Overview

overview

10

Static

static

7

hd_glitter...23.apk

android-9-x86

10

hd_glitter...23.apk

android-10-x64

7

hd_glitter...23.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hd_glitter_hndwallpaper_v2.1.23.apk

  • Size

    12.8MB

  • Sample

    230605-k52ccsff55

  • MD5

    9aa2f6a641ddb2f16b3e68895de0e6e3

  • SHA1

    f7f3b2ae475ce782e22fe9c34310cf703186cf81

  • SHA256

    47c8aee1d37b794ea61e9b9e73ebb31c1b59994b3d3410f8dc10cfcf692f4e62

  • SHA512

    01438da73468bf0f54c4d8ba899dc781110f3bc29864c9673825d3bb4ecb364e5d91d80c32fb0a3cc8c79c43d34604dc225809af2c74d25033c44e92ed23fc66

  • SSDEEP

    393216:9kR47bLz+95hYMCWp9M8mYHFhL+JyE7O0s:9kGnLJMCWLDqT7Ov

Score
10/10
jokerandroidevasioninfostealerransomwaretrojan

Malware Config

Extracted

Family

joker

C2

https://adcbk.oss-eu-central-1.aliyuncs.com/af2

https://adcbk.oss-eu-central-1.aliyuncs.com/fbhx

Targets

    • Target

      hd_glitter_hndwallpaper_v2.1.23.apk

    • Size

      12.8MB

    • MD5

      9aa2f6a641ddb2f16b3e68895de0e6e3

    • SHA1

      f7f3b2ae475ce782e22fe9c34310cf703186cf81

    • SHA256

      47c8aee1d37b794ea61e9b9e73ebb31c1b59994b3d3410f8dc10cfcf692f4e62

    • SHA512

      01438da73468bf0f54c4d8ba899dc781110f3bc29864c9673825d3bb4ecb364e5d91d80c32fb0a3cc8c79c43d34604dc225809af2c74d25033c44e92ed23fc66

    • SSDEEP

      393216:9kR47bLz+95hYMCWp9M8mYHFhL+JyE7O0s:9kGnLJMCWLDqT7Ov

    Score
    10/10
    jokerevasioninfostealerransomwaretrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks