joker | 3c7eec55d83a346b4f5f3f25dd9a56f5504a404f165db3fe4cb9717c7a166886

Analysis

max time kernel
1925615s
max time network
111s
platform
android_x64
resource
android-x64-20230621-en
resource tags

androidarch:x64arch:x86image:android-x64-20230621-enlocale:en-usos:android-10-x64system
submitted
20-07-2023 10:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3c7eec55d83a346b4f5f3f25dd9a56f5504a404f165db3fe4cb9717c7a166886.apk
Size

5.7MB
MD5

c49f0aee218a72e7c3ec739b289cdfc1
SHA1

affc5b85e9f4207e3fc7b9f4e0efc673036a80bc
SHA256

3c7eec55d83a346b4f5f3f25dd9a56f5504a404f165db3fe4cb9717c7a166886
SHA512

e28fff6b372f2f17ae47393784a51656f70377122f1c8dda24a1ab1a8a0db51bd4ef4321cf36da86dd7e590b60f0d435b6408e35b68036031ea505b19af63b27
SSDEEP

98304:IL5PZO+uOdbQ2mTGtdlhygelQSDUvIe/EFYiztk9sY+r8htKvfDEGgQA5grh2Zr4:6QzkVmTGlZSYQe/YJ2WYO8hkvfDEGgQp

Score

10^/10

joker infostealer trojan

Malware Config

Extracted

Family

joker

https://adcbk.oss-eu-central-1.aliyuncs.com/af2

Signatures

joker
Joker is an Android malware that targets billing and SMS fraud.
infostealer trojan joker

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.wallme.k4hdwallppaer/[email protected]	4939	com.wallme.k4hdwallppaer
/data/user/0/com.wallme.k4hdwallppaer/files/deerlet	4939	com.wallme.k4hdwallppaer
/data/user/0/com.wallme.k4hdwallppaer/files/goosds	4939	com.wallme.k4hdwallppaer

Reads information about phone network operator.

com.wallme.k4hdwallppaer
1⤵
- Loads dropped Dex/Jar
PID:4939

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.wallme.k4hdwallppaer/[email protected]

Filesize
5KB

MD5
e689c366adffcac2cbefa7018ae68361

SHA1
c8e6bb97ad58776e48064d55fd0e5f483c8c8834

SHA256
655a01e7caa0be4e139e4738a2bee6c31ee92c4396ee2728f194ab8114a137f3

SHA512
68ce779c7415da311ee17b7f7b4ec8b8e44029bc2b59a243bfe8d43f7c295f4610fa72b979a53f0746f61844eb9afb60ab7b8c48c737289574c8a6955878780b

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/app_webview/Web Data

Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/app_webview/Web Data-journal

Filesize
1KB

MD5
6442270305820cec20df114879f40a37

SHA1
03927832c7c6721315236ce1803c78908812bb1a

SHA256
c0c96f1b60e0176f90cc7eecccfd34494a2dd4bbc6f3e974e291a46210213e18

SHA512
2f658e810e6448bb9cd78016af4898343cae98f7ba2e590f3a92215ea2cb8c93234be088dac2b091dc37a75af0702c35e1e1a98ca038d8150f88419cd04a43fe

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/app_webview/metrics_guid

Filesize
36B

MD5
857c0448081afb84d3019fcc6d0d6b58

SHA1
a87904b509fc737dd0a3c86f555afacae8b85853

SHA256
afa63e9942b3e66c42df8f9b6344c9c2e8e4f8ff1315b8971f5cb5203e5159bd

SHA512
1c009ce7fa3f419a064e6d056ab58367ef6128196e26e3bc989039ff669a3bdb61ce1c81b6d2e1f0afb29751de4c69c8a6f20a1b3fc8cde241b2a8553791f128

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
6fd6229b4be34215ae54e4c9e8de579c

SHA1
dcc092fb4e9398239542e5335096e1de4ab5dee0

SHA256
5cb4c882215d3f7922bc0a4b90288ae60f40c5cfdd4a81838c8ebf17e329e2e3

SHA512
df6f43d0e51a678f6bb124ba1a03db7162b9283b4cc9f725f2fd84ebe60a09f24c780f73efb204b5617bc64128b565f3e68709d50f3313c68b2bbf4d1fb18f2c

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/org.chromium.android_webview/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
7d2cb7fd28d9fc95edc754c758276ddc

SHA1
39db3cd7cc048f3494f65ac7a1d4b40cdf5f0f24

SHA256
c9e30e18db024cb11aa77f65dbf3e4335bdf50822e5adef80c4219c7cccd1135

SHA512
d1f528fab708c8ed142398f61a9a3e127fbf995e48daf9c9b71f5facbe6c1fdab52ab059c5846fe0283d176a7ab8253d2ebd42d8436ce34818886635d8f49734

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_block_list.dp

Filesize
64KB

MD5
f5439c087040f33c40542174f5f38d1a

SHA1
bcb1e7b36e0e6eaddaf5ea82dc97d612e6c5db14

SHA256
dce678390e9292e2375f0f2c5cdefb31316ea00f66cf9bbbd4d46d78329386d9

SHA512
cd6f7d3940a96e0608776d78e76aa3f146eadedb86564857318223cd80ba7b9291f204cac3901919f8c1762edcd645eafe733820921e39d051e787364234e706

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_block_list.dp-journal

Filesize
1KB

MD5
fd77745fc75e7abc2f55e467236c14ac

SHA1
75a7512c6f2f3e9ec706f42144549e3456685c48

SHA256
6dd971db9c67598e382e8e24848db35cc990f80fecdc65c00561e388de799949

SHA512
dbf7bf92a67893b98f42ef80acd0339cf0d2ec5a3bc163252f847e78d1fa175fd446eda2c8a6a4e372949f87059ecbe19956736f63b4b6ef50d6ad0942b92fa8

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_info_list.dp

Filesize
64KB

MD5
7c30f32c056603ac0b67bcc6c92fc513

SHA1
802903399663548467768b946feba495e28dffba

SHA256
c670a954c8f2f23b313549489cf9f82c2ac125bc82e46ae836a6180923caef68

SHA512
98e64c1eb2a30d4eb1a15d1df1348aa07236e371e3e2d786964bc6c306145e472838e907cd39089e5705b89c3941c2076ecdee4fbbb67e0808d8a14d5858291b

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/databases/image_info_list.dp-journal

Filesize
1KB

MD5
c59c96cc2e1ec9cfd6ed5ca20f183acb

SHA1
c5076b431c44e211dc5a38565c6b58b045d30f50

SHA256
3fb0197dfa22ba86944ff2dbe0278273b0555758321b3fe67463b67ddd9ddf47

SHA512
c3adce40e9e54cb642c9dbc5b92e9ad69bde2e16687ab84250141659e7e63956363e63c028f8980401f03e4bdcc6d31c4ecf2ff6147febfb389a3e9d67f31150

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/deerlet

Filesize
4KB

MD5
946130377f5566e87e15749369abad5c

SHA1
fa27076c630e44471044f39b46404ade544737b6

SHA256
339b7898ba9e6c211e5f6b6f2bd3b393645727e104a4e4a08bd8a718a903b2fa

SHA512
b6d88aadb8dbf4d6b5835b8d371fd6c350e4fb2a47ae5cb84179479ebb9a829187041b06c9c07d763f2acc1ad7f8b0fd7639054185c5536eedb222cc1accbf4a

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/deerlet

Filesize
6KB

MD5
144a16e8fb3b58047fd51bbb07632175

SHA1
27b47a7a125b86496bd5230afbafece8df42c534

SHA256
f48f52d298435523e82ac3063ed06fc05dde1cce8038567ccb78c439f5474b9e

SHA512
9e163ee816976f447979216f27ad38d8a172861799be6bc893ba489417a09f6f8968b924bb79070868ebc326933a63491aea6969ceda027fc704cd88bee6033e

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_activate.json

Filesize
239B

MD5
5b80f5e9144fe8343ea5f582f7cf7c56

SHA1
3c47e93797781bc7dab4dd17d99b32623de1acfb

SHA256
fbda0aa15ceb48b8410982426dfd4690e3372b3ba1fc1e7bb0c1b1280211fdc8

SHA512
b6b85b2f42017c673330190868af7fd3e399630be1dc508988499c01702a526bdb279c1bc8a19bab02409e438a1c408d44439c020cca861f86f52f745e08292e

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_fetch.json

Filesize
239B

MD5
5b80f5e9144fe8343ea5f582f7cf7c56

SHA1
3c47e93797781bc7dab4dd17d99b32623de1acfb

SHA256
fbda0aa15ceb48b8410982426dfd4690e3372b3ba1fc1e7bb0c1b1280211fdc8

SHA512
b6b85b2f42017c673330190868af7fd3e399630be1dc508988499c01702a526bdb279c1bc8a19bab02409e438a1c408d44439c020cca861f86f52f745e08292e

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/goosds

Filesize
32KB

MD5
fd93701cc6b335378bfec52508faa731

SHA1
9d47ff02913e0f12339aeb7c8d897c02febaed38

SHA256
5318f3f3f5ebeec8d782da558e66fa3ab3e654273925594a284533a19409b35d

SHA512
5464d74b9b8810ca1618bcf612a24fee98659902f97399014cf824995450b8ac4e4cb1866955695cbc0eb05b610865ea34e85003b39689b919dcd7b2c77c0817

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/goosds

Filesize
68KB

MD5
a19e2575d95dcd0749fcbf5b2dcbc3a6

SHA1
bbd93c14a8d14c0c63aca3aad3917473ec0565ee

SHA256
11f5b0edc5519c4ff70005fc721089fb595203e48cf9cdb2bd909f051db98f01

SHA512
f2a50f9f82b8dc50906be5b57f83e7508ec509a298b24e1254c026e55a2b498d605f91463916f9cce9820a2425ba1da68d00a3472159eb18585dc54f5ce08fab

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
ae418844fa50895fd1d8a63c41b7109a

SHA1
71eef64e11c7c1c70e6a1621cb79b6c47daa2b76

SHA256
55d7a85ae353bff5e69cb07360f44e6ab600f984043d1ba9e9d99631f6d2defa

SHA512
88846cf9b79c0dc02e195c448407735d69c41b2446b2165fc4973ffdffd297ffda733c48b72cb781afb21ec4dc73a67f1045f242bd6e0912296527571cfdc3b5

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb

Filesize
8KB

MD5
b6ca8b30661a7844ed292db75a29a953

SHA1
8e0d397ab1f2ced1f143829084c3f53333743bdd

SHA256
63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb

SHA512
d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb-journal

Filesize
1KB

MD5
ca6b8fb890db64a2ba575dc1f5cff77b

SHA1
0abc9b0ebd5f3f0efaf17bb2799c3b8e40dc4d4e

SHA256
5301a8d9ff07a27f9a1d02c68da3b28b3749d8d4146ba20bc1ac58e4c5af8932

SHA512
91bbac0b7effeabc0210eee18ed3bf82d7c1d2ca9d74a588f70c70d880155b2c19b034061edbcaf80ed42ecc966a7399614512df16263d86ebb438d5e6b85f6c

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb-shm

Filesize
16B

MD5
4ae71336e44bf9bf79d2752e234818a5

SHA1
e129f27c5103bc5cc44bcdf0a15e160d445066ff

SHA256
374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

SHA512
0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/no_backup/androidx.work.workdb-wal

Filesize
217KB

MD5
e2f399c1a5a410b3975dae862f23abca

SHA1
2247f0fb20a8312ec9745ac937fd75228bf61218

SHA256
9d5c104a9d18ea4268af5b23b7607a3b1a9d8f1c96e4df39c230ca659a890388

SHA512
324bba3f5cb641a78911799a204b0c363c2500a53f57c053708915fdba73efe6764ecbb5792c94838ff33d73f48a0f8b4df3a16b465118cfff7934aa368461e1

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/oat/x86_64/[email protected]

Filesize
165B

MD5
c9394d66d986ac97aee9950e75ad0956

SHA1
f68d190170f490fc4e22105a2bd307d2725e9c8e

SHA256
2e94d0030d6648df940e9d541e8a7cfe336f9a4ac91925a9364390e523f217ad

SHA512
65913176d0ae7567cf3da0a8642e7c1abffe951b8a22cb04a4334f3ac6e0cbf6b9dd9f9113bc8191a5aa5531bb192c60c1e4bd87825e86d4c40c4b36d303e89f

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc2MzUzOTUwMDc3OmFuZHJvaWQ6OTdlZTM3ZDhhYTM4Y2QwZGVhYWMxNA.xml

Filesize
472B

MD5
f154367c9e7dfa328f2b676b9a75b730

SHA1
aac5dbbb322145c295a876001bda53c3680a561a

SHA256
06db9c1fa456804f10643b727a202e22f2e3083d1d2d5beb2ef272a0fa345c0c

SHA512
a9b3dc11a6b92212c9b831d02485a8916adf35aa12aeace4320070a45cf585269d29af3e3953a570207477b661e9a55de8f80d4b121c015305e1c01c0681edf1

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc2MzUzOTUwMDc3OmFuZHJvaWQ6OTdlZTM3ZDhhYTM4Y2QwZGVhYWMxNA.xml

Filesize
526B

MD5
f506a9b35cd130e7d3984dc7276b7e57

SHA1
a0881254c5d30c683bf6148d2626350708539913

SHA256
0df4aa64ee5850a5738ee0db414e5d5b64b73bc8280a5ec6c8d73ec836420a9f

SHA512
cc31c62263bb01b5dd60bc52f2098a08a5b0c04fb28e45f1b9df54b6868848ca4151f8faf3abf4b2ece02f2cca0bd8b88c3d2a0c6f2c78e469fbbe570625620a

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_settings.xml

Filesize
317B

MD5
57112e70f2e02c12591ceafb0387c384

SHA1
56c029b8dd9f5c36c8f5034ab3600422ad6efb59

SHA256
0510cd9fb1643012c751caa10c1cf7e7d1a0633c45b8a80b84937aefaeae6f91

SHA512
74e1c0a0ad654dfe64af077a9cafba98745d08bf133053b149b84772d0335dedf80ae45f38e1b3431ccc31d6d8f8aeabde0b0f45011bce1a1685adc3859a0bb2

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_settings.xml

Filesize
681B

MD5
16b3e6d5350322a650b4a371d8da0168

SHA1
920db98f95442d7bfaa42c4b56c873991ca8578c

SHA256
08781c5b19f3d74c2d59c3ce12778234b6f687a7fd50145942a05dff7642012b

SHA512
0e00eb8dea64a7524430e41d00975a8a5fb8082cf59f0137c9569fa96f9be20628729615491e7562bf17f5f29ab9f7b65f5fe928941726b118492fd452a39a1f

Download Submit
/data/user/0/com.wallme.k4hdwallppaer/shared_prefs/frc_1:1076353950077:android:97ee37d8aa38cd0deaac14_firebase_settings.xml

Filesize
193B

MD5
17a804dcf8eb456240143efc82406c6d

SHA1
c6b6ce477b586e53ca3463a7aeb5dad18c0b0e38

SHA256
96c82ce1e484fdae91bae3ec2de61f1d4c15790f113d1c31d93f1e1e06eed9fe

SHA512
78a4627e7131e6d938a96995edc7b3d65c7d6bd53cb88d5bb662b6fbd86397bf90e98cfba0c420e8257b2efbf99afd95e279107b2c5098d47f18aaf861555023

Download Submit

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads