General

  • Target

    Mask Photo Editor_6.6.3.apk

  • Size

    23.2MB

  • Sample

    221124-mydzlahc97

  • MD5

    624cb7c78da4d9ba0138d3c543bec4e7

  • SHA1

    223308638b58e2baf1f5de9dc6551c999b6788e3

  • SHA256

    7385e0e3d811b317ed67eefb54274b232c1f167de14c593688453b7431034a02

  • SHA512

    8396da9e7d896f5e0d2b16515184a51a84db767837e379a23037637ebada464915bb0665db4fb867f4a4f93515daa175308e7ce08bc7e76012ecfe002f4a893f

  • SSDEEP

    393216:M+SIiydEfvNKIsun8JfiwI84QZePw21XGZOvwaebxS6pxCQsFZBE:0IdaNKIEJfk84Dl1XqOvdebrpqw

Malware Config

Extracted

Family

joker

C2

http://careof.oss-ap-northeast-2.aliyuncs.com/way

https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2

https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

    • Target

      Mask Photo Editor_6.6.3.apk

    • Size

      23.2MB

    • MD5

      624cb7c78da4d9ba0138d3c543bec4e7

    • SHA1

      223308638b58e2baf1f5de9dc6551c999b6788e3

    • SHA256

      7385e0e3d811b317ed67eefb54274b232c1f167de14c593688453b7431034a02

    • SHA512

      8396da9e7d896f5e0d2b16515184a51a84db767837e379a23037637ebada464915bb0665db4fb867f4a4f93515daa175308e7ce08bc7e76012ecfe002f4a893f

    • SSDEEP

      393216:M+SIiydEfvNKIsun8JfiwI84QZePw21XGZOvwaebxS6pxCQsFZBE:0IdaNKIEJfk84Dl1XqOvdebrpqw

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks