joker | 9f27ec50c9c15dace103709724c8de825c57a665765e459bb445a7bdd3b03f4c | Triage

Submit
Reports

Overview

overview

Static

static

8

9f27ec50c9...4c.exe

windows7-x64

9f27ec50c9...4c.exe

windows10-2004-x64

Sharing

General

Target

9f27ec50c9c15dace103709724c8de825c57a665765e459bb445a7bdd3b03f4c
Size

3.1MB
Sample

221011-tps6gsddeq
MD5

183bf634bdb36bceb661422de360d97f
SHA1

8c05614d2e439326c510a53e914dc1a74f88d784
SHA256

9f27ec50c9c15dace103709724c8de825c57a665765e459bb445a7bdd3b03f4c
SHA512

1c339f002db014c45892cf4fb8caea281d82d0239ebe8821c63595e34914c3b7fef1ba997c6908eb9aedb548ecf48d1837248c1515a7704c69fd61e541504c8e
SSDEEP

98304:iSBQIZcKt0VRxE3zMSsEcRPRbDjjpF1MFowrK7j:3B3+3Ss/dvjpF2owij

Score

10^/10

joker infostealer trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

9f27ec50c9c15dace103709724c8de825c57a665765e459bb445a7bdd3b03f4c.exe

Resource

win7-20220812-en

joker infostealer trojan upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f27ec50c9c15dace103709724c8de825c57a665765e459bb445a7bdd3b03f4c.exe

Resource

win10v2004-20220812-en

joker infostealer trojan upx

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  9f27ec50c9c15dace103709724c8de825c57a665765e459bb445a7bdd3b03f4c
- Size
  
  3.1MB
- MD5
  
  183bf634bdb36bceb661422de360d97f
- SHA1
  
  8c05614d2e439326c510a53e914dc1a74f88d784
- SHA256
  
  9f27ec50c9c15dace103709724c8de825c57a665765e459bb445a7bdd3b03f4c
- SHA512
  
  1c339f002db014c45892cf4fb8caea281d82d0239ebe8821c63595e34914c3b7fef1ba997c6908eb9aedb548ecf48d1837248c1515a7704c69fd61e541504c8e
- SSDEEP
  
  98304:iSBQIZcKt0VRxE3zMSsEcRPRbDjjpF1MFowrK7j:3B3+3Ss/dvjpF2owij
Score

10^/10

joker infostealer trojan upx
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerinfostealertrojanupx

behavioral2

jokerinfostealertrojanupx

© 2018-2025

Terms | Privacy