Rewterz Threat Alert – Latest Trickbot IOCs
July 13, 2020Rewterz Threat Alert – New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
July 13, 2020Rewterz Threat Alert – Latest Trickbot IOCs
July 13, 2020Rewterz Threat Alert – New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
July 13, 2020Severity
Medium
Analysis Summary
Joker is malware that targets Android devices. A new variant of it was detected in the Google Play store by researchers. Joker can act as a dropper for other malware and to subscribe victims to premium services. It is hidden inside what, to the victim, appears to be a legitimate app. To pass the Google checks on apps, the author of Joker basically used an obfuscation technique to hide its malicious code in the application as Base64 encoded strings. Once installed, Joker will begin communicating with its C&C server for instructions. The example shown in researchers report is an app for providing images of flowers to use as wallpaper.
Impact
- Information theft
- Exposure of sensitive information
Indicators of Compromise
MD5
- b0dce6785bb79f271611b69a7ea81f71
- 3c5abec5b685809a670dee9b729a9096
- d1a2ee8a66fa0d90477e29cc35a84ba9
SHA1
- 9a75fa84f5eb357111077b86e4c6f68cc5348e31
- 873d72701d49676c4bf8e70eefc9394fecbe3b8d
- 2cbdd5f9d8ff6f36d3c6bde5232a654025492d86
Remediation
- Block all threat indicators at your respective controls.
- Always download recommended/ legitimate applications from playstore.