Overview

overview

10

Static

static

7

com.smarts...om.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    com.smartscreen.mirroring_202_apksos.com.apk

  • Size

    7.7MB

  • Sample

    221215-kw59ysca69

  • MD5

    f20127b70a5179a1595865a824f19a17

  • SHA1

    afa92a89e34ead1d677d3cac0096dd817149434a

  • SHA256

    573dfdb117ca70d04a0a3b4a784f03b095e533c837ed7eae03832a588127642b

  • SHA512

    c7921e97c897f1c5421a586821a24e0192c5ca6ce0d76abd3505c57185959d3290fa4925e0deae0203c060f071dbaeb8d70a09ef5916cbf81167e1102461d2f9

  • SSDEEP

    196608:gQ6myieWM3B2cqTE93ggz59bNltiwG1mAY17qTvXNHGk:g/mzaYcqTE93ggz3bNltiwGUQZl

Score
10/10
jokerandroidevasioninfostealerransomwaretrojan

Malware Config

Extracted

Family

joker

C2

http://careof.oss-ap-northeast-2.aliyuncs.com/journey

https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2

https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

    • Target

      com.smartscreen.mirroring_202_apksos.com.apk

    • Size

      7.7MB

    • MD5

      f20127b70a5179a1595865a824f19a17

    • SHA1

      afa92a89e34ead1d677d3cac0096dd817149434a

    • SHA256

      573dfdb117ca70d04a0a3b4a784f03b095e533c837ed7eae03832a588127642b

    • SHA512

      c7921e97c897f1c5421a586821a24e0192c5ca6ce0d76abd3505c57185959d3290fa4925e0deae0203c060f071dbaeb8d70a09ef5916cbf81167e1102461d2f9

    • SSDEEP

      196608:gQ6myieWM3B2cqTE93ggz59bNltiwG1mAY17qTvXNHGk:g/mzaYcqTE93ggz3bNltiwGUQZl

    Score
    10/10
    jokerevasioninfostealerransomwaretrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks