Clicky

Friday, November 11, 2011

FakeSMSInstaller_Geared_1.0.2 + Collection of Russian malware and links to malware resources


Name:                   FakeSMSInstaller_Geared_1.0.2
MD5:                    1EFA9D22D9142D73596B17228F37998A
Sample Credits:     many thanks to William Hill, CPU Media, November 11, 2011
Research:             AVG Mobilation Malware information: Android SMS Fake installer from 3rd party Russian app stores

Name:                   Russian Malware Collection
MD5:                   See the list of files below
Research            Last month I uploaded a collection of the same as above and similar Russian mobile malware together with corresponding links to Russian alternative (often fake) Android markets where you can find more samples.  You can download it from here: RuMarketsMalwarefromMila.zip  See below for the list of malware included



Download FakeSMSInstaller_Geared_1.0.2- password infected
Download  RuMarketsMalwarefromMila.zip


Submission date:2011-11-11 09:51:07 (UTC)
Geared (1.0.2).apk
Result:19 /43 (44.2%)
http://www.virustotal.com/file-scan/report.html?id=e7b79446333b7fa2af2cc0c0661e1f9135edefa09b341dfd96bfe4df4e755566-1321005067
Antiy-AVL     2.0.3.7     2011.11.11     Trojan/AndroidOS.Boxer
Avast     6.0.1289.0     2011.11.11     Android:FakeInst-A [Trj]
BitDefender     7.2     2011.11.11     Android.Trojan.FakeInst.B
Commtouch     5.3.2.6     2011.11.11     AndroidOS/GenBl.076264BB!Olympus
Comodo     10745     2011.11.11     UnclassifiedMalware
DrWeb     5.0.2.03300     2011.11.11     Android.SmsSend.63
Emsisoft     5.1.0.11     2011.11.11     Trojan-SMS!IK
F-Secure     9.0.16440.0     2011.11.11     Trojan:Android/Boxer.C
Fortinet     4.3.370.0     2011.11.11     W32/AndroidOS_Boxer.AI!tr
GData     22     2011.11.11     Android.Trojan.FakeInst.B
Ikarus     T3.1.1.109.0     2011.11.11     Trojan-SMS
Jiangmin     13.0.900     2011.11.10     Trojan/AndroidOS.bv
Kaspersky     9.0.0.837     2011.11.11     Trojan-SMS.AndroidOS.Boxer.ai
NOD32     6620     2011.11.11     Android/TrojanSMS.Boxer.AA
nProtect     2011-11-11.01     2011.11.11     Android.Trojan.FakeInst.B
Sophos     4.71.0     2011.11.11     Andr/Boxer-A
TrendMicro     9.500.0.1008     2011.11.11     AndroidOS_BOXER.L
TrendMicro-HouseCall     9.500.0.1008     2011.11.11     AndroidOS_BOXER.L
VBA32     3.12.16.4     2011.11.10     Trojan-SMS.AndroidOS.Boxer.ai
MD5   : 1efa9d22d9142d73596b17228f37998a

Russian malware collection and sites:

├───alloptimus.ru
│       com_alioth_imdevil_jp_DevilsCreed_full_1_8.apk

├───Andro1d malware

├───android-app.ru
│       bang_bang_racingthd_v1.4.apk

├───android-my.ru
│       yumm.apk

├───android4free.ru malware
│       Backstab_HD_Sony_Ericsson_Xperia_Play_1_1_5_Cracked_tag3r.apk
│       com_gugel_android_oscalc_2_0.apk
│       iCommando_2_6_1_android.apk

├───androidbest.ru

│       skyscanner_1.0.5.1.apk

├───androides-os.com

│       battle_bears__1_v1_0_8.apk

├───androidis.ru
│       fpse_for_android_0.10.34.apk
│       megastunt__mayhem_pro_v1_0.apk

├───androzone.ru
│       AndroZone.ru_rom-manager-premium-v4.4.0.0.apk

├───andstore.ru

├───Fake Daltonthe awesome
│       Dalton_The_Awesome.apk

├───fake opera
│       Opera_Mini_6.1.jar

├───HTC-notes
│       htc_notes.apk
│       httpnewmobifile.rugetfile.phpdtype=dl...e=2983&a=16.URL

├───icq
│       android-icq.apk

├───jbox
│       jbox.jar

├───moptimizer
│       android-optimizer-v1_2_11.apk

├───moyandroid.net

│       metro-24-free_-1_3_2.apk

├───skype
│       skype.jar

├───softandroid.ru
│       762_au.com.phil.mine_1.3.2.apk
│       kate_v2.2.apk
│       mobileagent.apk.apk
│       neon_droid.apt.jar

└───wap4mobi
        274_00230-bubblepop_1.2.1.apk
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)