Overview

overview

10

Static

static

269b34432a...9a.exe

windows7-x64

10

269b34432a...9a.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    104s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-11-2022 03:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a.exe

  • Size

    5.3MB

  • MD5

    19c8e1f70d5885f428792fa834ce1a0c

  • SHA1

    3bd02dc0506965cc88003d0a2c52a4bbf05bca63

  • SHA256

    269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a

  • SHA512

    778aa08de39e89d35dd07b5e5130f297ddbebb207feb5bfb05fe51df51cfe48221c1a3dad02225a996b9b47eb3a0cf8d360ee483de8d62e23e1679b7e3447996

  • SSDEEP

    49152:riBIdualPUxZwxV/7GHt2He74cdP2llZw77LQ0soNf2He74cdr27lZw77LQ0soNa:nblPUmHzc4wcHzcAwHblPU

Score
10/10
jokerinfostealertrojan

Malware Config

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a.exe
    "C:\Users\Admin\AppData\Local\Temp\269b34432ab930125dc9987b96efd2a058701e20a42781019f3244d03754d59a.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3544-132-0x00000139A50D0000-0x00000139A5628000-memory.dmp

    Filesize

    5.3MB

    Download

  • memory/3544-133-0x00007FFC484B0000-0x00007FFC48F71000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3544-135-0x00000139BFB40000-0x00000139BFB48000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-134-0x00000139BFB30000-0x00000139BFB3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3544-136-0x00000139BFB70000-0x00000139BFB78000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-137-0x00000139C1960000-0x00000139C1968000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-138-0x00000139C1970000-0x00000139C1978000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-139-0x00000139C1980000-0x00000139C1988000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-140-0x00000139C1990000-0x00000139C1998000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-141-0x00000139C19A0000-0x00000139C19A8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-142-0x00000139C19B0000-0x00000139C19B8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-143-0x00000139C60D0000-0x00000139C60D8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3544-144-0x00000139C6150000-0x00000139C6188000-memory.dmp

    Filesize

    224KB

    Download

  • memory/3544-145-0x00000139C5800000-0x00000139C580E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3544-146-0x00007FFC484B0000-0x00007FFC48F71000-memory.dmp

    Filesize

    10.8MB

    Download