Tuesday, November 13, 2012

Android Fakeguard

October 2012

Research: Android FakeGuard - Symantec
Sample credit: Sanjay

The Trojan may arrive as a package with the following characteristics: 

Package name: com.stech.stopphishing 
APK: 
  • com.stech.stopphishing.apk
  • com.stech.spamguard.apk
  • com.stech.stopphishing.apk

File: com.stech.spamguard-6.apk
Size: 210418
MD5:  74089D836A3D6768F766A85422819D21



Download. Same password scheme as contagio. Email me if you need the password.



File: com.cn.smsclient-8.apk
Size: 210430
MD5:  12CBEDC185D82C61150D8C9EE38A9FCB



Download. Same password scheme as contagio. Email me if you need the password.




SHA256: 0690f5cb9505445bedf86d4e48ff387a3f4b4fbb8d5001ed43b1a17fdb9fede0
SHA1: c2cfceb1c809327deba59e171cf7a93b4930f48d
MD5: 74089d836a3d6768f766a85422819d21
File size: 205.5 KB ( 210418 bytes )
File name: com.stech.spamguard-6.apk
File type: Android
Tags: android
Detection ratio: 9 / 44
Analysis date: 2012-11-13 06:09:45 UTC ( 14 hours, 15 minutes ago )
AntiVir Android/SmsSend.O.1 20121112
Avast Android:FakeGuard-A [Trj] 20121113
Commtouch AndroidOS/GenBl.99A267B1!Olympus 20121113
GData Android:FakeGuard-A 20121113
Ikarus Trojan.AndroidOS.FakeAV 20121113
PCTools Android.Fakeguard 20121113
Sophos Andr/FkGuard-A 20121113
Symantec Android.Fakeguard 20121113
TrendMicro-HouseCall TROJ_GEN.RCBH1JV 20121113

------------------------------------


SHA256: 48e71bfdd6a88594d5b04ccefac6279ab6898b0302ac8c937f4b0c8bb358e6bb
File name: com.cn.smsclient-8.apk
Detection ratio: 3 / 43
Analysis date: 2012-11-13 21:06:22 UTC ( 1 minute ago )
01

PCTools Android.Fakeguard 20121113
Symantec Android.Fakeguard 20121113
TrendMicro-HouseCall TROJ_GEN.RCBH1JV 20121113


No comments:

Post a Comment

Post a Comment