7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2

Analysis

max time kernel
2926613s
max time network
25s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
25-11-2022 10:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Paint Art_1.1.6.apk
Size

5.0MB
MD5

ff88397d0fdd02e072a80f38358c4253
SHA1

83333da8fc0f1dfb716dfa82ee7470702356ad76
SHA256

7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2
SHA512

fd0e2185eabfdb873e4605f18ce0eacac08ed15a108881907bd6b346f4ead2790f40a99f2b40025d927ef9a0fdd4eae0665689406a2af9c5104cf152f9dc262d
SSDEEP

98304:WMQZx/8p0wZKYkiViyXUm7OG+IsilxSiz31JqhVowaCZp8c:WjZYxNywOLsi031ojRFd

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.noku.artpt/cache/1633031840514.jar	4491	com.noku.artpt

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.noku.artpt

com.noku.artpt
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4491

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.noku.artpt/app_webview/Default/Cookies

Filesize
64KB

MD5
dfb2098ca7b3bf16d6f5f1e7d3839af5

SHA1
ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d

SHA256
e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224

SHA512
fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

Download Submit
/data/user/0/com.noku.artpt/app_webview/Default/Cookies-journal

Filesize
1KB

MD5
9f4b7aff3f524554922f71fa453068b3

SHA1
4e2cabd95188b356a82f9d4f000b6af178c865d9

SHA256
0582aa2dd1114c0fdd0898df6e5293f7456820eab5a4978006ba4a1048fb787e

SHA512
2eddf910551cbd471a04fa4f8b1018303399fa0886a4018f1c595aba1a5fdbb7e9a5b11a7ca537fbc5fb2ee8457ced4a121a4ab86a6f22f8b050f53ae2a0a43c

Download Submit
/data/user/0/com.noku.artpt/app_webview/Default/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.noku.artpt/app_webview/Default/GPUCache/index-dir/temp-index

Filesize
96B

MD5
85381e451565f155418da94581340673

SHA1
ea4c9ca113dfcf862072cfdb4191daabee37c41b

SHA256
66ee4478306d873aed3a8423f4d8c7b69360463ada4aa58398c75da73b9af0c1

SHA512
846fd7bfb40efe68ad1fd736f7592c9b14a50b44f490c02fd1c2f2f684d2d2f509c338f6623222f83855f0776e671fa2ab3119207d6ae7c08c7de3adfa5903aa

Download Submit
/data/user/0/com.noku.artpt/app_webview/Default/Web Data

Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.noku.artpt/app_webview/Default/Web Data-journal

Filesize
2KB

MD5
89d4b718c6766c9106db833eaea082ad

SHA1
46ccc5846256782224e8a6c5df3eb6431ffa0b74

SHA256
73c641a267e57372ebd45a7d79a6e6a923188f1634d1c70d4ee1504f30373a35

SHA512
1816abb882f5bf569e0446a2d8796e021d745164ef067f902413765806cc35e5df34b5ee6e848399e8e9701602fb1e9e95f557e86095be59d25b1573fa415495

Download Submit
/data/user/0/com.noku.artpt/app_webview/webview_data.lock

Filesize
20B

MD5
db8c9ab886c4f9094c8f0938e8f01aa2

SHA1
ccb0b53301ed0625f6c66a961027a6ffc6c65e6b

SHA256
6a78710ac5c41a0fe6687aa716eab8cc345dc1f5bf26643be60ef549f6ff8bef

SHA512
9044cddf2827a6158090554784785ef605dd6e3b8bd27b23e858f201d9abccd4f0c695c34f6c4589cdc4e38cb8d508cc963a52265de076f6b6ad5f7a6333f9b2

Download Submit
/data/user/0/com.noku.artpt/cache/1633031840514.jar

Filesize
19KB

MD5
38c960945cceba468ee4f1772abb99cb

SHA1
c7c2d5bdc5d06a5f43c24809602d0f2d2ba8e62b

SHA256
b8d90074a4efd78bcdecc27a24d4249d53b0b76134590750733d1136d9ad964e

SHA512
efa6c5518308ded2af559bdf6276176be8f7067dd1a486dc7f23395435a2cfca4f40106275e38ae126b52d943fced8383f92469c734f3b721cfcc78db400e1f9

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
ae841884cd4ab3bc38e84ed935d6501a

SHA1
d90b6d2f218947d62ff4c6ce0c2e745c7d8b061a

SHA256
d3b9c74464284e0f78af679860fb88e08b110a3a090f1ffb5e203011ad2b061f

SHA512
7ab6c5e6c4ed4931474d699afcb45e9c0a9944c53dca477a398795677e3345f1b07b2ee4bc0565919e8569e5dbd081acd598d7ad59c4ca04c23aa29ea60bd462

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Default/HTTP Cache/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
cc65ef64b5e1d69da272c02cf8d9b73a

SHA1
33c98f86cebc926657a5584ba5a2d887c1eca0e7

SHA256
79cb828522d83d6711fb30ceb8edf28a02a48be1dc152d5255afd02473fafb10

SHA512
02c570a7cf5eab09f7a40fd67c5a547b4c6404422a3c79914a83695b97421575221712060c40fe6ddc66af4109a305445b32949cad3baeb0a4cac8c21b350aba

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

Filesize
96B

MD5
ce6fe3612436b12f4c14f174603c62e5

SHA1
731509698c88936e67b2a925ac8a7adf076b6df3

SHA256
fab27b6cc044684132c7476c068b16d5c650941bc006159818677a6f0adad406

SHA512
0d4bfedc52d3889e7aba4ea84f7785117373cf9228e6df2241931a7e4c34a88370b4ec6baa391d84f71d2a1ee0c3d6ab555f0fe95a77bb711cdeb7f39185a37e

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Default/HTTP Cache/f038e94cb33282ab_0

Filesize
240B

MD5
b8d3e0eb780205daad62bdd67138ee0b

SHA1
c49591a422fc062ab7932978636c96e301f056e0

SHA256
31a78f31291acea4db513ebf114e76c410ab3d1fd2f177ea196b1ab4c3442ca3

SHA512
c475af0ecaf4975c2abade100e83a34d7259ca74f28eca81950c093b65af0159fcb97f161a5d7c3a206c1b843606905efa8b00f4655f0433807f017249dcb7d9

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Default/HTTP Cache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/Default/HTTP Cache/index-dir/temp-index

Filesize
144B

MD5
55b958b1d0bd4f5e27cc11a98c51dd19

SHA1
f6b392bb4809901510f1b7f7b1685483232731a6

SHA256
bec1eaf578a1923433d1749620c73e6e09fcc4b4c468663d029c25955e1a03ef

SHA512
5cdf7e1c1f337eae5bbac096b107a3c0e4db83f1dcdcdd88341b289cc04425bcc5e6951fd66d794fb87ce9efdcdd798a68aca53dd7ccfa8a7989dfc291bf9527

Download Submit
/data/user/0/com.noku.artpt/cache/WebView/font_unique_name_table.pb

Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.noku.artpt/databases/PAINT_ART.DB

Filesize
88KB

MD5
570f0c64ad1c14b608e55621c90d3d12

SHA1
c7dec36f6acbf6604372db015caeea191c16d8d5

SHA256
1a781cd15e8ceb685a08cd43cf2b722e87124e4fb4cdf4072ebd1b51d3ec936a

SHA512
bb474cf83ad570f4243ce8ea061fddf62f5ffce7abb3f909bc6c640ef27834f769ea03d44a49b52b85d3e83ffd3a9a7f9397cf9ae53af6f7c5db282c100327f9

Download Submit
/data/user/0/com.noku.artpt/databases/PAINT_ART.DB-journal

Filesize
1KB

MD5
8e0835ab110c210bb81ce8635daf2ba5

SHA1
80d75f928a1c9cebdc391137eae1042cf742899a

SHA256
a4a53ce39cef3cfdecd97b56c38cac1a426e99e267a5dbd4afe21eb8e42c6e7d

SHA512
b482071c2b1869e76f363cc17710a93ab695503d92c7990dda4b1417fc78ee9e406d7d750f8a29001f2dc24f1699f8b5b9220675585490ea5ed821d96aadd545

Download Submit
/data/user/0/com.noku.artpt/files/temp/layer_1_1669373918320.png

Filesize
844B

MD5
f31e821104e08ddc2e2afaf558fac542

SHA1
d40668f4c691220258e9ce2d5afac5a039aa308b

SHA256
289e9ebd3e31faf2cf2293aa0eb5f5293fdfc04de8c9bd6bd00b7ef587e975a6

SHA512
5e730b90a0452a7e195ec1fb5cb79067c1dd383e51c12970b4714a2a41b08ec0969a9a234b5aeabf5165f84bec63ed7acda2a3e836e77d76645089679843ba07

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb

Filesize
8KB

MD5
e579a6b00eef1318f9166352228eba18

SHA1
76988896854f0139083e77862eea1a4846cf039f

SHA256
4b34cf505050facf47aa7936e4e7667e1969105665c632b3eefe7ecddf9a6935

SHA512
c47632e957d87727bf6504a82ca7a44d8da24d30cd997a0f449a96e4f97c656a1b4d9da3fcd827e2a48c59677688da0b872358ebd0f9369d898d1b8ec18d5699

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb-journal

Filesize
1KB

MD5
c7c97f5346f8150235d8de8c1bfebd79

SHA1
cc27a0f6afcc5d93f84644e51a3c0e0f3770eae0

SHA256
ae3d62bc449ec855dc42dc9285d5ab9e3c9996a0f5f31672f9947a58b33ce24e

SHA512
68c9820516e5f17680c50e882291a3aac859df6be761d99fac7f673850dff4413e06b6ff201fcddd9f113d4ed0581b3fa97a5062b890fdb1c1d197e294e83d1c

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb-shm

Filesize
16B

MD5
4ae71336e44bf9bf79d2752e234818a5

SHA1
e129f27c5103bc5cc44bcdf0a15e160d445066ff

SHA256
374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

SHA512
0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

Download Submit
/data/user/0/com.noku.artpt/no_backup/androidx.work.workdb-wal

Filesize
217KB

MD5
6b21bbfae19877eceb4a353bd662bf58

SHA1
37653af42cbf2bb7dbf0fb0f2c0bd21621aa5543

SHA256
ac30eefda53c7ea11333ae2b223a255252732f4d4ba60666e166e28b60dedfd3

SHA512
63368e2c05a1f74f0849dde9ac6f313f20a085b8136a1d43e8c6e93abdfbe8a9a4b2975784996c467d846b2c7446a70d95ea879f0db92dbd701340ad0e3b21a6

Download Submit
/data/user/0/com.noku.artpt/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads