Clicky

Sunday, November 24, 2013

Phosty / Phospy - Android infostealer

Phospy 5F23671F67F0FBFC2529919DB56485A0
Phospy EED211032FF576F7FD590C22F142B877


Research http://www.symantec.com/security_response/writeup.jsp?docid=2013-060706-4803-99&tabid=2

The Trojan steals all .jpg and .mp4 files it finds on the device  


Download. Email me if you need the password






https://www.virustotal.com/en/file/160aabca055e7b529aabdea7f909517583451c750f1df7c08e57763bf12d3d35/analysis/

SHA256: 160aabca055e7b529aabdea7f909517583451c750f1df7c08e57763bf12d3d35
File name: downapk.php
Detection ratio: 19 / 47
Analysis date: 2013-10-04 00:42:25 UTC ( 1 month, 3 weeks ago )

Antivirus Result Update
F-Secure Trojan:Android/InfoStealer.M 20131004
Antiy-AVL Trojan/AndroidOS.Phosty 20131003
VIPRE Trojan.AndroidOS.Generic.A 20131004
Ikarus Spy.AndroidOS 20131004
Kaspersky HEUR:Trojan-Spy.AndroidOS.Phosty.a 20131004
McAfee Artemis!EED211032FF5 20131004
McAfee-GW-Edition Artemis!EED211032FF5 20131004
AVG Android_dc.AHQD 20131003
Avast Android:Phosty-B [PUP] 20131004
AntiVir Android/Phosty.A.2 20131003
Fortinet Android/Phosty.A!tr.spy 20131004
Emsisoft Android.Trojan.InfoStealer.R (B) 20131004
MicroWorld-eScan Android.Trojan.InfoStealer.R 20131004
BitDefender Android.Trojan.InfoStealer.R 20131004
GData Android.Trojan.InfoStealer.R 20131004
Kingsoft Android.Troj.at_Phospy.a.(kcloud) 20130829
DrWeb Android.Phosty.1.origin 20131004
Sophos Andr/Phosty-A 20131004
ESET-NOD32 a variant of Android/Spy.Phosty.A 20131003

No comments:

Post a Comment