General
-
Target
2c6cd94191fbd1598eebdfe9855976860a5b88ae7ff6cfccc503959d309b0777
-
Size
140KB
-
Sample
221029-yxz18adca4
-
MD5
5b4832eadd3083adfa08306327319440
-
SHA1
32f32d3283e38619901f7e3b4931eb007de97217
-
SHA256
2c6cd94191fbd1598eebdfe9855976860a5b88ae7ff6cfccc503959d309b0777
-
SHA512
8068ef16aad2d587b31322f003c10ebd1df31a04ed0184deb5232c1dc46ccdeaf6fbe4ab3a712199ec4acc207af805b596c6766b2217bf1b634b6ec029870b4e
-
SSDEEP
1536:7nM62OVLjlevyaRLBnLuRgiaUxRIxecePKH5a1AA+z:wOLpeTLlamiaUxRIxecePKcW
Malware Config
Targets
-
-
Target
2c6cd94191fbd1598eebdfe9855976860a5b88ae7ff6cfccc503959d309b0777
-
Size
140KB
-
MD5
5b4832eadd3083adfa08306327319440
-
SHA1
32f32d3283e38619901f7e3b4931eb007de97217
-
SHA256
2c6cd94191fbd1598eebdfe9855976860a5b88ae7ff6cfccc503959d309b0777
-
SHA512
8068ef16aad2d587b31322f003c10ebd1df31a04ed0184deb5232c1dc46ccdeaf6fbe4ab3a712199ec4acc207af805b596c6766b2217bf1b634b6ec029870b4e
-
SSDEEP
1536:7nM62OVLjlevyaRLBnLuRgiaUxRIxecePKH5a1AA+z:wOLpeTLlamiaUxRIxecePKcW
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Executes dropped EXE
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-