joker | 308c88f5c8d07adc2c980eef0afef9266ee49c748a53218caff25dd1c29151d1 | Triage

Sharing

General

Target

Text Chat SMS_52.apk
Size

13.3MB
Sample

221123-np1yfahd63
MD5

61b135fddb2e26f15280bf3094c6f6a8
SHA1

9992d220a3337f2dc3ab0440723b46b2ee05f764
SHA256

308c88f5c8d07adc2c980eef0afef9266ee49c748a53218caff25dd1c29151d1
SHA512

60557675705b1525bb2066ef783b60cf337a22cab0f83828cbaab4204588efabd16aeb033a4a169289d33cd522ef43e496a8ca143b3a76df3fae42f8754af41e
SSDEEP

393216:IJH+7fxl1olCDPIpvoNeMeHWBLp/qEj8r6n45d:sHOl1C7yYgl/qEjdnS

Score

10^/10

joker android infostealer trojan

Malware Config

Extracted

Family

joker

C2

http://called.oss-ap-southeast-5.aliyuncs.com/smscolor

https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2

https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

- Target
  
  Text Chat SMS_52.apk
- Size
  
  13.3MB
- MD5
  
  61b135fddb2e26f15280bf3094c6f6a8
- SHA1
  
  9992d220a3337f2dc3ab0440723b46b2ee05f764
- SHA256
  
  308c88f5c8d07adc2c980eef0afef9266ee49c748a53218caff25dd1c29151d1
- SHA512
  
  60557675705b1525bb2066ef783b60cf337a22cab0f83828cbaab4204588efabd16aeb033a4a169289d33cd522ef43e496a8ca143b3a76df3fae42f8754af41e
- SSDEEP
  
  393216:IJH+7fxl1olCDPIpvoNeMeHWBLp/qEj8r6n45d:sHOl1C7yYgl/qEjdnS
Score

10^/10

joker infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

jokerinfostealertrojan

behavioral3