Overview

overview

10

Static

static

6

8707a1b82f...04.apk

android-9-x86

10

8707a1b82f...04.apk

android-10-x64

10

8707a1b82f...04.apk

android-11-x64

10

Analysis

  • max time kernel
    2473422s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20-12-2023 05:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8707a1b82f12d76a34d3260b86c0a8f30d6558fe728525c7021ccf9f007b1a04.apk

  • Size

    5.8MB

  • MD5

    629235956ac03aab63cb90565edd8a80

  • SHA1

    9a081a7788136264decad354f2e2f645a4316e77

  • SHA256

    8707a1b82f12d76a34d3260b86c0a8f30d6558fe728525c7021ccf9f007b1a04

  • SHA512

    04e7539ec1819e2114cb5c208a3fe3caaee9cc4d6f5532e9a49b72894cbc72edd9938f2bc28d86e82affb01dd3eb804c73e0c2d05008233cd9a07361c98c5fad

  • SSDEEP

    98304:4qMwrdXx8Yf1lF6WROXbInGds8DikIlSBLk7ak3ElJV/WtbmV:4qMwRB8YJ6WRO3s8hIlSBLWEFuIV

Score
10/10
jokerevasioninfostealertrojan

Malware Config

Extracted

Family

joker

C2

https://joyjo.oss-us-east-1.aliyuncs.com/timestampcam

https://canbye.oss-accelerate.aliyuncs.com/canbye

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.fo2fo.timestampcam
    1⤵
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4267

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.fo2fo.timestampcam/cache/1588462714860.jar
    Filesize

    9KB

    MD5

    86066e62936fea939b14bdc2a636ff1c

    SHA1

    c0faa2f4c6f206b92bd611323c8f81b02dc8f16c

    SHA256

    e4270ee2c7c624bde9dacf923066032fd734e12cd70c8c70c949aee553896ef2

    SHA512

    1c0dee21b55c6ee6d4cbfe8c7c13f03bd39fbe26c329e77b87d0b13505e91242f93d1dd541f08c66bb701c591ad75c3d0b5ca846a2498b1a28e38a365875ecaf

    Download Submit

  • /data/data/com.fo2fo.timestampcam/cache/mt-download-631045/0.part
    Filesize

    3KB

    MD5

    298b116ace4d5a14b2e3b1890fb99216

    SHA1

    d3d51c45b33bcbe93fca0f1097e3298da141544d

    SHA256

    0823e009b7b81264ac7bec755c32ec1202ee75b98c5db4c42994a385508412cc

    SHA512

    470ff8228db0e66efe03af13e3d2007a98c3041270e35e91200c20372ffa82fae46d0cfc06e392003d3fca2e382514bbaec58b7499ae2d1718b23ab4f8f5924b

    Download Submit

  • /data/data/com.fo2fo.timestampcam/files/describedescribedescribedescribe
    Filesize

    5KB

    MD5

    5ba9822e9e7da2c7b80b032eeb5d5c5c

    SHA1

    1e18c4f20030d496c9153ba63f0ea10849f0a488

    SHA256

    505a4aa0703841632471cbfb7a2d8fb2d1708f2f1156ee144c0711995fed0f3b

    SHA512

    d3e0f941bff8ddbd7376b20de792eb311a1c83e87ab48aee3962170faf785434b8219ddade392e6c19cbf09f819f649cc1e92dee5d08826008a6e429e11a4537

    Download Submit

  • /data/user/0/com.fo2fo.timestampcam/files/describedescribedescribedescribe
    Filesize

    9KB

    MD5

    28d1636567236f852092f42e35e36ebd

    SHA1

    e94b782c6ca27ddeb01760847507f53041ebf494

    SHA256

    919ab7a9edfc242000493c54a2ac553be3aa2711b728f09dd74159b17cdf2a22

    SHA512

    487f9f2b7ce8a0d990484b0f00fca56dcbdcb810e44d4d48cb710b8f54cc79be07537ec909ed5d5e0fc100c5660f9fe4a2cb5e2f84c9ca513b97c516506cadde

    Download Submit

  • /data/user/0/com.fo2fo.timestampcam/files/vKVS
    Filesize

    5KB

    MD5

    6b3a9e4c0ed3c3231e3d40181d6e0c02

    SHA1

    ea2313adb79e2f6c8bece04a63945904eeefc0d0

    SHA256

    22341dae4f97121a4d197d91c71415865477ff80b2a1cdbc9a1f273e17aef9fa

    SHA512

    1f39e33ad873efdbed4f81424449735a105dd1f564fcb5d6c2292500476e8801c8386b109debf2f40c9b73cb3151320ed64cec021782271a96a3b50c3bd5c489

    Download Submit