Overview

overview

10

Static

static

7

Paint Art_1.1.6.apk

android-10-x64

7

Paint Art_1.1.6.apk

android-11-x64

7

Paint Art_1.1.6.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Paint Art_1.1.6.apk

  • Size

    5.0MB

  • Sample

    221125-m2q4bsfc9x

  • MD5

    ff88397d0fdd02e072a80f38358c4253

  • SHA1

    83333da8fc0f1dfb716dfa82ee7470702356ad76

  • SHA256

    7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2

  • SHA512

    fd0e2185eabfdb873e4605f18ce0eacac08ed15a108881907bd6b346f4ead2790f40a99f2b40025d927ef9a0fdd4eae0665689406a2af9c5104cf152f9dc262d

  • SSDEEP

    98304:WMQZx/8p0wZKYkiViyXUm7OG+IsilxSiz31JqhVowaCZp8c:WjZYxNywOLsi031ojRFd

Score
10/10
jokerandroidevasioninfostealerransomwaretrojan

Malware Config

Extracted

Family

joker

C2

http://limited.oss-ap-southeast-5.aliyuncs.com/setout

https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2

https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

    • Target

      Paint Art_1.1.6.apk

    • Size

      5.0MB

    • MD5

      ff88397d0fdd02e072a80f38358c4253

    • SHA1

      83333da8fc0f1dfb716dfa82ee7470702356ad76

    • SHA256

      7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2

    • SHA512

      fd0e2185eabfdb873e4605f18ce0eacac08ed15a108881907bd6b346f4ead2790f40a99f2b40025d927ef9a0fdd4eae0665689406a2af9c5104cf152f9dc262d

    • SSDEEP

      98304:WMQZx/8p0wZKYkiViyXUm7OG+IsilxSiz31JqhVowaCZp8c:WjZYxNywOLsi031ojRFd

    Score
    10/10
    ransomwarejokerevasioninfostealertrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks