General
-
Target
aa78c357081cb6e7f62979d88d6c9e57c4e0e522124001fb6d76ba1206159e59
-
Size
785KB
-
Sample
221108-c5c1rscgg8
-
MD5
09b587bc86ee9ca82e5fc5c9f2dea5c0
-
SHA1
fac4bc2603878be3ffc8536b7cc7a1d067bc4f67
-
SHA256
aa78c357081cb6e7f62979d88d6c9e57c4e0e522124001fb6d76ba1206159e59
-
SHA512
35c6fb283de943166a30ede23aac2ed30bb4b2cd14628271c34685235508a4648b9595cce91ecbb9f1602ddb558735f8a5eb3936c11e911fec8c37b3bc9b0d74
-
SSDEEP
6144:9e34JuG6URxjWXf3tiWL0b3s4XmKc4bwHdfRP8apgI7hTLeHRnSkFEjnMHAQwxoo:nDRhWv9iWLcOXP8C7hT4BSkGrcAQs
Malware Config
Targets
-
-
Target
aa78c357081cb6e7f62979d88d6c9e57c4e0e522124001fb6d76ba1206159e59
-
Size
785KB
-
MD5
09b587bc86ee9ca82e5fc5c9f2dea5c0
-
SHA1
fac4bc2603878be3ffc8536b7cc7a1d067bc4f67
-
SHA256
aa78c357081cb6e7f62979d88d6c9e57c4e0e522124001fb6d76ba1206159e59
-
SHA512
35c6fb283de943166a30ede23aac2ed30bb4b2cd14628271c34685235508a4648b9595cce91ecbb9f1602ddb558735f8a5eb3936c11e911fec8c37b3bc9b0d74
-
SSDEEP
6144:9e34JuG6URxjWXf3tiWL0b3s4XmKc4bwHdfRP8apgI7hTLeHRnSkFEjnMHAQwxoo:nDRhWv9iWLcOXP8C7hT4BSkGrcAQs
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Registers COM server for autorun
-
Sets DLL path for service in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-