joker | 7b0469e1a88bee39676c1c1668ea0c52403cc5eb452072a5444a620f31d35dcd | Triage

Sharing

General

Target

7b0469e1a88bee39676c1c1668ea0c52403cc5eb452072a5444a620f31d35dcd_JC.apk
Size

2.3MB
Sample

230821-xp69wsfd78
MD5

5db24d0fb57c1ba9dfb01b8ac48fd4d9
SHA1

b700922ab5b4fb5e71a75baf3ad5036238855107
SHA256

7b0469e1a88bee39676c1c1668ea0c52403cc5eb452072a5444a620f31d35dcd
SHA512

6258338f093579e2245d78e17f538f49d86d3b3b8861efa484b85aa06414e335ae8a78d226fd715ac0129307d5d6672b27f2a7f963a5bdaca180bc83ed4b2808
SSDEEP

24576:fU9aYqMZPOTBSFy/KcU/MtsSxU7169dkB5Crtoe+tpziFEc87LgQD4Ys:pUOMFyScU/T1M9K5Ca/mxqLgQDTs

Score

10^/10

joker android infostealer trojan

Malware Config

Extracted

Family

joker

C2

https://doomed.oss-ap-southeast-3.aliyuncs.com/socamera

https://doomed.oss-ap-southeast-3.aliyuncs.com/fuion

Targets

- Target
  
  7b0469e1a88bee39676c1c1668ea0c52403cc5eb452072a5444a620f31d35dcd_JC.apk
- Size
  
  2.3MB
- MD5
  
  5db24d0fb57c1ba9dfb01b8ac48fd4d9
- SHA1
  
  b700922ab5b4fb5e71a75baf3ad5036238855107
- SHA256
  
  7b0469e1a88bee39676c1c1668ea0c52403cc5eb452072a5444a620f31d35dcd
- SHA512
  
  6258338f093579e2245d78e17f538f49d86d3b3b8861efa484b85aa06414e335ae8a78d226fd715ac0129307d5d6672b27f2a7f963a5bdaca180bc83ed4b2808
- SSDEEP
  
  24576:fU9aYqMZPOTBSFy/KcU/MtsSxU7169dkB5Crtoe+tpziFEc87LgQD4Ys:pUOMFyScU/T1M9K5Ca/mxqLgQDTs
Score

10^/10

joker infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3
- Target
  
  about.html
- Size
  
  5KB
- MD5
  
  1d7bc3b473dc3eab323b3dd35974caa7
- SHA1
  
  c595384979d507a0e27bf1a961ada80161b525d7
- SHA256
  
  2b53364b06675f1012c0a2283949862ba18d4c654b63aaecbc77a8256a63ebc9
- SHA512
  
  9f98dcf0ab851a9d0d2db93a632da579c069aec1e97a850bb6268eb84e94cbd4b06c6bff7cdd7ebc14fb33a4f88bd1b74438108e244269b5ee017d47c804dddd
- SSDEEP
  
  96:GQW6Z9X9YFoHIt08ocdJ65u33fusbrKTwBEBxZkQHQbMNM:xW6Z9muWTol2PH/MGqcQHQgNM
Score

1^/10
behavioral4 behavioral5
- Target
  
  gpl_v3.html
- Size
  
  36KB
- MD5
  
  5e6a4e987f6830bbb0a4dfb00b5aeee4
- SHA1
  
  ff092037fbdf312debad44d9ac13ffffeb980de3
- SHA256
  
  7787fa0bedeb762598d6789c54d2f25b56b2378627ed2b2839b46c634f5a3e41
- SHA512
  
  a5b8dd63a1197128a1afd2a7f50acd41f8a169d2ec1064487f3a8a392c005757c049669b8637abc85562d7b00b6f74868debef0fba6c37c7c5a5a646a4a381bc
- SSDEEP
  
  768:WfRBRnIcAfDTckZDHhriIy3m0WCrseBLD7p:AR4cAJZDs209rV
Score

1^/10
behavioral6 behavioral7
- Target
  
  thirdparty.html
- Size
  
  2KB
- MD5
  
  7a3ee506a56d3c734920b92d51f08718
- SHA1
  
  0e0f180fc9e80c38ed513afb28a4a5a2c064e9b6
- SHA256
  
  f6cdb6ae4e22e47ac1b4fc7ff45ac20ce80241c8c64b0d8d345f6fc8c135a904
- SHA512
  
  84a8646bd64aee2008639a76c2bef928ac82248c01dfc74657d4c8aabc0d0921efd8d78af82786e5c0b004dbf654e1718627bc9bd4f36e70a0997218d689877f
Score

1^/10
behavioral8 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerinfostealertrojan

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9