Overview

overview

10

Static

static

460df206e3...33.exe

windows7-x64

10

460df206e3...33.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    460df206e32db3eedb193768fbbcc41f50070dbe29c03839d30702a948fd1833

  • Size

    1.3MB

  • Sample

    221003-nxnm3seca5

  • MD5

    56afed1cf99f6cdcfcd57234f373629e

  • SHA1

    1817bbb79c601aec72dc0108a0598aa7129f182f

  • SHA256

    460df206e32db3eedb193768fbbcc41f50070dbe29c03839d30702a948fd1833

  • SHA512

    99fc480edafc73616d1e16444ccebd05c7709dbcb902bc5089dc37a03868715ebf004de0ed00d40156df7a85e0eb719525853a5d88ea3a73aa43105b44806786

  • SSDEEP

    24576:ttme6XGc5xcsWc8n4/CpLxVgGNW984USP47XB:t4jG/sWxnkWL1W9MSQ7XB

Score
10/10
jokerinfostealertrojan

Malware Config

Targets

    • Target

      460df206e32db3eedb193768fbbcc41f50070dbe29c03839d30702a948fd1833

    • Size

      1.3MB

    • MD5

      56afed1cf99f6cdcfcd57234f373629e

    • SHA1

      1817bbb79c601aec72dc0108a0598aa7129f182f

    • SHA256

      460df206e32db3eedb193768fbbcc41f50070dbe29c03839d30702a948fd1833

    • SHA512

      99fc480edafc73616d1e16444ccebd05c7709dbcb902bc5089dc37a03868715ebf004de0ed00d40156df7a85e0eb719525853a5d88ea3a73aa43105b44806786

    • SSDEEP

      24576:ttme6XGc5xcsWc8n4/CpLxVgGNW984USP47XB:t4jG/sWxnkWL1W9MSQ7XB

    Score
    10/10
    jokerinfostealertrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks