c00c780ab99e3f252d7ccc2d0d70c43cc16c2a956e8cd9b0bdd16d18f6a90b84

Sharing

Copy URL

Twitter E-mail

General

Target

jokerlivestream-app.apk
Size

63.8MB
Sample

231108-qbz54ada98
MD5

7f56980839cbd1fe2f166da227a58a9b
SHA1

02b5b28e59cbac184d6c0b5ec4305ca0884f8f99
SHA256

c00c780ab99e3f252d7ccc2d0d70c43cc16c2a956e8cd9b0bdd16d18f6a90b84
SHA512

039761ee3179cc6e519cfc3babb48a01e50d420b31630472d2fb2d28e0d361f8ad2ff8e766c3a08736a25b96f588a066d64819817d5ee3524b472890f154d418
SSDEEP

1572864:Aei/noTuO7LB0vPbfplOcssi+ysvWNfdru9rFr8USqWHNIIay37GzK:Ae6ymbfplpsvLw81rm1/APl7uK

Score

7^/10

android evasion

Malware Config

Targets

- Target
  
  jokerlivestream-app.apk
- Size
  
  63.8MB
- MD5
  
  7f56980839cbd1fe2f166da227a58a9b
- SHA1
  
  02b5b28e59cbac184d6c0b5ec4305ca0884f8f99
- SHA256
  
  c00c780ab99e3f252d7ccc2d0d70c43cc16c2a956e8cd9b0bdd16d18f6a90b84
- SHA512
  
  039761ee3179cc6e519cfc3babb48a01e50d420b31630472d2fb2d28e0d361f8ad2ff8e766c3a08736a25b96f588a066d64819817d5ee3524b472890f154d418
- SSDEEP
  
  1572864:Aei/noTuO7LB0vPbfplOcssi+ysvWNfdru9rFr8USqWHNIIay37GzK:Ae6ymbfplpsvLw81rm1/APl7uK
Score

7^/10

evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1 behavioral2
- Target
  
  AntDesign.ttf
- Size
  
  68KB
- MD5
  
  3a2ba31570920eeb9b1d217cabe58315
- SHA1
  
  4e77868439280fb434d4697c7b911271406c81f3
- SHA256
  
  7955ca14127b30412c114eb13cfd702b5dab265feb1880d1695d73caa824cde1
- SHA512
  
  41842c1fdea06a042d0faa4fc50e0637e69ed56dfa06ae0e34878b5f4096d624f07cca0ab78e12e3701c2c7bcd40af8b095e8101f8a23e37edc4f1da3d459457
- SSDEEP
  
  1536:lUDjuprnwV0C7S6qlvfSlBCBdbirbD24WKkvemVul3Wnq3:yDqw0uS6q4lN24WKkveHll
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4
- Target
  
  Entypo.ttf
- Size
  
  64KB
- MD5
  
  31b5ffea3daddc69dd01a1f3d6cf63c5
- SHA1
  
  12b5670eb178138f77285d5f2c246d3cc5fa67d6
- SHA256
  
  16f92298587bab2b469bc13c0dfc6d5d171bca10bad0c9053ad16bc023bf717d
- SHA512
  
  623da02ee5573210b6f30b1ef7d65dd9ea4cc712443884207479362edbb37584c0b437bbb1630c25ce194b014cd76b8aa05e737d64a0a84fc41ca4a3ab07564f
- SSDEEP
  
  1536:eexaJwd3nwRNmJeBc3lDHbmXtrdoJyLwoQflcrWyu:eeIfNg3mo+Cf+1u
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  EvilIcons.ttf
- Size
  
  13KB
- MD5
  
  140c53a7643ea949007aa9a282153849
- SHA1
  
  91d377ea3cf47490b256c2ed081704a7dabdae0c
- SHA256
  
  a5caeb4d395c5e32f1d5a30acb382aebc664f1badfd149319907f2215e4e3e26
- SHA512
  
  90081da193c95239fd2735b710bd019212b3ee545a0d82f756a5cc46e6a04e53b0781c302f9ed2ff3e49b8c72f8233a8ab41c748013f04fc384419d4bc3aa004
- SSDEEP
  
  384:29l16YGdU7KcnIXYwmjfj71s6wv35j4eC:2J6YAU7KcnIIwmjfjhpwv3Vw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  Feather.ttf
- Size
  
  54KB
- MD5
  
  a76d309774d33d9856f650bed4292a23
- SHA1
  
  e6604258b1ced5efd51360875d782fca65381d47
- SHA256
  
  57599360fc9b80bce473b364f7f255b552019ec47462428018cb0e0f838462b4
- SHA512
  
  c029b9b3433d958d23c4e26e3bbf6ad5146d960377b87dcc7d89650b2b83a0766e6cb6bf07e20658b88afdf65bc502810b57cd7235c01079eadc5197a1a64933
- SSDEEP
  
  1536:bD4BCER+8aUwhcY6sb+xapd9h71oLlLNVUwGuVW0Q/nBY3P4Hwb4rsvAxvrVVRYS:bDUCc+8DwaNsi8pXh71oLlLNVUNocW4f
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  FontAwesome.ttf
- Size
  
  161KB
- MD5
  
  b06871f281fee6b241d60582ae9369b9
- SHA1
  
  13b1eab65a983c7a73bc7997c479d66943f7c6cb
- SHA256
  
  aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
- SHA512
  
  9ffb91e68c975172848b4bba25284678cc2c6eb4fb2d42000aa871c36656c4cebc28bf83c94df9afdfbf2407c01fe6b554c660b9b5c11af27c35acadfe6136ac
- SSDEEP
  
  3072:3bhEnD+IzsU9z9QJ6/P3Xe2iEiEPGFCMW1JVJG6wVTDsk6BmG6S1yKshojskO+b2:3enD+IzsU9z9QJ6/PO2FiEP2C/DVJG6I
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  FontAwesome5_Brands.ttf
- Size
  
  130KB
- MD5
  
  3b89dd103490708d19a95adcae52210e
- SHA1
  
  3fa2d67cef22da5c3f3eb5730c6afbd6fecf0372
- SHA256
  
  06f4d00923ea24697df5df0b92984175991d8bd25776a02d531bb401e393ec42
- SHA512
  
  91d1f49e76f7e560525b71255d632a8b615f03bf5b7a568a07f5ce13bbffd30956e6f43ecc8073343d43ca05f702ccfc951fe89493bb0e51e5cf98572271857c
- SSDEEP
  
  3072:MhPzoVcBscZS23Dukm6YSaj57FCvhf4UkWvLc:MhroVZifDfYN9kvhvvzc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  FontAwesome5_Regular.ttf
- Size
  
  32KB
- MD5
  
  1f77739ca9ff2188b539c36f30ffa2be
- SHA1
  
  7d849a3981a716e2ba4a84634bc57d0b8054a6a3
- SHA256
  
  c651b8a67d3193206f622c3c3b0fbca4a2f2727108c4212b52c1e2a2e84c9b31
- SHA512
  
  b5f7c23d735838da837cbc92c47042a9bc196a81b021572f5fc9e6ee9607a1c0b07cba7ff64ef54672bd5d970d6f9c842d0ccf28b9997b95b4ecbb1f2f8aae7d
- SSDEEP
  
  384:2aILh/4eF1sQQbC5LbC4TH/s+v4B3Q89h8g6WIHL8ScQUd:2dLZ49tep3/8Bn9vIHL8ScQUd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral15 behavioral16
- Target
  
  FontAwesome5_Solid.ttf
- Size
  
  197KB
- MD5
  
  605ed7926cf39a2ad5ec2d1f9d391d3d
- SHA1
  
  c1b9fae262f42868c075ac865a8ab34920e20a2c
- SHA256
  
  3d06af1f31cd83ace7a265a014b8fb5dee15770ecac8f7a55555190e627e03c2
- SHA512
  
  6ca7651cb70ee32be71ef4088443c4d47ffbf5047f8885bfd45468e34499a190e8f87256f02b4e6b988e7277e2d6a38d2881c1aa3f781e499fd56035f4e57d53
- SSDEEP
  
  6144:BtrDdIZG2nqJElpL3im9+3Kz9BngKbtPLLd5MK:v6TnSEl1yt6zzng0Lz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral17 behavioral18
- Target
  
  FontAwesome6_Brands.ttf
- Size
  
  181KB
- MD5
  
  0ef11ce096706bcafc520aee12162ae4
- SHA1
  
  a14a91d8c170fc9e159040f6794369d829e0859e
- SHA256
  
  b1d1c1b012e1a7621cc84fd1e5c1dbab92012f40df7423e879ab2fa493520fee
- SHA512
  
  8d9e0fc7692a16ccd09d3132d3f62f08d79795ff068036dadd7831c77b01078bfc7b716acedc738dc8357b5833ba57b701841cdaf2f24910ac7e67ca71598e06
- SSDEEP
  
  3072:JMzh9YmuIJ6+E02aHmPrbYEhJhbUS2b3yOhSjtJveuc+/2X7zn:AhxJ6+E02aGPPrO3yOKJveQ/mnn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral19 behavioral20
- Target
  
  FontAwesome6_Regular.ttf
- Size
  
  60KB
- MD5
  
  40e6df55734232692408d76ad5f9c34a
- SHA1
  
  dad3ad71b383789bb62c249742ef59e34685e7d0
- SHA256
  
  d7b19fe201101b08ab1344ffd472d59ce652ad3c3fb5f194c3e35aa2908e674a
- SHA512
  
  73689a61a374db5fbaf264b09b84afe3c405746d4281cfbcb40fe9e922908c4d54d60f246d1ff4cceeb35b805b58c89f3996d6d720f9c154094568cd061b9319
- SSDEEP
  
  1536:UCmXyhkX14/ovkiaU9+oV3Nr9K6uJ4JH5:UCmdP1NdrU6uJ4JZ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral21 behavioral22
- Target
  
  FontAwesome6_Solid.ttf
- Size
  
  388KB
- MD5
  
  c0bf087a238488d351270a35c8f0cca0
- SHA1
  
  3eb9b4b2ea22711b96e3b356196fd20b4f17fb0e
- SHA256
  
  e4f6a7e9d1a7c0b4968d9cb9d422e8d9cdca229f7ff3aeac7f96e4baa25c7680
- SHA512
  
  be3dd0723b19f7d3215ef90a5bf7f93e73c79ecbea9d2a8dfe8211fb61949086f31f1504cb463caca111a052c0d95b365bf20b38b27bf2713eccd2eb578913c7
- SSDEEP
  
  6144:8azyo7v2BFKbPs0HUx9ZolBWaseDXotWoUlpXa89C:8P2v2fKbPXUzZ8WabgWosA80
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral23 behavioral24
- Target
  
  Fontisto.ttf
- Size
  
  306KB
- MD5
  
  b49ae8ab2dbccb02c4d11caaacf09eab
- SHA1
  
  c090a3ec96a3f1bb9b615c2f3f204ce0dcdcdbc3
- SHA256
  
  94dab9f1d5b13ea0769d124a2da0d02433f3b99d6dea5a07c0446a77158100c0
- SHA512
  
  0ed4331e244e0c1db7da7ad65772f5498795da20c0d19cf08e10174826145748b4a85ce11f10f0c3ecb558a311f6e70091cc34f80f92e8bf846ef743987f2104
- SSDEEP
  
  6144:2XOlPBt1RAGgRm8MV0U3yPOFQ/1c1qN7mjZdGLY7KLwmtLGhACvfsWD8zZCKq/Be:2XMt1RwU8c0OO9YUsZxWwvfsHq/BXHat
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26
- Target
  
  Foundation.ttf
- Size
  
  55KB
- MD5
  
  e20945d7c929279ef7a6f1db184a4470
- SHA1
  
  4b2bce6c792493a4a5716b6fec2dbefe89492c3f
- SHA256
  
  7e1dd03dd4ce90b658052554cd7459df16716717389a552fa4c6d56a5f8933e6
- SHA512
  
  436759ba495479a1477e9e62c81b78771805de7d1689ed11eac52e1b8e8d3d79b3455c5446eaa602eaed78b7bbd5dfaf370229759939166b51ba0097ab6a1912
- SSDEEP
  
  768:VMqwKxzATbtc13Q0dwWfJycdymiqCiKKamPCoCkkw1y0DJ6Exby9ypiOX:VvATbCtFjfbViZiK9mrDNL+9aXX
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral27 behavioral28
- Target
  
  Ionicons.ttf
- Size
  
  432KB
- MD5
  
  6148e7019854f3bde85b633cb88f3c25
- SHA1
  
  86e07c3d974eb09099e6e5a9b3b8310303cf0feb
- SHA256
  
  9c7fb9071a6c28582c6b84468cbff2c7a71e02b17e3a3b4548a159938d22916b
- SHA512
  
  2073f3b5e26bb9a3c52fdd82a0f2c0a4f086217c274ee5738f175cc9583a8f75ebb05b43cbae539e32618e2ddf22abd028282b101a1b52345d2b74e54ef2b2cf
- SSDEEP
  
  12288:jmgnFw1x1Z97mn2Oe1PDhdksw+kALOvPBpg/Z/DIsZ/mhbbEa:CIwtZ97mn2Osb7kt+pKH0/ZrIswhfEa
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral29 behavioral30
- Target
  
  MaterialCommunityIcons.ttf
- Size
  
  1.1MB
- MD5
  
  b62641afc9ab487008e996a5c5865e56
- SHA1
  
  4c2a838b00dbb5e8bb1b368fce0de534e8eb241c
- SHA256
  
  9e94d4dbe2e87ea495f0d42d879146bc74c4c4e910776a49154a15eefa37ef59
- SHA512
  
  d5a8b7b0b82227fa3c76b9db3f1dc3515ddc3b89538e9796ed9ab17b77c7d684d2b1f518c3dc21bba48dc81401b3386d9f45e52086e70c662400a2e386e43651
- SSDEEP
  
  24576:Tus5aDYLDAOnOJMW3sjn6/uiALFUm1dtT1r4atWS5091mR4weygOtZyQl8IJCj:T7fxXgOfJy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped Dex/Jar

Reads information about phone network operator.

Removes a system notification.

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32