Overview

overview

10

Static

static

7

21d50eb0f5...8a.apk

android-9-x86

10

21d50eb0f5...8a.apk

android-10-x64

6

21d50eb0f5...8a.apk

android-11-x64

7

Resubmissions

06-11-2023 10:57

231106-m2e13acc53 10

02-11-2023 09:23

231102-lcq7csaa6v 10

Analysis

  • max time kernel
    2404979s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20231023-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231023-enlocale:en-usos:android-9-x86system
  • submitted
    02-11-2023 09:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21d50eb0f59d497c65f46ac1ead62af331c957f0133daeca5f3662e4bae5238a.apk

  • Size

    4.4MB

  • MD5

    a4fb036a7460c9e15b3b779f9db3fe6a

  • SHA1

    a827e9a713b8f46d2d5adcb18e181b8572a7caca

  • SHA256

    21d50eb0f59d497c65f46ac1ead62af331c957f0133daeca5f3662e4bae5238a

  • SHA512

    bd32354a02a2089511c7b884754185b0ed5ecb894aa2a02a08b93424592bfb36e61c22ddd6d80a413ad5f51e7a17852eefe2cc3a8d4184ef859a8ebefefb2cea

  • SSDEEP

    98304:c6awMfNJzamCitccFqX6Zs+YxcVEYy72sDqa4i/JZw0LCrp/H06/:wfN91CiSwqX6s+nER/D2KJZx6/

Score
10/10
jokerinfostealertrojan

Malware Config

Extracted

Family

joker

C2

https://weco2.oss-me-east-1.aliyuncs.com/smiple_4yue

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.enber.gareapp.translator
    1⤵
    • Loads dropped Dex/Jar
    PID:4255

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    ed50b6daa6ab2d4fb4cb7b9a95c50362

    SHA1

    56368ab54406501f318d499e84aecc4b604f8bda

    SHA256

    7c81f5b9a3a9b9b943bfc13dd85541935fe75ab073a9484f35a55b8a536f1733

    SHA512

    7dda6c731b03934a5dd9380c7bd91da910375a8a6f49c5c33e9069aec3675365a0220fa7ea1cad61355bedbb81e263984b19ac3517c645061783e08cf9eedf53

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events-wal
    Filesize

    120KB

    MD5

    7569143406f48024921e464b7d6a62a7

    SHA1

    40e3c95fbf30d26d66ee437d2b2f68e890f4121d

    SHA256

    52a31d6b000da2c92f5e4d4437f4426f8c318499bb9549f2e89c0502133b99af

    SHA512

    8c6be423f6eb81adabb9b1dd40becf01c6da554f4f3e979dd3745af6935c643edb344d974e967a3ade896fb63083ba5f9da23d0f4a4cdf97d4edbb5cedfdcc9e

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    b5682dfc3cf7c3e596ad33e22305d1ed

    SHA1

    92ea00e6c729b833f53b7cbc071d5b27b53d50c9

    SHA256

    9a8a8015406a75c62fb9011ee9058b4a9d31fe40ba110f1cc140539dbc3c9cb4

    SHA512

    e10e45c8caf7e2b85b46bcdbf92a107a341cd6669828073e566e4edb7a5dce7b7f3d15928969236d78436fe041c7f35745ff26b4fc687f1c6ab8817eac8e6564

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    a09f3a0a9632dc77b8171a7425763da4

    SHA1

    624da0c62e157bc95635475ee2204f9239295ab6

    SHA256

    2a9b4589db7836b39186f92d2bca9c091d86a7618ec93983ee914828ec81140f

    SHA512

    3ca7ce4029ee2e1fa74946c7709f9155c058117a004b9ca0eff050da2aac8036aa15a4630ac4bcdbc77dec0fb8d12955b50bac150323b2a065f21fd6f51fab98

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    57f872afb130947935da55647346fddf

    SHA1

    263af65cc4738b5347abea4ffda48c02f8b04c1b

    SHA256

    b412d04db59b10a421ae4a1f44ddd4d404cddee9360b2e08490223d043e5c684

    SHA512

    0987e7fa7f917161d9872697c59f4d70703cec799a0fd94118a800dbebdbf2ecd242febe8b2d191236cbd3853e86f0770e196ae65954c2676bf21cc6f4e93d2a

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    be57f9fe2593b80718122933633e106b

    SHA1

    8e4b24c62faad39fbdb0a6154e9b41b64d9f01c9

    SHA256

    80ac89d80143572a03f191e14a30ec2506b65a36b9b54d7c6420fa5786943afd

    SHA512

    0da7c9d183cf5dac06ba5e5c04be66ba3cde1f78b743ae71e93fd1e4421ca04f20570bb61b0bde37593025f870fa57a8d96b5817fe568bf1a38e06f1ea002a55

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    44693692da738db6eb133cf0e4cde91b

    SHA1

    e6bda56494c325d8d37ad89552263ae85d9b0550

    SHA256

    8fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4

    SHA512

    b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    8767b714b119a6244eb0199d00589fdd

    SHA1

    2e16e265a574eec6258d12fa502a5d5fa64864bf

    SHA256

    e0e29727e6df8a2dddb27636a5bf2829c10919c52db2515c301cb9407ba510cd

    SHA512

    18599c295b7420919cc6c72e08d25f0b1b98839735977d24af66c391f15684f1572a09c05ba50b96a1a8b9ef786a1bbdb34aab026888d1c24dc7ddaefd173461

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    36KB

    MD5

    02b657a2328f353cafeb32f835bf64bd

    SHA1

    c69b79a8699d7cf58a78f511ade037556717a7e9

    SHA256

    b523535d46cca3f46d9394cf6b81939828f99df15894fb874b72d2b22d5c5d7c

    SHA512

    ed27d4a49598011e7b96b23197fd3717a0b322f017b168b3abaf280af8563df9c87b697067c05fe3f5d949c7fcfc730f00e63bcd8c3dbea6348c2768411410c4

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    1703517ff0d968d49f11922d089afb95

    SHA1

    23690f2182d7cdc3969366d932e005972bdfc41d

    SHA256

    1bd7f0035ebd3ddf89dcc1251251c3011eb55899d4137e2d3410bffd5fe30103

    SHA512

    0715b36296c91692dc1419e44d7b3cc563d13d4c52b04e26596d885d6a35ad2d6bf80390c1f2c1e89a9a77d2f2c0314fb9cdec9e2688fbe91a17a2a54b852738

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    036e43d62bd08b2445e13b0efb3f3e6e

    SHA1

    295d3783f17253b4400d37c2b7efd5db89bc5eb7

    SHA256

    8e776483f78b8ec37edfad3a74e9a594beca6525ed2e95cd04af6b647e6e92a0

    SHA512

    5889b0bbb35728edc45ca89d5fc0e5797c142a132b38ccdfc749e7dd64223f58d5e33c6fde097d82aef542634a54c60ad3414a5c465d588a364c9f7e8539dd20

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    cc1119ab0f2dcbfb30a327513e42cc3b

    SHA1

    2b978b365a97261a9656cf7a481f7d1a8fe46fbf

    SHA256

    d85658dee8430d09895097d3791432a109a86f058858ce254483a9e9fb7e2129

    SHA512

    899e594b28204374d917d5185b269b4d919b77559b763bb81c78623c5012348a6eeffd4492d1e8a68b04e4fc3c35a3e62902e0f86384060bd9ff1f4e84f3ea2a

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    f9e982b3646c322c17cb725118d61121

    SHA1

    40e7b2b820e83e7ef10f330cb7d8db416f2f83d7

    SHA256

    fe890dc63bd25201400c8e05ab90863803bba9040287b0b070b80de6d84dadfa

    SHA512

    6b923ec7c491df1c766c6366d3aca4b44bb28184025b99803cd424be1719f1a8d997af965cccba799d77ba829879d5050dbfa5792764d54ae7f003d29d05aad0

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    24daecfc17dab2f6cf49653206124237

    SHA1

    7277f83e6f8d58e23038f2ee0b4bd594c3ea7a99

    SHA256

    d8bdab3903d520c64a60ffd21aaba88923bc876ccac4cb5bb84bfc8901aacd16

    SHA512

    71cb65c54d1388ee6fd4c3309b146ac1f1d9c2f467fbeed5bd1cf69352ed4e2b1ff8f3305ed77d71b4ab0c531f69615f9785da059953b23de6a6bacfcaf24d1f

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/PersistedInstallation4269682972841756089tmp
    Filesize

    569B

    MD5

    48ae9db759dc87a37c6de08be46e8b24

    SHA1

    1a1a35e7bf212d8bb433cc9ae36fd124b84e8a47

    SHA256

    5dc309039e01abb7354df3a38ae840cdf5e6e4a941bb455b6ae19a6243e09514

    SHA512

    12218ec1bfa4f2da1d54f39d55fab5d24b867cbf9227cc5f1d3b0e1ddef9680ce0715d5c2fae626970aee10026d3ef2defeb824d7151007e91ecdbf3545dd2ee

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/PersistedInstallation7853996654249695731tmp
    Filesize

    90B

    MD5

    930e79826ef3e6db044bc63d606a80ca

    SHA1

    3abc4b563fb2f76dd6f056d52d3a2fc64e9a4346

    SHA256

    1022f06ad206fc5fd507a065a860ff41484366dc33de8317fe6af5b85bee93e8

    SHA512

    d20ce7515f234ef030f38908931179563fb1e0a3c233c7ad56f606b99ae58116eae2ee6d53ef95a89cb05ebef39bde2f88299039679fd8e890d8ac403b7ba474

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/frc_1:1096647638011:android:3acbb0aa78b8f71520a95e_firebase_activate.json
    Filesize

    196B

    MD5

    7b5d4392c333c73ff1a3bea1d3b38e83

    SHA1

    09093dbb93cd378bd8d51706a88ec585e4efec11

    SHA256

    462f0f59d0bb07425d525c349a8f7e965ac1689d6d53839b77781e3d1e148df7

    SHA512

    d61c3b2ddd3c8dbdf2142a816d03f91da338db7827115abe40119f59ae22da5be66ded712adab273e7351ba46020d0b97a8fbf829f25595aae9543e977ba74e4

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/frc_1:1096647638011:android:3acbb0aa78b8f71520a95e_firebase_fetch.json
    Filesize

    196B

    MD5

    7b5d4392c333c73ff1a3bea1d3b38e83

    SHA1

    09093dbb93cd378bd8d51706a88ec585e4efec11

    SHA256

    462f0f59d0bb07425d525c349a8f7e965ac1689d6d53839b77781e3d1e148df7

    SHA512

    d61c3b2ddd3c8dbdf2142a816d03f91da338db7827115abe40119f59ae22da5be66ded712adab273e7351ba46020d0b97a8fbf829f25595aae9543e977ba74e4

    Download Submit

  • Anonymous-DexFile@0xec45c000-0xec45dd8c
    Filesize

    7KB

    MD5

    7b8a73470452c429671e8207c78c6a08

    SHA1

    4b0650c3656d476ffcc47e889e3cd3a54476b8fa

    SHA256

    146abcdf3571596c2be2fd9c7bd9298653399f9f61b62bbcf196c1086603665e

    SHA512

    9a30a8a33b68eb8fd8ae2f2553593c0de7d855c28e54d5c5243c171f1b124ecd0ed557d99b03a558c32d5c93a6fa9e3e091ab6919df6e26d6141cdd547fad13d

    Download Submit