joker | 8b3153e6a804e97a1595d12aeecda381fec1b3246339f15b04e4c060be0f29a2 | Triage

Submit
Reports

Overview

overview

Static

static

8b3153e6a8...a2.exe

windows7-x64

5

8b3153e6a8...a2.exe

windows10-2004-x64

Sharing

General

Target

8b3153e6a804e97a1595d12aeecda381fec1b3246339f15b04e4c060be0f29a2
Size

1.3MB
Sample

221030-v55d5adahr
MD5

8267a44cf3ba07faabda9134c695e4e3
SHA1

d7ee1fbe8411b5e4f3f15c578e48208dfee94973
SHA256

8b3153e6a804e97a1595d12aeecda381fec1b3246339f15b04e4c060be0f29a2
SHA512

893a5e0aa40f0d7dc7c5fa8f1508d1d7c3fb9c11003a2d6065f742393a2bea77943d3aba9a8cbd94c1c078e3841a87025caff82f66fd8fc92330b834e1def53f
SSDEEP

12288:zAsElZjbdonl0UlJbIA5h3zBRSzMqGDZsMrUCAlNk7S5Mwfe/uK6PQdONNB:zAsElGKUHbBhjBw6DZF4lMwkn6

Score

10^/10

joker infostealer persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

8b3153e6a804e97a1595d12aeecda381fec1b3246339f15b04e4c060be0f29a2.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8b3153e6a804e97a1595d12aeecda381fec1b3246339f15b04e4c060be0f29a2.exe

Resource

win10v2004-20220812-en

joker infostealer persistence trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  8b3153e6a804e97a1595d12aeecda381fec1b3246339f15b04e4c060be0f29a2
- Size
  
  1.3MB
- MD5
  
  8267a44cf3ba07faabda9134c695e4e3
- SHA1
  
  d7ee1fbe8411b5e4f3f15c578e48208dfee94973
- SHA256
  
  8b3153e6a804e97a1595d12aeecda381fec1b3246339f15b04e4c060be0f29a2
- SHA512
  
  893a5e0aa40f0d7dc7c5fa8f1508d1d7c3fb9c11003a2d6065f742393a2bea77943d3aba9a8cbd94c1c078e3841a87025caff82f66fd8fc92330b834e1def53f
- SSDEEP
  
  12288:zAsElZjbdonl0UlJbIA5h3zBRSzMqGDZsMrUCAlNk7S5Mwfe/uK6PQdONNB:zAsElGKUHbBhjBw6DZF4lMwkn6
Score

10^/10

joker infostealer persistence trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

jokerinfostealerpersistencetrojan

© 2018-2025

Terms | Privacy