joker | 3dd3a843e1f714b3a6ec6dbdc4307ad52060b06a9fa8344a3826f3c3f067fad4 | Triage

Sharing

General

Target

3dd3a843e1f714b3a6ec6dbdc4307ad52060b06a9fa8344a3826f3c3f067fad4_JC.apk
Size

7.3MB
Sample

230904-xsqrbaah42
MD5

42197636b8d24e40f69b41f8daa1a773
SHA1

c014b2c3333e17f01011af576e569853178d9d8a
SHA256

3dd3a843e1f714b3a6ec6dbdc4307ad52060b06a9fa8344a3826f3c3f067fad4
SHA512

bb302bf00bb742f3f902f5a622bebd58d44f83a465b2e8523e39b764e99ac73e95a15d6a7596306fbc8c47d34c8947c1cf9c1c200d02818a32ad77be9d5efa26
SSDEEP

196608:jN4cmSpBi9EK5dPW6L7b9xe5TNW4mhYlFmuX6QUlO95:jN4gpId5dPW67DsNW4mh/uKQ5b

Score

10^/10

joker android evasion infostealer trojan

Malware Config

Extracted

Family

joker

C2

https://bsmt.oss-ap-southeast-1.aliyuncs.com/151

Targets

- Target
  
  3dd3a843e1f714b3a6ec6dbdc4307ad52060b06a9fa8344a3826f3c3f067fad4_JC.apk
- Size
  
  7.3MB
- MD5
  
  42197636b8d24e40f69b41f8daa1a773
- SHA1
  
  c014b2c3333e17f01011af576e569853178d9d8a
- SHA256
  
  3dd3a843e1f714b3a6ec6dbdc4307ad52060b06a9fa8344a3826f3c3f067fad4
- SHA512
  
  bb302bf00bb742f3f902f5a622bebd58d44f83a465b2e8523e39b764e99ac73e95a15d6a7596306fbc8c47d34c8947c1cf9c1c200d02818a32ad77be9d5efa26
- SSDEEP
  
  196608:jN4cmSpBi9EK5dPW6L7b9xe5TNW4mhYlFmuX6QUlO95:jN4gpId5dPW67DsNW4mh/uKQ5b
Score

10^/10

joker evasion infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Acquires the wake lock.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3
- Target
  
  privacy_en.html
- Size
  
  21KB
- MD5
  
  a13ecec2c8d84d1a6a37f9241f7ae40d
- SHA1
  
  2dc04ba7f2543c55fd8a7222a6b8a93f3f66743e
- SHA256
  
  9b12d5c238f44ff41c19d2ac2281968ee2f1945033a7c426f0d4d69e7af2da47
- SHA512
  
  c66782304d0738629ec2183d93ef26f84f91bcefb42faea391801dbf79f06f4f754a4d1787b2959d0fb4761540f1e9b6877128253c24fce0af92d77e1912f9b8
- SSDEEP
  
  384:FFwFwFVFd6wTWgHu8QuFj1Zohr2FACs8Qn3nogUovwghdKP3k3DxJ60uQ:FFwFwFVF1TD1Oh2U5
Score

1^/10
behavioral4 behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerevasioninfostealertrojan

behavioral2

jokerevasioninfostealertrojan

behavioral3

behavioral4

behavioral5