Tuesday, November 13, 2012

Android Sun Charger - Sumzand, spam sender

September 2012

Research: Sun Charger, the Latest Android.Sumzand Variant, Continues the Massive Spam Campaign, Symantec
Sample credit: Anonymous

File: schgg.apk
Size: 100930
MD5:  60673A78686A6D0FAF2DC9545EB841CC





SHA256: c7f3d1adeb279e3f7b810f492fc82736ed321a487639dd0408ecc4bcd2cc66c9
SHA1: 467594b8a7c4605d8b0b990643febe6987395800
MD5: 60673a78686a6d0faf2dc9545eb841cc
File size: 98.6 KB ( 100930 bytes )
File name: schgg.apk
File type: Android
Tags: android
Detection ratio: 19 / 43
Analysis date: 2012-10-29 14:07:27 UTC ( 2 weeks, 1 day ago ) 
Avast Android:Sumzand-B [Trj] 20121029
AVG Android_dc.ERN 20121029
BitDefender Android.Trojan.Sumzand.A 20121029
Comodo UnclassifiedMalware 20121029
DrWeb Android.Sumzand.origin 20121029
Emsisoft Android.Trojan.Sumzand.A (B) 20121029
ESET-NOD32 a variant of Android/Sumzand.A 20121029
F-Secure Android.Trojan.Sumzand.A 20121029
Fortinet Android/Sumzand.A 20121029
GData Android.Trojan.Sumzand.A 20121029
Ikarus Trojan.AndroidOS.Sumzand 20121029
Jiangmin TrojanSpy.AndroidOS.bpt 20121029
Kaspersky HEUR:Trojan-Spy.AndroidOS.SuBatt.a 20121029
Microsoft Trojan:AndroidOS/Sumzand.A 20121029
MicroWorld-eScan - 20121029
Norman Sumzand.D 20121029
PCTools Android.Sumzand 20121029
Sophos Andr/Sumzand-A 20121029
Symantec Android.Sumzand 20121029
TrendMicro-HouseCall TROJ_GEN.RCBH1IK 20121029


3072:2/ELJxVgmgLJxxM3/LJxOL7pLJxinrM/O:LLJxKRLJxiPLJxKFLJxArJ
TrID
Android Package (63.3%)
Java Archive (28.7%)
ZIP compressed archive (7.9%)
ExifTool
MIMEType.................: application/zip
ZipRequiredVersion.......: 20
ZipCRC...................: 0x9fbd52ec
FileType.................: ZIP
ZipCompression...........: Deflated
ZipUncompressedSize......: 2136
ZipCompressedSize........: 754
ZipFileName..............: res/layout/main.xml
ZipBitFlag...............: 0x0808
ZipModifyDate............: 2012:08:27 19:25:12
Androguard
activities...............: net.appzg.AppActivity
AndroidVersionCode.......: 2
Package..................: net.appzg
AndroidVersionName.......: 1.02
riskindicator............: 50.0
MinSdkVersion............: 8
TargetSdkVersion.........: None

permissions..............:

BATTERY_STATS, INTERNET, READ_CONTACTS, GET_ACCOUNTS, READ_PHONE_STATE
First seen by VirusTotal
2012-09-02 19:51:05 UTC ( 2 months, 1 week ago )
Last seen by VirusTotal
2012-10-29 14:07:27 UTC ( 2 weeks, 1 day ago )
File names (max. 25)
schgg.apk

No comments:

Post a Comment

Post a Comment