joker | 4eb2e7b17a0def4faef9e1b7b7637fb38c7d5531295b35fbd67c0b2119009593

Sharing

Copy URL

Twitter E-mail

General

Target

3d24e43e2dfa26d1dfae77060b70a432_JaffaCakes118
Size

22.0MB
Sample

240514-ae8cwabb6w
MD5

3d24e43e2dfa26d1dfae77060b70a432
SHA1

141ae95c20da750488a403423a9257053fe03206
SHA256

4eb2e7b17a0def4faef9e1b7b7637fb38c7d5531295b35fbd67c0b2119009593
SHA512

a1425bbe3f03a5d9081d679005926c729ab77775225b23ef2eecaf10ba363934434099afcf9ef33e4435b4865e738aae48979d09836c4ba12e472a1a3a1a9987
SSDEEP

393216:1sppdv71TIDnFeXKZYvGrIyDpN2SLZA9uNw5NVPJzSBRDg:10dj16gYY+Uyec2JDua

Score

10^/10

Malware Config

Extracted

Family

joker

http://api.share.mob.com:80

http://appx.91.com/api.ashx

http://up.sharesdk.cn/upload/image

http://www.o2omobi.com

Targets

- Target
  
  3d24e43e2dfa26d1dfae77060b70a432_JaffaCakes118
- Size
  
  22.0MB
- MD5
  
  3d24e43e2dfa26d1dfae77060b70a432
- SHA1
  
  141ae95c20da750488a403423a9257053fe03206
- SHA256
  
  4eb2e7b17a0def4faef9e1b7b7637fb38c7d5531295b35fbd67c0b2119009593
- SHA512
  
  a1425bbe3f03a5d9081d679005926c729ab77775225b23ef2eecaf10ba363934434099afcf9ef33e4435b4865e738aae48979d09836c4ba12e472a1a3a1a9987
- SSDEEP
  
  393216:1sppdv71TIDnFeXKZYvGrIyDpN2SLZA9uNw5NVPJzSBRDg:10dj16gYY+Uyec2JDua
Score

8^/10

banker collection discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Requests cell location
  Uses Android APIs to to get current cell information.
  collection discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2
- Target
  
  CommonPlugin-3.2.apk
- Size
  
  508KB
- MD5
  
  c4ced0e154eca0de5280e68458e33de6
- SHA1
  
  d1b9dde979abf938a01707baa5d5e5303711b12a
- SHA256
  
  06c9e3123defa3faabf4506d563abece8866971aef7bfa9fa8b57eafe79e5aa3
- SHA512
  
  23bcc2c98d640b26a0d7442baf3b0ca7f09ea3b9975904611979b3b4b80abbf25fa276ea636d1e432e25fc689954fbb1cbed24c98fa730f12d0f1b6a43559229
- SSDEEP
  
  12288:YmZjNbhQIXtD8Cxgymw5GIzhgZrozhmyy8p1AeE9Agt:YKNb38Cy1j5o3rpODt
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  FeedPlugin-2.0.apk
- Size
  
  59KB
- MD5
  
  52f130458631b1662541a666423617f6
- SHA1
  
  533184bd5f4caaa2576fc9087bba926c90a12952
- SHA256
  
  786d6694c837e98996db234b4080afe8c379411528e22a247c59ccb1e748bea4
- SHA512
  
  79767d440c5a7b5e0de8d08bc5e900b6e0c2f91116e827dfcec920e0bdd88cf5d2faac6b20c1c609b96bca274860b452e02cc794bcedb665cb588b52494c106a
- SSDEEP
  
  1536:BjwTG4d8bqfKR6HqEGzjyctP4gMz9vUm54q8Gg0qugAZK0SwE1j6+tH:Bka4zfKR6KEkPtPBMz9z4qxBgAZxS0q
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  FrameworkPlugin-3.0.apk
- Size
  
  18KB
- MD5
  
  23dec9199a698f17dba2982c2a4dce53
- SHA1
  
  00d2498b25d7fe4b6797ad4745d356685301cb27
- SHA256
  
  7dbeddca1d878770c379ee00d5314f089423f9887b2648e5952d5a8d1575d062
- SHA512
  
  5d0dfb479565871ca463e89a4a7a742afac78baa91a521e330ffc9f605f534171a68791197c64874369f4d079a6d6e537e678d799837b24be3b79fdb3f61db25
- SSDEEP
  
  384:nP/UuSRfLCfkzxrqpMuMyWQ78xqUl1yVXAQv8mbrWR:UnXYpMyW1MUl0VQ5
Score

1^/10
behavioral10 behavioral11 behavioral9
- Target
  
  InsertPlugin-2.0.apk
- Size
  
  68KB
- MD5
  
  98245bba105e65058d59cc9c206cba22
- SHA1
  
  25aa544e6920d485488adc1f075698939a9b34ad
- SHA256
  
  7b5cc695fbc7158ddebce491d9706e31633e10a7ed3fea524637c7676c4d213d
- SHA512
  
  801e5a05c08f9f28b0248ee2792c18af54c5f7ba268be4d7347d826e11e32d0aa8ee626d48de97c7c8bdeb6a82d59fe9707debbaf663ec44a0fafb8f451956cc
- SSDEEP
  
  1536:weisW8QxPNncSzpmWqBAXksgZI9l+yES0D3dKribNiKuX:we12xhcPWqBbZMl+yES0s+bS
Score

1^/10
behavioral12 behavioral13 behavioral14
- Target
  
  LoopImagePlugin-2.0.apk
- Size
  
  35KB
- MD5
  
  4b2d74e59a192df8c0b874d61fc4adfa
- SHA1
  
  461cbc63269321ac56d12fb97c2be8d5f9cf1675
- SHA256
  
  713ec6cd3d1f2419f9a1b5a3a3f532a3a8db936f452599113d1a6a4e0c06eba8
- SHA512
  
  b98a11c48c09e143a05c662d47fb0a1227fb41936cf6dc198a3eb86be8e67b872a81f2490e27289b7762fc74b4637ba192ce3c094ce9f868234dfd5167a444cb
- SSDEEP
  
  768:Hxsa2M/rm5AhrXFWLKxe7X+Fu9eLcjmZpn7a1uM7NnAxMZZvMTceUR:W8m5UbgLKxe7wugLcCn7XM751Zv9
Score

1^/10
behavioral15 behavioral16 behavioral17
- Target
  
  WelcomePlugin-2.3.apk
- Size
  
  44KB
- MD5
  
  8ef2b798c30946b497e6038c8e5485cb
- SHA1
  
  a55036a3e51dcd9e71dd468790fd9bb1a037b67d
- SHA256
  
  d8a23c029bc13848dfbd56568a2c40696930c4a91c6b5f1764c561eafa7970d5
- SHA512
  
  a4263baaa5f093c8366cdd25cd0272ab7c60b86c9a412060ff382b87352599677471a37cc64bae1b978cf5e5a3b19d01511741872f1bd725304c3e52edade3b9
- SSDEEP
  
  768:nYirXFWLKxe7X+Fu9924EgUmy0GtzFavNedPtMoyb43b7B34mmErdcb:nXbgLKxe7wu7256Gtz4YdP33x3FJ0
Score

1^/10
behavioral18 behavioral19 behavioral20