joker | 909a05f9f7ac3c187afac226376ca0e85a64592dcf9d2ba2d5567ce021755732 | Triage

Sharing

General

Target

Smart Drawing Art.apk
Size

5.9MB
Sample

221214-xm2xdsag86
MD5

5d3d5cf12ab3a1aa4acae745f0623613
SHA1

87e5ec30741d64cac43351b429fc2dc0b01ae2df
SHA256

909a05f9f7ac3c187afac226376ca0e85a64592dcf9d2ba2d5567ce021755732
SHA512

0a57d30de07d92c39a88b03c35185bbd5d66a204f851e85f160add33c136bf9ad6c9270f83f98f2aa74be3ad69aaa37dcfb932b029a9e6c3c3b3015fe07a8f68
SSDEEP

98304:OIWWW5Q+jIIvbjmrVfYCqbQ2gG+YaOs4urV/GvtprR6825eXderF3kjV/tTosKna:OIWW83kIvIFYM2x+Yatp/GvrR68GI/t1

Score

10^/10

joker android evasion infostealer trojan

Malware Config

Extracted

Family

joker

C2

http://appear.oss-eu-central-1.aliyuncs.com/medib

Targets

- Target
  
  Smart Drawing Art.apk
- Size
  
  5.9MB
- MD5
  
  5d3d5cf12ab3a1aa4acae745f0623613
- SHA1
  
  87e5ec30741d64cac43351b429fc2dc0b01ae2df
- SHA256
  
  909a05f9f7ac3c187afac226376ca0e85a64592dcf9d2ba2d5567ce021755732
- SHA512
  
  0a57d30de07d92c39a88b03c35185bbd5d66a204f851e85f160add33c136bf9ad6c9270f83f98f2aa74be3ad69aaa37dcfb932b029a9e6c3c3b3015fe07a8f68
- SSDEEP
  
  98304:OIWWW5Q+jIIvbjmrVfYCqbQ2gG+YaOs4urV/GvtprR6825eXderF3kjV/tTosKna:OIWW83kIvIFYM2x+Yatp/GvrR68GI/t1
Score

10^/10

joker evasion infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

jokerevasioninfostealertrojan

behavioral2

jokerinfostealertrojan

behavioral3