joker | 58c20fd4e759e5a84d47b228e5cf79294353f85e57c04dcd084094aa652031cc | Triage

Submit
Reports

Overview

overview

Static

static

a3d66f17b4...4f.exe

windows7-x64

a3d66f17b4...4f.exe

windows10-2004-x64

Sharing

General

Target

a3d66f17b4a16e1f4f25eed726cd924f
Size

129KB
Sample

220908-ypf85schap
MD5

a3d66f17b4a16e1f4f25eed726cd924f
SHA1

73ad93e787449188ad86abca391fbafcdbdd0f13
SHA256

58c20fd4e759e5a84d47b228e5cf79294353f85e57c04dcd084094aa652031cc
SHA512

59ef26dbe07d2891a99619ca557aace9a4527b3d52bc15f34a305e870b6bbfffdfb1514249321f54cb5d4373aa211cce9fad10f5586296cac3b8d8f9e3c67219
SSDEEP

3072:X1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1gs5YmMOMYcYY51i/:li/NjO5xbg/CSUFLTwMjs6y3Oai/NDt

Score

10^/10

joker infostealer persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

a3d66f17b4a16e1f4f25eed726cd924f.exe

Resource

win7-20220812-en

joker infostealer persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a3d66f17b4a16e1f4f25eed726cd924f.exe

Resource

win10v2004-20220812-en

joker infostealer persistence trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  a3d66f17b4a16e1f4f25eed726cd924f
- Size
  
  129KB
- MD5
  
  a3d66f17b4a16e1f4f25eed726cd924f
- SHA1
  
  73ad93e787449188ad86abca391fbafcdbdd0f13
- SHA256
  
  58c20fd4e759e5a84d47b228e5cf79294353f85e57c04dcd084094aa652031cc
- SHA512
  
  59ef26dbe07d2891a99619ca557aace9a4527b3d52bc15f34a305e870b6bbfffdfb1514249321f54cb5d4373aa211cce9fad10f5586296cac3b8d8f9e3c67219
- SSDEEP
  
  3072:X1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1gs5YmMOMYcYY51i/:li/NjO5xbg/CSUFLTwMjs6y3Oai/NDt
Score

10^/10

joker infostealer persistence trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Modifies Installed Components in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerinfostealerpersistencetrojan

behavioral2

jokerinfostealerpersistencetrojan

© 2018-2025

Terms | Privacy