WhatsAppPlus icon

WhatsAppPlus-202602251543-58566576__1_.apk

WhatsAppPlus

9.70 MB

Analyzed: 2026-03-02 01:28 UTC

Twitter / X Facebook LinkedIn WhatsApp Telegram Reddit
Analyze Another

APK Security & Privacy Score

Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.

Security Scan-weighted
34/100
Threat scan flagged Modern target SDK
Privacy Permissions & network
95/100
HTTP URLs found Low data access
50/100
High Risk
Overall trust

Facts

Threat scan 14/76 flagged, 0 suspicious
Permissions 11 requested
Network strings 1 URLs (1 HTTP, 0 HTTPS)
Target SDK 34
Certificate Valid until 2051-08-08 (25 years, suspicious)

Warnings

Threat scan flagged: 14/76 scanners marked this file as malicious.
Found 1 HTTP URL strings (unencrypted).
Package Name com.cliento.notifyerik
Version Code 242479003
Version Name 2.24.24.79
Application Name l.xl
Debuggable No
Allow Backup No
Min SDK Android 24 (Nougat)
Target SDK Android 34 (Android 14)
Supported ABIs
arm64-v8a armeabi-v7a

Certificate & Signer

Valid From 2024-03-22 02:12:00
Valid To 2051-08-08 02:12:00
Serial Number 3784c0178677b52d
Thumbprint cb8946a56b96a7205a45925816c916428e35bf0e
Issuer: C US
Issuer: CN AndroidDebug
Issuer: DN C:US, CN:AndroidDebug, O:Android
Issuer: O Android
Subject: C US
Subject: CN AndroidDebug
Subject: DN C:US, CN:AndroidDebug, O:Android
Subject: O Android

Security Scan

14 /76
⚠️ Threats Detected
Detected by 14 vendors: AhnLab-V3 (Dropper/Android.Agent.1323167), Avast-Mobile (Android:Evo-gen [Trj]), Avira (ANDROID/SpyAgent.FUBB.Gen)
Scanned by 76 security vendors
Last scan: 2026-03-03 12:36 UTC
Malicious
14
Suspicious
0
Harmless
0
Undetected
53
Timeout
0
Failure
1

Scan Providers

76 vendors
ALYac undetected
No result reported
Engine 2.0.0.10
APEX type-unsupported
No result reported
Engine 6.754
AVG undetected
No result reported
Engine 23.9.8494.0
Acronis undetected
No result reported
Engine 1.2.0.121
AhnLab-V3 malicious
Dropper/Android.Agent.1323167
Engine 3.29.1.10604
Alibaba undetected
No result reported
Engine 0.3.0.5
Antiy-AVL undetected
No result reported
Engine 3.0
Arcabit undetected
No result reported
Engine 2025.0.0.23
Avast undetected
No result reported
Engine 23.9.8494.0
Avast-Mobile malicious
Android:Evo-gen [Trj]
Engine 260303-02
Avira malicious
ANDROID/SpyAgent.FUBB.Gen
Engine 8.3.3.24
Baidu undetected
No result reported
Engine 1.0.0.2
BitDefender undetected
No result reported
Engine 7.2
BitDefenderFalx malicious
Android.Riskware.Agent.aNCX
Engine 2.0.936
Bkav undetected
No result reported
Engine 2.0.0.1
CAT-QuickHeal undetected
No result reported
Engine 22.00
CMC undetected
No result reported
Engine 2.4.2022.1
CTX undetected
No result reported
Engine 2024.8.29.1
ClamAV undetected
No result reported
Engine 1.5.1.0
CrowdStrike undetected
No result reported
Engine 1.0
Cylance type-unsupported
No result reported
Engine 3.0.0.0
Cynet malicious
Malicious (score: 99)
Engine 4.0.3.4
DeepInstinct type-unsupported
No result reported
Engine 5.0.0.8
DrWeb malicious
Android.Triada.6051
Engine 7.0.75.2070
ESET-NOD32 malicious
Android/TrojanDropper.Agent.NCM trojan
Engine 18.2.18.0
Elastic failure
No result reported
Emsisoft undetected
No result reported
Engine 2024.8.0.61147
F-Secure malicious
Malware.ANDROID/SpyAgent.FUBB.Gen
Engine 18.10.1547.307
Fortinet undetected
No result reported
Engine 7.0.30.0
GData undetected
No result reported
Engine GD:27.43722AVA:64.30763
Google undetected
No result reported
Engine 1772535644
Gridinsoft undetected
No result reported
Engine 1.0.240.174
Ikarus undetected
No result reported
Engine 6.4.16.0
Jiangmin undetected
No result reported
Engine 16.0.100
K7AntiVirus undetected
No result reported
Engine 14.39.58759
K7GW malicious
Trojan ( 006da2ae1 )
Engine 14.39.58761
Kaspersky undetected
No result reported
Engine 22.0.1.28
Kingsoft malicious
Android.Troj.Unknown.a
Engine None
Lionic undetected
No result reported
Engine 8.16
Malwarebytes undetected
No result reported
Engine 3.1.0.211
MaxSecure undetected
No result reported
Engine 1.0.0.1
McAfeeD undetected
No result reported
Engine 1.2.0.14023
MicroWorld-eScan undetected
No result reported
Engine 14.0.409.0
Microsoft undetected
No result reported
Engine 1.1.26010.1
NANO-Antivirus undetected
No result reported
Engine 1.0.170.26895
Paloalto type-unsupported
No result reported
Engine 0.9.0.1003
Panda undetected
No result reported
Engine 4.6.4.2
Rising undetected
No result reported
Engine 25.0.0.28
SUPERAntiSpyware undetected
No result reported
Engine 5.6.0.1032
Sangfor undetected
No result reported
Engine 2.22.3.0
SentinelOne type-unsupported
No result reported
Engine 7.5.3.1
Skyhigh undetected
No result reported
Engine v2021.2.0+4045
Sophos undetected
No result reported
Engine 3.3.1.0
Symantec undetected
No result reported
Engine 1.22.0.0
SymantecMobileInsight malicious
AppRisk:Generisk
Engine 2.0
TACHYON undetected
No result reported
Engine 2026-03-03.02
Tencent malicious
Android.Trojan.Agent.Nsmw
Engine 1.0.0.1
Trapmine type-unsupported
No result reported
Engine 4.0.10.0
TrellixENS malicious
Artemis!4B1C55C566D0
Engine 6.0.6.653
TrendMicro undetected
No result reported
Engine 24.550.0.1002
TrendMicro-HouseCall undetected
No result reported
Engine 24.550.0.1002
Trustlook malicious
Android.Malware.Trojan
Engine 1.0
VBA32 undetected
No result reported
Engine 5.5.1
VIPRE undetected
No result reported
Engine 6.0.0.35
Varist undetected
No result reported
Engine 6.6.1.3
ViRobot undetected
No result reported
Engine 2014.3.20.0
VirIT undetected
No result reported
Engine 9.5.1156
Webroot undetected
No result reported
Engine 1.9.0.8
Xcitium undetected
No result reported
Engine 38456
Yandex undetected
No result reported
Engine 5.5.2.24
Zillya undetected
No result reported
Engine 2.0.0.5555
ZoneAlarm undetected
No result reported
Engine 6.23-113518562
Zoner undetected
No result reported
Engine 2.2.2.0
alibabacloud type-unsupported
No result reported
Engine 2.2.0
huorong undetected
No result reported
Engine 31e254f:31e254f:7fbf6b0:7fbf6b0
tehtris type-unsupported
No result reported
Engine v0.1.4

File Signatures

SHA-256 ba94a3aa6e0d9a9fb0a2c1aa98f16ff6f90f58cb8b4cdf0bf4b3d7bf6d5f1999
MD5 0d994351caa45d7b6b1f5269ab396b25
SHA-1 9a353de0d03746b1eed70acef28e39e45d3c4e76
SSDEEP 196608:+x3VK4Z2Nm87dugxb+MD7s46w0XUSgYFVQ9GJEUt73jrf/r0:sVU3dup+7s46w0XUSZF2s1X4
TLSH T1DEA633298BE69124C630C7701D784E06EF8ABDAEF143F17B67603FE2C13692E95499D1
VHASH 83fccf1693d1b537eee4c3bf40bfa054
PERMHASH b5d6200ee6f9e33a363b8d7eaf5e4ab2bbfeea0567fd52a2c30e0736c5002cd4

File Intelligence

Type Description Android Human-friendly file type name based on multiple detection methods.
Type Extension apk Most likely file extension inferred from the content.
Type Tag android Primary type tag assigned by the classifier.
Type Tags executable, mobile, android, apk Additional type tags that describe the file content.
Magic Zip archive data, at least v2.0 to extract, compression method=deflate File signature result from magic bytes inspection.
Magika APK File type predicted by Magika (ML-based file type detection).
TrID Java Archive (77.1%), ZIP compressed archive (22.8%) TrID file type guesses with probabilities.
dhash 0000000004050000 Perceptual hash used to compare visual similarity of files.
raw md5 453883d46781dbed303bdd7a2919e497 Raw MD5 hash of the file contents.
extensions png (12), kotlin_builtins (7), so (6), xml (5), webp (4), properties (2), arsc (1), dex (1), js (1), json (1), MF (1), Provider (1), RSA (1), SF (1) File extensions found inside the APK and how many of each.
file types unknown (22), PNG (12), ELF (6), XML (5), DEX (1) Detected embedded file types and their counts.
highest datetime 2026-03-01 10:25:50 UTC Latest timestamp found among files inside the archive.
lowest datetime 2026-03-01 10:25:50 UTC Earliest timestamp found among files inside the archive.
num children 46 Number of files contained within the archive.
type APK Container type detected for the analyzed file.
uncompressed size 14 MB Estimated total size of all files after extraction.

Deep Manifest Analysis

Activity Intents (2)

ceci.hbah
Actions
com.cliento.notifyerik.gardenflower com.cliento.notifyerik.gardenflower
Categories
android.intent.category.DEFAULT android.intent.category.BROWSABLE
l.mdc
Actions
Main Activity Action: Start as a main entry point, does not expect to android.intent.action.MAIN
Categories
android.intent.category.LAUNCHER

Native Libraries (3)

libdata-trans-hub libdata-trans-hub.so
libmmkv libmmkv.so
libwiiysv libwiiysv.so

Requested Permissions (11)

com.google.android.gms.permission.AD_ID Custom app or vendor permission (not publicly documented). com.google.android.gms.permission.AD_ID
have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
view network connections Allows the app to view information about network connections such as which networks exist and are connected. android.permission.ACCESS_NETWORK_STATE
view Wi-Fi connections Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. android.permission.ACCESS_WIFI_STATE
android.permission.POST_NOTIFICATIONS Custom app or vendor permission (not publicly documented). android.permission.POST_NOTIFICATIONS
reorder running apps Allows the app to move tasks to the foreground and background. The app may do this without your input. android.permission.REORDER_TASKS
keep car screen turned on Allows the app to keep the car screen turned on. android.permission.WAKE_LOCK
android.permission.USE_EXACT_ALARM Custom app or vendor permission (not publicly documented). android.permission.USE_EXACT_ALARM
android.permission.GET_CLIPS Custom app or vendor permission (not publicly documented). android.permission.GET_CLIPS
android.permission.READ_MEDIA_IMAGES Custom app or vendor permission (not publicly documented). android.permission.READ_MEDIA_IMAGES
read the contents of your shared storage Allows the app to read the contents of your shared storage. android.permission.READ_EXTERNAL_STORAGE

Activities (21)

l.c
l.lgz
l.xma
l.id
l.djy
l.pw
l.tpf
l.mdc
ceci.bczu
ceci.teu
ceci.iz
ceci.hbah
ceci.klk
ceci.fd
ceci.zyx
ceci.aflh
ceci.rr
ceci.l
ceci.k
ceci.bsat
ceci.abq

Services (17)

l.nkx
l.bdo
l.rf
l.lzy
l.ctp
l.uy
l.rt
l.qtc
l.wke
ceci.qhmh
ceci.wsq
ceci.dt
ceci.wosg
ceci.igxt
ceci.dte
ceci.cow
ceci.cib

Broadcast Receivers (1)

ceci.izci ceci.izci

Content Providers (4)

ceci.wmfe
ceci.xvi
ceci.eb
ceci.wbh

URL Endpoints (1)

http://xml.apache.org/xslt}indent-amount

Submission Details

Submitted At 2026-03-02
First Submission 2026-03-02
Last Submission 2026-03-02
Stored Until 2026-04-01
Names & Tags
WhatsAppPlus-202602251543-58566576.apk slm0q0g5y.exe WhatsAppPlus-202602251543-58566576__1_.apk contains-elf android apk