joker | fe83311ce241e5b34fd0cfe567eb20039bdc8d2e6c71d02fdd2050b2a536fd2f | Triage

Submit
Reports

Overview

overview

Static

static

fe83311ce2...2f.exe

windows7-x64

fe83311ce2...2f.exe

windows10-2004-x64

Sharing

General

Target

fe83311ce241e5b34fd0cfe567eb20039bdc8d2e6c71d02fdd2050b2a536fd2f
Size

27KB
Sample

221020-q5dtysgdc8
MD5

48ef14c9e3f77ede2d868c1fe28154b0
SHA1

de131002f2034948de8cf1a714ff8c11417abf34
SHA256

fe83311ce241e5b34fd0cfe567eb20039bdc8d2e6c71d02fdd2050b2a536fd2f
SHA512

f9f40838845cb01a66c1504db479eb9114c798f678b5d0f5314bc1636eb2d5be04c6e3c0f4053ef099cfcd6287742ee0d11e4bbda92983a8a80b5adf36973762
SSDEEP

768:r51hwke4u9Ybj+i+RTf9PuONOsC9yoYf:rVFe4rbjsZpuRv+

Score

10^/10

joker infostealer trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fe83311ce241e5b34fd0cfe567eb20039bdc8d2e6c71d02fdd2050b2a536fd2f.exe

Resource

win7-20220812-en

joker infostealer trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe83311ce241e5b34fd0cfe567eb20039bdc8d2e6c71d02fdd2050b2a536fd2f.exe

Resource

win10v2004-20220812-en

joker infostealer trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

joker

C2

http://tttie.oss-cn-shenzhen.aliyuncs.com

Targets

- Target
  
  fe83311ce241e5b34fd0cfe567eb20039bdc8d2e6c71d02fdd2050b2a536fd2f
- Size
  
  27KB
- MD5
  
  48ef14c9e3f77ede2d868c1fe28154b0
- SHA1
  
  de131002f2034948de8cf1a714ff8c11417abf34
- SHA256
  
  fe83311ce241e5b34fd0cfe567eb20039bdc8d2e6c71d02fdd2050b2a536fd2f
- SHA512
  
  f9f40838845cb01a66c1504db479eb9114c798f678b5d0f5314bc1636eb2d5be04c6e3c0f4053ef099cfcd6287742ee0d11e4bbda92983a8a80b5adf36973762
- SSDEEP
  
  768:r51hwke4u9Ybj+i+RTf9PuONOsC9yoYf:rVFe4rbjsZpuRv+
Score

10^/10

joker infostealer trojan upx
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Downloads MZ/PE file
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerinfostealertrojanupx

behavioral2

jokerinfostealertrojanupx

© 2018-2025

Terms | Privacy