Overview

overview

10

Static

static

7

Emoji Font....2.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Emoji Fonts Keyboard_6.93.2.apk

  • Size

    24.9MB

  • Sample

    220829-ndal4shfb4

  • MD5

    0084170f27f97d054b40c617df1315d3

  • SHA1

    a14d1f2d223c03145af757ca503000aaf96ae49c

  • SHA256

    9a93a94c33b3386a151b3ddf650cb8153c30a109b10ae8b51e03cf7bc4b788d8

  • SHA512

    fc8bbde470d4c0b1c0cab6862e932c3976fea09999ef564d7dda55a06edd92a284242ea084db605f9e896d4c17d43cf6e2304477c393d69ceeea107cdb4ba6f3

  • SSDEEP

    393216:4PSMyAc4UG8Nc1O6rnVzEfQB0R83osqHOxxvyXjP9WF4fEHGIOu9g4myUgWmlR7D:4PSvHCDrifV8368x5OGH8lY

Score
10/10
jokerandroidevasioninfostealerransomwaretrojan

Malware Config

Extracted

Family

joker

C2

https://soitbe.oss-me-east-1.aliyuncs.com

https://cxjus.oss-accelerate.aliyuncs.com

Targets

    • Target

      Emoji Fonts Keyboard_6.93.2.apk

    • Size

      24.9MB

    • MD5

      0084170f27f97d054b40c617df1315d3

    • SHA1

      a14d1f2d223c03145af757ca503000aaf96ae49c

    • SHA256

      9a93a94c33b3386a151b3ddf650cb8153c30a109b10ae8b51e03cf7bc4b788d8

    • SHA512

      fc8bbde470d4c0b1c0cab6862e932c3976fea09999ef564d7dda55a06edd92a284242ea084db605f9e896d4c17d43cf6e2304477c393d69ceeea107cdb4ba6f3

    • SSDEEP

      393216:4PSMyAc4UG8Nc1O6rnVzEfQB0R83osqHOxxvyXjP9WF4fEHGIOu9g4myUgWmlR7D:4PSvHCDrifV8368x5OGH8lY

    Score
    10/10
    jokerevasioninfostealerransomwaretrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks