Overview

overview

10

Static

static

17f54817cc...5c.exe

windows7-x64

10

17f54817cc...5c.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17f54817cc8dab64a35d53b76ce12700e4b952636a530213f5268dd2dc59bf5c

  • Size

    310KB

  • Sample

    220919-hl942sghdp

  • MD5

    3f679f778dc3dfb312eb097def5963d5

  • SHA1

    668b0a10ef8932ca8a4f1f6977d6dd3f25bb9077

  • SHA256

    17f54817cc8dab64a35d53b76ce12700e4b952636a530213f5268dd2dc59bf5c

  • SHA512

    ff614aacf8a40473220e0e0888b9db2b573d7365fb49f201df5c2b25de961a804234b51830b0e27be2ab502881a87e03c72af0b1101fe124d075daec3a7056b8

  • SSDEEP

    6144:emhqmLArQbJPncbHCHt57K2KD6IF2QOs9rECfPYJ1:hwrQ1kLCHtZKHD6I4Q9e

Score
10/10
jokerinfostealerpersistencetrojan

Malware Config

Targets

    • Target

      17f54817cc8dab64a35d53b76ce12700e4b952636a530213f5268dd2dc59bf5c

    • Size

      310KB

    • MD5

      3f679f778dc3dfb312eb097def5963d5

    • SHA1

      668b0a10ef8932ca8a4f1f6977d6dd3f25bb9077

    • SHA256

      17f54817cc8dab64a35d53b76ce12700e4b952636a530213f5268dd2dc59bf5c

    • SHA512

      ff614aacf8a40473220e0e0888b9db2b573d7365fb49f201df5c2b25de961a804234b51830b0e27be2ab502881a87e03c72af0b1101fe124d075daec3a7056b8

    • SSDEEP

      6144:emhqmLArQbJPncbHCHt57K2KD6IF2QOs9rECfPYJ1:hwrQ1kLCHtZKHD6I4Q9e

    Score
    10/10
    jokerinfostealertrojanpersistence

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks