joker | 9aea332d407a458e281fcd59216522c393e3ceec104a9c53dae49f17d5a15420

Analysis

max time kernel
127s
max time network
137s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
03/10/2022, 04:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9aea332d407a458e281fcd59216522c393e3ceec104a9c53dae49f17d5a15420.exe
Size

5.3MB
MD5

09655101ee7a1bcbae91e4ce463a8955
SHA1

d617854445e84d64666bbb470f51627ff2f668e0
SHA256

9aea332d407a458e281fcd59216522c393e3ceec104a9c53dae49f17d5a15420
SHA512

6a14fbc9b246cf3614ab917f3a3e5c0afadf9a181092c3112ff5ec7cf0cd1f991860fd6723143ee11e18d320d83388a415066e8ed3cd705e14d71f8663ad7567
SSDEEP

49152:zIdualPUxZwxV/7GHt2He74cdP2llZw77LQ0soNF2He74cdr27lZw77LQ0soNcIi:WblPUmHzc4wWHzcAwHblPU

Score

10^/10

joker infostealer trojan

Malware Config

Signatures

joker
Joker is an Android malware that targets billing and SMS fraud.
infostealer trojan joker

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1768	9aea332d407a458e281fcd59216522c393e3ceec104a9c53dae49f17d5a15420.exe

C:\Users\Admin\AppData\Local\Temp\9aea332d407a458e281fcd59216522c393e3ceec104a9c53dae49f17d5a15420.exe
"C:\Users\Admin\AppData\Local\Temp\9aea332d407a458e281fcd59216522c393e3ceec104a9c53dae49f17d5a15420.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1768-54-0x0000000000180000-0x00000000006D6000-memory.dmp

Filesize
5.3MB

Download
memory/1768-55-0x0000000000170000-0x0000000000178000-memory.dmp

Filesize
32KB

Download
memory/1768-56-0x000000001B250000-0x000000001B3A0000-memory.dmp

Filesize
1.3MB

Download
memory/1768-57-0x0000000000AC0000-0x0000000000AF2000-memory.dmp

Filesize
200KB

Download
memory/1768-58-0x00000000025A0000-0x0000000002616000-memory.dmp

Filesize
472KB

Download
memory/1768-59-0x0000000000AF0000-0x0000000000AFE000-memory.dmp

Filesize
56KB

Download
memory/1768-60-0x0000000000B00000-0x0000000000B0C000-memory.dmp

Filesize
48KB

Download
memory/1768-61-0x0000000000B10000-0x0000000000B1A000-memory.dmp

Filesize
40KB

Download
memory/1768-62-0x00000000023E0000-0x00000000023F0000-memory.dmp

Filesize
64KB

Download
memory/1768-63-0x000000001AD90000-0x000000001AE12000-memory.dmp

Filesize
520KB

Download
memory/1768-64-0x00000000023F0000-0x0000000002400000-memory.dmp

Filesize
64KB

Download
memory/1768-65-0x0000000002400000-0x000000000240A000-memory.dmp

Filesize
40KB

Download
memory/1768-66-0x0000000002410000-0x000000000241A000-memory.dmp

Filesize
40KB

Download
memory/1768-67-0x0000000002610000-0x0000000002618000-memory.dmp

Filesize
32KB

Download
memory/1768-68-0x0000000002620000-0x0000000002628000-memory.dmp

Filesize
32KB

Download
memory/1768-69-0x0000000002630000-0x0000000002638000-memory.dmp

Filesize
32KB

Download
memory/1768-70-0x0000000002640000-0x0000000002648000-memory.dmp

Filesize
32KB

Download
memory/1768-71-0x0000000002650000-0x0000000002658000-memory.dmp

Filesize
32KB

Download
memory/1768-72-0x00000000026E0000-0x00000000026E8000-memory.dmp

Filesize
32KB

Download
memory/1768-73-0x00000000026F0000-0x00000000026F8000-memory.dmp

Filesize
32KB

Download
memory/1768-74-0x0000000002700000-0x0000000002708000-memory.dmp

Filesize
32KB

Download
memory/1768-75-0x000000001B886000-0x000000001B8A5000-memory.dmp

Filesize
124KB

Download
memory/1768-76-0x000000001AC70000-0x000000001AC7A000-memory.dmp

Filesize
40KB

Download
memory/1768-77-0x000000001B886000-0x000000001B8A5000-memory.dmp

Filesize
124KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads