joker | 97c03742df146fe7c443d0b5e65dc2c7e775a0c5c50ed18a29e857c90120dbc5 | Triage

Sharing

General

Target

42197636b8d24e40f69b41f8daa1a773.bin
Size

5.9MB
Sample

230905-bxbmasch28
MD5

cfd38a4778a926f09d06d22dabc738eb
SHA1

8af1f399a70c242c7b546898cc35b96caf41b208
SHA256

97c03742df146fe7c443d0b5e65dc2c7e775a0c5c50ed18a29e857c90120dbc5
SHA512

41d8faa66da759093b9c395c7a73f34265440334cb8788d5e871a5e9464e944b8c6ab1497ef2158b5ddb12aed04706f5638ab7723f29f0cb3f6f1fa546c4ea9c
SSDEEP

98304:k2l++Vp3Raxwd9mNCPG3LHQHBifHsAIKcnkyBF3Hsd9zi1L/Uac6JIinfaqlwGo/:duxiUC+2IUZbnky3cdQ1t7JBnpoXGS

Score

10^/10

joker android evasion infostealer trojan

Malware Config

Extracted

Family

joker

C2

https://bsmt.oss-ap-southeast-1.aliyuncs.com/151

Targets

- Target
  
  3dd3a843e1f714b3a6ec6dbdc4307ad52060b06a9fa8344a3826f3c3f067fad4.apk
- Size
  
  7.3MB
- MD5
  
  42197636b8d24e40f69b41f8daa1a773
- SHA1
  
  c014b2c3333e17f01011af576e569853178d9d8a
- SHA256
  
  3dd3a843e1f714b3a6ec6dbdc4307ad52060b06a9fa8344a3826f3c3f067fad4
- SHA512
  
  bb302bf00bb742f3f902f5a622bebd58d44f83a465b2e8523e39b764e99ac73e95a15d6a7596306fbc8c47d34c8947c1cf9c1c200d02818a32ad77be9d5efa26
- SSDEEP
  
  196608:jN4cmSpBi9EK5dPW6L7b9xe5TNW4mhYlFmuX6QUlO95:jN4gpId5dPW67DsNW4mh/uKQ5b
Score

10^/10

joker evasion infostealer trojan
- joker
  Joker is an Android malware that targets billing and SMS fraud.
  infostealer trojan joker
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3
- Target
  
  privacy_en.html
- Size
  
  21KB
- MD5
  
  a13ecec2c8d84d1a6a37f9241f7ae40d
- SHA1
  
  2dc04ba7f2543c55fd8a7222a6b8a93f3f66743e
- SHA256
  
  9b12d5c238f44ff41c19d2ac2281968ee2f1945033a7c426f0d4d69e7af2da47
- SHA512
  
  c66782304d0738629ec2183d93ef26f84f91bcefb42faea391801dbf79f06f4f754a4d1787b2959d0fb4761540f1e9b6877128253c24fce0af92d77e1912f9b8
- SSDEEP
  
  384:FFwFwFVFd6wTWgHu8QuFj1Zohr2FACs8Qn3nogUovwghdKP3k3DxJ60uQ:FFwFwFVF1TD1Oh2U5
Score

1^/10
behavioral4 behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jokerevasioninfostealertrojan

behavioral2

jokerevasioninfostealertrojan

behavioral3

behavioral4

behavioral5