joker | 22bceedb941bf77bfb7dbde1c2959da2732d68bef4cae33d5f0ef845218dfb41

Analysis

max time kernel
134s
max time network
145s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
24-08-2022 08:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

22bceedb941bf77bfb7dbde1c2959da2732d68bef4cae33d5f0ef845218dfb41.exe
Size

5.3MB
MD5

dc776c91ae1356eb50606c0e49915908
SHA1

f67046ceb584f64151ef00215c5899a525ba55b9
SHA256

22bceedb941bf77bfb7dbde1c2959da2732d68bef4cae33d5f0ef845218dfb41
SHA512

915e39691c7307fcde7ef894dec05967382a1b9ed6d8cafc9206e488b56fd01abe94f938bc041ecd5fd2ffadeb3a2958df488bbd38b6da5a14f364db8bc3e63a
SSDEEP

49152:tIdualPUxZwxV/7GHt2He74cdP2llZw77LQ0soNF2He74cdr27lZw77LQ0soNcIi:QblPUmHzc4wWHzcAwHblPU

Score

10^/10

joker infostealer trojan

Malware Config

Signatures

joker
Joker is an Android malware that targets billing and SMS fraud.
infostealer trojan joker

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1152	22bceedb941bf77bfb7dbde1c2959da2732d68bef4cae33d5f0ef845218dfb41.exe

C:\Users\Admin\AppData\Local\Temp\22bceedb941bf77bfb7dbde1c2959da2732d68bef4cae33d5f0ef845218dfb41.exe
"C:\Users\Admin\AppData\Local\Temp\22bceedb941bf77bfb7dbde1c2959da2732d68bef4cae33d5f0ef845218dfb41.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1152-54-0x0000000001180000-0x00000000016D6000-memory.dmp

Filesize
5.3MB

Download
memory/1152-55-0x0000000000340000-0x0000000000348000-memory.dmp

Filesize
32KB

Download
memory/1152-56-0x000000001B750000-0x000000001B8A0000-memory.dmp

Filesize
1.3MB

Download
memory/1152-57-0x0000000000560000-0x0000000000592000-memory.dmp

Filesize
200KB

Download
memory/1152-58-0x0000000000A00000-0x0000000000A76000-memory.dmp

Filesize
472KB

Download
memory/1152-59-0x0000000000590000-0x000000000059E000-memory.dmp

Filesize
56KB

Download
memory/1152-61-0x00000000005B0000-0x00000000005BA000-memory.dmp

Filesize
40KB

Download
memory/1152-60-0x00000000005A0000-0x00000000005AC000-memory.dmp

Filesize
48KB

Download
memory/1152-62-0x00000000005C0000-0x00000000005D0000-memory.dmp

Filesize
64KB

Download
memory/1152-63-0x0000000000D00000-0x0000000000D82000-memory.dmp

Filesize
520KB

Download
memory/1152-64-0x00000000005D0000-0x00000000005E0000-memory.dmp

Filesize
64KB

Download
memory/1152-65-0x00000000005E0000-0x00000000005EA000-memory.dmp

Filesize
40KB

Download
memory/1152-66-0x0000000000800000-0x000000000080A000-memory.dmp

Filesize
40KB

Download
memory/1152-67-0x0000000000810000-0x0000000000818000-memory.dmp

Filesize
32KB

Download
memory/1152-68-0x0000000000820000-0x0000000000828000-memory.dmp

Filesize
32KB

Download
memory/1152-69-0x0000000000830000-0x0000000000838000-memory.dmp

Filesize
32KB

Download
memory/1152-70-0x0000000000840000-0x0000000000848000-memory.dmp

Filesize
32KB

Download
memory/1152-71-0x0000000000850000-0x0000000000858000-memory.dmp

Filesize
32KB

Download
memory/1152-72-0x0000000000A70000-0x0000000000A78000-memory.dmp

Filesize
32KB

Download
memory/1152-73-0x0000000000A80000-0x0000000000A88000-memory.dmp

Filesize
32KB

Download
memory/1152-74-0x0000000000A90000-0x0000000000A98000-memory.dmp

Filesize
32KB

Download
memory/1152-75-0x000000001B916000-0x000000001B935000-memory.dmp

Filesize
124KB

Download
memory/1152-76-0x0000000000AA0000-0x0000000000AAA000-memory.dmp

Filesize
40KB

Download
memory/1152-77-0x000000001B916000-0x000000001B935000-memory.dmp

Filesize
124KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads