Overview

overview

10

Static

static

d82723a9e3...2a.exe

windows7-x64

8

d82723a9e3...2a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d82723a9e3a2be8f078232a4afeef4d31b492cdc6c8305de0ec971aa4116a92a

  • Size

    57KB

  • Sample

    221028-wfmnfshaf7

  • MD5

    0b0ee3bfe9d95fb5c4db1aa98e9dc80f

  • SHA1

    79ecf10f1723a03448e2fcbba91efa914c2a40b3

  • SHA256

    d82723a9e3a2be8f078232a4afeef4d31b492cdc6c8305de0ec971aa4116a92a

  • SHA512

    77c35557de4cc91595bfa67b0bbd823214474e1d694878c2b80098a05216f98a09cb7eeea8d0ba1d6538f01fef735ddf8cbf65d1ab1cf54a7ca7397e5402b1ef

  • SSDEEP

    1536:0BFob1D2gFZwE06rZJajb5WwP+5riUokv2dY:8oFhFSEHr3qUwP+5rixy

Score
10/10
jokerevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      d82723a9e3a2be8f078232a4afeef4d31b492cdc6c8305de0ec971aa4116a92a

    • Size

      57KB

    • MD5

      0b0ee3bfe9d95fb5c4db1aa98e9dc80f

    • SHA1

      79ecf10f1723a03448e2fcbba91efa914c2a40b3

    • SHA256

      d82723a9e3a2be8f078232a4afeef4d31b492cdc6c8305de0ec971aa4116a92a

    • SHA512

      77c35557de4cc91595bfa67b0bbd823214474e1d694878c2b80098a05216f98a09cb7eeea8d0ba1d6538f01fef735ddf8cbf65d1ab1cf54a7ca7397e5402b1ef

    • SSDEEP

      1536:0BFob1D2gFZwE06rZJajb5WwP+5riUokv2dY:8oFhFSEHr3qUwP+5rixy

    Score
    10/10
    evasionpersistencejokerinfostealertrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Executes dropped EXE

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks