joker | f8e2f404df8bb8129143eda2bb244f6fa5dc50077bedd1469cd68b5c498b520f | Triage

Submit
Reports

Overview

overview

Static

static

7

Camera Voi....0.apk

android-10-x64

7

Camera Voi....0.apk

android-11-x64

7

Camera Voi....0.apk

android-9-x86

Sharing

General

Target

Camera Voice Translatorr_2.0.apk
Size

10.1MB
Sample

221219-rwzwhafc36
MD5

1c78f60730eb447e050ab95084638f81
SHA1

6f7f3abc83523968cb6282556d4d28193ae58baf
SHA256

f8e2f404df8bb8129143eda2bb244f6fa5dc50077bedd1469cd68b5c498b520f
SHA512

57516e1e7035ab0b0be4a294cfcc6e8fdca43a2518289fd3dfc8e49c9d723fb5bd3787b4e03bb618c3989b089ec51b0b8526df600538bc445f01f1ac1e297897
SSDEEP

196608:gMIpCR8PAYmJLxA6MIB2xVZ1H8WZygzbUHWbV73CE8qGR64y:gM4CUAbeXIBu1Hlb3bJ3CCJ

Score

10^/10

joker android evasion infostealer ransomware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Camera Voice Translatorr_2.0.apk

Resource

android-x64-20220823-en

evasion ransomware

android-10-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Camera Voice Translatorr_2.0.apk

Resource

android-x64-arm64-20220823-en

android-11-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

Camera Voice Translatorr_2.0.apk

Resource

android-x86-arm-20220823-en

joker evasion infostealer ransomware trojan

android-9-x86

7 signatures

150 seconds

Malware Config

Extracted

Family

joker

C2

https://kbnt.oss-ap-southeast-1.aliyuncs.com/af2

https://kbnt.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

- Target
  
  Camera Voice Translatorr_2.0.apk
- Size
  
  10.1MB
- MD5
  
  1c78f60730eb447e050ab95084638f81
- SHA1
  
  6f7f3abc83523968cb6282556d4d28193ae58baf
- SHA256
  
  f8e2f404df8bb8129143eda2bb244f6fa5dc50077bedd1469cd68b5c498b520f
- SHA512
  
  57516e1e7035ab0b0be4a294cfcc6e8fdca43a2518289fd3dfc8e49c9d723fb5bd3787b4e03bb618c3989b089ec51b0b8526df600538bc445f01f1ac1e297897
- SSDEEP
  
  196608:gMIpCR8PAYmJLxA6MIB2xVZ1H8WZygzbUHWbV73CE8qGR64y:gM4CUAbeXIBu1Hlb3bJ3CCJ
Score

10^/10

evasion ransomware joker infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Acquires the wake lock.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionransomware

behavioral2

behavioral3

jokerevasioninfostealerransomwaretrojan

© 2018-2025

Terms | Privacy