joker | 3c7eec55d83a346b4f5f3f25dd9a56f5504a404f165db3fe4cb9717c7a166886

Analysis

max time kernel
1823376s
max time network
136s
platform
android_x64
resource
android-x64-arm64-20230621-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230621-enlocale:en-usos:android-11-x64system
submitted
19-07-2023 05:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4K HD Wallpaper_3.8.apk
Size

5.7MB
MD5

c49f0aee218a72e7c3ec739b289cdfc1
SHA1

affc5b85e9f4207e3fc7b9f4e0efc673036a80bc
SHA256

3c7eec55d83a346b4f5f3f25dd9a56f5504a404f165db3fe4cb9717c7a166886
SHA512

e28fff6b372f2f17ae47393784a51656f70377122f1c8dda24a1ab1a8a0db51bd4ef4321cf36da86dd7e590b60f0d435b6408e35b68036031ea505b19af63b27
SSDEEP

98304:IL5PZO+uOdbQ2mTGtdlhygelQSDUvIe/EFYiztk9sY+r8htKvfDEGgQA5grh2Zr4:6QzkVmTGlZSYQe/YJ2WYO8hkvfDEGgQp

Score

10^/10

joker infostealer trojan

Malware Config

Extracted

Family

joker

https://adcbk.oss-eu-central-1.aliyuncs.com/af2

Signatures

joker
Joker is an Android malware that targets billing and SMS fraud.
infostealer trojan joker

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.wallme.k4hdwallppaer/[email protected]	4412	com.wallme.k4hdwallppaer
/data/user/0/com.wallme.k4hdwallppaer/files/deerlet	4412	com.wallme.k4hdwallppaer
/data/user/0/com.wallme.k4hdwallppaer/files/goosds	4412	com.wallme.k4hdwallppaer

Reads information about phone network operator.

com.wallme.k4hdwallppaer
1⤵
- Loads dropped Dex/Jar
PID:4412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.wallme.k4hdwallppaer/[email protected]

Filesize
5KB

MD5
e689c366adffcac2cbefa7018ae68361

SHA1
c8e6bb97ad58776e48064d55fd0e5f483c8c8834

SHA256
655a01e7caa0be4e139e4738a2bee6c31ee92c4396ee2728f194ab8114a137f3

SHA512
68ce779c7415da311ee17b7f7b4ec8b8e44029bc2b59a243bfe8d43f7c295f4610fa72b979a53f0746f61844eb9afb60ab7b8c48c737289574c8a6955878780b

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/app_webview/Default/Web Data

Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/app_webview/Default/Web Data-journal

Filesize
2KB

MD5
c8aec8979576c883f87fa0b197524aae

SHA1
5dd0f886a96d96a473d91875d536f278afbb3b03

SHA256
3367304c5b6310e7b54d495c329226c100eb70db21bb20e490b2e5225a0e1ca1

SHA512
4782254895b031d86b98d4a800da6f55d7b1433bebc7a573b6ea9cda43353197430935e030d4980f28409be7afe6c1ef2a38d990950b3599573c635869fb996b

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/app_webview/webview_data.lock

Filesize
30B

MD5
806eb09a1f42371e9d94f45bfd8dffb1

SHA1
aa213d1dd8b5ed6f13ed08f721d0e697e906af53

SHA256
4dfad0d2e5d8cda76e6072197e4b4188c2e75c8d77e72704af0140c6c264d099

SHA512
fb24060944e1922241b5117cf954473e0e9db0ca3f72eb044d3f0230216b149b9b497b8ece57f1343335eecedbba66b64c4d301db74b266092e808dfcd1ed43c

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
9738b8cf37392014e68e655009deac70

SHA1
062bf772fbc1acdd6398463e5f17dc351c03d62a

SHA256
8074492b0abd4b62cb11256f0db636c6a88a4383dc1d526271e62d491a92b5e7

SHA512
a4cf59bf770db19ca2d341998b41f5ab519964b1728c0ff76c78cfb96bffb49549bc4ff15dde59f32a0302ea62a5cf27d48e7b910272fc2e082487f3f1cd73a6

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/WebView/Default/HTTP Cache/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
1b8d6a77d80e94d1601e3aece31167e0

SHA1
653b6f1bd89a35effe7ab36711aba6b900355bf6

SHA256
2fc74cf0065f68ef9bd336d69fdf3fd8abca83098cdd660139d64bbe4763f4ae

SHA512
801afa050d9cd64506aeac1e7c69276c67ffd2df767381b52b0fc54ea8e0baa2f9ae2904181ccb8bcda5590c926ee4d266f4ff2c7c54f55ed65532b9b9150313

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

Filesize
96B

MD5
1b8d6a77d80e94d1601e3aece31167e0

SHA1
653b6f1bd89a35effe7ab36711aba6b900355bf6

SHA256
2fc74cf0065f68ef9bd336d69fdf3fd8abca83098cdd660139d64bbe4763f4ae

SHA512
801afa050d9cd64506aeac1e7c69276c67ffd2df767381b52b0fc54ea8e0baa2f9ae2904181ccb8bcda5590c926ee4d266f4ff2c7c54f55ed65532b9b9150313

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/WebView/font_unique_name_table.pb

Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_block_list.dp

Filesize
64KB

MD5
1deadae9f736c18943b04a904036bc9a

SHA1
f3f7fcb04efd25f025645e6f41bf127fb01c5a57

SHA256
d71385a8a0f16f7c6fd72010cebeb1b410b23dc303d76669b69b82347e0ad7aa

SHA512
7fa2e6fb922fb30754a1a1e734ebddfdcb1e3033bfa2aa2e02ab1fc2d4148ceabc4e80bb8ee9bdb79f3f74db82d7f165e1426821002fc01bfe8f0202f0c34eeb

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_block_list.dp-journal

Filesize
1KB

MD5
c3ea3cb2e98b81b79953b2f17d834b6e

SHA1
d26182fe880259af50eff6c740f342ff91519bac

SHA256
a8d1cf4e5f6ae2b1d98ed4c8164c74854c37f5d0ce3211f1f9b497c03f2d1f34

SHA512
5769707c438f5fad108b86a0146b330baffacca1083fb4b450cdafc4ad02f59eab6f260abfb55695e4a4a156450ca83213955e8723cd8c10d91a9d479215f72b

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_info_list.dp

Filesize
64KB

MD5
5bb65e628af922bc5c8e00deed0f31ed

SHA1
165c397cca0cf3d104a1b25929d526c25f4e39b7

SHA256
f248bfc4ca9636f402805cdd3e8367f980e09700474edbbdbb45cb9f52fb2177

SHA512
b2d86a8981783807740a3f20b2b22b7f514c49a847642de628479dc58dc3fff1d5ee1e9227f8424006b6e6d95a6dcbdbc064a5b4dadf72ee62f25c8c6df76072

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_info_list.dp-journal

Filesize
1KB

MD5
87830e804922c428883b46deb5d3e934

SHA1
10ad986dcaf4d6d095260d6cfad9b4b17e995970

SHA256
f3993d422f021f8d9b65baf58ee95384901411fdb0234363495cf5aa09b21289

SHA512
672cd0bebc3158e3bd14dce9ee3054c6c77471a50d780b14bb4771208fb27094b0098394ad6b4d31544399e393cdfa4e3834ec576f1ee5ebe8762f1f297d47cd

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/deerlet

Filesize
4KB

MD5
946130377f5566e87e15749369abad5c

SHA1
fa27076c630e44471044f39b46404ade544737b6

SHA256
339b7898ba9e6c211e5f6b6f2bd3b393645727e104a4e4a08bd8a718a903b2fa

SHA512
b6d88aadb8dbf4d6b5835b8d371fd6c350e4fb2a47ae5cb84179479ebb9a829187041b06c9c07d763f2acc1ad7f8b0fd7639054185c5536eedb222cc1accbf4a

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/deerlet

Filesize
6KB

MD5
144a16e8fb3b58047fd51bbb07632175

SHA1
27b47a7a125b86496bd5230afbafece8df42c534

SHA256
f48f52d298435523e82ac3063ed06fc05dde1cce8038567ccb78c439f5474b9e

SHA512
9e163ee816976f447979216f27ad38d8a172861799be6bc893ba489417a09f6f8968b924bb79070868ebc326933a63491aea6969ceda027fc704cd88bee6033e

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_activate.json

Filesize
239B

MD5
8e8244f374b2fc929b6419466b36170e

SHA1
35f2a46468d91100fe5c9813ae1fa9d7c1ba66df

SHA256
7b214b8f6e9c626c0ebfe3311b56b0fb04fc8462e0befe1f1f11e3bf53bb548f

SHA512
5e3db8618cd0b84e675a4b967a937759f7e9fa788902dcbfad0c419af1fcd9f2364fd8483efe51b8db91a335d38bac70a87b7da022fe14b965afec9002286ceb

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_fetch.json

Filesize
239B

MD5
8e8244f374b2fc929b6419466b36170e

SHA1
35f2a46468d91100fe5c9813ae1fa9d7c1ba66df

SHA256
7b214b8f6e9c626c0ebfe3311b56b0fb04fc8462e0befe1f1f11e3bf53bb548f

SHA512
5e3db8618cd0b84e675a4b967a937759f7e9fa788902dcbfad0c419af1fcd9f2364fd8483efe51b8db91a335d38bac70a87b7da022fe14b965afec9002286ceb

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/goosds

Filesize
32KB

MD5
fd93701cc6b335378bfec52508faa731

SHA1
9d47ff02913e0f12339aeb7c8d897c02febaed38

SHA256
5318f3f3f5ebeec8d782da558e66fa3ab3e654273925594a284533a19409b35d

SHA512
5464d74b9b8810ca1618bcf612a24fee98659902f97399014cf824995450b8ac4e4cb1866955695cbc0eb05b610865ea34e85003b39689b919dcd7b2c77c0817

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/goosds

Filesize
68KB

MD5
a19e2575d95dcd0749fcbf5b2dcbc3a6

SHA1
bbd93c14a8d14c0c63aca3aad3917473ec0565ee

SHA256
11f5b0edc5519c4ff70005fc721089fb595203e48cf9cdb2bd909f051db98f01

SHA512
f2a50f9f82b8dc50906be5b57f83e7508ec509a298b24e1254c026e55a2b498d605f91463916f9cce9820a2425ba1da68d00a3472159eb18585dc54f5ce08fab

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
811795d0e7a23b3d1662afeb8ad88c6b

SHA1
f4e67c9d55a15936a143033c1dcb6e6824a77b1a

SHA256
1392bf50f07a64578108e4bced4840e700d46c71937f938522f8d05bf034d1b8

SHA512
3317c9645790b0a25d8d7cf340fb2c6ecf4431fc9d1e7d5b43a12ee4053cd3d9ac30cc0d7f6d42f096ad67aecf29887c0850018fb60afbd9e215f2194d01527c

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb

Filesize
8KB

MD5
e579a6b00eef1318f9166352228eba18

SHA1
76988896854f0139083e77862eea1a4846cf039f

SHA256
4b34cf505050facf47aa7936e4e7667e1969105665c632b3eefe7ecddf9a6935

SHA512
c47632e957d87727bf6504a82ca7a44d8da24d30cd997a0f449a96e4f97c656a1b4d9da3fcd827e2a48c59677688da0b872358ebd0f9369d898d1b8ec18d5699

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb-journal

Filesize
1KB

MD5
b019e77ec764dff1235296313092a922

SHA1
f8da96774e9a418c8a681408afce5215584e4d7d

SHA256
dda40e59437c740e9b5456bb16e97ef5a4a8c9b7d80550f26575e6dffb1c916c

SHA512
2285461da766898e7a5cda4fa24949daa1c0284da8c6ec232fc1927904bd287ccce6ffc8952257a04ec1234de8235d772334d77b6ad5a8a464f0cddc3703fb80

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb-shm

Filesize
16B

MD5
4ae71336e44bf9bf79d2752e234818a5

SHA1
e129f27c5103bc5cc44bcdf0a15e160d445066ff

SHA256
374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

SHA512
0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb-wal

Filesize
217KB

MD5
33ea6c8eecce82b276cc2453e0d8b4c2

SHA1
77bda459c789322d1ba4d505c12bf5ba99d18532

SHA256
ab13924cf50fcb7ee201a178b3242df58ea44b6396be91d2a3def2fdaa7f090e

SHA512
92674429f68f26c49b627e27d336dc5ef60221f3f18157433fa8cdfcfd4db6d592cb0c425dbba6049081be702d9ea53ccca03cd511eac66ca2601540cd298ccb

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/oat/x86_64/[email protected]

Filesize
416B

MD5
bfa5a8bdd89602abf6baeaa6c5cb44be

SHA1
4e94148250404504ab415ae38b667b524fa201e5

SHA256
aeaa6f04dfae25b7653c6cd936505ab3c253f803831c13943212ebce3b18fc8e

SHA512
586d8196f310952f70771d5d7830a172147eedbd6ae19a97532faf39ecd8ef1473b1e0f8e93e9d28ec95d5a92ce2c7e5aadc8555df49889fd0b6d2a53a11d035

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc2MzUzOTUwMDc3OmFuZHJvaWQ6OTdlZTM3ZDhhYTM4Y2QwZGVhYWMxNA.xml

Filesize
472B

MD5
aaab90ef1a8f2ac03f7adc3621ded29e

SHA1
2f3f3e35d7c67ac2d248accd8c57fd4112b30afc

SHA256
fa691a53b1c5f778e46deee2c8bc3d23a1a2ffd2928120eb8c0d262cbac9690c

SHA512
56f23cfc1c52449d1e1d3090ae2298a67be83ec720457e9aeb882c52a4cfbdfb2cb942e3cb87c8cbfe4a7b858f601742c06b0c558242750527690011b2dc2af5

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc2MzUzOTUwMDc3OmFuZHJvaWQ6OTdlZTM3ZDhhYTM4Y2QwZGVhYWMxNA.xml

Filesize
526B

MD5
60b5182705a8b01733c7bf4d8c89a5b4

SHA1
a93db33ac93b2513279e0197a92c45eca2aafda4

SHA256
207461da905f739d22078e8d0ab96495ab61ea9c460545464aad26961451e860

SHA512
edd7b9da73014b210f8249153c8fbfe034c620e8fa2bcd8bc8bd893fe7b940f463022626eb0d87da8637f31815458af4892a48f3309dbc2dc34d61e46b6cb0a4

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_settings.xml

Filesize
317B

MD5
57112e70f2e02c12591ceafb0387c384

SHA1
56c029b8dd9f5c36c8f5034ab3600422ad6efb59

SHA256
0510cd9fb1643012c751caa10c1cf7e7d1a0633c45b8a80b84937aefaeae6f91

SHA512
74e1c0a0ad654dfe64af077a9cafba98745d08bf133053b149b84772d0335dedf80ae45f38e1b3431ccc31d6d8f8aeabde0b0f45011bce1a1685adc3859a0bb2

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_settings.xml

Filesize
681B

MD5
fa490f47d56ae1087e6107e0218f62d2

SHA1
f4ccd399b9f14b221712c0460b519e7607453ac1

SHA256
4f6816c53fc9a321c864819b651cce679c8ebe316c02a5dbebafc1e6b704935d

SHA512
0cfd00c2cb8b555b4d73de264dda019e70c4117e38853c19863cb7b981f2320b52a28af61049962b52f95685c30116003b6d3dc2a747fff025bcc1282ffad994

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_settings.xml

Filesize
681B

MD5
30db2846ede941a21e29fd488e97c82c

SHA1
3e2229d39c0962d42077f7797d110bd6abcc119b

SHA256
cbb94ed7aa0a2b63a8672a1859485e7a01417bfec5468e7a6ff2ab26b330a617

SHA512
bcd8e5fca383b64e0cf32422d60e9cbde671b8d37cdc10f8a404308ff601f1521b134cd050e04e41638282d5bf6579ae8b622710e39e4443238976f45fb19e0d

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_settings.xml

Filesize
193B

MD5
17a804dcf8eb456240143efc82406c6d

SHA1
c6b6ce477b586e53ca3463a7aeb5dad18c0b0e38

SHA256
96c82ce1e484fdae91bae3ec2de61f1d4c15790f113d1c31d93f1e1e06eed9fe

SHA512
78a4627e7131e6d938a96995edc7b3d65c7d6bd53cb88d5bb662b6fbd86397bf90e98cfba0c420e8257b2efbf99afd95e279107b2c5098d47f18aaf861555023

Download Submit

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads