Clicky

Tuesday, August 7, 2012

New ZitMo for Android and Blackberry



MD5: e98791dffcc0a8579ae875149e3c8e5e
File zitmo.apk

MD5: 7d09ce7ff636c308b0bf43c0d1662652
File name:  zitmo.jar

MD5: 2451bd595bbc830ea76adb96a7f319f3
File name: zitmo1.cod

MD5: 6fe08b174c92fe439af0f84bd9643545
File name: zitmo2.cod

MD5: 763083a8627837b55316bf93c625c200
File name: zitmo3.cod


MD5: 2a63801d60c900c10ee13d42dc5fc4ab
File size: 549 bytes ( 549 bytes )
File name: seguridad.jad


Sample credits - Anonymous
Research:  New ZitMo for Android and Blackberry by Kaspersky


Download all files (password infected)  





https://www.virustotal.com/file/be90c12ea4a9dc40557a492015164eae57002de55387c7d631324ae396f7343c/analysis/


SHA256: be90c12ea4a9dc40557a492015164eae57002de55387c7d631324ae396f7343c
SHA1: 40286c6091c5a2d575702b1d88eaa94aa8eba524
MD5: e98791dffcc0a8579ae875149e3c8e5e
File size: 168.7 KB ( 172722 bytes )
File zitmo.apk
96F7343C.log
File type: Android
Tags: android
Detection ratio: 7 / 27
Analysis date: 2012-08-13 12:49:27 UTC ( 5 hours, 12 minutes ago )
AntiVir Android/Zitmo.A.5 20120813
CAT-QuickHeal Android.Zitmo.D 20120813
ESET-NOD32 Android/Spy.Spitmo.E 20120813
Fortinet Android/Zitmo.A!tr 20120813
Kaspersky HEUR:Trojan-Spy.AndroidOS.Zitmo.a 20120813
TrendMicro AndroidOS_SMSBackdoor.E 20120813
TrendMicro-HouseCall TROJ_GEN.F47V0808 20120813



SHA256: ccf6ac98a12ba494181ea404f290964c225cb3ef98348a01f6324ee844ce9896
SHA1: 49d01c7043f7260cc8ff2e844d100f5724aa6c02
MD5: 7d09ce7ff636c308b0bf43c0d1662652
File size: 36.8 KB ( 37651 bytes )
File name:  zitmo.jar
File type: JAR
Tags: jar
Detection ratio: 10 / 31
Analysis date: 2012-08-10 14:51:15 UTC ( 3 days, 3 hours ago )
AntiVir TR/bbo.Zitmo.C 20120810
Comodo UnclassifiedMalware 20120810
Emsisoft Trojan-Spy.BlackberryOS!IK 20120810
ESET-NOD32 BlackBerry/Spy.Zitmo.D 20120810
Fortinet BlackBerry/Zitmo.C!tr 20120810
Ikarus Trojan-Spy.BlackberryOS 20120810
Kaspersky Trojan-Spy.BlackberryOS.Zitmo.c 20120810
PCTools BBOS.Zeusmitmo 20120810
Symantec Trojan.Gen.2 20120810
TrendMicro-HouseCall TROJ_GEN.RCBH1H6 20120810


https://www.virustotal.com/file/2f812b98855694fc13389bb566c85cef51667098f6b4a3d4d4c66925582afb32/analysis/

SHA256: 2f812b98855694fc13389bb566c85cef51667098f6b4a3d4d4c66925582afb32
SHA1: 0d8252787d2cb37233da8a3cef27e29b7e76e679
MD5: 2451bd595bbc830ea76adb96a7f319f3
File size: 14.1 KB ( 14396 bytes )
File name: zitmo1.cod
File type: unknown
Detection ratio: 10 / 42
Analysis date: 2012-08-10 14:53:04 UTC ( 3 days, 3 hours ago )
Emsisoft Trojan-Spy.BlackberryOS!IK 20120808
ESET-NOD32 BlackBerry/Spy.Zitmo.B 20120808
Fortinet BlackBerry/Zitmo.C!tr 20120808
Ikarus Trojan-Spy.BlackberryOS 20120808
Kaspersky Trojan-Spy.BlackberryOS.Zitmo.c 20120808
Symantec Trojan.Gen.2 20120808
ViRobot Trojan.BlackberryOS.A.Zitmo.14396 20120808


https://www.virustotal.com/file/213ba5db14d7338b2293da82a41af28b45dd817602f2876a34dc3ad6077f379a/analysis/

SHA256: 213ba5db14d7338b2293da82a41af28b45dd817602f2876a34dc3ad6077f379a
SHA1: d599934978440d895798dd6b5bf235160361b5ff
MD5: 6fe08b174c92fe439af0f84bd9643545
File size: 14.8 KB ( 15200 bytes )
File name: zitmo2.cod
File type: unknown
Detection ratio: 7 / 42
Analysis date: 2012-08-13 02:26:14 UTC ( 15 hours, 29 minutes ago )

AntiVir TR/bbo.Zitmo.B 20120808
Emsisoft Trojan-Spy.BlackberryOS!IK 20120808
ESET-NOD32 BlackBerry/Spy.Zitmo.C 20120808
Fortinet BlackBerryOS/Zitmo.B!tr 20120808
Ikarus Trojan-Spy.BlackberryOS 20120808
Kaspersky Trojan-Spy.BlackberryOS.Zitmo.b 20120808


https://www.virustotal.com/file/c47cc390e73fb08ea25b936d54e022876a517ad761cf27a72a068b2cd319cf23/analysis/
HA256: c47cc390e73fb08ea25b936d54e022876a517ad761cf27a72a068b2cd319cf23
SHA1: 74ac21b745b6810387b4643f8201cf98eada0188
MD5: 763083a8627837b55316bf93c625c200
File size: 13.7 KB ( 14016 bytes )
File name: zitmo3.cod
File type: unknown
Detection ratio: 8 / 42
Analysis date: 2012-08-13 02:26:15 UTC ( 15 hours, 27 minutes ago )
AntiVir TR/bbo.Zitmo.D 20120808
Emsisoft Trojan-Spy.BlackberryOS!IK 20120808
ESET-NOD32 BlackBerry/Spy.Zitmo.A 20120808
Fortinet BlackBerryOS/Zitmo.C!tr 20120808
Ikarus Trojan-Spy.BlackberryOS 20120808
Kaspersky Trojan-Spy.BlackberryOS.Zitmo.d 20120808
PCTools Trojan.Gen 20120808
Symantec Trojan.Gen.2 20120808

SHA256: a99b09bb02d97575a91f45b0bcb7ef211b5ac97407210d96a74a44be1680c387
SHA1: 38e58ccd4d891072575e61c37166a2ea6e92bbe3
MD5: 2a63801d60c900c10ee13d42dc5fc4ab
File size: 549 bytes ( 549 bytes )
File name: seguridad.jad
File type: Text
Detection ratio: 0 / 42
Analysis date: 2012-08-13 18:11:33 UTC ( 0 minutes ago ) 

No comments:

Post a Comment