Overview

overview

10

Static

static

aacf3d4a52...c7.exe

windows7-x64

10

aacf3d4a52...c7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aacf3d4a52d20f71a8f5a78505145d24fe378b23aa2008fb0197557ca28a1ac7

  • Size

    678KB

  • Sample

    221021-hrdyssgfa3

  • MD5

    459a7c65a7356c462d338762a9a9a310

  • SHA1

    50d6a90197394e589ced3008fe2c65abc13635b2

  • SHA256

    aacf3d4a52d20f71a8f5a78505145d24fe378b23aa2008fb0197557ca28a1ac7

  • SHA512

    2c4054de1a040c4cb3150880e1804870973bf0e6edcecb3ef513ab76dbf69cf6051dabe67b4811f4ee91a9059170e69c8245f67cacc1d0f1ea3eae089109e82e

  • SSDEEP

    12288:0eOtTM7xyL7Irnc9UtTsDvMLafJCqRLQn3PRvX+PghHMpH6KR5M:MtTsxSMX8MOfJCqJW/IEsI

Score
10/10
jokerinfostealertrojanupx

Malware Config

Targets

    • Target

      aacf3d4a52d20f71a8f5a78505145d24fe378b23aa2008fb0197557ca28a1ac7

    • Size

      678KB

    • MD5

      459a7c65a7356c462d338762a9a9a310

    • SHA1

      50d6a90197394e589ced3008fe2c65abc13635b2

    • SHA256

      aacf3d4a52d20f71a8f5a78505145d24fe378b23aa2008fb0197557ca28a1ac7

    • SHA512

      2c4054de1a040c4cb3150880e1804870973bf0e6edcecb3ef513ab76dbf69cf6051dabe67b4811f4ee91a9059170e69c8245f67cacc1d0f1ea3eae089109e82e

    • SSDEEP

      12288:0eOtTM7xyL7Irnc9UtTsDvMLafJCqRLQn3PRvX+PghHMpH6KR5M:MtTsxSMX8MOfJCqJW/IEsI

    Score
    10/10
    jokerinfostealertrojanupx

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks