General
-
Target
c4a5e384abb8dceaf659da7a4092dd902500ce48c3ed2a5bd4d948f4e5ee4810
-
Size
48KB
-
Sample
221012-vqng3achg8
-
MD5
781e01e1551af4492540bb73cab1582b
-
SHA1
545cea75865e465b114306c7d6fc2cf79c5119aa
-
SHA256
c4a5e384abb8dceaf659da7a4092dd902500ce48c3ed2a5bd4d948f4e5ee4810
-
SHA512
86bc09d63983ee8c01c9dfca85bc7986c47f631f3c17a3b322df51cc66fe252807552baf2b8d4527bd56ce55934027f41cff6c13b0d566aeaa4160e7b1440f00
-
SSDEEP
768:5RVZwlepBH12mX3uN3aO74s9dcKDI0GZTg70Wq1qtewJJgzY4Dy:5RAepBAmnuhN74k6GIhfWa8izY4
Malware Config
Targets
-
-
Target
c4a5e384abb8dceaf659da7a4092dd902500ce48c3ed2a5bd4d948f4e5ee4810
-
Size
48KB
-
MD5
781e01e1551af4492540bb73cab1582b
-
SHA1
545cea75865e465b114306c7d6fc2cf79c5119aa
-
SHA256
c4a5e384abb8dceaf659da7a4092dd902500ce48c3ed2a5bd4d948f4e5ee4810
-
SHA512
86bc09d63983ee8c01c9dfca85bc7986c47f631f3c17a3b322df51cc66fe252807552baf2b8d4527bd56ce55934027f41cff6c13b0d566aeaa4160e7b1440f00
-
SSDEEP
768:5RVZwlepBH12mX3uN3aO74s9dcKDI0GZTg70Wq1qtewJJgzY4Dy:5RAepBAmnuhN74k6GIhfWa8izY4
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Executes dropped EXE
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-