joker | 3d3efc8c3d732159582789420eb85d9b2f1d5f2fa92e7dfa02c62c45da1ff17f

Analysis

max time kernel
42s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
06-10-2022 16:56

Target

3d3efc8c3d732159582789420eb85d9b2f1d5f2fa92e7dfa02c62c45da1ff17f.exe
Size

1.8MB
MD5

4b156668915b7914ba74eb58d873a665
SHA1

744d593cf12dc8d2db2b5ac4cbeec055a824eb89
SHA256

3d3efc8c3d732159582789420eb85d9b2f1d5f2fa92e7dfa02c62c45da1ff17f
SHA512

23b1b16322e1887bf58a69a5b0f0ac4913e250f50b46528d592233bcc6fe4f2226cff10e36e1f992c0ed7fded6035626813fec666714154715bcac2ea0cd23e4
SSDEEP

49152:Le0y+aJK5AsCZs0Pi/pwpBop8upZl0crHXj:Fy+XAHZpMIBop8RG3j

Score

10^/10

Family

joker

http://shetian1.oss-cn-beijing.aliyuncs.com

joker
Joker is an Android malware that targets billing and SMS fraud.
infostealer trojan joker

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1948-55-0x0000000000400000-0x0000000000BAD000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\3d3efc8c3d732159582789420eb85d9b2f1d5f2fa92e7dfa02c62c45da1ff17f.exe
"C:\Users\Admin\AppData\Local\Temp\3d3efc8c3d732159582789420eb85d9b2f1d5f2fa92e7dfa02c62c45da1ff17f.exe"
1⤵
PID:1948

memory/1948-54-0x0000000075F51000-0x0000000075F53000-memory.dmp

Filesize
8KB

Download
memory/1948-55-0x0000000000400000-0x0000000000BAD000-memory.dmp

Filesize
7.7MB

Download