joker | 7154cdcb125d36309ab8930c9fb1d12920f954ec897271c3c5b35aa9e3e980e7 | Triage

Resubmissions

04-09-2023 20:39

230904-zflypsba7w 10

04-09-2023 19:33

230904-x9v3csba64 10

Sharing

General

Target

7154cdcb125d36309ab8930c9fb1d12920f954ec897271c3c5b35aa9e3e980e7_JC.apk
Size

5.6MB
Sample

230904-x9v3csba64
MD5

b70df52b2a6d09f7278645f5d07e8e08
SHA1

a0dbb365d081561cf376e8513ac9156e4fd7fcd7
SHA256

7154cdcb125d36309ab8930c9fb1d12920f954ec897271c3c5b35aa9e3e980e7
SHA512

390b16c9a07c8cc9737239f73bdcb0c51b31abbb980e13c3af072b386aa8c8ba40687d08ed24da43d1a30875197072c96be0c74b7ecab974599ab48c9b6bee27
SSDEEP

98304:cIkUcb8m7NLi88rNfnSbUpdSRxyiDC86Vb4Qjw/DWa80as+eWfH/pMzfpeZVPFEf:qHgm7N+8yNfnSbAGvsKm885deEfpMdY0

Score

10^/10

joker android infostealer trojan

Malware Config

Extracted

Family

joker

C2

https://weco2.oss-me-east-1.aliyuncs.com/smiple_4yue

Targets

- Target
  
  7154cdcb125d36309ab8930c9fb1d12920f954ec897271c3c5b35aa9e3e980e7_JC.apk
- Size
  
  5.6MB
- MD5
  
  b70df52b2a6d09f7278645f5d07e8e08
- SHA1
  
  a0dbb365d081561cf376e8513ac9156e4fd7fcd7
- SHA256
  
  7154cdcb125d36309ab8930c9fb1d12920f954ec897271c3c5b35aa9e3e980e7
- SHA512
  
  390b16c9a07c8cc9737239f73bdcb0c51b31abbb980e13c3af072b386aa8c8ba40687d08ed24da43d1a30875197072c96be0c74b7ecab974599ab48c9b6bee27
- SSDEEP
  
  98304:cIkUcb8m7NLi88rNfnSbUpdSRxyiDC86Vb4Qjw/DWa80as+eWfH/pMzfpeZVPFEf:qHgm7N+8yNfnSbAGvsKm885deEfpMdY0
Score

10^/10

joker infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

jokerinfostealertrojan