Overview

overview

10

Static

static

7

Document P....7.apk

android-10-x64

10

Document P....7.apk

android-11-x64

6

Document P....7.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Document PDF Scanner_8.3.7.apk

  • Size

    9.7MB

  • Sample

    221213-m8qq5see38

  • MD5

    d647a07d7492da4dfc2d5a0165fdb044

  • SHA1

    deaf44286b05f93a079dbddfc52013f7f114015e

  • SHA256

    fc303334334b87655463ccbc523da805e4b30085e0b690f5f48637f872f0a676

  • SHA512

    f1ef534fffba4bc934b6f4f344db1fbda22d2522c40acc5c3b9313083886388e4eb9cbcb1b0b9b7077e2e7504e648ef1e3924ab61cf0d1a3e1f83c3b329c6cd9

  • SSDEEP

    196608:N+GCjxVA0s8tWLJiV8/VQjga2lKOTA9MAdRPWn8WGZ:oZkXNFwOTAF08We

Score
10/10
jokerandroidevasioninfostealertrojan

Malware Config

Extracted

Family

joker

C2

http://sightly.oss-ap-northeast-1.aliyuncs.com/either

Grant permission to use all features

https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2

https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

    • Target

      Document PDF Scanner_8.3.7.apk

    • Size

      9.7MB

    • MD5

      d647a07d7492da4dfc2d5a0165fdb044

    • SHA1

      deaf44286b05f93a079dbddfc52013f7f114015e

    • SHA256

      fc303334334b87655463ccbc523da805e4b30085e0b690f5f48637f872f0a676

    • SHA512

      f1ef534fffba4bc934b6f4f344db1fbda22d2522c40acc5c3b9313083886388e4eb9cbcb1b0b9b7077e2e7504e648ef1e3924ab61cf0d1a3e1f83c3b329c6cd9

    • SSDEEP

      196608:N+GCjxVA0s8tWLJiV8/VQjga2lKOTA9MAdRPWn8WGZ:oZkXNFwOTAF08We

    Score
    10/10
    jokerinfostealertrojanevasion

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Legitimate hosting services abused for malware hosting/C2

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks