General
-
Target
Mini Screen Mirroring_3.2.2.apk
-
Size
7.4MB
-
Sample
230108-mkhevsgg2x
-
MD5
326c4f6e417c419eddf40f8d1035e046
-
SHA1
a96cfd2b0e59688e26f7b9cf3b5a6980e6f805be
-
SHA256
2918ba5a453cdb9e6b00dd76e04be2432a1a24384ad68bebb433e1b936df7176
-
SHA512
88d3cb08079d0d30868726c1e457511435aad5a304756cf391b9a5723d38cf236b7801713c6d06b898d2f8560d794e1a58d97a92ba881779538ea995bd3b0306
-
SSDEEP
196608:yiZXA9cWASC9+NsPW5L9thc0Zo2cCo1hLvKcAJ17qTHRN+yLZ:yilM5d7NEW5L9thc0sl7ec
Malware Config
Extracted
joker
http://packup.oss-us-east-1.aliyuncs.com/miniscreen
https://cxjus.oss-ap-southeast-1.aliyuncs.com/af2
https://cxjus.oss-ap-southeast-1.aliyuncs.com/fbhx
Targets
-
-
Target
Mini Screen Mirroring_3.2.2.apk
-
Size
7.4MB
-
MD5
326c4f6e417c419eddf40f8d1035e046
-
SHA1
a96cfd2b0e59688e26f7b9cf3b5a6980e6f805be
-
SHA256
2918ba5a453cdb9e6b00dd76e04be2432a1a24384ad68bebb433e1b936df7176
-
SHA512
88d3cb08079d0d30868726c1e457511435aad5a304756cf391b9a5723d38cf236b7801713c6d06b898d2f8560d794e1a58d97a92ba881779538ea995bd3b0306
-
SSDEEP
196608:yiZXA9cWASC9+NsPW5L9thc0Zo2cCo1hLvKcAJ17qTHRN+yLZ:yilM5d7NEW5L9thc0sl7ec
Score10/10-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Legitimate hosting services abused for malware hosting/C2
-
Reads information about phone network operator.
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-