joker | 58ab164530a5835fd4c8ef3aff4f1d12c2fca4e63f2b8d07c28df48055142b32 | Triage

Sharing

General

Target

58ab164530a5835fd4c8ef3aff4f1d12c2fca4e63f2b8d07c28df48055142b32
Size

768KB
Sample

221106-ph9gnsbah4
MD5

0905114401adca2d542bb147de69cf36
SHA1

391b3f25250d5cad4efbad8dab1f5bbe3c2b9c51
SHA256

58ab164530a5835fd4c8ef3aff4f1d12c2fca4e63f2b8d07c28df48055142b32
SHA512

f60ae10658d1b4d0fd07da4e333d4dbcd2929552e8e8718f325abd351e862c05c488e52750b17a596a0e1dc2e63d9e549730c20b3a1d715fb11a63b78dc677c3
SSDEEP

12288:MoakyYIAvFGMTQzZr6VI5VaAGnA7wU23USvzf1zSjwpVkZCvDIhYdVytF3Npf/B7:FBII4r6VKaAaA7T2k81fkFYdVaFfpyiB

Score

10^/10

joker infostealer trojan

Malware Config

Targets

- Target
  
  58ab164530a5835fd4c8ef3aff4f1d12c2fca4e63f2b8d07c28df48055142b32
- Size
  
  768KB
- MD5
  
  0905114401adca2d542bb147de69cf36
- SHA1
  
  391b3f25250d5cad4efbad8dab1f5bbe3c2b9c51
- SHA256
  
  58ab164530a5835fd4c8ef3aff4f1d12c2fca4e63f2b8d07c28df48055142b32
- SHA512
  
  f60ae10658d1b4d0fd07da4e333d4dbcd2929552e8e8718f325abd351e862c05c488e52750b17a596a0e1dc2e63d9e549730c20b3a1d715fb11a63b78dc677c3
- SSDEEP
  
  12288:MoakyYIAvFGMTQzZr6VI5VaAGnA7wU23USvzf1zSjwpVkZCvDIhYdVytF3Npf/B7:FBII4r6VKaAaA7T2k81fkFYdVaFfpyiB
Score

10^/10

joker infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerinfostealertrojan

behavioral2

jokerinfostealertrojan