joker | 20b80e22a25e54adb3dc9257fc3b5d7de95a5134e109b46cdea6418626e0edae | Triage

Submit
Reports

Overview

overview

Static

static

8

20b80e22a2...ae.exe

windows7-x64

20b80e22a2...ae.exe

windows10-2004-x64

Sharing

General

Target

20b80e22a25e54adb3dc9257fc3b5d7de95a5134e109b46cdea6418626e0edae
Size

765KB
Sample

221029-qezczahdfr
MD5

8de76e6a5598a529a98333a0d75ba88c
SHA1

c54d54f6b63c2013de278660bffc892b6d4c34b2
SHA256

20b80e22a25e54adb3dc9257fc3b5d7de95a5134e109b46cdea6418626e0edae
SHA512

1e900552d5a859885c19fd3f5282a6e543512cc8ac83931d6bcbb377a5b9f2cc6f5095626c7bfc2a17d78d35e33631868841d8147cb74f4a99916cbdd51ff711
SSDEEP

12288:6kS8kaK+mrZCTbwGDzur7RtTdpuvYcSMSgKnPlBYC/4RYe491ue814MGEReL/9VG:I8A1CrzuHRtTdpuvgwKnPK749rHMGEkO

Score

10^/10

joker infostealer trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

20b80e22a25e54adb3dc9257fc3b5d7de95a5134e109b46cdea6418626e0edae.exe

Resource

win7-20220812-en

joker infostealer trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

20b80e22a25e54adb3dc9257fc3b5d7de95a5134e109b46cdea6418626e0edae.exe

Resource

win10v2004-20220901-en

joker infostealer trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

joker

C2

http://guup.oss-cn-qingdao.aliyuncs.com

https://gutou.oss-cn-beijing.aliyuncs.com

Targets

- Target
  
  20b80e22a25e54adb3dc9257fc3b5d7de95a5134e109b46cdea6418626e0edae
- Size
  
  765KB
- MD5
  
  8de76e6a5598a529a98333a0d75ba88c
- SHA1
  
  c54d54f6b63c2013de278660bffc892b6d4c34b2
- SHA256
  
  20b80e22a25e54adb3dc9257fc3b5d7de95a5134e109b46cdea6418626e0edae
- SHA512
  
  1e900552d5a859885c19fd3f5282a6e543512cc8ac83931d6bcbb377a5b9f2cc6f5095626c7bfc2a17d78d35e33631868841d8147cb74f4a99916cbdd51ff711
- SSDEEP
  
  12288:6kS8kaK+mrZCTbwGDzur7RtTdpuvYcSMSgKnPlBYC/4RYe491ue814MGEReL/9VG:I8A1CrzuHRtTdpuvgwKnPK749rHMGEkO
Score

10^/10

joker infostealer trojan upx
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Downloads MZ/PE file
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

jokerinfostealertrojanupx

behavioral2

jokerinfostealertrojanupx

© 2018-2025

Terms | Privacy