General
-
Target
7997a273dfec79d0db8c47b9a1c4e1e30c8eb341e2dfe12147e9145f0f5f8dd5
-
Size
96KB
-
Sample
221019-plpxfafea2
-
MD5
a18fc4fd364633a455ea3e50b0efb305
-
SHA1
899964b9c3566239ba8f822bfe597cbc3121f586
-
SHA256
7997a273dfec79d0db8c47b9a1c4e1e30c8eb341e2dfe12147e9145f0f5f8dd5
-
SHA512
494ed7bd6118f6f0cb8d7f8351f94ccbadd1e7287a0b936ed2d5e39b3f8613cf7c0f43de3f4fdf7ead1aba3da45b02ee5c1149e58a4ca97bbd408267c951b5c8
-
SSDEEP
768:ty837t4FkXJREBku3/nK5xa/24/ki8qkM7B1YlhrIWYHLxqu+TPW1Kljl9nnyQOc:l4PSuPKTBZrO/A5Qr+TOn+eWQ8qM+m
Malware Config
Targets
-
-
Target
7997a273dfec79d0db8c47b9a1c4e1e30c8eb341e2dfe12147e9145f0f5f8dd5
-
Size
96KB
-
MD5
a18fc4fd364633a455ea3e50b0efb305
-
SHA1
899964b9c3566239ba8f822bfe597cbc3121f586
-
SHA256
7997a273dfec79d0db8c47b9a1c4e1e30c8eb341e2dfe12147e9145f0f5f8dd5
-
SHA512
494ed7bd6118f6f0cb8d7f8351f94ccbadd1e7287a0b936ed2d5e39b3f8613cf7c0f43de3f4fdf7ead1aba3da45b02ee5c1149e58a4ca97bbd408267c951b5c8
-
SSDEEP
768:ty837t4FkXJREBku3/nK5xa/24/ki8qkM7B1YlhrIWYHLxqu+TPW1Kljl9nnyQOc:l4PSuPKTBZrO/A5Qr+TOn+eWQ8qM+m
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Executes dropped EXE
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-