General
-
Target
com.mini.screen.tvcast-32-apksos.com.apk
-
Size
6.5MB
-
Sample
230108-jvdymsda79
-
MD5
69ddf2cd7d8c777c17eb22ca1a71e8fe
-
SHA1
39d5e27bb52c066d54f97064c03f9f5c763862d1
-
SHA256
41298824cd00b282517c797830be2979ace038d26f39a4deab7fc2c4da716c4c
-
SHA512
122aaa1ae8b6a25cbd4533509f52a5f979394e8b640a7911b62ec50f372bbddecebaed2880d5cd1b084d303fb5b7157af9e13ec81c885b6ee1bfc02ab65fe88c
-
SSDEEP
196608:UiZXA9cWASC9+NsPW5L9thc0Zo2cCo1hLvKgvqTHRNGy:UilM5d7NEW5L9thc0sWmy
Malware Config
Extracted
joker
http://packup.oss-us-east-1.aliyuncs.com/miniscreen
https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2
https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx
Targets
-
-
Target
com.mini.screen.tvcast-32-apksos.com.apk
-
Size
6.5MB
-
MD5
69ddf2cd7d8c777c17eb22ca1a71e8fe
-
SHA1
39d5e27bb52c066d54f97064c03f9f5c763862d1
-
SHA256
41298824cd00b282517c797830be2979ace038d26f39a4deab7fc2c4da716c4c
-
SHA512
122aaa1ae8b6a25cbd4533509f52a5f979394e8b640a7911b62ec50f372bbddecebaed2880d5cd1b084d303fb5b7157af9e13ec81c885b6ee1bfc02ab65fe88c
-
SSDEEP
196608:UiZXA9cWASC9+NsPW5L9thc0Zo2cCo1hLvKgvqTHRNGy:UilM5d7NEW5L9thc0sWmy
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Legitimate hosting services abused for malware hosting/C2
-
Reads information about phone network operator.
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-