• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Latest Trickbot IOCs
July 13, 2020
Rewterz Threat Alert – New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
July 13, 2020

Rewterz Threat Alert – Joker Malware Variant Found in Google Play

July 13, 2020

Severity

Medium

Analysis Summary

Joker is malware that targets Android devices. A new variant of it was detected in the Google Play store by researchers. Joker can act as a dropper for other malware and to subscribe victims to premium services. It is hidden inside what, to the victim, appears to be a legitimate app. To pass the Google checks on apps, the author of Joker basically used an obfuscation technique to hide its malicious code in the application as Base64 encoded strings. Once installed, Joker will begin communicating with its C&C server for instructions. The example shown in researchers report is an app for providing images of flowers to use as wallpaper.

joker-1.png

Impact

  • Information theft
  • Exposure of sensitive information

Indicators of Compromise

MD5

  • b0dce6785bb79f271611b69a7ea81f71
  • 3c5abec5b685809a670dee9b729a9096
  • d1a2ee8a66fa0d90477e29cc35a84ba9

SHA1

  • 9a75fa84f5eb357111077b86e4c6f68cc5348e31
  • 873d72701d49676c4bf8e70eefc9394fecbe3b8d
  • 2cbdd5f9d8ff6f36d3c6bde5232a654025492d86

Remediation

  • Block all threat indicators at your respective controls.
  • Always download recommended/ legitimate applications from playstore.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.