Overview

overview

10

Static

static

7

和平精�...��.apk

android-9-x86

10

和平精�...��.apk

android-10-x64

10

和平精�...��.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7906d13c568ec322ccba26a3773dcafb74fb2a8bedbcec66b6bccfa9acb99993

  • Size

    4.2MB

  • Sample

    221006-lq3gjsghg4

  • MD5

    b3237c01247125476df021671f39d709

  • SHA1

    9486eac0b4b7cec56e98db582f16f3f73708e973

  • SHA256

    7906d13c568ec322ccba26a3773dcafb74fb2a8bedbcec66b6bccfa9acb99993

  • SHA512

    f935a9c2779d26529f2ce1f65844606efa18d8f38847414e1a3da82f2171f7c1eb1783d67092e3da674c5875ee007c287e7c149c98b11841d7748ba9e978b2ba

  • SSDEEP

    98304:ZCN2Cero1PbZ99zzTaYHf7Z/JDpkgzwNggJFD5FZ:ZxaPbT9zzTac7BJDpkYiTJ/

Score
10/10
jokerandroidinfostealertrojan

Malware Config

Extracted

Family

joker

C2

http://buwo.oss-cn-beijing.aliyuncs.com

Targets

    • Target

      和平精英透视.除草防封.apk

    • Size

      4.3MB

    • MD5

      d8d98b10dd55cff879556ecf71b9b6ab

    • SHA1

      ab8a576ac26b50bb468f6c040256198d7a2f8c52

    • SHA256

      181f81bcb7dbd8f01dcb45e72faec82c435f73a8448e58365488dcaf88b7df12

    • SHA512

      7c43c3de4953ea09f8f4fa6a44122970c35d4e6026a60faa6af841dc49445e83ac805bbb38ac1bc97a8b3e79dca0f9a8dd31ae580fc35c988556fc0d45341a4d

    • SSDEEP

      98304:OCI+p0CazkL7DlJ5hamrjJbxDvLkM4SJDmIXfH5e:OClYE7hJ5haYJ1DvLkcJDrX0

    Score
    10/10
    jokerinfostealertrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks