Overview

overview

10

Static

static

7

com.nanzha...or.apk

android-9-x86

10

com.nanzha...or.apk

android-10-x64

1

com.nanzha...or.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    com.nanzhao.imagetranslator.apk

  • Size

    10.6MB

  • Sample

    220720-lrnd1seag7

  • MD5

    5ddd08e8723cde7af7a958d81b75fb07

  • SHA1

    5f610f9e8c5dbc969a859fd7354cdbf9260f82b6

  • SHA256

    cda1b26ec2fce27a99ab0ce6467079805d4083a77785f4b409a85ba7c18fa456

  • SHA512

    a8468d43c03868fe6970ada691dd652b222eef5c392ad2db65bdc004e0dd502ee5da69444b6a2f7538220e0637334df5df64f798050c1a07c2f9832d95b6c5e2

Score
10/10
jokerevasioninfostealertrojan

Malware Config

Extracted

Family

joker

C2

https://canbye.oss-accelerate.aliyuncs.com

Targets

    • Target

      com.nanzhao.imagetranslator.apk

    • Size

      10.6MB

    • MD5

      5ddd08e8723cde7af7a958d81b75fb07

    • SHA1

      5f610f9e8c5dbc969a859fd7354cdbf9260f82b6

    • SHA256

      cda1b26ec2fce27a99ab0ce6467079805d4083a77785f4b409a85ba7c18fa456

    • SHA512

      a8468d43c03868fe6970ada691dd652b222eef5c392ad2db65bdc004e0dd502ee5da69444b6a2f7538220e0637334df5df64f798050c1a07c2f9832d95b6c5e2

    Score
    10/10
    jokerevasioninfostealertrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks