joker | 396cc6b76f154d9cb399edf37d2e7751134a0874df38061a2b1d678a36a9da3f | Triage

Sharing

General

Target

Screen Mirroring Cast_8.023.apk
Size

39.2MB
Sample

230128-m48fdsga8t
MD5

1008b202415baec9d891d61391b589d0
SHA1

c02883a5475abc693adff2ae8d6550002a2394d7
SHA256

396cc6b76f154d9cb399edf37d2e7751134a0874df38061a2b1d678a36a9da3f
SHA512

4e70c04e6d7a8b20d8c2da604990951e5eeefab889939255228db66f75ad777e1b387272343d7db0d6fa9e1629639df2c80e6e00fd8a943e47275c6e930a4678
SSDEEP

786432:qPSvdDNdr2DT8AdJxju2X/RUCMqNay0jzQPj9oH0QlKj+XF37GANmJln:qPSVnr2X7Jxb/RUCMw73PAlKj+17GAUd

Score

10^/10

joker android evasion infostealer trojan

Malware Config

Extracted

Family

joker

C2

https://adcbk.oss-eu-central-1.aliyuncs.com/af2

https://adcbk.oss-eu-central-1.aliyuncs.com/fbhx

Targets

- Target
  
  Screen Mirroring Cast_8.023.apk
- Size
  
  39.2MB
- MD5
  
  1008b202415baec9d891d61391b589d0
- SHA1
  
  c02883a5475abc693adff2ae8d6550002a2394d7
- SHA256
  
  396cc6b76f154d9cb399edf37d2e7751134a0874df38061a2b1d678a36a9da3f
- SHA512
  
  4e70c04e6d7a8b20d8c2da604990951e5eeefab889939255228db66f75ad777e1b387272343d7db0d6fa9e1629639df2c80e6e00fd8a943e47275c6e930a4678
- SSDEEP
  
  786432:qPSvdDNdr2DT8AdJxju2X/RUCMqNay0jzQPj9oH0QlKj+XF37GANmJln:qPSVnr2X7Jxb/RUCMw73PAlKj+17GAUd
Score

10^/10

joker infostealer trojan evasion
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

jokerinfostealertrojan

behavioral2

behavioral3

jokerevasioninfostealertrojan