joker | c7c4d6e2c9da66e4706bd7c79a8381cfa1bfa01d25a1bd4fb864686cd8676fa6 | Triage

Sharing

General

Target

Smart Drawing Art_4.2.apk
Size

12.3MB
Sample

221215-sz7wyscg22
MD5

dbdcedec8358973089b04fbed6a06576
SHA1

c41e6b978b10c7b3ade948862b421e8bbed24fcc
SHA256

c7c4d6e2c9da66e4706bd7c79a8381cfa1bfa01d25a1bd4fb864686cd8676fa6
SHA512

e86b3dd104bb609745af99a1b3e828d9f5e891334dd31c98c0db5bb789262fdd8bd4509e65e39ecbd93ba54749b77bb7a1ebdad530eda25fdd6b55d8aba02003
SSDEEP

196608:LIWW83kIvIFYM2x+Yatp/GvrR68GI/0rBATosp/D839t3nTD3JC93Xr3FXO:kW93X8w+YatSolI8rcosBg3z333w373M

Score

10^/10

joker android evasion infostealer trojan

Malware Config

Extracted

Family

joker

C2

http://appear.oss-eu-central-1.aliyuncs.com/medib

https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2

https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

- Target
  
  Smart Drawing Art_4.2.apk
- Size
  
  12.3MB
- MD5
  
  dbdcedec8358973089b04fbed6a06576
- SHA1
  
  c41e6b978b10c7b3ade948862b421e8bbed24fcc
- SHA256
  
  c7c4d6e2c9da66e4706bd7c79a8381cfa1bfa01d25a1bd4fb864686cd8676fa6
- SHA512
  
  e86b3dd104bb609745af99a1b3e828d9f5e891334dd31c98c0db5bb789262fdd8bd4509e65e39ecbd93ba54749b77bb7a1ebdad530eda25fdd6b55d8aba02003
- SSDEEP
  
  196608:LIWW83kIvIFYM2x+Yatp/GvrR68GI/0rBATosp/D839t3nTD3JC93Xr3FXO:kW93X8w+YatSolI8rcosBg3z333w373M
Score

10^/10

joker evasion infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

jokerevasioninfostealertrojan