download Submit
/data/data/com.whatsapp/databases/stickers.db-wal

Filesize
16KB

MD5
b0bbd953070ba95933479b49547d4ff8

SHA1
2a0d2cc2bf246444bffe846e081812ebd5a911e1

SHA256
fb7d213eecc6b74b770b1277f92abcd8f7b1073d8ea6b9d5f8c42366e9c441cd

SHA512
835d258f66e151ef2304830334cf0c2825a0965636551c72b33ee9a41f4cae25f8e7b66c6323f8f3c12ee7f1419f69cbb79257841e1f5bd98151d2ab8b43cc94

Download Submit
/data/data/com.whatsapp/files/.trash/abd56a82-ef3f-4224-a95d-c048cd312f69/35f6fe87-431e-40fd-ab09-fdb0dec0924f

Filesize
526B

MD5
5548ddebf64b4026bad21a2f9ebed6cd

SHA1
a218cf42a6615f28dc94fe043094bc05493c5872

SHA256
b1b22a03ea7e16806b5e485119ea9724f34d20aca0f3d368382d8da63ef4e23a

SHA512
84841169a9942348d0cbadf5efa8ba10095dd5575601038caab45f260e08d5d29432f623d5b18aa52e8001252f38a61488104742c735fa9dcc545db627b1de45

Download Submit
/data/data/com.whatsapp/files/.trash/abd56a82-ef3f-4224-a95d-c048cd312f69/3a97d60c-0d5f-467b-b3a8-8655b4712743

Filesize
66B

MD5
5dbda4a1d46fec8134abeac785996931

SHA1
f61285136ac2a92c557aa3dd0cd6e2d5e3759d64

SHA256
0d53425c74e6e392abbd14592dd6cb9c0eaee4f30b1bbd7a856efb8b92b6045e

SHA512
536b6b3f82d0468fe196eeffccbc79fcf5f200a1474d60d46f52e744feca6bd703261154655f447afd5df5155fa6fc1fe4ccd94e44782f8e7ffb00ea17e37f52

Download Submit
/data/data/com.whatsapp/files/Logs/whatsapp.log

Filesize
605B

MD5
da225d7fcc5552a033ac110f361378a7

SHA1
78d250001c9518720e36c73027a172929c5a8624

SHA256
71771bbc81a5ab7e6736a7680ef6d50d0eefffd8a4da7b646ff270812bfbfa96

SHA512
5fa873c64e50bf4026da7a52731236db552dcdc567f7ff2aadd2add179fa18b47b3ecb4d36bc183720e26a0478e63818dcab33ecc8fce293a7ab82a951eabc47

Download Submit
/data/data/com.whatsapp/files/decompressed/libs.spo/libvlc.so

Filesize
5KB

MD5
aa9219eede84f04f55cf055eb507f0b8

SHA1
033148af7aba65f456cd5a69e53942d93f4f4667

SHA256
b836909031ad66f453351cea7b485cabf813552fa65ca4600c950c86e1cc7edf

SHA512
9e9bb99f9835e7ae14f2824a45beed6bf87104b6b15ca2e2071a58488267d7dc6bbc6dd48397244915e0f114d96b96d03bfea97e7f1bebc287d4af1416f78e48

Download Submit
/data/data/com.whatsapp/files/decompressed/libs.spo/libwhatsapp.so

Filesize
8.5MB

MD5
d8a9517efb47ad3474fdf8eac207a0db

SHA1
b1a30bfb00e3758f080be8ca20c619f7a1602556

SHA256
95b5c664711f7dbbda2b047023b83ef62fafed72613e78ed0584ff20b19e22e8

SHA512
59f78d09a4d3dc2bd275f26aaf0fd4a0e21fb7e85cd97c74f14d0a60af82819aff4810c8c00efb37a6891a6ac4cc38f92581553254797f40a4c67ad97d91226f

Download Submit
/data/data/com.whatsapp/no_backup/androidx.work.workdb-wal

Filesize
169KB

MD5
80cefc54fa37df16f76cd97e5f8b0a9a

SHA1
9032a6114949c7d0024af0c59ae0d46c0f184813

SHA256
15b538d927d40b0e74a4939f74d9d63261549297f0d6cc8ecf27525ae16765fd

SHA512
0ed3579b787e3fb7e56952e885ca4dccded79c1804107e3f472490ae1dcc333dd35a85e1a94045a46a1672b3f2f442da0b834af404e4a54f22b5de69385d08b9

Download Submit
/data/data/com.whatsapp/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
72138d98c3ff0491c7f4d314f142a7b7

SHA1
9f4018b2b7ce6f9fb235ab49168291be5b4831fc

SHA256
dc780c6058c8cce6ffd3ad8d386b44e5b8a777d362ed5fa179266ce585bc4f56

SHA512
0cfef29203477907fdbf91d82246f69f30f363baba4329da2e6d4c1575a3aa2be5a18066da9f95ca142dc33197f9a81373e7281118aa76c1ce80b6c56e5ffab6

Download Submit