joker | 27a645a3db0a8a9fbd4bfcd7993dabf995b6eaf727976dbc1c66a18f252834de | Triage

Sharing

General

Target

4f855ba3a78d3bb7418f8587d09caaa7_JaffaCakes118
Size

30.3MB
Sample

240517-mdck2adg75
MD5

4f855ba3a78d3bb7418f8587d09caaa7
SHA1

1c330edfe5f25ee9975b9d39176618dcc7f1d88a
SHA256

27a645a3db0a8a9fbd4bfcd7993dabf995b6eaf727976dbc1c66a18f252834de
SHA512

9affb34b414ba19e524bf872b71977741e40059c20d43c2211424d60fb2ba5a0044d36b28c3557e8532079a91bfa52b189d49a09a0f6030c8829b725fdceb466
SSDEEP

393216:Rf3pH6bgZNpBzuxUwJrt2rH0haR8moTmS3xLzt0Jd/hnaqiTCYFwGa4l523hd5y/:RRpZVzwwrUh6W1xchnhitFwGa4H8d5up

Score

10^/10

joker android discovery

Malware Config

Extracted

Family

joker

C2

http://114.215.185.233:8079/

https://mobilegw.alipay.com/mgw.htm

Targets

- Target
  
  4f855ba3a78d3bb7418f8587d09caaa7_JaffaCakes118
- Size
  
  30.3MB
- MD5
  
  4f855ba3a78d3bb7418f8587d09caaa7
- SHA1
  
  1c330edfe5f25ee9975b9d39176618dcc7f1d88a
- SHA256
  
  27a645a3db0a8a9fbd4bfcd7993dabf995b6eaf727976dbc1c66a18f252834de
- SHA512
  
  9affb34b414ba19e524bf872b71977741e40059c20d43c2211424d60fb2ba5a0044d36b28c3557e8532079a91bfa52b189d49a09a0f6030c8829b725fdceb466
- SSDEEP
  
  393216:Rf3pH6bgZNpBzuxUwJrt2rH0haR8moTmS3xLzt0Jd/hnaqiTCYFwGa4l523hd5y/:RRpZVzwwrUh6W1xchnhitFwGa4H8d5up
Score

7^/10

discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
behavioral1 behavioral2
- Target
  
  CommonPlugin-3.3.apk
- Size
  
  509KB
- MD5
  
  ec827d1639a419693b723e38efbd6a78
- SHA1
  
  42efcb0c3789fac15b8eda95e2f33bd789ab7636
- SHA256
  
  8f878f0abe8357bfc4346a0abef3cc3437d62416d284d532cfcab113b4d96a92
- SHA512
  
  1bc3f90aac56d676e96c1acd037c59028819025597038baba06ac16883cb3a51f645a3f5ef26f4fb557d37c9135c59b280ec3bb353be52cf1b2a89873d83e8c5
- SSDEEP
  
  12288:9qMvZwLlgBiTBu//SpQmN5a+AjK4p5bRqbCRjGsrON8W0:NwZMiFu//SbM+eddd6N50
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  FrameworkPlugin-3.0.apk
- Size
  
  18KB
- MD5
  
  23dec9199a698f17dba2982c2a4dce53
- SHA1
  
  00d2498b25d7fe4b6797ad4745d356685301cb27
- SHA256
  
  7dbeddca1d878770c379ee00d5314f089423f9887b2648e5952d5a8d1575d062
- SHA512
  
  5d0dfb479565871ca463e89a4a7a742afac78baa91a521e330ffc9f605f534171a68791197c64874369f4d079a6d6e537e678d799837b24be3b79fdb3f61db25
- SSDEEP
  
  384:nP/UuSRfLCfkzxrqpMuMyWQ78xqUl1yVXAQv8mbrWR:UnXYpMyW1MUl0VQ5
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  WelcomePlugin-2.3.apk
- Size
  
  44KB
- MD5
  
  8ef2b798c30946b497e6038c8e5485cb
- SHA1
  
  a55036a3e51dcd9e71dd468790fd9bb1a037b67d
- SHA256
  
  d8a23c029bc13848dfbd56568a2c40696930c4a91c6b5f1764c561eafa7970d5
- SHA512
  
  a4263baaa5f093c8366cdd25cd0272ab7c60b86c9a412060ff382b87352599677471a37cc64bae1b978cf5e5a3b19d01511741872f1bd725304c3e52edade3b9
- SSDEEP
  
  768:nYirXFWLKxe7X+Fu9924EgUmy0GtzFavNedPtMoyb43b7B34mmErdcb:nXbgLKxe7wu7256Gtz4YdP33x3FJ0
Score

1^/10
behavioral10 behavioral11 behavioral9
- Target
  
  dynamic1120.jar
- Size
  
  135KB
- MD5
  
  e7d867c5905223a32c896c5b6569ff17
- SHA1
  
  5705ced0ce15cfe00819e3b8203871a1e4e00526
- SHA256
  
  e6bf1010ebd78923b6b66c9b447ec426c1799d0d14a79fc0841ccb1878144faa
- SHA512
  
  b878261af8b2c9f96ae6c326530839140401b18bb55d53e8fe9b3d14f7d33154dd1cb94215e31a4031676fd9c26a91bc8e8821a72f75e3a8dcd7f9b9f26d7106
- SSDEEP
  
  3072:I2/hSVkhPjCazxXvxz7LR8wJsKWHhZ66tKrhkpbscFU7qy:I2/hyoxJLR8/hBZRMh
Score

1^/10
behavioral12 behavioral13 behavioral14
- Target
  
  gdtadv2.jar
- Size
  
  89KB
- MD5
  
  093b695cb80c667a9fccc3d8d16e7a9d
- SHA1
  
  ee35fcc7fc55c1787064a8b468b0c72409c418ab
- SHA256
  
  74122fec54cf1a91aede87147e563d564197dd2e534375c422ecbfcb7e3dcda7
- SHA512
  
  c420b3f48bf4a053bcec92f8abfc8c5c686fd7432afe86e866523d5b8d2b764637f81ce8f19df548d0fde402bf7698e7efa184494d10d324834f19f8c1659108
- SSDEEP
  
  1536:mtsCCcBjCYhrjmqM3PCbsb49wvSRU0pA7yUPXdtkmEILn0VRBAeF0dlL:Gc4+YhrKqsCobwsgudLQfGeFulL
Score

1^/10
behavioral15 behavioral16 behavioral17

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17