General
-
Target
554ea8dd0b5c858d3ef3c4fdd0203c478320d6a6f616b5341e94a43a946185f7
-
Size
54KB
-
Sample
221030-jnvyksbagk
-
MD5
93c6f20dd0a3d06f910526dc04c87587
-
SHA1
77557d5dc3405bb68a9ca22dbd4693f17d0e3b46
-
SHA256
554ea8dd0b5c858d3ef3c4fdd0203c478320d6a6f616b5341e94a43a946185f7
-
SHA512
452c17c072da8a424a85af0724117defc04e4d40f61a4aef52570e23cdcb7df8374ce6e6ab24872d2fd6f914dac58d44e0c40fe6abaec76c6f13244c470988ee
-
SSDEEP
768:sVKm4GV4ujtuYgFC5IjezJckOyLb172+oEFZ0TORX3iSHWIwjkdLv/kcH5hUDrph:sQKV1MyVckOG12TGX1HxwjkVnDhI+HS
Malware Config
Targets
-
-
Target
554ea8dd0b5c858d3ef3c4fdd0203c478320d6a6f616b5341e94a43a946185f7
-
Size
54KB
-
MD5
93c6f20dd0a3d06f910526dc04c87587
-
SHA1
77557d5dc3405bb68a9ca22dbd4693f17d0e3b46
-
SHA256
554ea8dd0b5c858d3ef3c4fdd0203c478320d6a6f616b5341e94a43a946185f7
-
SHA512
452c17c072da8a424a85af0724117defc04e4d40f61a4aef52570e23cdcb7df8374ce6e6ab24872d2fd6f914dac58d44e0c40fe6abaec76c6f13244c470988ee
-
SSDEEP
768:sVKm4GV4ujtuYgFC5IjezJckOyLb172+oEFZ0TORX3iSHWIwjkdLv/kcH5hUDrph:sQKV1MyVckOG12TGX1HxwjkVnDhI+HS
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Executes dropped EXE
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-