Overview

overview

10

Static

static

7

Secret Mes....1.apk

android-10-x64

10

Secret Mes....1.apk

android-11-x64

10

Secret Mes....1.apk

android-9-x86

10

Analysis

  • max time kernel
    522827s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    28-10-2022 15:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Secret Messenger_2.10.1.apk

  • Size

    9.8MB

  • MD5

    08fbd11bd313f3230888d9bf6ba419e4

  • SHA1

    71c99e0acc45d8d5a972a49fdb4ed189e6d9ddc6

  • SHA256

    6b41ef8c7d958233a3a31f8535f453c7fb8db4ff76933989b46e73a653ec940c

  • SHA512

    25377838c4cec9369397dfb27f8cf423ebf89644a954b94a4919a886ac2a396b4661451617a5998bd61010b2c9f8724c2ffae96ac2d434d8a07f378f99d5d3f3

  • SSDEEP

    196608:3BvZ4WSEc3bDvizTG5PYibx2l4fcQ9r6Otkj6Urc3c1:RvZ4WMDvizTGdYG6kcbjhc3E

Score
10/10
jokerevasioninfostealertrojan

Malware Config

Extracted

Family

joker

C2

https://cxjus.oss-accelerate.aliyuncs.com

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Removes a system notification. 1 IoCs
    evasion

Processes

  • org.lightsation.secratanp.smsapps.messager
    1⤵
    • Loads dropped Dex/Jar
    • Removes a system notification.
    PID:4145

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/app_webview/Cookies
    Filesize

    64KB

    MD5

    cb7543c4df600f2af58097cce0e334ba

    SHA1

    83cc92f38c27fdb4fa519b1ce2f37912f24af1f0

    SHA256

    64c022ae708f94ffde986e105d88f708884de325720bfb9925c4160a6d417233

    SHA512

    ad51cad0472327bd68aa2d791341cfafed58971752352537bb603ed18b15a3f9185e9150983a28ecd09606e8dcaef6d1c9d93213dd246ef7720f39842eb3d980

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/app_webview/Cookies-journal
    Filesize

    1KB

    MD5

    e0d40ded5fa1fd776d1f6fd61f788ae6

    SHA1

    3835a3481ffd547e6fd0f8b6cf6c0920c2f72fa9

    SHA256

    2651e34cdebbfa0c2d8bfc03b87ae7ddeadf4ad754d52dc346968ef9d0cb007d

    SHA512

    6a8d197430af412f447d024bde23f8f765083e63f501e2010d6e6ef607c4483fa53a5fab1cd5a9acdba7d04d117098e5bb0974529faab7266f47c030e3859235

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/app_webview/GPUCache/index
    Filesize

    20B

    MD5

    93027d42b314432c4216e6cfca48b384

    SHA1

    43448dd8102979c3926828182579691945eedd4e

    SHA256

    3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

    SHA512

    a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/app_webview/GPUCache/index-dir/temp-index
    Filesize

    48B

    MD5

    0678c4ae4d0c1c9ec40b2fd1905e73e8

    SHA1

    6106000f09a79dcd401a5bfcbcf50263ea0b9cd1

    SHA256

    006e6597631429c526bfd6695c9132a174171249db3e865accb1716a0bb08bb2

    SHA512

    5e319c1fd1fa1057c07ff2534d76388566124ad4a828cdbb3b488869d5d07b1a1c51bfac4ff8ee37a364eaa3d5a3a4106bf07776405f121f797135f3307f862e

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/app_webview/Web Data
    Filesize

    104KB

    MD5

    dc79f9ce5f3ab5270b33e61119dfc959

    SHA1

    1844bf222a5144b513dcf2fb50a18c011701c647

    SHA256

    47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

    SHA512

    18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    c9e324a75cdf9d3de47c8c2066e56c01

    SHA1

    a7a31493052727d21daedf4c959d856b08102794

    SHA256

    815003c4f3828fd6d908bcb656ffdfe3c98750a98432bcbff03b745f8732bd35

    SHA512

    ab8cbc9bd29a219bd33dd06ced5e862cbaec7a15277efe9f040dac174dc2328618f9504ea2fd043cd8bb45b185557a60bab057c7f00fd5fb2ee17b0f249d269c

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/app_webview/metrics_guid
    Filesize

    36B

    MD5

    72e87d050aac3e37d034601e63222de8

    SHA1

    54cf41278308ca41e15d8f6d2bfd864aa6d17b96

    SHA256

    8f8cdc6b5b63f65d1101be009b70e00d661a2436dd8536fb75ee6235d9997da8

    SHA512

    59d9f6fdda1b5a215a8a93db872aa7d8d7a7202be962e95be23e206c79fac26e95af90c051cade2d47370ca2bc5a2383f39c87aebc9f29514eae4add51d044fb

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/cache/org.chromium.android_webview/dfe6b2497a7513ba_0
    Filesize

    6KB

    MD5

    475e773dbc5fa256f0040989e76e2c93

    SHA1

    b393dea43ddbf704de62d629b468677508bbd88d

    SHA256

    67c22137d1a6a6877464d37973bebdcf44c60cde5dff7f0b592dd787e88426e0

    SHA512

    d689f1221da5b71a840fe4095eb1575e62850b1dc1123b6c4d97d89e4d0337099d8a8da8f9cb82a8023fdc52b51159088a24b21cc058de9ba8a2895de8606cd5

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/cache/org.chromium.android_webview/f60eaf12735df878_0
    Filesize

    58KB

    MD5

    0a89d97e531e7ba8f3f8f6534c308cfc

    SHA1

    2831cb8b591fbd605e83a4f719c4ef2716611c05

    SHA256

    6bf27a4e6e7c7ae268cdd5307db5ca6d92146fb4c272ab6eeae5bad5dd4077c3

    SHA512

    26c0adc5d30cf66ab10134c6858b71a246080675f8aec5633b67a61442e8201b175ce71b9431d0be42b9ea87d28df7c3d54c23f0b3d63c2c33c4e16f4611ed09

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/cache/org.chromium.android_webview/f60eaf12735df878_1
    Filesize

    178B

    MD5

    afd09ab480aaa16a16b2b35d0d8edc1e

    SHA1

    f10e9d0cbe0802249ad0f30ce365651b590cda49

    SHA256

    3f114e916352847f8b10bda1c9f30c53b4968bcd1d59d365fc9e39261194f71f

    SHA512

    96fd2dcb8b5345021b6f12641628bf045bfde552612c0f6c1b15f4e5611639dbc73e45a7559718f80cd6f18d58f0b15f89d32f1cd8147eddd91a3fd37a0654e5

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/cache/org.chromium.android_webview/index
    Filesize

    20B

    MD5

    93027d42b314432c4216e6cfca48b384

    SHA1

    43448dd8102979c3926828182579691945eedd4e

    SHA256

    3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

    SHA512

    a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    48B

    MD5

    3e0f5115f40fa0a4734b3d8ba903e7a8

    SHA1

    d64e8a5a76d304f1ffc8965bd252eedaf2b04030

    SHA256

    9dde679093e52b8bcedb676694564e2a4b5d06acf3d185236c8eb7aee6938b44

    SHA512

    cc5abaabb2c326374557156bbd8538457493e5f65e793b34dad82674f141b4fbefb1d6b470d191c709f67a532ba8e0162b84873af8e6ba050d0ee0d2d9103e57

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    96B

    MD5

    f82ca0b01b1b7682874503d36fbece26

    SHA1

    c06212b8552fedda655d3f717c09f84737215cff

    SHA256

    be503d4ba9819cf01554cd7bc6e191e7d4088529f1f71992a2c90f894621dc42

    SHA512

    539267e1c974b7073844f6bb692d54eeca0300295f077295f84939cdba91d657dae1374e93d78d89ea9244ce81a2d080ffaaee4ba7cb3260bcd77b5d4e83fada

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/androidx.work.workdb-journal
    Filesize

    524B

    MD5

    869332d06faf928d320d3a09439b9204

    SHA1

    4fcfdff2276ea45f81c32c932492c22af54bbe7a

    SHA256

    6cfa90528c2146db046d162a3046af9af93be9f2115e0bf7ade9200f32e621cd

    SHA512

    6c05e9ed5cc15b9be329a118795c54b2f09ba6273912ae5a2c940016351c979f6614be29af94c40394cf5237a777647a51df04c2f6bed0f6c4c6820fba5d396e

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/androidx.work.workdb-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/androidx.work.workdb-wal
    Filesize

    88KB

    MD5

    282b3b89f95d292de75aae08482730cf

    SHA1

    fb2542432a457f4dbdb322d2625a0da218f4b4e3

    SHA256

    e4f9a7dcacdca6112471848b2bb8da7aea6fbc4570bee33abae392f8599ccea8

    SHA512

    23232387a99ca1088bf05d61b7f5b3cda296d6eb57c224dbc46d8b7f51d2a52e89539f0bbabfb4f3e5d08b116c5238202775112d16afdaa6f0b8d1136ed92a78

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/conversations.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/conversations.db-journal
    Filesize

    524B

    MD5

    94da8e9bfaa9c4bc67dd9a5e36af65f4

    SHA1

    24f04afcc0376a091e66c64f8666b21ec10281f9

    SHA256

    7d311f33fa977668ca112952ddc55d24eab58866943982574fe38a443e0ba519

    SHA512

    4cf24734636b57711ad84c2eec65ddeb1a9efff60f76d856f19bf67955b2036de55913fe422f3cae9049c31497ab375130da1497486a1ccf52da05ab0945a18f

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/conversations.db-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/databases/conversations.db-wal
    Filesize

    56KB

    MD5

    158d12d61ce67ee763c41db3ea73a027

    SHA1

    25c6c60720497b8294bae4b5d17e53da5e61f7a4

    SHA256

    fc54ebd70b9e473bd2862772a255b9d6c82a2012b4b4c18c00ad521a923e37d4

    SHA512

    1bad6f6eda18358ab598d3f4b457c1867a07e324f5a1a4c8408dc58044d4e0240d0cce99a2619d3e98727a472e1bda61095952e000e5ab84a3955d22fcf4cd64

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/files/Yang
    Filesize

    22KB

    MD5

    fcd164861a6df1294c5fdc0f4ebf5501

    SHA1

    00acb87b32facc42925cdd16962fdd5484876742

    SHA256

    25fddf7fd69f30c403a4a1e8ddc8034e1dc25d3bf1d55750a29793341727f2a8

    SHA512

    a68ce5773fe11a1805921c46f29e20db06b2212ac85fa274b4c92be924cfd4a6aaba8e30181f0655cab3811e21f14ee07d7d6da930015e5dfcd2cb5cf8403da5

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/files/Yang
    Filesize

    45KB

    MD5

    2411e0d313553573ac62736fb059d7da

    SHA1

    64ba93a49eadb69e7b9f9fc7fc37a3b22f1ef033

    SHA256

    e20be6eda799c69363a5c1b11201d22234d2f4ae29e1408a61bfed29511526f9

    SHA512

    fb9bb0054975b8f84713dba773f256dbdc47134663695b489f08947fc9cb114b78cbc064ab184ce44d679356485628b5e52a4322dd72e6ec5d2e0d8faccef51f

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    21223e9184445fe043476484cd8cb1f9

    SHA1

    2b4813f849121d60ba35eb0889080668bb62c778

    SHA256

    bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

    SHA512

    be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

    Download Submit

  • /data/user/0/org.lightsation.secratanp.smsapps.messager/shared_prefs/admob.xml
    Filesize

    140B

    MD5

    510ccee18a75f7df9fbd75010e44e39c

    SHA1

    52de84a4a5f467c5858f05e95e302628204c0ff4

    SHA256

    eaf232816e977f6214fb567b02bd1feed2e8e563e590423a8d2b09a85d98f204

    SHA512

    b43779495524ead222048ff20c565ad01aef6c4f62d5e9761be816ccb38db8430a4cd3ecebf80d389e673b76f940be55e1f8d5a5f56abb7d42b8419d9400d01b

    Download Submit

  • Anonymous-DexFile@0xe99ee000-0xe99ef710
    Filesize

    5KB

    MD5

    ae1d1ab9f607673d9c8411a53edd1478

    SHA1

    77d52d0757b393942707e33fa4eb02bd79b1fe22

    SHA256

    59b3a24fb330820f95d55011fd59138531170c5a8d5422365f9458100120ea2b

    SHA512

    6da9bf8e900f20701585ca83182ed4851e73455e97777059deee04edcdad766cca1d064dd11ad4e7616592752e8074f48fefaf75866b1e28f499c3863c44e022

    Download Submit