General
-
Target
Text Voice Translator_60.2.apk
-
Size
9.1MB
-
Sample
221120-g158zaah44
-
MD5
f2a66e3ede91572551fc123b232914db
-
SHA1
56e4b74aa3c45b5488a53b71a66bdad0b246b47a
-
SHA256
dcc0fe34445144a376dc04227221e69bf2ca75162231d7ac6c0a4aad4fc56b2b
-
SHA512
bd8f290f3d94362d548b9b9f190fa06fccd6083ef285eeccfba7386d093ef9a97939c6ce131035719ea95d10160a247f496493b319734118783ad2f70f17ba20
-
SSDEEP
196608:68Kh7o/uFmRRaYbcFx+2p60xd3IYz3Su6RpAo+b3NYGFhqvx+NPKg7Js:xA7o/uARRaYbcHKtLJ+b3z25Bf
Malware Config
Extracted
joker
http://prosperity.oss-ap-northeast-2.aliyuncs.com/coretranslator
https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2
https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx
Targets
-
-
Target
Text Voice Translator_60.2.apk
-
Size
9.1MB
-
MD5
f2a66e3ede91572551fc123b232914db
-
SHA1
56e4b74aa3c45b5488a53b71a66bdad0b246b47a
-
SHA256
dcc0fe34445144a376dc04227221e69bf2ca75162231d7ac6c0a4aad4fc56b2b
-
SHA512
bd8f290f3d94362d548b9b9f190fa06fccd6083ef285eeccfba7386d093ef9a97939c6ce131035719ea95d10160a247f496493b319734118783ad2f70f17ba20
-
SSDEEP
196608:68Kh7o/uFmRRaYbcFx+2p60xd3IYz3Su6RpAo+b3NYGFhqvx+NPKg7Js:xA7o/uARRaYbcHKtLJ+b3z25Bf
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-