joker | 08fd8f4e1db0aa12599e0d49c194934f576ea788e8e2f1ea430d0cbddb0d449c | Triage

Sharing

General

Target

08fd8f4e1db0aa12599e0d49c194934f576ea788e8e2f1ea430d0cbddb0d449c
Size

15KB
Sample

221011-tpryesdca5
MD5

19d2e1bb3801e91b598a1718c2e36050
SHA1

ae7c2a12c83f444cb057de774b6c0f335bb0589f
SHA256

08fd8f4e1db0aa12599e0d49c194934f576ea788e8e2f1ea430d0cbddb0d449c
SHA512

112c6ad65551d7b08a06c021a0bada5c258c9abdb0ea4f821ce42d5f73b69da7d99578465abe635e93d337a44898a3ac88794ccbe39b00fbf1553cad483ba64c
SSDEEP

192:3VO8RFi9weZvt+Co7oo7TuJJ7cqiPAUbyMrj6crr0u+vscr9ZCspE+TMArm7c7VN:31cp8CzkuvNLMC0jeMNY7rn

Score

10^/10

joker infostealer trojan

Malware Config

Targets

- Target
  
  08fd8f4e1db0aa12599e0d49c194934f576ea788e8e2f1ea430d0cbddb0d449c
- Size
  
  15KB
- MD5
  
  19d2e1bb3801e91b598a1718c2e36050
- SHA1
  
  ae7c2a12c83f444cb057de774b6c0f335bb0589f
- SHA256
  
  08fd8f4e1db0aa12599e0d49c194934f576ea788e8e2f1ea430d0cbddb0d449c
- SHA512
  
  112c6ad65551d7b08a06c021a0bada5c258c9abdb0ea4f821ce42d5f73b69da7d99578465abe635e93d337a44898a3ac88794ccbe39b00fbf1553cad483ba64c
- SSDEEP
  
  192:3VO8RFi9weZvt+Co7oo7TuJJ7cqiPAUbyMrj6crr0u+vscr9ZCspE+TMArm7c7VN:31cp8CzkuvNLMC0jeMNY7rn
Score

10^/10

joker infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerinfostealertrojan

behavioral2