joker | 119968377cd04f8b469a577f87bc71da7f3e734aab86a5067dafe6d84e49d1dd | Triage

Submit
Reports

Overview

overview

Static

static

119968377c...dd.exe

windows7-x64

5

119968377c...dd.exe

windows10-2004-x64

Sharing

General

Target

119968377cd04f8b469a577f87bc71da7f3e734aab86a5067dafe6d84e49d1dd
Size

1.2MB
Sample

221021-frcpmadaem
MD5

5f666bd3759c70d9e6ab59cad547dca1
SHA1

85c22c89aaff94dba3f4ae24ccb47c6a148750d6
SHA256

119968377cd04f8b469a577f87bc71da7f3e734aab86a5067dafe6d84e49d1dd
SHA512

f496124b29a9a58cb1fb90910cd1ea0eacb3dcaabdd7a4da1b20e9778fe67e115d51f9895a6ec7b865d41075ba96a2d0c7b21c72624d2826a40d517acbc41f51
SSDEEP

24576:W84Fb6PHUotlxRz0rs2u62W5su0S7sBpbum:W/6PHpMA2u6L0S7sBpKm

Score

10^/10

joker infostealer persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

119968377cd04f8b469a577f87bc71da7f3e734aab86a5067dafe6d84e49d1dd.exe

Resource

win7-20220901-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

119968377cd04f8b469a577f87bc71da7f3e734aab86a5067dafe6d84e49d1dd.exe

Resource

win10v2004-20220812-en

joker infostealer persistence trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  119968377cd04f8b469a577f87bc71da7f3e734aab86a5067dafe6d84e49d1dd
- Size
  
  1.2MB
- MD5
  
  5f666bd3759c70d9e6ab59cad547dca1
- SHA1
  
  85c22c89aaff94dba3f4ae24ccb47c6a148750d6
- SHA256
  
  119968377cd04f8b469a577f87bc71da7f3e734aab86a5067dafe6d84e49d1dd
- SHA512
  
  f496124b29a9a58cb1fb90910cd1ea0eacb3dcaabdd7a4da1b20e9778fe67e115d51f9895a6ec7b865d41075ba96a2d0c7b21c72624d2826a40d517acbc41f51
- SSDEEP
  
  24576:W84Fb6PHUotlxRz0rs2u62W5su0S7sBpbum:W/6PHpMA2u6L0S7sBpKm
Score

10^/10

joker infostealer persistence trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

jokerinfostealerpersistencetrojan

© 2018-2025

Terms | Privacy