Clicky

Saturday, February 16, 2013

Android Tetus - Infostealer



File: com.stephbriggs5.batteryimprove-2.apk
Size: 293777
MD5:  6408DF6ABA4C7F1803C2AAC8F17C4CA3


File: 85CE55DC130F214B0567987EDFF77DC0
Size: 274999
MD5:  85CE55DC130F214B0567987EDFF77DC0


File: com.droidmojo.awesomejokes.apk
Size: 268360
MD5:  01772AEFE0230C3669E21D79FC920D2E



File: 65C75AF5DE2628BD6215BB99DD76D3AC
MD5:  65c75af5de2628bd6215bb99dd76d3ac
Size: 277644

Research: Symantec. Android Tetus

When the Trojan is executed, it registers an SMS observer to record SMS messages and send them to the following command-and-control (C&C) server:
[http://]android.tetulus.com

The Trojan may delete some SMS messages from the device.

It may also register an SMS receiver to send SMS messages without the user's consent.

The Trojan may send a list of all installed apps on the device to the following remote location:
[http://]fast.app-engines.com

Download. Email me if you need the password






https://www.virustotal.com/en/file/8fb99afa4e7613891814ece8b533da5d22ee3050eb1debf8769d9341e59bf124/analysis/

SHA256: 8fb99afa4e7613891814ece8b533da5d22ee3050eb1debf8769d9341e59bf124
SHA1: 2f56ac4b3d0da7b90a895f7dcea2bdaa9f5f0d25
MD5: 85ce55dc130f214b0567987edff77dc0
File size: 268.6 KB ( 274999 bytes )
File name: 85ce55dc130f214b0567987edff77dc0
File type: Android
Tags: android
Detection ratio: 8 / 46
Analysis date: 2013-01-30 08:54:10 UTC ( 2 weeks, 3 days ago )
AhnLab-V3 Android-Axen/Prevention 20130130
DrWeb Android.SmsSend.260.origin 20130130
ESET-NOD32 a variant of Android/Tetus.A 20130130
F-Secure Trojan:Android/Tetus.A 20130130
Fortinet Android/Tetus.A 20130130
Kaspersky HEUR:Trojan.AndroidOS.Tetus.a 20130130
TrendMicro-HouseCall TROJ_GEN.RCBH1AG 20130130


https://www.virustotal.com/en/file/7e923fa39f89e679f8e36c2897b914d6eb02f464265b820c86002a540cfe2612/analysis/
SHA256: 7e923fa39f89e679f8e36c2897b914d6eb02f464265b820c86002a540cfe2612
SHA1: 47ab2e41bf67a838a49098b25a2a07807386a3e2
MD5: 01772aefe0230c3669e21d79fc920d2e
File size: 262.1 KB ( 268360 bytes )
File name: 7E923FA39F89E679F8E36C2897B914D6EB02F464265B820C86002A540CFE2612.APK.log
Detection ratio: 8 / 45
Analysis date: 2013-01-31 23:02:39 UTC ( 2 weeks, 1 day ago )
CAT-QuickHeal Android.Tetus.A1acb 20130131
DrWeb Android.SmsSend.260.origin 20130131
ESET-NOD32 Android/Tetus.A 20130131
F-Secure Trojan:Android/Tetus.A 20130131
Fortinet Android/Tetus.A 20130131
kaspersky HEUR:Trojan.AndroidOS.Tetus.a 20130131
Sophos Andr/Tetus-A 20130131
TrendMicro-HouseCall TROJ_GEN.RCBH1AG 20130131
-







No comments:

Post a Comment