Overview

overview

10

Static

static

7

Quick Lang....5.apk

android-9-x86

10

Quick Lang....5.apk

android-10-x64

10

Quick Lang....5.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Quick Language Translator_20.1.5.apk

  • Size

    7.8MB

  • Sample

    221222-wvbjqseh66

  • MD5

    174d31edcec73b9f3542c013dbbcc943

  • SHA1

    f21450e9857891a54e282dcfa8a873f46a83f259

  • SHA256

    f78046503859e0c6161808b2e577f0a766447526c7e69168e4644a7116e597ad

  • SHA512

    32ca0eeff1858dcb10305fdbfa3f28fd99d9bfcb402cd483b8ca4e1426b171a408c48dd7d7c9038aae5b91e7dbae7c387261d45abac69255cf9463c8a054cdc0

  • SSDEEP

    196608:tfAr1uJ+KPCBdKc+9YBwX3kq2RSIzM7njKuj/2kGN:t4rkJ+KPCXKc+mBY3kPhM7BOz

Score
10/10
jokerandroidevasioninfostealertrojan

Malware Config

Extracted

Family

joker

C2

http://tightly.oss-ap-southeast-1.aliyuncs.com/fotec

https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2

https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx

Targets

    • Target

      Quick Language Translator_20.1.5.apk

    • Size

      7.8MB

    • MD5

      174d31edcec73b9f3542c013dbbcc943

    • SHA1

      f21450e9857891a54e282dcfa8a873f46a83f259

    • SHA256

      f78046503859e0c6161808b2e577f0a766447526c7e69168e4644a7116e597ad

    • SHA512

      32ca0eeff1858dcb10305fdbfa3f28fd99d9bfcb402cd483b8ca4e1426b171a408c48dd7d7c9038aae5b91e7dbae7c387261d45abac69255cf9463c8a054cdc0

    • SSDEEP

      196608:tfAr1uJ+KPCBdKc+9YBwX3kq2RSIzM7njKuj/2kGN:t4rkJ+KPCXKc+mBY3kPhM7BOz

    Score
    10/10
    jokerevasioninfostealertrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks