joker | 269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a

Analysis

max time kernel
37s
max time network
121s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
04-11-2022 03:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a.exe
Size

5.3MB
MD5

19c8e1f70d5885f428792fa834ce1a0c
SHA1

3bd02dc0506965cc88003d0a2c52a4bbf05bca63
SHA256

269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a
SHA512

778aa08de39e89d35dd07b5e5130f297ddbebb207feb5bfb05fe51df51cfe48221c1a3dad02225a996b9b47eb3a0cf8d360ee483de8d62e23e1679b7e3447996
SSDEEP

49152:riBIdualPUxZwxV/7GHt2He74cdP2llZw77LQ0soNf2He74cdr27lZw77LQ0soNa:nblPUmHzc4wcHzcAwHblPU

Score

10^/10

joker infostealer trojan

Malware Config

Signatures

joker
Joker is an Android malware that targets billing and SMS fraud.
infostealer trojan joker

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1392	269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a.exe

C:\Users\Admin\AppData\Local\Temp\269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a.exe
"C:\Users\Admin\AppData\Local\Temp\269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1392

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1392-54-0x0000000000A10000-0x0000000000F68000-memory.dmp

Filesize
5.3MB

Download
memory/1392-55-0x00000000001E0000-0x00000000001E8000-memory.dmp

Filesize
32KB

Download
memory/1392-57-0x00000000003F0000-0x0000000000422000-memory.dmp

Filesize
200KB

Download
memory/1392-56-0x000000001B700000-0x000000001B850000-memory.dmp

Filesize
1.3MB

Download
memory/1392-58-0x000000001AB50000-0x000000001ABC6000-memory.dmp

Filesize
472KB

Download
memory/1392-59-0x00000000001F0000-0x00000000001FE000-memory.dmp

Filesize
56KB

Download
memory/1392-60-0x0000000000430000-0x000000000043C000-memory.dmp

Filesize
48KB

Download
memory/1392-61-0x0000000000440000-0x000000000044A000-memory.dmp

Filesize
40KB

Download
memory/1392-62-0x0000000000450000-0x0000000000460000-memory.dmp

Filesize
64KB

Download
memory/1392-63-0x000000001ADC0000-0x000000001AE42000-memory.dmp

Filesize
520KB

Download
memory/1392-64-0x0000000000460000-0x0000000000470000-memory.dmp

Filesize
64KB

Download
memory/1392-65-0x0000000000470000-0x000000000047A000-memory.dmp

Filesize
40KB

Download
memory/1392-66-0x0000000000480000-0x000000000048A000-memory.dmp

Filesize
40KB

Download
memory/1392-67-0x0000000000520000-0x0000000000528000-memory.dmp

Filesize
32KB

Download
memory/1392-68-0x000000001B686000-0x000000001B6A5000-memory.dmp

Filesize
124KB

Download
memory/1392-69-0x0000000000540000-0x0000000000548000-memory.dmp

Filesize
32KB

Download
memory/1392-70-0x0000000000530000-0x000000000053A000-memory.dmp

Filesize
40KB

Download
memory/1392-73-0x00000000005D0000-0x00000000005D8000-memory.dmp

Filesize
32KB

Download
memory/1392-72-0x0000000000530000-0x0000000000538000-memory.dmp

Filesize
32KB

Download
memory/1392-71-0x0000000000530000-0x000000000053A000-memory.dmp

Filesize
40KB

Download
memory/1392-74-0x00000000005E0000-0x00000000005E8000-memory.dmp

Filesize
32KB

Download
memory/1392-75-0x0000000002570000-0x0000000002578000-memory.dmp

Filesize
32KB

Download
memory/1392-76-0x0000000002580000-0x0000000002588000-memory.dmp

Filesize
32KB

Download
memory/1392-77-0x0000000002590000-0x0000000002598000-memory.dmp

Filesize
32KB

Download
memory/1392-78-0x000000001B686000-0x000000001B6A5000-memory.dmp

Filesize
124KB

Download
memory/1392-79-0x0000000000530000-0x000000000053A000-memory.dmp

Filesize
40KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads