7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2

Analysis

max time kernel
2926605s
max time network
34s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
25-11-2022 10:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Paint Art_1.1.6.apk
Size

5.0MB
MD5

ff88397d0fdd02e072a80f38358c4253
SHA1

83333da8fc0f1dfb716dfa82ee7470702356ad76
SHA256

7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2
SHA512

fd0e2185eabfdb873e4605f18ce0eacac08ed15a108881907bd6b346f4ead2790f40a99f2b40025d927ef9a0fdd4eae0665689406a2af9c5104cf152f9dc262d
SSDEEP

98304:WMQZx/8p0wZKYkiViyXUm7OG+IsilxSiz31JqhVowaCZp8c:WjZYxNywOLsi031ojRFd

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.noku.artpt/cache/1633031840514.jar	4720	com.noku.artpt

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.noku.artpt

com.noku.artpt
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.noku.artpt/app_webview/Cookies

Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/com.noku.artpt/app_webview/Cookies-journal

Filesize
1KB

MD5
598a61740b51948e41ac899134867eaa

SHA1
2f209ada01ce851cce1e20a1173b94a3cd13b048

SHA256
25bfba845f6fd86f70d5d678c4b55c6afff4230f5d43ed9ceb41ec99ceae29ee

SHA512
55e47a2bd3bf3576df7c80d102c41cc5c6e88ff20db0789ab93b7564b293ea9c22aaed3bd8b947788a08d1b4ff9e48f03b44421bd8a25daec053252981b7e0a6

Download Submit
/data/user/0/com.noku.artpt/app_webview/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.noku.artpt/app_webview/GPUCache/index-dir/temp-index

Filesize
96B

MD5
578fb187f8bcc9d41909382867f6b2b0

SHA1
10085de16aa5bb8fe4febe7e7c93733f5d62b5da

SHA256
8d16186513d0b114ad65ec6f8c1a31e37ae9c56154b76e2b0b10af5ddd2ce7b4

SHA512
ac2e73c396b0c810be0cfb6a2b380b236a1a32ca04c9de571386af75f04fea3311bbe514ebf562d34f0baf0b95258dff40e591d70c426c82b9fec354750f4bc5

Download Submit
/data/user/0/com.noku.artpt/app_webview/Local Storage/leveldb/000001.dbtmp

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
/data/user/0/com.noku.artpt/app_webview/Local Storage/leveldb/000003.log

Filesize
260B

MD5
372f1e861534ea01cf25f2939defa946

SHA1
34f98a79986929e486d99f93527849e060acbede

SHA256
cb7990f578ad22198d258966c2c12ee47e2901b2c07e0b87cef71e4746e495bc

SHA512
ddfbf36a9415e2f705c18bd1ab454f7401aefdc3eca094147b93926a0b49f759adc893ec088fad54c6a612d98d25f418f3e231db79092cbf9c4a0e852e3ee098

Download Submit
/data/user/0/com.noku.artpt/app_webview/Local Storage/leveldb/LOG

Filesize
70B

MD5
7b90e12e4738d6df32d12fd58fa5770a

SHA1
883ea64b3da476afc564f10c2644defff3802e5d

SHA256
4f29f74792035a42cac2804a9cdc463806467245bd1392df85a1143d626b39c7

SHA512
17322e6ae272fcb0b914bdf5d3ec2ef29c87fee7beed6144aecbf2c11db24823692efa2149c42b3a563b9cd36ce2c0d7bd651f3a527f3589be98ab04cdc17456

Download Submit
/data/user/0/com.noku.artpt/app_webview/Local Storage/leveldb/MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
/data/user/0/com.noku.artpt/app_webview/Web Data

Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.noku.artpt/app_webview/Web Data-journal

Filesize
1KB

MD5
fa66cf3c47ff6bc83d7220aec2d2ff71

SHA1
e3a9b144381645e0d8c926b2c2cf012ac0313576

SHA256
20b82e0f9c4ca07324551cd2c24fdaf46847398e24fc5eb3872a0dfe42fec259

SHA512
1ccc54e0a078353d52625aed4e8934d14b90b35a6d622e5a47c41cd8a4a7f433c61cd10f1a33cda9e6753a9c4431ac30c901aebcdad7b735e81ecf3925133d25

Download Submit
/data/user/0/com.noku.artpt/app_webview/metrics_guid

Filesize
36B

MD5
84d186044573da598522a95791448ccb

SHA1
ad3f24e3637bb992ded2e359e92af1c7ebee5da3

SHA256
8576a670e6218fc330cf062c47a792697cf8072ea414880e7447a0f8d12a7fbb

SHA512
200683f1cdc3097f45ff8a3ac28093ae15fe2e710ba4b477826fd24d5cb1c90982152f5483debcd92e7cc05efccac0b2c682c3de5ba0d9f05e844c1f1737e072

Download Submit
/data/user/0/com.noku.artpt/cache/1633031840514.jar

Filesize
19KB

MD5
38c960945cceba468ee4f1772abb99cb

SHA1
c7c2d5bdc5d06a5f43c24809602d0f2d2ba8e62b

SHA256
b8d90074a4efd78bcdecc27a24d4249d53b0b76134590750733d1136d9ad964e

SHA512
efa6c5518308ded2af559bdf6276176be8f7067dd1a486dc7f23395435a2cfca4f40106275e38ae126b52d943fced8383f92469c734f3b721cfcc78db400e1f9

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
b1ccc0f4a2e4f0663ea60ba1edac8826

SHA1
db6e47dd7f84c4b25a364de810e9d6e15a0492b7

SHA256
d09a09abdd02524a161d5a67f982a0aada74ac8db77b79da1cb3a89c9f30943f

SHA512
11c690d6cc1d1b17ec4b7051e2067e6d7f67c47caf565023b3655e86962afba1c26a069bcaf183e649ffb2e03581ec4cb9a748959211ec8a58143eecddde4c4f

Download Submit
/data/user/0/com.noku.artpt/cache/org.chromium.android_webview/Code Cache/js/e06cc44686ac5311_0

Filesize
548B

MD5
6444686b5844226adfac995831630197

SHA1
3f71fdf619b7fab2ad6c6dcb3cf4779496ddcba8

SHA256
f4d42664ed38442a6b6370cb6fb4c48b9302c0f052175729debe9ae49db15021

SHA512
f8e1b5987a8e29c4f090f0e6ef37014c5f808a7543e056d9a348ed3923097caa6a1f4552bc28cfe784128a6f2c6c1d5c664d80d003aef67d0c415dc2d10bfb2e

Download Submit
/data/user/0/com.noku.artpt/cache/org.chromium.android_webview/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.noku.artpt/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
5b76d2190f4933fc857e1f98502b6f8f

SHA1
122a555879a9095f02021d440a794fb7e4f3dd97

SHA256
9a8811bfe7bea969914431d95e948f33738094d6e4b4a1d8a1b90c1d3ad6de79

SHA512
8c7f55743cb8196f058dea2ac2de2f626d74787680664dd650e3abc2f520ecda552428b89753cbe3547aa6936775e46cd918e825668b5e805c1a68ec730f2e2e

Download Submit
/data/user/0/com.noku.artpt/cache/org.chromium.android_webview/dfe6b2497a7513ba_0

Filesize
12KB

MD5
9cf8fdb09fe5d82fc22379f6252f596c

SHA1
7b04400271c58a3fefaa3014294f5e347d1f8fd6

SHA256
90f56bbe1f523d18f1b787cde6a6d21b6afab1e43edad648bc8ebed25f326f14

SHA512
92d01fd1dc81f839990c3485a366dfd7c34c6a1f07a269edc8021ad727460211dcbf798d19307ae3a4a04c6fbd6272d74e76d110fea04c42db6946365f3a3d1b

Download Submit
/data/user/0/com.noku.artpt/cache/org.chromium.android_webview/f038e94cb33282ab_0

Filesize
245KB

MD5
8313d6700b0b1a161bd45e9304d9af70

SHA1
b60572e191b1c4d6481d14b536adcddb4ef7d7cc

SHA256
03f0b5ea8367fecd64a7f21d98227133a8614d237baede35f2b018a68e7ef130

SHA512
e7638f5a0af27b1624e16a96b371fbbf75e5de1f6764370077befe5639e837f53f40c1d7971ccfdf183a9331c8ea79f5da90035412706f7c62750b6e2ef78425

Download Submit
/data/user/0/com.noku.artpt/cache/org.chromium.android_webview/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.noku.artpt/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
96B

MD5
df86858ea7d7f4c45f65e04a0ab6d141

SHA1
bf2a4f3ea6563e6ab337e4e95299f577640830e6

SHA256
619f9164b939d121dc67c46a576ddb64e25a88e295e282a7cf4cfd2f323d8e36

SHA512
f3091810050e9b56f24e8293c711f122471b337aa78fcfed533887c8e8ca4f51ee71eea44e6ef03a46dc0cb50c93364ad2a2eb66157fda5cc85803e7b0e1abfd

Download Submit
/data/user/0/com.noku.artpt/databases/PAINT_ART.DB

Filesize
88KB

MD5
88071e85bcd69a166751848a665e3c44

SHA1
c2e6aaa4c826580174626ddfad8cdfec8a160c6c

SHA256
ecf3d48ded7978e8de46066dae0c07a2f04db68c6d41fd1063749eb9efa1fa24

SHA512
d04e228386774f3858ee1f49165e918fed346f9539a487fc19cdb50871866b78ac9aa94f2e5b30d0b157d8ea96bc1f0ef51344a2d2013a725f13897ed02e521f

Download Submit
/data/user/0/com.noku.artpt/databases/PAINT_ART.DB-journal

Filesize
1KB

MD5
21c72efe07f9c4307ea31c49f55f47d2

SHA1
6d91336c0eb0b8088aed4a94383650f5cfe64fe7

SHA256
06d42e4f1cda85755c76da9d9a26edd0fa8fe72ba08cddbbfc8028d4ca989ca1

SHA512
9b52690eff355ca51e302b1e87f6d1b3031ff4819375e14912494c24adb474303a4e9b4abfbc5f850090f3692b11d085fd55f235ceb0de79efdad29e33118fa1

Download Submit
/data/user/0/com.noku.artpt/files/temp/layer_1_1669373899715.png

Filesize
844B

MD5
f31e821104e08ddc2e2afaf558fac542

SHA1
d40668f4c691220258e9ce2d5afac5a039aa308b

SHA256
289e9ebd3e31faf2cf2293aa0eb5f5293fdfc04de8c9bd6bd00b7ef587e975a6

SHA512
5e730b90a0452a7e195ec1fb5cb79067c1dd383e51c12970b4714a2a41b08ec0969a9a234b5aeabf5165f84bec63ed7acda2a3e836e77d76645089679843ba07

Download Submit
/data/user/0/com.noku.artpt/files/temp/layer_1_1669373906377.png

Filesize
3KB

MD5
995228ebeff314457bf0e1737cda9a26

SHA1
1576c909794f42239756e55e61ba8b0f21eed634

SHA256
0e9bb6db75095e6488ad169d01507c57da165e5e6502a87d8377eb9c175b2a9b

SHA512
ae3bc7c6559756e561d9505f21d7d7ed910adff78238655d232be177286f549f0648eea8a7b9f8e87e8eca64ee70e114917705d004572e17b31f80809b163da0

Download Submit
/data/user/0/com.noku.artpt/files/temp/layer_1_1669373908412.png

Filesize
5KB

MD5
cd10ce478204c77364eecaee0b222deb

SHA1
a55a3844bbd933db6e88fb04ca9dc06c656aaad6

SHA256
ce2590af4510ea99f92c4113f1b6ea46240ec3c74295ddd10f4cb435c649d77e

SHA512
47b570d54285f7139db6cdbbce5dcec9185e08c8fe5340b7f17979b2b207cbb9cfea30a58731c3256b5ebdceaf9cb52b51f0de61b4df4e7ec2b1663cb98a64e5

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb

Filesize
8KB

MD5
b6ca8b30661a7844ed292db75a29a953

SHA1
8e0d397ab1f2ced1f143829084c3f53333743bdd

SHA256
63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb

SHA512
d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb-journal

Filesize
1KB

MD5
243b64d1e232e86bdc59570563bba1e6

SHA1
33afa7f6023b32e659a5b09a857bbe14665044e9

SHA256
696f352744d53c0d57070f7ef76beea1de84275192e746faf6d224767f22981c

SHA512
0e9d50763805d2d3d6790a09c6da6a4d488eaf117fc5d0e860a0b082d564d44c3ffa90cfda2fca36e2021adf096c676df16a4cba9e68f990ee718955eb09258f

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb-shm

Filesize
16B

MD5
4ae71336e44bf9bf79d2752e234818a5

SHA1
e129f27c5103bc5cc44bcdf0a15e160d445066ff

SHA256
374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

SHA512
0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb-wal

Filesize
217KB

MD5
1f8de4f54b182a4b5374768650258334

SHA1
0809f0011e2117b30b1bf3cb51e8d3657907c88d

SHA256
2fb95bb48b62d7a3415c48c6dc0cd0a036e41006304492a5eaee2eeaca8cab48

SHA512
5ce771145c3d9bfb5a46d1b23f2abef876a84fb89ff7e58c4d8e0c1d67629bc252d0c57cc25519a4efe12aebb58775a14e90538daa6629ccdf6cb16c4e2e2e1e

Download Submit
/data/user/0/com.noku.artpt/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads