joker | ab07d9b2ec475179d87d4b3246cf9c109ec5987cf2309b5d509a276e70059b4b | Triage

Submit
Reports

Overview

overview

Static

static

8

104f65f31a...b8.exe

windows7-x64

104f65f31a...b8.exe

windows10-2004-x64

Sharing

General

Target

104f65f31ac43f1ed7b0b3d6dbe8bfb8
Size

1.1MB
Sample

220920-t91fashdep
MD5

104f65f31ac43f1ed7b0b3d6dbe8bfb8
SHA1

39a53f0824ea4a59c9f9a98dc056723382e0a855
SHA256

ab07d9b2ec475179d87d4b3246cf9c109ec5987cf2309b5d509a276e70059b4b
SHA512

c63fd2ae51676c46ea0750531a17e4add188b26ca2906d0b153859702830173ab6d32658426e97027f543c86b1847f88f220fb698cb54db331596633b876f22f
SSDEEP

24576:Y9ISduVsJwFeycdDxSvAVE7o/UWSLCQMUDZ3zy:Y9f4IwFgdDzVELNMUZz

Score

10^/10

joker ramnit banker infostealer spyware stealer trojan upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

104f65f31ac43f1ed7b0b3d6dbe8bfb8.exe

Resource

win7-20220901-en

joker ramnit banker infostealer spyware stealer trojan upx worm

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

104f65f31ac43f1ed7b0b3d6dbe8bfb8.exe

Resource

win10v2004-20220812-en

joker ramnit banker infostealer spyware stealer trojan upx worm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  104f65f31ac43f1ed7b0b3d6dbe8bfb8
- Size
  
  1.1MB
- MD5
  
  104f65f31ac43f1ed7b0b3d6dbe8bfb8
- SHA1
  
  39a53f0824ea4a59c9f9a98dc056723382e0a855
- SHA256
  
  ab07d9b2ec475179d87d4b3246cf9c109ec5987cf2309b5d509a276e70059b4b
- SHA512
  
  c63fd2ae51676c46ea0750531a17e4add188b26ca2906d0b153859702830173ab6d32658426e97027f543c86b1847f88f220fb698cb54db331596633b876f22f
- SSDEEP
  
  24576:Y9ISduVsJwFeycdDxSvAVE7o/UWSLCQMUDZ3zy:Y9f4IwFgdDzVELNMUZz
Score

10^/10

joker ramnit banker infostealer spyware stealer trojan upx worm
- Ramnit
  Ramnit is a versatile family that holds viruses, worms, and Trojans.
  trojan spyware stealer worm banker ramnit
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Downloads MZ/PE file
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerramnitbankerinfostealerspywarestealertrojanupxworm

behavioral2

jokerramnitbankerinfostealerspywarestealertrojanupxworm

© 2018-2025

Terms | Privacy