joker | 7f3384e9c8d066c046e4ae4b9e16e0a63a430b550cf5ef28d8be21342a9f9eb2 | Triage

Sharing

General

Target

HD Screen Mirroring_4.0.1.apk
Size

15.8MB
Sample

230109-qpljvsec87
MD5

02cd6709034839141156a748df63290f
SHA1

8d3f6785ec4e39eba130be3839033c8fc97a1379
SHA256

7f3384e9c8d066c046e4ae4b9e16e0a63a430b550cf5ef28d8be21342a9f9eb2
SHA512

64e03ae05a189aa98061cb2ad9da4376c9eadf1bef02286a687b6bbc10f3cb8f82907efb0f2a9fc58978d73b22a20d120b94a53c9235ec30d8f9b3da05313058
SSDEEP

393216:6WHteo0II8cX8XehHOBMYNg0pO+r+Gt7TTboxag241EcYDL:6WHtL0I3cX7INgy1r7ToIJSBYDL

Score

10^/10

joker android evasion infostealer trojan

Malware Config

Extracted

Family

joker

C2

https://adcbk.oss-eu-central-1.aliyuncs.com/af2

https://adcbk.oss-eu-central-1.aliyuncs.com/fbhx

Targets

- Target
  
  HD Screen Mirroring_4.0.1.apk
- Size
  
  15.8MB
- MD5
  
  02cd6709034839141156a748df63290f
- SHA1
  
  8d3f6785ec4e39eba130be3839033c8fc97a1379
- SHA256
  
  7f3384e9c8d066c046e4ae4b9e16e0a63a430b550cf5ef28d8be21342a9f9eb2
- SHA512
  
  64e03ae05a189aa98061cb2ad9da4376c9eadf1bef02286a687b6bbc10f3cb8f82907efb0f2a9fc58978d73b22a20d120b94a53c9235ec30d8f9b3da05313058
- SSDEEP
  
  393216:6WHteo0II8cX8XehHOBMYNg0pO+r+Gt7TTboxag241EcYDL:6WHtL0I3cX7INgy1r7ToIJSBYDL
Score

10^/10

joker evasion infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

jokerevasioninfostealertrojan