joker | d3ad32efd8faaf4849785c2e0de7a09d4bbead49eda270c4ab668643f9f3b9d6 | Triage

Submit
Reports

Overview

overview

Static

static

xiaoshuo.apk

android-9-x86

6

xiaoshuo.apk

android-10-x64

6

xiaoshuo.apk

android-11-x64

7

Sharing

General

Target

xiaoshuo.apk
Size

4.6MB
Sample

220809-lb2lpsgbaq
MD5

7569c1c694f071ad4bdeb278e2ea991e
SHA1

0df5afa0dee6abfdb204aeabf596db4409701a2b
SHA256

d3ad32efd8faaf4849785c2e0de7a09d4bbead49eda270c4ab668643f9f3b9d6
SHA512

2a2dc867665f2832526104e767187b9ad49a261cce6f23423fe40c50bd165d5126809af03b4708be1fbc3208c35684e1b1a4c684665e6b416b04cb907f0912c3

Score

10^/10

joker android ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

xiaoshuo.apk

Resource

android-x86-arm-20220621-en

android-9-x86

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

xiaoshuo.apk

Resource

android-x64-20220621-en

android-10-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

xiaoshuo.apk

Resource

android-x64-arm64-20220621-en

android-11-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

joker

C2

https://chai-img.oss-cn-shanghai.aliyuncs.com

Targets

- Target
  
  xiaoshuo.apk
- Size
  
  4.6MB
- MD5
  
  7569c1c694f071ad4bdeb278e2ea991e
- SHA1
  
  0df5afa0dee6abfdb204aeabf596db4409701a2b
- SHA256
  
  d3ad32efd8faaf4849785c2e0de7a09d4bbead49eda270c4ab668643f9f3b9d6
- SHA512
  
  2a2dc867665f2832526104e767187b9ad49a261cce6f23423fe40c50bd165d5126809af03b4708be1fbc3208c35684e1b1a4c684665e6b416b04cb907f0912c3
Score

7^/10

ransomware
- Queries the unique device ID (IMEI, MEID, IMSI).
- Requests cell location
  Uses Android APIs to to get current cell information.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2025

Terms | Privacy