Overview

overview

10

Static

static

7

21d50eb0f5...8a.apk

android-9-x86

10

21d50eb0f5...8a.apk

android-10-x64

10

21d50eb0f5...8a.apk

android-11-x64

7

Resubmissions

06-11-2023 10:57

231106-m2e13acc53 10

02-11-2023 09:23

231102-lcq7csaa6v 10

Analysis

  • max time kernel
    2756260s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20231023-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231023-enlocale:en-usos:android-9-x86system
  • submitted
    06-11-2023 10:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21d50eb0f59d497c65f46ac1ead62af331c957f0133daeca5f3662e4bae5238a.apk

  • Size

    4.4MB

  • MD5

    a4fb036a7460c9e15b3b779f9db3fe6a

  • SHA1

    a827e9a713b8f46d2d5adcb18e181b8572a7caca

  • SHA256

    21d50eb0f59d497c65f46ac1ead62af331c957f0133daeca5f3662e4bae5238a

  • SHA512

    bd32354a02a2089511c7b884754185b0ed5ecb894aa2a02a08b93424592bfb36e61c22ddd6d80a413ad5f51e7a17852eefe2cc3a8d4184ef859a8ebefefb2cea

  • SSDEEP

    98304:c6awMfNJzamCitccFqX6Zs+YxcVEYy72sDqa4i/JZw0LCrp/H06/:wfN91CiSwqX6s+nER/D2KJZx6/

Score
10/10
jokerinfostealertrojan

Malware Config

Extracted

Family

joker

C2

https://weco2.oss-me-east-1.aliyuncs.com/smiple_4yue

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.enber.gareapp.translator
    1⤵
    • Loads dropped Dex/Jar
    PID:4260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    410114c673f0b56e27eab903dc7eac5c

    SHA1

    b186d8676b93013b5821c312d4ce3381bfa39415

    SHA256

    a4c34948c9e03edce3cbd966907c557393dbc6d16c24a60846264bb751716186

    SHA512

    c61855d37c97b21cb6b079ef2bbb9c427491c343ce8acbbfba86c0819e4c1cb71dab13420ce6edded9ba4c39a93524fcb124065bd7f24093764bb17c5afbbbb5

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/com.google.android.datatransport.events-wal
    Filesize

    277KB

    MD5

    3ebe2017f85eaafd89bac2e0921d554f

    SHA1

    53db909afba3af7a0aa2070c0501c23727ee5b63

    SHA256

    655c4c2814953ddd7ea785751c4efdb500d8a6287e72a3d19f10e753fb0e1269

    SHA512

    8ea1aeaaff6705b0f380f52839334ad304e16e1264eab4b2bdfa2c207ee290f735c9cd9752b35f7aaea64cbc8289aa0bc80307243b307fe5253be9e899cf173f

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    9f726e792212c5ec1d0d131d58b17ae0

    SHA1

    9bc49de9d08eaf46ecf86b96a1deb3d6b26fbb52

    SHA256

    f4a4f7f15dc22f7ec5e99a5d827fb1b81b395e86f19803801f2d206b9de36610

    SHA512

    5b509941d456b4cbaf092a8025820b471bebc19580a0511f3a9272d6df2b8baa71fda6d9e21d29e94ae750f704c1799ab60539e4f166bb9222282b1f37198aa9

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    b9942c44b09283592ab9c3f498b1a513

    SHA1

    6fed4cac77f870173225f7f6eca4bbd16c2f2a9f

    SHA256

    7e0da342c4f43b070ebf751a81bbe7a0b3cf1603a14f4325c04f027edaa599bf

    SHA512

    56eca4864f122ecca4d7cfda7900cd5428a7d349b9546720fe78dcf34569e280a9c93800ebffb9af5179cbd67ff89b3d1db4d8c07aba70f955ec00ae7e10d301

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    13d4ffb6d5f223bacd60e1e0910b24f4

    SHA1

    f722696533956e7506581afeb702bc0fe272aa15

    SHA256

    d9e1e5db8b271d982c6abea24267fccaf8c54d2d25a9fcdde4b35a5e257c2940

    SHA512

    3687477ecaa0ae2be8a2ae930ea90ced57414481b25337957803719866db0af44b72952cd969d6d3e86e76c14f0e4537a0bac10194530d48a55357924906516d

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    bc0b1fc9d5c686abe36772029de04ff7

    SHA1

    bf07dcb9b5487dbc53ed2144a7ec050623281e52

    SHA256

    9eded8662058437d72e9324ede51fa13ab8055fd7fcbcac977bab24e1019a119

    SHA512

    03d231229155384c32f493368c5b296de1ba39279251ea8d572a73ebe46eaccd72a44acaef1739364770a2fdd41aff6cd20c99f91487f80496cae36950a3904e

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    44693692da738db6eb133cf0e4cde91b

    SHA1

    e6bda56494c325d8d37ad89552263ae85d9b0550

    SHA256

    8fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4

    SHA512

    b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    420f792be8e67881032dafce964b1b35

    SHA1

    dcebd4080e4c71ac175c48c37aa7af949ff37068

    SHA256

    f67e10e283bf61f7ec2d17ed460d252846400713759d728559a0d20b689338cf

    SHA512

    99849ff37898da1f7f4dfc3e534aa84931c8dbb11381b047c8092737d96d057fe4d4c480a5718608e477d42caa4211c3a54d9c6b8d6bf555b731da0febb2a9a5

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    36KB

    MD5

    b6c00ca065d55d1f64f499ce49222d06

    SHA1

    34180b7abdf31cb0b31979eb5620587aa2cdd5ce

    SHA256

    e143531687ab6c52e3960d10173bd24d135abb2ad717d6bb6fb4623b797bc7ed

    SHA512

    14a5b68b1a00e70853e6c6890632d9182d2bd3496687c45db8cfa25d88588213e557c52debaa8ab4933547b77eddcab880aed8b5e400b023acba4a8fffdabe4d

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    1992c91db4bad473be17934a91b49e86

    SHA1

    349aad28cde097e2fa6613e09163ce6c2c7b7cfd

    SHA256

    aeff5d246c59c723c3deef90aa4107e10082bf28fb967de15aa6e767ca3336b4

    SHA512

    70cb74f42844990d52db44a9e4e9c4b3759abd5d06c26b3522ccb4994d8e88797c1e4205e8ee71aba5df9a1cb039ee13cf9055bfb4d5f799ebbe72c203de1b8a

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    f30ec6a6f49676e9aacaad17a89e869e

    SHA1

    e433d43722927069ebb464f7ba6d0845d3a3d244

    SHA256

    6f99abe4b8892bc83b26d563c991c7c3ded95e2c863dba223d55f03cee6ad39b

    SHA512

    ee7cff3d3936249191c9c91067e0eb93804786d8d8c37e277f54a9c48d7fe1963e80ddac1df392d46e84e63b0bbd30927a073a33ee2585dc6ff8ad2d3c55d27c

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    2291585b676d6b4ff7c05e5c706fea06

    SHA1

    672f342bf8d4bb26b354f2620af29e0a9db37c80

    SHA256

    0490fc1aeb30b0d0de7deb3a69814d9c9368b6ec6baabbbd5a8bcecb739d4102

    SHA512

    48ced16e22242a44aec1bc15c8f1058f99ef8a6e93c60b4ef7c49204dbf9fdfb4bb19da7616ceabb96605a8a38201049e22d90b3b3dcbb5a6ba32b1defae723e

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    5faab3e15862598fe125bcb21cd1cc7d

    SHA1

    0e4aaa515299be2f2b4e979f9ede5650ae1afcb0

    SHA256

    29590c0250b62d9b1e2ebfd85e8c9253fa5be7bdade55843a3fad4271d853c0e

    SHA512

    95729cb6db67424985abfc6c0d993dcdc13c97942526bd29ae57a09957d6535f757e6d72908decf3ef224eec6619d40afefc3aff131c5683b1cd77e8f312c196

    Download Submit

  • /data/data/com.enber.gareapp.translator/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    cd9af5a3122f0f5752e78cc81c42cdce

    SHA1

    5003d555bc9c0d8be66280239412447d478fd012

    SHA256

    621a7c5bb380f864126b68c2566e8db7a2f38aa11ae7d1ecc6257c97043d3e11

    SHA512

    1aa29d16621ecaa965dffb13c969cb2d3de302497fc5690bf02ebad199eeed2ae3566148b2b83e40c0eadebc83b97dfe01ef947807172e8870a4ba19ce218aab

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/PersistedInstallation2592949905167965852tmp
    Filesize

    90B

    MD5

    19baae2d014e23f0004371fbcadcab64

    SHA1

    f6a01b9328ae0076941e745bd5ef504a7eaa00bc

    SHA256

    5641d952f1c8b99ac591aafeefbdb3009d1b60e4a9514b0080c3e068a5400478

    SHA512

    0c8a29172829bd6b087b07100200db55131564b0308aac022d8d9fc731f9ff7a19caefd9457a163c324cac5f6bb15780328e38a15745b681a0cc17955908c12c

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/PersistedInstallation6672618408711930896tmp
    Filesize

    572B

    MD5

    d3b47789f0a854456dadff626036a8ad

    SHA1

    7de40150d6bf87127b40798a8e9ebff87206117b

    SHA256

    25f9e76a94248a60b7a752547c7043323081c59dc38dc3a7c99d01932ad910a0

    SHA512

    d14c6e9b1fe517a5515c0e0a377377c0b7e971853d6c7e05048f8d95f83bfbd1b9e93a43d6d62002281d9b56803882a5b420e011ea0a9fbe4fce3edf7b39d7d4

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/frc_1:1096647638011:android:3acbb0aa78b8f71520a95e_firebase_activate.json
    Filesize

    196B

    MD5

    0011189dcafc00a258a2f3b9b1b8e7b1

    SHA1

    2cabb304590edf9449bb9b287e28f5dab728ecb6

    SHA256

    258126c4f474a8eb4e0893111455e11135a0ad8c0fe6927a07e003008dc1a959

    SHA512

    b614f60f1e02d60e6db3b076ce4a7f1d8a04b20b8fc3ffb7a61b54d28e1ae8184551ff0d60ef98efe98c8fef427dcd341af72ca0c8828212598aa5064c6ec3b0

    Download Submit

  • /data/data/com.enber.gareapp.translator/files/frc_1:1096647638011:android:3acbb0aa78b8f71520a95e_firebase_fetch.json
    Filesize

    196B

    MD5

    0011189dcafc00a258a2f3b9b1b8e7b1

    SHA1

    2cabb304590edf9449bb9b287e28f5dab728ecb6

    SHA256

    258126c4f474a8eb4e0893111455e11135a0ad8c0fe6927a07e003008dc1a959

    SHA512

    b614f60f1e02d60e6db3b076ce4a7f1d8a04b20b8fc3ffb7a61b54d28e1ae8184551ff0d60ef98efe98c8fef427dcd341af72ca0c8828212598aa5064c6ec3b0

    Download Submit

  • /data/data/com.enber.gareapp.translator/no_backup/com.google.mlkit.InstallationId.new
    Filesize

    565B

    MD5

    77b8ba144d5d33e348add3ea62afea23

    SHA1

    3814761bd22322fe06b24565424da7405f858e1b

    SHA256

    ec039bd3b01eee2401b04c10b5cfb31a40d35b93d1e2a91387d6a462e71c4fa6

    SHA512

    3cc662000773ea48f93b877f5c356463015233256cf8c5c5a62d9cda63eb9b84aeb98f8f891f718195d81dc0ba95f041a4ac5e0e95fdef399fb95bd25fd7121b

    Download Submit

  • /data/data/com.enber.gareapp.translator/no_backup/com.google.mlkit.RemoteConfig.new
    Filesize

    17KB

    MD5

    65ed288f5dfed514350303411325d6c8

    SHA1

    6cbad4ee4dae134b4744554fc65b3ff37d9a0025

    SHA256

    4b04449d158d421ce19512bdb3dbc063dc79b1604dd7db3bf0b4432f33263fdc

    SHA512

    92f1babcfe5952bea06e7f84f0d2b591abc550f3076ee68030c9ded5699b033718ebc5d212266b784762e66fa015a4735fc55d7c2ecf923606fc45d5b4be274a

    Download Submit

  • Anonymous-DexFile@0xec55f000-0xec560d8c
    Filesize

    7KB

    MD5

    7b8a73470452c429671e8207c78c6a08

    SHA1

    4b0650c3656d476ffcc47e889e3cd3a54476b8fa

    SHA256

    146abcdf3571596c2be2fd9c7bd9298653399f9f61b62bbcf196c1086603665e

    SHA512

    9a30a8a33b68eb8fd8ae2f2553593c0de7d855c28e54d5c5243c171f1b124ecd0ed557d99b03a558c32d5c93a6fa9e3e091ab6919df6e26d6141cdd547fad13d

    Download Submit