joker | 30d6532a71732fef76a251a5aca5a155ff89cdd50c3132e3fb902da9be0a8f6e | Triage

Sharing

General

Target

Tailored Chat SMS_2.3.apk
Size

39.2MB
Sample

221104-tsb2daggb4
MD5

78c28270bb22b32982dabc238ed5e238
SHA1

338ea3f8a6537028d9622f98c0891319efc2602d
SHA256

30d6532a71732fef76a251a5aca5a155ff89cdd50c3132e3fb902da9be0a8f6e
SHA512

640c783381d3cd11fa73971bedff0da0b700a127466840ff63e5d52dd2c79c05a7290d24f683381522af35bf57f15bd7f3ef9b40f87a6146d6120d9bc684e558
SSDEEP

786432:xPSvZK1rE9g60PacatikQPpCoAhLIZYZ8comhemnp7VfMauJopwHWo1itAaXEALx:xPSBK1rq/EkabAhLCSMmn7MauJop2B1a

Score

10^/10

joker android evasion infostealer trojan

Malware Config

Extracted

Family

joker

C2

http://haziness.oss-ap-southeast-1.aliyuncs.com

http://cxjus.oss-ap-southeast-1.aliyuncs.com

https://cxjus.oss-ap-southeast-1.aliyuncs.com

Targets

- Target
  
  Tailored Chat SMS_2.3.apk
- Size
  
  39.2MB
- MD5
  
  78c28270bb22b32982dabc238ed5e238
- SHA1
  
  338ea3f8a6537028d9622f98c0891319efc2602d
- SHA256
  
  30d6532a71732fef76a251a5aca5a155ff89cdd50c3132e3fb902da9be0a8f6e
- SHA512
  
  640c783381d3cd11fa73971bedff0da0b700a127466840ff63e5d52dd2c79c05a7290d24f683381522af35bf57f15bd7f3ef9b40f87a6146d6120d9bc684e558
- SSDEEP
  
  786432:xPSvZK1rE9g60PacatikQPpCoAhLIZYZ8comhemnp7VfMauJopwHWo1itAaXEALx:xPSBK1rq/EkabAhLCSMmn7MauJop2B1a
Score

10^/10

joker infostealer trojan evasion
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

jokerinfostealertrojan

behavioral2

behavioral3

jokerevasioninfostealertrojan