joker | 53cec6614709a86e2db53004cef0053a409639447d49069268d82f03b1bedac2 | Triage

Submit
Reports

Overview

overview

Static

static

53cec66147...c2.exe

windows7-x64

53cec66147...c2.exe

windows10-2004-x64

8

Sharing

General

Target

53cec6614709a86e2db53004cef0053a409639447d49069268d82f03b1bedac2
Size

1.9MB
Sample

220726-xmcx9sdccp
MD5

e39937e85a9881addc7ccc9bb63a392d
SHA1

3993ed08f23a086c110ca68e743c18fce358b18c
SHA256

53cec6614709a86e2db53004cef0053a409639447d49069268d82f03b1bedac2
SHA512

801f46aa6e1008a478b82a105661f160fceb3a8c10d8bca624c748a1306dd46a54f9f7563eef3f17a77ef8d997de287044900523a4530ff9e8edc17089376eac

Score

10^/10

joker bootkit infostealer persistence trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

53cec6614709a86e2db53004cef0053a409639447d49069268d82f03b1bedac2.exe

Resource

win7-20220718-en

joker bootkit infostealer persistence trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

53cec6614709a86e2db53004cef0053a409639447d49069268d82f03b1bedac2.exe

Resource

win10v2004-20220721-en

bootkit persistence upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  53cec6614709a86e2db53004cef0053a409639447d49069268d82f03b1bedac2
- Size
  
  1.9MB
- MD5
  
  e39937e85a9881addc7ccc9bb63a392d
- SHA1
  
  3993ed08f23a086c110ca68e743c18fce358b18c
- SHA256
  
  53cec6614709a86e2db53004cef0053a409639447d49069268d82f03b1bedac2
- SHA512
  
  801f46aa6e1008a478b82a105661f160fceb3a8c10d8bca624c748a1306dd46a54f9f7563eef3f17a77ef8d997de287044900523a4530ff9e8edc17089376eac
Score

10^/10

joker bootkit infostealer persistence trojan upx
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerbootkitinfostealerpersistencetrojanupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy