Malware Analysis Report

2024-10-18 22:58

Sample ID 221212-m18xradh5t
Target Paint Art.apk
SHA256 e1d12953bb1adc4ad04ded99f833935f60785f510cf87587cdc860866d8da593
Tags
ransomware joker evasion infostealer trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V6

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

e1d12953bb1adc4ad04ded99f833935f60785f510cf87587cdc860866d8da593

Threat Level: Known bad

The file Paint Art.apk was found to be: Known bad.

Malicious Activity Summary

ransomware joker evasion infostealer trojan

joker

Requests dangerous framework permissions

Loads dropped Dex/Jar

Legitimate hosting services abused for malware hosting/C2

Reads information about phone network operator.

Removes a system notification.

Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2022-12-12 10:57

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral3

Detonation Overview

Submitted

2022-12-12 10:57

Reported

2022-12-12 10:59

Platform

android-x64-arm64-20220823-en

Max time kernel

100489s

Max time network

132s

Command Line

com.nuklis.artpainting

Signatures

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/com.nuklis.artpainting/cache/1633031840514.jar N/A N/A

Legitimate hosting services abused for malware hosting/C2

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data).

ransomware
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.nuklis.artpainting

Network

Country Destination Domain Proto
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 216.58.208.110:443 android.apis.google.com tcp
N/A 1.1.1.1:53 growth-pa.googleapis.com udp
N/A 172.217.168.202:443 growth-pa.googleapis.com tcp
N/A 216.58.208.106:443 growth-pa.googleapis.com tcp
N/A 142.250.179.138:443 growth-pa.googleapis.com tcp
N/A 142.250.179.202:443 growth-pa.googleapis.com tcp
N/A 142.251.36.10:443 growth-pa.googleapis.com tcp
N/A 224.0.0.251:5353 udp
N/A 172.217.168.234:443 growth-pa.googleapis.com tcp
N/A 1.1.1.1:53 infinitedata-pa.googleapis.com udp
N/A 1.1.1.1:53 sites.google.com udp
N/A 1.1.1.1:53 ssl.google-analytics.com udp
N/A 142.250.179.200:443 ssl.google-analytics.com tcp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 142.251.39.98:443 googleads.g.doubleclick.net tcp
N/A 142.251.39.98:443 googleads.g.doubleclick.net tcp
N/A 1.1.1.1:53 infinitedata-pa.googleapis.com udp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 216.58.208.110:443 android.apis.google.com tcp
N/A 1.1.1.1:53 infinitedata-pa.googleapis.com udp

Files

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb

MD5 e579a6b00eef1318f9166352228eba18
SHA1 76988896854f0139083e77862eea1a4846cf039f
SHA256 4b34cf505050facf47aa7936e4e7667e1969105665c632b3eefe7ecddf9a6935
SHA512 c47632e957d87727bf6504a82ca7a44d8da24d30cd997a0f449a96e4f97c656a1b4d9da3fcd827e2a48c59677688da0b872358ebd0f9369d898d1b8ec18d5699

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-journal

MD5 24410dfae88bb11df4845b17c07034ce
SHA1 9a1f077091ab312788fa9e08a47579f658c5b951
SHA256 fedb6cf0cc7258491cb0aa52234307b345981370e034ea459fc3a5c03cd4fc52
SHA512 90870b1c140301d5c7f3b00408b35405e1a1e14eb27b7b140019ff37109a98d2480fcd5e3f272191533133a74cc326e5f1e20d398280a9864db4c0e930b834df

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-wal

MD5 c7b6b642066959074692e96e254253a0
SHA1 adeb5dadb128983ccc1ad5f02e41b656f0aac4cc
SHA256 1d5cf3afa3a4728127de1e4e58e85a05a0b7f78833a4138f90687af4bcbc145e
SHA512 99bd0da7ca1fdace71e981b9a1bbf92c6c4ca631936864931a2e515a44fc081d16ee41a26b6e0495b12f4ad2f8eaddea8e56c7ab5f8cfa909773bb8cd46f336a

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-shm

MD5 4ae71336e44bf9bf79d2752e234818a5
SHA1 e129f27c5103bc5cc44bcdf0a15e160d445066ff
SHA256 374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb
SHA512 0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

/data/user/0/com.nuklis.artpainting/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/webview_data.lock

MD5 438a9ec91919293beb2d538f129b9a1d
SHA1 2c813767ea152dc31ab17fab1e78187af9da91c3
SHA256 2736df8cb351e072183ebca0a39e1b7c46adebcfbd1257fa8a6813c134ec8862
SHA512 cf5b482a62f4234c0bed779f77b69de2579e1645de71225922f38aa775d369f4e500635b64e627eb46e7d9970a4b63c244a6ed30103488689e226bba530b341e

/data/user/0/com.nuklis.artpainting/shared_prefs/WebViewChromiumPrefs.xml

MD5 97ccd9a2b2063143df56b6937f961ca4
SHA1 5e78a91ae5df289ce83443cb7d5589dd3504fb5d
SHA256 248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd
SHA512 86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

/data/user/0/com.nuklis.artpainting/app_webview/Default/Web Data

MD5 a48cd9324b1f8754b07f00d863b840f3
SHA1 11c6614775b35a58f440971dfc87c8aaac6d6173
SHA256 8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420
SHA512 35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

/data/user/0/com.nuklis.artpainting/app_webview/Default/Web Data-journal

MD5 185c751c4d12a1fb169f558d3c35702d
SHA1 4c4a39d279e3bce32c12a3fa43a036817788489e
SHA256 1c9f23c65dabed1f9a76da16a0edf20d281de9a0a7059fc0545f85fc7dd81479
SHA512 0bdf58393a925b651da1299119b10c61d3513eed4bc2f5919e150b4474c7e1d9072d5e8445376245298c2fe253c813876985ada537c1aff82de1453e58161ae4

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/Code Cache/js/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/com.nuklis.artpainting/cache/WebView/font_unique_name_table.pb

MD5 f080fa2a56ab5479d58063e5ea871447
SHA1 4b3fd57a98916fa5784305b76ba30af26b5253d9
SHA256 0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815
SHA512 8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

/data/user/0/com.nuklis.artpainting/cache/1633031840514.jar

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/cache/1633031840514.jar

MD5 38c960945cceba468ee4f1772abb99cb
SHA1 c7c2d5bdc5d06a5f43c24809602d0f2d2ba8e62b
SHA256 b8d90074a4efd78bcdecc27a24d4249d53b0b76134590750733d1136d9ad964e
SHA512 efa6c5518308ded2af559bdf6276176be8f7067dd1a486dc7f23395435a2cfca4f40106275e38ae126b52d943fced8383f92469c734f3b721cfcc78db400e1f9

/data/user/0/com.nuklis.artpainting/cache/oat/1633031840514.jar.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/Default/Cookies

MD5 dfb2098ca7b3bf16d6f5f1e7d3839af5
SHA1 ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d
SHA256 e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224
SHA512 fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

/data/user/0/com.nuklis.artpainting/app_webview/Default/Cookies-journal

MD5 fdc0403b8a7cf5507e5c4a1729bc7efe
SHA1 d9c74d1ee7e7a385bdfbd2590363065bbb0201d3
SHA256 af187ebde5ca98d41f4417fbdb332ddb0bb5ccfc5fd499723c7405c36552930f
SHA512 296c05eb26e5ac333618b7ac826a97d73e0ea2351d1168307283f62a504a3875245e5914e3cf469ec9a4ef690874665aad38a54657b5561e357cf53e4a06b2cd

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB

MD5 570f0c64ad1c14b608e55621c90d3d12
SHA1 c7dec36f6acbf6604372db015caeea191c16d8d5
SHA256 1a781cd15e8ceb685a08cd43cf2b722e87124e4fb4cdf4072ebd1b51d3ec936a
SHA512 bb474cf83ad570f4243ce8ea061fddf62f5ffce7abb3f909bc6c640ef27834f769ea03d44a49b52b85d3e83ffd3a9a7f9397cf9ae53af6f7c5db282c100327f9

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-journal

MD5 61cb9af17b8fa8dd63e8c745800e6d64
SHA1 2ce172fc4180e5e9712cd7296f8e861637483c43
SHA256 20d1a2594170b2393fd93c835aad1dcca05fa7e9bf416734c2052b1dfa4cfc09
SHA512 0aea7f8a6a381de22b78b633a3194776d6d4296f0296e28b17d58026709b81ae96238b84da508874dd32ebfa8e09248351c0a4034106f50ef370ac682419c000

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

MD5 ddc73238a1d305e02a8aa07fc7d5cfcf
SHA1 899dbeb3dddf93931de5852892a24abf94104efb
SHA256 5d85b96954019084087f0e89bc6576c46961488a8ba3a88b4de3e990330c4218
SHA512 8619e4b3060122aa2ba042ec8ae64163bbb191e6c0cb907114ed47a61139b2227805b9511397cbbbfa55e77b15861531d1bdfb5fc151ad2597f5bf2cb53c94b8

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

MD5 40d00f14a79eb853353531ad532246a7
SHA1 5e9c772ba1d96d913ab3da4c7915792121243f22
SHA256 b591d049652163504d7ebc1cf7fec61840e5e59e50fc7a55fdcade0201b317f3
SHA512 e48c642448fda14c61bcb4a7584377dc2536dbf8203aedd5e25cedf70dca730ec83f1c40bb3abf0b2ab1e91e9d0bf3520e0ec5e0adea80e5974061f56b8a1e00

/data/user/0/com.nuklis.artpainting/cache/WebView/Crashpad/settings.dat

MD5 48df748fe72864f2015814ec8ce1754c
SHA1 d37ca9c7c43d2a543fced15362c8c09d01f900ac
SHA256 5a0af54b2cd9962adbeea4a006b7aaea2ec4eb88cfd9d8b2f430f498fd52bace
SHA512 c8dd4c5104166d457fb57812b0e503b7b9bc41bed7118bb0f8757e5d50b48b61941cddb367b32fbe27a5c989f8949c99b6de8503644738e0038a4cf97c29e8da

/data/user/0/com.nuklis.artpainting/files/temp/layer_1_1670842639894.png

MD5 f31e821104e08ddc2e2afaf558fac542
SHA1 d40668f4c691220258e9ce2d5afac5a039aa308b
SHA256 289e9ebd3e31faf2cf2293aa0eb5f5293fdfc04de8c9bd6bd00b7ef587e975a6
SHA512 5e730b90a0452a7e195ec1fb5cb79067c1dd383e51c12970b4714a2a41b08ec0969a9a234b5aeabf5165f84bec63ed7acda2a3e836e77d76645089679843ba07

/data/user/0/com.nuklis.artpainting/app_webview/Default/GPUCache/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/com.nuklis.artpainting/app_webview/Default/GPUCache/index-dir/temp-index

MD5 0b479dd37ffa172a6b937d296374c7bb
SHA1 8521b934361156099ff09c113aeae3f739ca827e
SHA256 daade15e545474be183dcb31e14d7b9e76c5602c09817231fcfe827a6eb6d31e
SHA512 61109008a5f8fb58f5bcf0949eb2c23252ff2279fe0d300ff3e20abdd8b96665e787c41af8132aa82954093650fb1da4b529fe60c2cbeedc97a428038166de9d

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/f038e94cb33282ab_0

MD5 bf884a3a8d54dafd134a3f38c43a0bc8
SHA1 801fde8bae2150dcffa07db24ca3d464d0ba6d61
SHA256 67979f3a4f76d3cfb0fc9ba46ce8236fe861718488389b615340a906ad5518c3
SHA512 5849f79edaca1489f91dfb07cb550ea7f7b0abd5dea708cdaa424e6a92aee56e47f18214425cf9360273ab9374f2efe35b31034dbcb2fd4bbae4a762bdca2b02

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 8a7c6a40254b2e8c9ce7e8aa8f6885c6
SHA1 069906dae108e4db9965b8a2f83bf0d1a21c0b10
SHA256 ccb9437c20235b98c832251f86bc4ce0e4130e671e704027f2faa6617e697c4d
SHA512 d24d1471d72e907cd9f5e2834eaae4c9ef9c817ed0165a37badc650334b67e3a27e128894e9aeff9733de4c1697d0cda7d8ae3591e21f3acd500463d8340d09f

/data/user/0/com.nuklis.artpainting/app_webview/Default/Local Storage/leveldb/LOG

MD5 180987d27d8c768744c10a2d6d5a8ba3
SHA1 0861ab666b46ba97d00b7e43729cac97e16a8501
SHA256 c69135773a3f35a01e6765fe24be376c8aca0b53ba9565592b79ea6c350ae980
SHA512 c4dd031a94ae03cf18d65ba0671810c51aec5222992acc5606a3e2c64a0681558a3cc59c32e5eba87cad44b9ecc2ad7b506119d26c77da0cd1d243dac83e1f84

/data/user/0/com.nuklis.artpainting/app_webview/Default/Local Storage/leveldb/LOCK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/Default/Local Storage/leveldb/MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

/data/user/0/com.nuklis.artpainting/app_webview/Default/Local Storage/leveldb/000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

/data/user/0/com.nuklis.artpainting/app_webview/Default/Local Storage/leveldb/000003.log

MD5 2cb2b9f73765f2577948f7b32a76c476
SHA1 5cecb4d568be95e7cd64528cfa81d4f9707a45ba
SHA256 9c5126fc1c5716fa593197e3bd365efeca48a120b7535aa53b249aed85ff231d
SHA512 ffc1d1f3388ee816803e12ee15e48dc78618691b283a0e2e5ad3b5ccfffc9a215247659a15a88d7700786a8b6eecba3e151b24b8cc665e06ae7abf763301a68b

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/dfe6b2497a7513ba_0

MD5 4b262217db41c165364cec6e79f3c29d
SHA1 212dd406298a64ba346591f2cda5814503d5e7e5
SHA256 ea6405e58bdd7e0f68006910afa99c9d21d9173b44f9b39914c8e8f3f0996511
SHA512 7e081ccf0a6b67c6dd0bc10fff65cce475d95d44613a61b7e3e7d8d8987f61cd1ed9927a45d6ea9543af3bfb8a537a7c4b5c122a737c50e9d1f6d71b7da76639

/data/user/0/com.nuklis.artpainting/app_webview/.com.google.Chrome.q2TYf3

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 253433e2ea39e7c4c1f5883ba1a02a77
SHA1 adfcf2bdfd82c56f55cb88c1c170d2cf2c1631e8
SHA256 8eda5570e0ec6cb7952c42a70d68ee535657e1f531b8390b36bec8fd36b16e54
SHA512 29e64713f0bebf904aae2c2626e7c451cdb97a72ef607129e2d6afe9cfc8c4abe0304a85f4d8c2ff22c575ff69984ccf3255aa627be352cb1a6a927eedf6c3e5

Analysis: behavioral1

Detonation Overview

Submitted

2022-12-12 10:57

Reported

2022-12-12 10:59

Platform

android-x86-arm-20220823-en

Max time kernel

96801s

Max time network

130s

Command Line

com.nuklis.artpainting

Signatures

joker

infostealer trojan joker

Loads dropped Dex/Jar

Description Indicator Process Target
N/A Anonymous-DexFile@0xe5575000-0xe557664c N/A N/A
N/A /data/user/0/com.nuklis.artpainting/files/vitality N/A N/A
N/A /data/user/0/com.nuklis.artpainting/files/ionsxg N/A N/A

Legitimate hosting services abused for malware hosting/C2

Reads information about phone network operator.

Removes a system notification.

evasion
Description Indicator Process Target
Framework service call android.app.INotificationManager.cancelNotificationWithTag N/A N/A

Uses Crypto APIs (Might try to encrypt user data).

ransomware
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.nuklis.artpainting

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 142.251.36.14:443 android.apis.google.com tcp
N/A 1.1.1.1:53 infinitedata-pa.googleapis.com udp
N/A 142.250.179.138:443 infinitedata-pa.googleapis.com tcp
N/A 1.1.1.1:53 sites.google.com udp
N/A 142.250.179.206:443 sites.google.com tcp
N/A 1.1.1.1:53 thoroughly.oss-ap-southeast-5.aliyuncs.com udp
N/A 149.129.200.69:80 thoroughly.oss-ap-southeast-5.aliyuncs.com tcp
N/A 1.1.1.1:53 cxjus.oss-ap-southeast-1.aliyuncs.com udp
N/A 161.117.155.70:80 cxjus.oss-ap-southeast-1.aliyuncs.com tcp
N/A 1.1.1.1:853 tcp
N/A 1.1.1.1:853 tcp

Files

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-journal

MD5 1bf44591f8024bf4f9763e3dc9553cd7
SHA1 cd622f88c292e0b0b56af56d0d1e2a0902d08602
SHA256 308a0811fe5d304c6bdfcb723fc37d8e4aa7f2043e14e69cfe3f96383ce7bc0f
SHA512 9cc654c347e425848be82efa68b52ad11a80b8c93474430e05f2ad93db8f874e4ce38d7b00cf5b13b3e6194d46717724be771d7359f1ae63fb829f92886e4145

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-wal

MD5 1bf872475524ce57dc329b8e213a0d2d
SHA1 bf2d752afa7ba72b4109f9a1eae9b659dc5a30cc
SHA256 15cf84ec756077265b9f9ccdb412a970919689886228e9928b8b61c9440f9c67
SHA512 69854d888a9bb8d3b9523debe952cf29186f604a22d50e261aeab778cd0687effd87bb640a2276f09b6ece4c980e1b2bd479fcd005af851886fb3e5c7e326966

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/storage/emulated/0/Android/data/com.nuklis.artpainting/files/-1451633082

MD5 65022f400beed4ca6d9477b5c77cdbf4
SHA1 9b991d7fcbf513dfffdf99a86327fd6c7a096dba
SHA256 846a4698d1b9c78debd575539795492f4a90660840b7e7391ae24c1a1398ba5b
SHA512 4037a5d7b6b23c5a458e29edb53134c68ba68950eeec51a5ecdcee9111f0403c8c1b56831717e3f84cd5104098b7ab04f8362365c0ab8077e80329c01dde05a9

/data/user/0/com.nuklis.artpainting/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/webview_data.lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/shared_prefs/WebViewChromiumPrefs.xml

MD5 21223e9184445fe043476484cd8cb1f9
SHA1 2b4813f849121d60ba35eb0889080668bb62c778
SHA256 bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af
SHA512 be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

/data/user/0/com.nuklis.artpainting/app_webview/Web Data

MD5 dc79f9ce5f3ab5270b33e61119dfc959
SHA1 1844bf222a5144b513dcf2fb50a18c011701c647
SHA256 47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65
SHA512 18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

/data/user/0/com.nuklis.artpainting/app_webview/metrics_guid

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/metrics_guid

MD5 72d04826f5905711e7a1257ebc6ebe5c
SHA1 dc362a07c6a009b0516252bc8b4ec303111dfe5f
SHA256 11896270b5af1af32dd0dece2bd6d2570f4c5512824db4dec4bfe027b44454bb
SHA512 59cc83a5f65a39af4e9ea6918752dde99b189d45f0ff217c47682b2f38f911ecc23daceae023d528ce1dae4ca8b0686de5ebb2e434052bca99fb4eb4e4416dbc

/data/user/0/com.nuklis.artpainting/app_webview/Web Data-journal

MD5 d1a4d53e959a13dd7da398a56cad7372
SHA1 0d7a939c8df4b48833a5be9362dccc295404065e
SHA256 be9241929c894455d6d1bf2df557d2990cae46c386e984ee16e70032f251fea6
SHA512 214a0702482f6f55779f766135c28cd467716a65269c99328fc6b922138b18065ef30f3dc324b1ecef7de5d1c00ff316c3184692b8b5fe67bced95a7e16bec72

/data/user/0/com.nuklis.artpainting/cache/1633031840514.jar

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/cache/1633031840514.jar.x86.flock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/cache/oat/x86/1633031840514.vdex

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/cache/oat/x86/1633031840514.odex

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/Cookies

MD5 cb7543c4df600f2af58097cce0e334ba
SHA1 83cc92f38c27fdb4fa519b1ce2f37912f24af1f0
SHA256 64c022ae708f94ffde986e105d88f708884de325720bfb9925c4160a6d417233
SHA512 ad51cad0472327bd68aa2d791341cfafed58971752352537bb603ed18b15a3f9185e9150983a28ecd09606e8dcaef6d1c9d93213dd246ef7720f39842eb3d980

/data/user/0/com.nuklis.artpainting/app_webview/Cookies-journal

MD5 c5782fec95604f3ca9bc39d63e35d5ef
SHA1 183413a886fd2c103cddc5bdd32a4e54519edada
SHA256 edcb504d720dcdd61db8701032df65a0034542debf3a03b9a1524c381a8d5416
SHA512 0ee5eda7a009757239b4daf51a6c5218a62e8920822b2aa943b33fe29df6afe8a96aa43c48cd540143b1cd0916ddad58f9498b420ff7d232d4d98702dab1e6ae

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB

MD5 c2dbe60d92a4c841ffc4c9f9b6131aec
SHA1 50483e82d68e37d054d3c7ccdf812afeb6626f25
SHA256 23f8db729e1b9a205e42e197a37b7255d62492e3642e00476ef77c135d57b3b8
SHA512 4f1a9efae44fb658075e5d4ad41642e118562405248c2f5416bdcbf0f9e5f497d08263402b67186dff6e43550e9e9ab61ccaadbbce28c242197f6e2f5d7544fa

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-journal

MD5 79042c931a09ad3ffb523c805f7a6b46
SHA1 3becc9a951fc92465171ba4be829c544527bb5e4
SHA256 18e4e9c34cc39069cd7af999453dddf679766c854081bbce4efc0d79c88c16b7
SHA512 b9e65fce3f177dbd668eedaee95e449d6a8e9f4f87e007ea82ce782497578ac4ce711cc7dd304f390e9af6ab93be4e7eae3536c471e6f1aadd142e122e2851f1

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-wal

MD5 9f682d652729beb7dd610e75270af769
SHA1 562834fc36de5ed61cb7f79816edd9d9e63be636
SHA256 141e5036c690c6cab666eb43ec79c2721ac06e62e926ab60b45834f5d051bce3
SHA512 20d05811f7a431a475e17b718621ff00a824630fc6ae95a0ed7cbaaa00ba15182d05604aa8ca7a1a7f1e356bbc4bf46b5ebe1514b2f7727796bbb7d4dc4b906b

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-wal

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-wal

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/com.nuklis.artpainting/files/temp/layer_1_1670839040976.png

MD5 aae4d28956b6b420bb7b24002b22b494
SHA1 b276ae47f151a3724340f0508176c35308812aec
SHA256 ee2355504e7096f63c4607e59a9081be9ab6ee55dbe4cda997e6ad128160df11
SHA512 ad222e81e4ecc53b1ba432237367316be04ec032902161fdf2f1c4659b16efdfccfb836a306006f124af2cd4d7de0eefa49c2f65534cda04e23e83f527957a65

/storage/emulated/0/Android/data/com.nuklis.artpainting/files/1463903199

MD5 cf11925fbd5e7de3cc30bff793d2d362
SHA1 2f10f00a4914ecb9ef31842f4a22041948570aab
SHA256 13afafb20e8cdc06b1b747665e024bce9fd3efdf9a5debb7a853b61ef4bf540a
SHA512 6737dbe5a2f5c72f7d4fab9c04dc52756b917303cd909aa20be9cdd268c8d08187f5a2b7eaebf8f6af1024617c15821d90fbef927bf980eb6acf7e62713a2f60

Anonymous-DexFile@0xe5575000-0xe557664c

MD5 cf11925fbd5e7de3cc30bff793d2d362
SHA1 2f10f00a4914ecb9ef31842f4a22041948570aab
SHA256 13afafb20e8cdc06b1b747665e024bce9fd3efdf9a5debb7a853b61ef4bf540a
SHA512 6737dbe5a2f5c72f7d4fab9c04dc52756b917303cd909aa20be9cdd268c8d08187f5a2b7eaebf8f6af1024617c15821d90fbef927bf980eb6acf7e62713a2f60

/data/user/0/com.nuklis.artpainting/files/vitality

MD5 3c30eb296bb5eadfda95ebaa84ad9b5a
SHA1 210affe08e642caad98f5b53c3e14ee52c34dcdc
SHA256 7046320162f6db8670145a648c08e3c94ddb7064cf4204f7531eaca627404e27
SHA512 120672861673362f1474af120001d1e2fb46c7db872e27706e1835fa584f49513d5c970b0618b0eaecd27869fd937267b030881c5e5a0e866db327e9d27f42cd

/data/user/0/com.nuklis.artpainting/files/vitality.x86.flock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/files/vitality

MD5 f2e4732bba985887330fac436cb3496c
SHA1 731562c0252a55ab141ec86335f502decf6a7d88
SHA256 d89523eb3b0c6e611b1e041792265e8f67b921d58032ee81afe262d8b99a07ca
SHA512 024ac60af79d633bac8d10ef2797e9cfa510602f58f9482920b9dc58c8a5f464d9509b4e5e587f39784fc440c903eaae05aaefe214832055cad889754d043b79

/data/user/0/com.nuklis.artpainting/files/oat/vitality.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/files/ionsxg

MD5 0d4e0388ddad6dfab2e1d43c0c339ad0
SHA1 a097d295281c4796030ad3a8d6a24cefc8ac53b3
SHA256 409633ccb7463620e5f774ed0b466839f5aaa8f8005082af67bb7bbfbbf1a8b0
SHA512 381e7b5b19ff133c96550e860e66e5d61ee75bf73be268d7eeffdd5200b59e293ac979a07a303eb3d2e9b4f6b20acdb0335398f0b13c4c64a48b184c8e273d3a

/data/user/0/com.nuklis.artpainting/files/ionsxg.x86.flock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/files/ionsxg

MD5 25b621b14e9bdb8d3009a25ac15b2997
SHA1 fab787ef17d4b1fd8ba506ac433c90933685972b
SHA256 d1491805efe37e08dd402d82d7e03b74c27dd21b00963aaebf1eba373d803b56
SHA512 be560e695ca2b63672381b47738c5ce9963ca1b2ad3ad42c723e464d0f48ed6d67fb1b98197f597219e8272ba0c67a7d375ee05ef7d34f665dc4d3da58b69355

/data/user/0/com.nuklis.artpainting/files/oat/ionsxg.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Analysis: behavioral2

Detonation Overview

Submitted

2022-12-12 10:57

Reported

2022-12-12 11:00

Platform

android-x64-20220823-en

Max time kernel

100493s

Max time network

168s

Command Line

com.nuklis.artpainting

Signatures

joker

infostealer trojan joker

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/com.nuklis.artpainting/cache/1633031840514.jar N/A N/A
N/A /data/user/0/com.nuklis.artpainting/[email protected] N/A N/A
N/A /data/user/0/com.nuklis.artpainting/files/vitality N/A N/A
N/A /data/user/0/com.nuklis.artpainting/files/ionsxg N/A N/A

Legitimate hosting services abused for malware hosting/C2

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data).

ransomware
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.nuklis.artpainting

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
N/A 1.1.1.1:53 sites.google.com udp
N/A 1.1.1.1:53 thoroughly.oss-ap-southeast-5.aliyuncs.com udp
N/A 149.129.200.69:80 thoroughly.oss-ap-southeast-5.aliyuncs.com tcp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 1.1.1.1:53 cxjus.oss-ap-southeast-1.aliyuncs.com udp
N/A 1.1.1.1:53 ssl.google-analytics.com udp
N/A 142.250.179.200:443 ssl.google-analytics.com tcp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 1.1.1.1:53 googleads.g.doubleclick.net udp
N/A 216.58.208.98:443 googleads.g.doubleclick.net tcp
N/A 216.58.208.98:443 googleads.g.doubleclick.net tcp
N/A 1.1.1.1:53 cxjus.oss-ap-southeast-1.aliyuncs.com udp
N/A 161.117.155.70:80 cxjus.oss-ap-southeast-1.aliyuncs.com tcp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 216.58.208.110:443 android.apis.google.com tcp
N/A 1.1.1.1:53 android.apis.google.com udp
N/A 142.250.179.206:443 android.apis.google.com tcp
N/A 1.1.1.1:53 accounts.google.com udp
N/A 1.1.1.1:53 accounts.google.com udp
N/A 216.58.214.13:443 accounts.google.com tcp
N/A 1.1.1.1:53 zrmbhndqzlznyjm udp
N/A 1.1.1.1:53 wsvwued udp
N/A 1.1.1.1:53 etuptenqlttfddd udp
N/A 1.1.1.1:53 etuptenqlttfddd udp

Files

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb

MD5 b6ca8b30661a7844ed292db75a29a953
SHA1 8e0d397ab1f2ced1f143829084c3f53333743bdd
SHA256 63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb
SHA512 d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-journal

MD5 b0306acdf716b11f1e44ac3d68aac96b
SHA1 94f8ee36e916d158af787b59ecfafcde9bb84ec2
SHA256 253e93942b1b9a6e33d399cb56819460c3f7d93bba279549a304dc44471a162d
SHA512 02f7214a5d0f6bddf719d74cfb7b794566395b30f37b2bef65fb6accf7ab30706a7a8ae3e4464764d5029b4afd71765fb21e4271162a3bdb2fee1b379bb7f588

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-wal

MD5 42cb4396e6de04c14cced218db8c8873
SHA1 24c7fedaa39937315cf39a239947d484864b8ab0
SHA256 2241a86ffdca76e70cf36332f98fdb57f6a292ba73f6cd25793bbf8ae0e6cf1e
SHA512 60e0b78f81cd288be04337490fc081026d2bbf77cf6814ff12a3d5413ae491bbe3f170ac76915dd3c5a3c4e12984bd849c454d7607ed10c1f9f20731b9a92903

/data/user/0/com.nuklis.artpainting/no_backup/androidx.work.workdb-shm

MD5 4ae71336e44bf9bf79d2752e234818a5
SHA1 e129f27c5103bc5cc44bcdf0a15e160d445066ff
SHA256 374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb
SHA512 0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

/storage/emulated/0/Android/data/com.nuklis.artpainting/files/-1451633082

MD5 3c223094a23dbd76501ec5bfe02a8c51
SHA1 165fd5f36108a7607868e5c002e638938157828b
SHA256 1fc0177b909092f15bfc6c082514e321c82699545a48886f56b2e6f98585db3a
SHA512 1aa75614816c5aceec921eeeff7a13c92b5ff8efc36fea4bb461213ff52e0ee23439e8f42f070409e82fa1b5ae7d6efe9956b9a470a9882164e1126685adb9e3

/data/user/0/com.nuklis.artpainting/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/shared_prefs/WebViewChromiumPrefs.xml

MD5 6ef709b8536878951e87c29a1518fc2b
SHA1 24376c70b00152501b3d98df61fa7db435339172
SHA256 10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6
SHA512 96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

/data/user/0/com.nuklis.artpainting/app_webview/webview_data.lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/metrics_guid

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/metrics_guid

MD5 ac58c40ac9f27af1825d45f13ef645e0
SHA1 d5be77cdd0d0386bb3e3dc99bdb7bdbf8127568e
SHA256 fa5b14ca60eddec6fda62364d335bae26d237dd15200c4240b33d4233dacebd6
SHA512 9a6deb6dd4921d3b82449eac619f404520c7d94c3482ddc16d217042222d04cd521217ffbe6de5101ede329e60ef0bee0510958b3be40b93af0ce83cbbe3e088

/data/user/0/com.nuklis.artpainting/app_webview/Web Data

MD5 b663831f8cc130493476d94f2d7a5330
SHA1 043a1956ab8e40821d67043f8a9110a8eb36fb93
SHA256 c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7
SHA512 e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/Code Cache/js/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/com.nuklis.artpainting/app_webview/Web Data-journal

MD5 7319324e1e087ea49f0ee630687fd7a0
SHA1 8ce8aef9b9e72315dcc2a81c258c04314b3ad320
SHA256 2ea9e95496cee189c0f9a9844dc9e1cc43fafbec0c2ec7e6922a633efb6d0717
SHA512 27c66b1c2c2679214953316cc494ae13e6b1092191009aa363b0fc73ad2e9f7b4e531bb73084d3dbbda54e240932ec0b89b05a5fceda58a52a308091ce468dfb

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

MD5 3faaf859811cfa4991ab1f7995bbb1fb
SHA1 c5ea945799ce32e4ab549effd19c1444934fe244
SHA256 f2d1da20c39669d9b5246e678e049ab6d15d55db4019e32dd54415677d3b48cb
SHA512 33eede35b95261d70d20e81a738fea55c46ead8498dd2792368f72e534418add895421baf7f55219f0006e8f80edd5f44fb4182bc4722b6b6cb71f136fc0688a

/data/user/0/com.nuklis.artpainting/cache/1633031840514.jar

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/cache/1633031840514.jar

MD5 38c960945cceba468ee4f1772abb99cb
SHA1 c7c2d5bdc5d06a5f43c24809602d0f2d2ba8e62b
SHA256 b8d90074a4efd78bcdecc27a24d4249d53b0b76134590750733d1136d9ad964e
SHA512 efa6c5518308ded2af559bdf6276176be8f7067dd1a486dc7f23395435a2cfca4f40106275e38ae126b52d943fced8383f92469c734f3b721cfcc78db400e1f9

/data/user/0/com.nuklis.artpainting/cache/oat/1633031840514.jar.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/Cookies

MD5 9b23e6a88d5a95f155f205cb04b93cd0
SHA1 b62dccbbef087a0731f226b96d15d35d8aa5e5fc
SHA256 f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857
SHA512 bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB

MD5 88071e85bcd69a166751848a665e3c44
SHA1 c2e6aaa4c826580174626ddfad8cdfec8a160c6c
SHA256 ecf3d48ded7978e8de46066dae0c07a2f04db68c6d41fd1063749eb9efa1fa24
SHA512 d04e228386774f3858ee1f49165e918fed346f9539a487fc19cdb50871866b78ac9aa94f2e5b30d0b157d8ea96bc1f0ef51344a2d2013a725f13897ed02e521f

/data/user/0/com.nuklis.artpainting/app_webview/Cookies-journal

MD5 877d8db6ff19b088c62f6483fdf80346
SHA1 5b2e83408f0174b0d563dde278afb8aded66b598
SHA256 8bb18840a166f696aba47f18f7974ac413cabd0c9b55fc880e813ca4804528dd
SHA512 e1341a7c668c46063b4ec81bc72491c27e7c53cc13118d0b3794ee87652c0dc12520d74a499c2481e9c07b7a59f6127a6ddb88b265ad90a328ed574c0fb96ee7

/data/user/0/com.nuklis.artpainting/databases/PAINT_ART.DB-journal

MD5 ceb5455a063628e4df2aa857466d244c
SHA1 75982ec86ce5fc949e15339fe54499234e4700e0
SHA256 b646f47c9d639282cbf7a7318a0c488c54d4e9657cfb2e31105965e203b2176a
SHA512 c6a372d467ab7b33c486f2d41ab993048270d6be5493d8bf26eb1dd521b33000416d8f8e7a856e7470b9ec6e24f22dcf8b983c4581a5230bebfb1c8b3123ebbb

/data/user/0/com.nuklis.artpainting/cache/WebView/Crashpad/settings.dat

MD5 39e2fde2e9a5b8703cf65c701ac7df3d
SHA1 a5abea415a9deb273e2a443a33c5576c0b1e7ab3
SHA256 0f0d08e2f56c39f7a71088ed4205e62c1d35eb855b8f3bdc8e6bbd46a0ab48cd
SHA512 4cc7b16debb3d54906dda488566ac5af30983c6f443552d0d7af59b09ce054e91037fc09752ca665eeda402cee9331a7f17527e273642a4f49b9fb16962123bd

/storage/emulated/0/Android/data/com.nuklis.artpainting/files/1463903199

MD5 cf11925fbd5e7de3cc30bff793d2d362
SHA1 2f10f00a4914ecb9ef31842f4a22041948570aab
SHA256 13afafb20e8cdc06b1b747665e024bce9fd3efdf9a5debb7a853b61ef4bf540a
SHA512 6737dbe5a2f5c72f7d4fab9c04dc52756b917303cd909aa20be9cdd268c8d08187f5a2b7eaebf8f6af1024617c15821d90fbef927bf980eb6acf7e62713a2f60

/data/user/0/com.nuklis.artpainting/[email protected]

MD5 cf11925fbd5e7de3cc30bff793d2d362
SHA1 2f10f00a4914ecb9ef31842f4a22041948570aab
SHA256 13afafb20e8cdc06b1b747665e024bce9fd3efdf9a5debb7a853b61ef4bf540a
SHA512 6737dbe5a2f5c72f7d4fab9c04dc52756b917303cd909aa20be9cdd268c8d08187f5a2b7eaebf8f6af1024617c15821d90fbef927bf980eb6acf7e62713a2f60

/data/user/0/com.nuklis.artpainting/oat/x86_64/[email protected]

MD5 242fd5e163e734a17f430352ec3c32d5
SHA1 ac3d6b6fa2943d09ac302e97818ca9b5aed3e19a
SHA256 38a68720d45ae81d5e86f43b6e44276ecf5b55ffa6226b14d0e0d24055d874a3
SHA512 2234129f456012b07d7844eae38ea9dc47efdc98288f9e2ee1a02d8bb0ca4bcd04108ac0bc3d99f7ae4e701be89627e3164b43f7a563810ae3c2f5a60eb26fc0

/data/user/0/com.nuklis.artpainting/files/temp/layer_1_1670842639305.png

MD5 f31e821104e08ddc2e2afaf558fac542
SHA1 d40668f4c691220258e9ce2d5afac5a039aa308b
SHA256 289e9ebd3e31faf2cf2293aa0eb5f5293fdfc04de8c9bd6bd00b7ef587e975a6
SHA512 5e730b90a0452a7e195ec1fb5cb79067c1dd383e51c12970b4714a2a41b08ec0969a9a234b5aeabf5165f84bec63ed7acda2a3e836e77d76645089679843ba07

/data/user/0/com.nuklis.artpainting/app_webview/GPUCache/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/com.nuklis.artpainting/files/vitality

MD5 3c30eb296bb5eadfda95ebaa84ad9b5a
SHA1 210affe08e642caad98f5b53c3e14ee52c34dcdc
SHA256 7046320162f6db8670145a648c08e3c94ddb7064cf4204f7531eaca627404e27
SHA512 120672861673362f1474af120001d1e2fb46c7db872e27706e1835fa584f49513d5c970b0618b0eaecd27869fd937267b030881c5e5a0e866db327e9d27f42cd

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/f038e94cb33282ab_0

MD5 2896ad7d3d76719acb076170e97a3d22
SHA1 7ab032aa1546d8c50cd6927cb47cebf386a9d582
SHA256 014825c10c3f198f71780f49460f8a74773d92c75f37a2fd1e1df8c1ca3bb0bc
SHA512 c151624b18e93fbe0feac0e5f82bd71794ea0e6d84c25483593b64e7a4652368f6f233136037e13b9f1ff9ba299785b0b5a8544279dbe0e4dfc53734e566c7a6

/data/user/0/com.nuklis.artpainting/app_webview/GPUCache/index-dir/temp-index

MD5 ed4ee5c958488912198a79258aeeb619
SHA1 c085c1dc8afd6e9df44b3f107683fc70c8679554
SHA256 8ebf1252366119bf3f8201c5a5d661437402890ca3ffc0b110359970be708fa2
SHA512 dcdc3f9f0ad85ed1bcc7ac73d06b6813489dd251e8fb52ea7c5b231dc4e7381be8455f1c1bbedb36670b5338f90fe49661dbf9b715de6a2b736a2a6c5f2346ae

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/index-dir/temp-index

MD5 17761e43e7e06e14b2cd3f6d0f208d8d
SHA1 7627186c5c3f03b142386c8c09eede3fb7322980
SHA256 6211696988ee0968a6e5512ba43b0ff27d961905597627b1eade4e9592019edd
SHA512 3c9212a5c17e6e7bc7f78a04a236e950e5e53a5bcf0e66581881a23d2426dc9912e11928a4ac51e961f376a8a309325d9c1a7902c3a72aa5b35a02614d9b0ff7

/data/user/0/com.nuklis.artpainting/files/vitality

MD5 f2e4732bba985887330fac436cb3496c
SHA1 731562c0252a55ab141ec86335f502decf6a7d88
SHA256 d89523eb3b0c6e611b1e041792265e8f67b921d58032ee81afe262d8b99a07ca
SHA512 024ac60af79d633bac8d10ef2797e9cfa510602f58f9482920b9dc58c8a5f464d9509b4e5e587f39784fc440c903eaae05aaefe214832055cad889754d043b79

/data/user/0/com.nuklis.artpainting/files/oat/vitality.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/.com.google.Chrome.tiDdt2

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/Local Storage/leveldb/LOG

MD5 fd9e51800f6e4f6013b7f4610901dc09
SHA1 d90799c6a8a7e8f062b1b30a54ce41b7129c9b92
SHA256 ea397ff1b41f1842a14a75fffe5b9af00a905651193aa89d7b880c455b3c1d54
SHA512 b03d6c381c0d643f9b71e0670da64567f7315b1502a3790d8b7d675ef390a55eda1e74cf9c6069ef87b9809bebd801e1522ca8e210a6db284140b41be0c65812

/data/user/0/com.nuklis.artpainting/app_webview/Local Storage/leveldb/LOCK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/app_webview/Local Storage/leveldb/MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

/data/user/0/com.nuklis.artpainting/app_webview/Local Storage/leveldb/000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

/data/user/0/com.nuklis.artpainting/app_webview/Local Storage/leveldb/000003.log

MD5 754551e54e855be8f1b63584476f0d52
SHA1 256636aa1d127ea84f651e1e3559c9a623ac6c7c
SHA256 5bd69f035dc984d27ddad94f6ac414f325b8d509127448d360af420fbcd530f0
SHA512 beb7c92fa79925968d0bba72a917672ae7cba56281f04b801a501981251d40f69c997ed5559b3d4c27a85c14fd63da37bbabfeb2379fc9795246146ef792ca72

/data/user/0/com.nuklis.artpainting/files/ionsxg

MD5 0d4e0388ddad6dfab2e1d43c0c339ad0
SHA1 a097d295281c4796030ad3a8d6a24cefc8ac53b3
SHA256 409633ccb7463620e5f774ed0b466839f5aaa8f8005082af67bb7bbfbbf1a8b0
SHA512 381e7b5b19ff133c96550e860e66e5d61ee75bf73be268d7eeffdd5200b59e293ac979a07a303eb3d2e9b4f6b20acdb0335398f0b13c4c64a48b184c8e273d3a

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/Code Cache/js/e06cc44686ac5311_0

MD5 0c1a82c1669eddbefd0065d41f75d390
SHA1 91aaa243abdbf7da3ee731cefdd1745966a80aeb
SHA256 19025a0834f2826bed5accbb15a450cd2621163245ac081124e97582cc09e338
SHA512 12b2d8a0efbbc6e7e504008841c1e892b609e36e245e76c7ea100bee2f459e92478a89c75471a4cb89268d3b6a2bbc7f132a61da9f900b62ff684584a5afc18c

/data/user/0/com.nuklis.artpainting/files/ionsxg

MD5 25b621b14e9bdb8d3009a25ac15b2997
SHA1 fab787ef17d4b1fd8ba506ac433c90933685972b
SHA256 d1491805efe37e08dd402d82d7e03b74c27dd21b00963aaebf1eba373d803b56
SHA512 be560e695ca2b63672381b47738c5ce9963ca1b2ad3ad42c723e464d0f48ed6d67fb1b98197f597219e8272ba0c67a7d375ee05ef7d34f665dc4d3da58b69355

/data/user/0/com.nuklis.artpainting/files/oat/ionsxg.cur.prof

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/dfe6b2497a7513ba_0

MD5 b7f256f95945024e733cf01ba561fe6d
SHA1 8dc60c91a63d64cdebe9ad91b3eed91427c5379e
SHA256 52ca1580f59c2d8d107640ba5247044e8451e4edc342e1cbd07f1d1b2cd710b9
SHA512 7a581ce4b01bbe209e248df85a48742db85d73c9202612a33e724a4945c3baa9666f8e44f499264686eb0b907947e0658bffa86c5dc79f295be2750e0260601b

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

MD5 83f872aa2877f9a031e1b4c08b010856
SHA1 3172e6a628e426846fdadba49aae52c2efe0f238
SHA256 6de09bdfc8fb3f0b6bcf1e982d39dc98c993453c4056160702e1ef520870fe53
SHA512 f74835145046a73677907330d798932c4827188cc7965e34a9c90c2d47e6d9da55a83a8dd8fef9dd6ac49ba8e34c545eb0528c5e53bbaf54ec13e24500a3bc22

/data/user/0/com.nuklis.artpainting/cache/org.chromium.android_webview/index-dir/temp-index

MD5 105b6891119f1d1b9cb3ea656cec7a26
SHA1 60defc57df950ef71b061a1ec4b4a6d6823827f0
SHA256 f83cd4f1208a6c11f12012ccd9b1e5feadb474b2b26c46f9bd7e6459fc884ff3
SHA512 5ddfd3f1c9c6b345ef7eee9074325cecae6eb7d1f10d6d8c4a2eecc9898c8a749adaed211de4f72a8ff11a58ffcf3ccffa5221b4f8d9be1ef584aa34b0ad2308