Overview

overview

10

Static

static

7

joker_test.apk

android-9-x86

10

joker_test.apk

android-10-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    joker_test.apk

  • Size

    30.8MB

  • Sample

    230831-l5tg7aee39

  • MD5

    53c7f40042144b5e3857d8903142d47a

  • SHA1

    ac17a4c5a25da6d9e43da485ce5f1caa5c3e9a6d

  • SHA256

    a3468f54324ab02930166468e5b93daec8439297678a17c76cf2fe0aeaa053be

  • SHA512

    ad16dbf6fd0630452e250a07b7f295155e2b809e2d2b6ffbe0b24e8d00a1eb9223190d0993ded37bf85da40658d30f580d71cb0f3550ebaa3b3de3bfa17d531f

  • SSDEEP

    393216:sf9dtQtVBVn38CYlRMS4RURRtbL+tC9i0RLkVyMr5pq+wLYHBwmvJyXKzbAt:sf9dtQtVBVQ53RDLn9i09khgTLkDRyzt

Score
10/10
jokerandroidevasioninfostealerransomwaretrojan

Malware Config

Extracted

Family

joker

C2

https://bsmt.oss-ap-southeast-1.aliyuncs.com/151

Targets

    • Target

      joker_test.apk

    • Size

      30.8MB

    • MD5

      53c7f40042144b5e3857d8903142d47a

    • SHA1

      ac17a4c5a25da6d9e43da485ce5f1caa5c3e9a6d

    • SHA256

      a3468f54324ab02930166468e5b93daec8439297678a17c76cf2fe0aeaa053be

    • SHA512

      ad16dbf6fd0630452e250a07b7f295155e2b809e2d2b6ffbe0b24e8d00a1eb9223190d0993ded37bf85da40658d30f580d71cb0f3550ebaa3b3de3bfa17d531f

    • SSDEEP

      393216:sf9dtQtVBVn38CYlRMS4RURRtbL+tC9i0RLkVyMr5pq+wLYHBwmvJyXKzbAt:sf9dtQtVBVQ53RDLn9i09khgTLkDRyzt

    Score
    10/10
    jokerevasioninfostealerransomwaretrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks