Overview

overview

10

Static

static

8

骨头QQ�...��.exe

windows7-x64

10

骨头QQ�...��.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab71f8ca525dea1201ac3b7716e9356339a4fe74f065b1390ed377986da10e7c

  • Size

    1.1MB

  • Sample

    221107-llsrjsaad8

  • MD5

    df9c8416e92ea4bc927a4abba66f6457

  • SHA1

    c1844db7747988bf237a6fc00ab5574cbcba6531

  • SHA256

    ab71f8ca525dea1201ac3b7716e9356339a4fe74f065b1390ed377986da10e7c

  • SHA512

    fa22e0e9c54a22214f13a66f13529bae1fa915ca7c2ab7f962fcbb4b7534aad88aafa5fe1355d129d854cb12ed1375a5e00b6e170ccd4c16e23cf3f854b1b3dc

  • SSDEEP

    24576:HL7c2U0CJcpvurFkoJoheYZbBSUw/mqkHPIEw7QPHDgzWK9yF5UsjMAm4:r7BpppvurFOheS9dHPI77Q/cFybj7L

Score
10/10
jokerinfostealertrojanupx

Malware Config

Extracted

Family

joker

C2

http://guup.oss-cn-qingdao.aliyuncs.com

Targets

    • Target

      骨头QQ说说批量删除软件.exe

    • Size

      1.1MB

    • MD5

      9520bc9ed05c1a7f98f3ca59617fe2a2

    • SHA1

      d30b923b9632c45e59e58230f24d06b06dfe696a

    • SHA256

      818c71c2be38aa2c9a1921d6138c56ea614fd7e29f4e566d54f242dcb085edc7

    • SHA512

      20d6edff30676035e915c4d33edca832b154210673f5cfcead010fb6cccb39fe501cfa0459eae23bad92e52ab6c1c3d90456b65fb34ceb64407f356ef42ad316

    • SSDEEP

      24576:yCgrorD9j3pf0ccJi/ktnWGTOn/3JuX+65vBSa/L8GUgnsM:lgKMDtW1n/JuXNAajPUK

    Score
    10/10
    jokerinfostealertrojanupx

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Downloads MZ/PE file

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks