Overview

overview

10

Static

static

5a90d9ac97...4d.exe

windows7-x64

10

5a90d9ac97...4d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a90d9ac9742647eb580960ad10306c7460b83c78d5404a88b1f6162e085f34d

  • Size

    46KB

  • Sample

    221002-mc32lacdbr

  • MD5

    7051ffcb00d8251f27a12e301605c130

  • SHA1

    5ffefa930bf06489d07453a17395156a1c76ff6b

  • SHA256

    5a90d9ac9742647eb580960ad10306c7460b83c78d5404a88b1f6162e085f34d

  • SHA512

    664b5e74f6f4e3e205e77d6ae833057b10695164a17012f098b2f55364a9d77dc9d06be0f078ae3f9b2057a1765c33e84247188df5695efbe2f3f60c48d0789c

  • SSDEEP

    768:sJxLN7n2wJT5Wte/JqQTaZhqCFWcfibtqKudmxrG7Le2eZUKZSgAA4:sJ32wJUSd88Fcf7KuYxr8LerJZSa4

Score
10/10
jokerinfostealerpersistencetrojan

Malware Config

Targets

    • Target

      5a90d9ac9742647eb580960ad10306c7460b83c78d5404a88b1f6162e085f34d

    • Size

      46KB

    • MD5

      7051ffcb00d8251f27a12e301605c130

    • SHA1

      5ffefa930bf06489d07453a17395156a1c76ff6b

    • SHA256

      5a90d9ac9742647eb580960ad10306c7460b83c78d5404a88b1f6162e085f34d

    • SHA512

      664b5e74f6f4e3e205e77d6ae833057b10695164a17012f098b2f55364a9d77dc9d06be0f078ae3f9b2057a1765c33e84247188df5695efbe2f3f60c48d0789c

    • SSDEEP

      768:sJxLN7n2wJT5Wte/JqQTaZhqCFWcfibtqKudmxrG7Le2eZUKZSgAA4:sJ32wJUSd88Fcf7KuYxr8LerJZSa4

    Score
    10/10
    jokerinfostealerpersistencetrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Adds policy Run key to start application

      persistence

    • Sets file execution options in registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks