joker | eafb6150fa7e32b9ae3dc21a5fd4380aac47b138cc7a20b90563bfd453087189 | Triage

Sharing

General

Target

eafb6150fa7e32b9ae3dc21a5fd4380aac47b138cc7a20b90563bfd453087189
Size

888KB
Sample

221003-ge7vnsbefl
MD5

4bcd8e4740affc500a1e8f00f9eee5b5
SHA1

93a090f54dafc5b6fff781dfe9e3541b7bf44e34
SHA256

eafb6150fa7e32b9ae3dc21a5fd4380aac47b138cc7a20b90563bfd453087189
SHA512

ccf40d1bf56e38ee06120a7ec05cddc090457bfbf3e41723a4c5bb3508298062c991a2023f6f4332bb683b90f38e53d352ddee784e99c3654120935f44a89054
SSDEEP

12288:Kt+qz3VfRq7IuZtQXmwiF30jRRZoP5dL00q2ioBaNGiHsZ5lYi:bKwZta3iF30lRmPEX/NGesNY

Score

10^/10

joker infostealer trojan

Malware Config

Targets

- Target
  
  eafb6150fa7e32b9ae3dc21a5fd4380aac47b138cc7a20b90563bfd453087189
- Size
  
  888KB
- MD5
  
  4bcd8e4740affc500a1e8f00f9eee5b5
- SHA1
  
  93a090f54dafc5b6fff781dfe9e3541b7bf44e34
- SHA256
  
  eafb6150fa7e32b9ae3dc21a5fd4380aac47b138cc7a20b90563bfd453087189
- SHA512
  
  ccf40d1bf56e38ee06120a7ec05cddc090457bfbf3e41723a4c5bb3508298062c991a2023f6f4332bb683b90f38e53d352ddee784e99c3654120935f44a89054
- SSDEEP
  
  12288:Kt+qz3VfRq7IuZtQXmwiF30jRRZoP5dL00q2ioBaNGiHsZ5lYi:bKwZta3iF30lRmPEX/NGesNY
Score

10^/10

joker infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerinfostealertrojan

behavioral2

jokerinfostealertrojan