Overview

overview

10

Static

static

8

d3cc6fa8b8...03.exe

windows7-x64

10

d3cc6fa8b8...03.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    36s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2022 21:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3cc6fa8b853f893f4e4e1420473fdbad783a4cd7d8ec35289d845e2482d0203.exe

  • Size

    3.8MB

  • MD5

    1f3915d69bb335491a6d3384d83b5e16

  • SHA1

    df75bf539813cbd7f9fc989980358f70d461dde9

  • SHA256

    d3cc6fa8b853f893f4e4e1420473fdbad783a4cd7d8ec35289d845e2482d0203

  • SHA512

    5bba89e1d2471ccde417d96e9dcfdc74242d993e5d9b1a077bb8f22a9e9aa4cb11832a20e7b5b85b4d358d0e05dc3ccce654df1411e1a1947fa39a7d17570d41

  • SSDEEP

    98304:b/ieCCLfltnogjL5AOUMa3zxqVoGG3HQRn3HdKF:b/1rXF6qVox3HQR39K

Score
10/10
jokerinfostealertrojan

Malware Config

Extracted

Family

joker

C2

https://fangyouyun.oss-cn-shenzhen.aliyuncs.com

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d3cc6fa8b853f893f4e4e1420473fdbad783a4cd7d8ec35289d845e2482d0203.exe
    "C:\Users\Admin\AppData\Local\Temp\d3cc6fa8b853f893f4e4e1420473fdbad783a4cd7d8ec35289d845e2482d0203.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/364-54-0x0000000076681000-0x0000000076683000-memory.dmp

    Filesize

    8KB

    Download

  • memory/364-55-0x0000000000400000-0x0000000001A6E000-memory.dmp

    Filesize

    22.4MB

    Download

  • memory/364-57-0x0000000000400000-0x0000000001A6E000-memory.dmp

    Filesize

    22.4MB

    Download

  • memory/364-60-0x00000000021B0000-0x000000000381E000-memory.dmp

    Filesize

    22.4MB

    Download

  • memory/364-61-0x00000000021B0000-0x000000000381E000-memory.dmp

    Filesize

    22.4MB

    Download

  • memory/364-62-0x00000000021B0000-0x000000000381E000-memory.dmp

    Filesize

    22.4MB

    Download

  • memory/364-63-0x0000000000400000-0x0000000001A6E000-memory.dmp

    Filesize

    22.4MB

    Download