Classics:
Name: Nickispy.B
MD5: 83A98EABF044826622DB7C211764CDF4
Sample Credits: with many thanks to Droopy, January 6, 2012
Research: Virus Profile: Android/NickiSpy.A 8/4/2011
Download - password infected
a3ba08e18edfb243cef5b31e01f43ef6b4d6e8d4
Virustotal
2011-09-29 02:36:47 (UTC)
17 /43 (39.5%)
Avast 6.0.1289.0 2011.09.28 Android:NickySpy-A [Trj]
BitDefender 7.2 2011.09.29 Android.Trojan.Nickispy.A
CAT-QuickHeal 11.00 2011.09.28 Android.Nickispy.A
Comodo 10277 2011.09.29 UnclassifiedMalware
DrWeb 5.0.2.03300 2011.09.29 Android.NickiSpy.4
Emsisoft 5.1.0.11 2011.09.29 Trojan.AndroidOS!IK
F-Secure 9.0.16440.0 2011.09.29 Trojan:Android/Nickispy.A!mfb
Fortinet 4.3.370.0 2011.09.28 W32/AndroidOS_Nickspy.E!tr
GData 22 2011.09.29 Android.Trojan.Nickispy.A
Ikarus T3.1.1.107.0 2011.09.29 Trojan.AndroidOS
Jiangmin 13.0.900 2011.09.28 TrojanSpy.AndroidOS.bg
Kaspersky 9.0.0.837 2011.09.28 Trojan-Spy.AndroidOS.Nickspy.f
Microsoft 1.7702 2011.09.28 TrojanSpy:AndroidOS/Nickispy.A
Sophos 4.69.0 2011.09.29 Andr/SMSRep-E
Symantec 20111.2.0.82 2011.09.29 Android.Nickispy
TrendMicro 9.500.0.1008 2011.09.28 AndroidOS_NICKISPY.A
TrendMicro-HouseCall 9.500.0.1008 2011.09.29 AndroidOS_NICKISPY.A
MD5 : 83a98eabf044826622db7c211764cdf4
Name: Nickispy.B
MD5: 83A98EABF044826622DB7C211764CDF4
Sample Credits: with many thanks to Droopy, January 6, 2012
Research: Virus Profile: Android/NickiSpy.A 8/4/2011
Download - password infected
a3ba08e18edfb243cef5b31e01f43ef6b4d6e8d4
Virustotal
2011-09-29 02:36:47 (UTC)
17 /43 (39.5%)
Avast 6.0.1289.0 2011.09.28 Android:NickySpy-A [Trj]
BitDefender 7.2 2011.09.29 Android.Trojan.Nickispy.A
CAT-QuickHeal 11.00 2011.09.28 Android.Nickispy.A
Comodo 10277 2011.09.29 UnclassifiedMalware
DrWeb 5.0.2.03300 2011.09.29 Android.NickiSpy.4
Emsisoft 5.1.0.11 2011.09.29 Trojan.AndroidOS!IK
F-Secure 9.0.16440.0 2011.09.29 Trojan:Android/Nickispy.A!mfb
Fortinet 4.3.370.0 2011.09.28 W32/AndroidOS_Nickspy.E!tr
GData 22 2011.09.29 Android.Trojan.Nickispy.A
Ikarus T3.1.1.107.0 2011.09.29 Trojan.AndroidOS
Jiangmin 13.0.900 2011.09.28 TrojanSpy.AndroidOS.bg
Kaspersky 9.0.0.837 2011.09.28 Trojan-Spy.AndroidOS.Nickspy.f
Microsoft 1.7702 2011.09.28 TrojanSpy:AndroidOS/Nickispy.A
Sophos 4.69.0 2011.09.29 Andr/SMSRep-E
Symantec 20111.2.0.82 2011.09.29 Android.Nickispy
TrendMicro 9.500.0.1008 2011.09.28 AndroidOS_NICKISPY.A
TrendMicro-HouseCall 9.500.0.1008 2011.09.29 AndroidOS_NICKISPY.A
MD5 : 83a98eabf044826622db7c211764cdf4
This is NOT the NikiSpy.A variant. It is a different variant. I am calling it NikiSpy.B.
ReplyDeleteUse my dexid tool and you'll see that several of the classes are different.
Ok, B it is.
ReplyDeletethank you.
All antivirus shows Nickyspy.A as the variant.
ReplyDelete@bontchev is you have another version please upload it here, else keep the A letter.