General
-
Target
a2049a953d5ed411de9d9700e3e571167493050d3a5b2d47980f83e254e74270
-
Size
140KB
-
Sample
221021-e5pexacafn
-
MD5
4d0187825e40face7f78f84123d1f605
-
SHA1
22cc5eb22ec075c478c4b8577dd8bb649d2dafa7
-
SHA256
a2049a953d5ed411de9d9700e3e571167493050d3a5b2d47980f83e254e74270
-
SHA512
cf5ba0a4832e2f5559da61136693d78d04498f9114085fb116f67f52248a5b533008a1850a474f86c6570f0aae5436b65236813a7fbec749cd61ee10933ea5e8
-
SSDEEP
1536:nnMg2OVLjlevyaRLBnLuRgiaUxRIxecePKH5nKLV+X:M0LpeTLlamiaUxRIxecePKQW
Malware Config
Targets
-
-
Target
a2049a953d5ed411de9d9700e3e571167493050d3a5b2d47980f83e254e74270
-
Size
140KB
-
MD5
4d0187825e40face7f78f84123d1f605
-
SHA1
22cc5eb22ec075c478c4b8577dd8bb649d2dafa7
-
SHA256
a2049a953d5ed411de9d9700e3e571167493050d3a5b2d47980f83e254e74270
-
SHA512
cf5ba0a4832e2f5559da61136693d78d04498f9114085fb116f67f52248a5b533008a1850a474f86c6570f0aae5436b65236813a7fbec749cd61ee10933ea5e8
-
SSDEEP
1536:nnMg2OVLjlevyaRLBnLuRgiaUxRIxecePKH5nKLV+X:M0LpeTLlamiaUxRIxecePKQW
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Executes dropped EXE
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-