Extracted

• • Target

    24071662414012a689e2e4255c0a6b917f9ed40fc937834b127b803c7b3e7893

  • Size

    2.8MB

  • MD5

    f13b30230ecebedea0628ff05cf8dd1f

  • SHA1

    764ec8bdd350bf9fad3e8a59948d932da785497d

  • SHA256

    24071662414012a689e2e4255c0a6b917f9ed40fc937834b127b803c7b3e7893

  • SHA512

    1605b4921393156e7fa00674483ad2916155ad90d657efa02e9b44ea0ef20268433c0f697bac01613e74558dbb6d5554c35c725b1c14da2f5d552dc99726bbfc

  • SSDEEP

    49152:j20wUNfi5XW1TPwZkr0Wm3krnoukFQXC33ebJF+3KvWIzoxVSnUZ8WOyhAR8ygVM:S0wy7TPwc00M9FQX2Q+3PxVSUZ8lnRQm

  Score

  10^/10

  jokerbootkitinfostealeross_akpersistencetrojanupx

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker

  • detect oss ak

    oss ak information detected.

    oss_ak

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Writes to the Master Boot Record (MBR)

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2