December 2012
Download. Email me if you need the password scheme
Size: 270797
MD5: 07D2EE88083F41482A859CD222EC7B76
File: sber.apk
Size: 225905
MD5: F27D43DFEEDFFAC2EC7E4A069B3C9516
Size: 225905
MD5: F27D43DFEEDFFAC2EC7E4A069B3C9516
File: vksafe.apk
Size: 226368
MD5: 117D41E18CB3813E48DB8289A40E5350
Research: Carberp-in-the-Mobile. Securelist.
Sample credit: Pau Oliva ForaDownload. Email me if you need the password scheme
https://www.virustotal.com/file/c53f732b18f1872dcf296636c4924102f26f02e26db9387b9e13d11cfd6652e4/analysis/1355671018/
SHA256: c53f732b18f1872dcf296636c4924102f26f02e26db9387b9e13d11cfd6652e4
SHA1: c4210fa2ff356919b56273a837b715dba0e54976
MD5: 117d41e18cb3813e48db8289a40e5350
File size: 221.1 KB ( 226368 bytes )
File name: 117d41e18cb3813e48db8289a40e5350
File type: Android
Detection ratio: 7 / 46
Analysis date: 2012-12-15 09:45:22 UTC ( 1 day, 5 hours ago )
Comodo UnclassifiedMalware 20121215
DrWeb Android.FakeSber.1.origin 20121215
ESET-NOD32 Android/Spy.Citmo.A 20121215
Fortinet Android/Citmo.A!tr.spy 20121215
Kaspersky HEUR:Trojan-Spy.AndroidOS.Citmo.a 20121215
Sophos Andr/Citmo-A 20121215
TrendMicro-HouseCall TROJ_GEN.RCCH1LF 20121215
https://www.virustotal.com/file/2c139b3e921e32b6ffe76db0de81a99951d6f581756bed32851bb97f9ffe43a9/analysis/1355671019/
SHA256: 2c139b3e921e32b6ffe76db0de81a99951d6f581756bed32851bb97f9ffe43a9
SHA1: d2f32217e1c8141222afe5e4de508b7cfa9f0552
MD5: 07d2ee88083f41482a859cd222ec7b76
File size: 264.5 KB ( 270797 bytes )
File name: file-4888518_apk
File type: Android
Detection ratio: 9 / 46
Analysis date: 2012-12-15 09:46:31 UTC ( 1 day, 5 hours ago )
Comodo UnclassifiedMalware 20121215
DrWeb Android.FakeSber.1.origin 20121215
ESET-NOD32 Android/Spy.Citmo.A 20121215
Fortinet Android/Citmo.A!tr.spy 20121215
Kaspersky HEUR:Trojan-Spy.AndroidOS.Citmo.a 20121215
PCTools Android.Citmo 20121215
Sophos Andr/Citmo-A 20121215
Symantec Android.Citmo 20121215
TrendMicro-HouseCall TROJ_GEN.RCBH1LE 20121215
-
https://www.virustotal.com/file/0146c73dcebc9a67726b8255445ea1bae590a8c7e50eb78b2c9880908f018a93/analysis/1355671020/
SHA256: 0146c73dcebc9a67726b8255445ea1bae590a8c7e50eb78b2c9880908f018a93
SHA1: d87bc9df1f3d15f49212d8663d534a64fe39441d
MD5: f27d43dfeedffac2ec7e4a069b3c9516
File size: 220.6 KB ( 225905 bytes )
File name: com.sbersafe.apk
File type: Android
Detection ratio: 9 / 46
Analysis date: 2012-12-15 09:46:18 UTC ( 1 day, 5 hours ago )
Comodo UnclassifiedMalware 20121215
DrWeb Android.FakeSber.1.origin 20121215
ESET-NOD32 Android/Spy.Citmo.A 20121215
Fortinet Android/Citmo.A!tr.spy 20121215
Kaspersky HEUR:Trojan-Spy.AndroidOS.Citmo.a 20121215
PCTools Android.Citmo 20121215
Sophos Andr/Citmo-A 20121215
Symantec Android.Citmo 20121215
TrendMicro-HouseCall TROJ_GEN.RCBH1LE 20121215
SHA256: c53f732b18f1872dcf296636c4924102f26f02e26db9387b9e13d11cfd6652e4
SHA1: c4210fa2ff356919b56273a837b715dba0e54976
MD5: 117d41e18cb3813e48db8289a40e5350
File size: 221.1 KB ( 226368 bytes )
File name: 117d41e18cb3813e48db8289a40e5350
File type: Android
Detection ratio: 7 / 46
Analysis date: 2012-12-15 09:45:22 UTC ( 1 day, 5 hours ago )
Comodo UnclassifiedMalware 20121215
DrWeb Android.FakeSber.1.origin 20121215
ESET-NOD32 Android/Spy.Citmo.A 20121215
Fortinet Android/Citmo.A!tr.spy 20121215
Kaspersky HEUR:Trojan-Spy.AndroidOS.Citmo.a 20121215
Sophos Andr/Citmo-A 20121215
TrendMicro-HouseCall TROJ_GEN.RCCH1LF 20121215
https://www.virustotal.com/file/2c139b3e921e32b6ffe76db0de81a99951d6f581756bed32851bb97f9ffe43a9/analysis/1355671019/
SHA256: 2c139b3e921e32b6ffe76db0de81a99951d6f581756bed32851bb97f9ffe43a9
SHA1: d2f32217e1c8141222afe5e4de508b7cfa9f0552
MD5: 07d2ee88083f41482a859cd222ec7b76
File size: 264.5 KB ( 270797 bytes )
File name: file-4888518_apk
File type: Android
Detection ratio: 9 / 46
Analysis date: 2012-12-15 09:46:31 UTC ( 1 day, 5 hours ago )
Comodo UnclassifiedMalware 20121215
DrWeb Android.FakeSber.1.origin 20121215
ESET-NOD32 Android/Spy.Citmo.A 20121215
Fortinet Android/Citmo.A!tr.spy 20121215
Kaspersky HEUR:Trojan-Spy.AndroidOS.Citmo.a 20121215
PCTools Android.Citmo 20121215
Sophos Andr/Citmo-A 20121215
Symantec Android.Citmo 20121215
TrendMicro-HouseCall TROJ_GEN.RCBH1LE 20121215
-
https://www.virustotal.com/file/0146c73dcebc9a67726b8255445ea1bae590a8c7e50eb78b2c9880908f018a93/analysis/1355671020/
SHA256: 0146c73dcebc9a67726b8255445ea1bae590a8c7e50eb78b2c9880908f018a93
SHA1: d87bc9df1f3d15f49212d8663d534a64fe39441d
MD5: f27d43dfeedffac2ec7e4a069b3c9516
File size: 220.6 KB ( 225905 bytes )
File name: com.sbersafe.apk
File type: Android
Detection ratio: 9 / 46
Analysis date: 2012-12-15 09:46:18 UTC ( 1 day, 5 hours ago )
Comodo UnclassifiedMalware 20121215
DrWeb Android.FakeSber.1.origin 20121215
ESET-NOD32 Android/Spy.Citmo.A 20121215
Fortinet Android/Citmo.A!tr.spy 20121215
Kaspersky HEUR:Trojan-Spy.AndroidOS.Citmo.a 20121215
PCTools Android.Citmo 20121215
Sophos Andr/Citmo-A 20121215
Symantec Android.Citmo 20121215
TrendMicro-HouseCall TROJ_GEN.RCBH1LE 20121215
je ne regrette pas la lécture de votre article,déja le titre m'a attiré et j'a découvert après un sujet qui m'a vraiment plu, je vous demande plus d'articles de ce genre,ça va me fait plaisir de le relire !! courage et merci.
ReplyDelete