Clicky

Sunday, November 24, 2013

ZertSecurity - Android Bank infostealer


Zertsecurity 1CF41BDC0FDD409774EB755031A6F49D


Research
http://www.evild3ad.com/3008/analysis-of-android-zitmo-urlzone/
http://www.android-decompiler.com/blog/2013/04/22/sms-spy-zertsec/
https://blog.lookout.com/blog/2013/05/06/zertsecurity/\
http://www.symantec.com/security_response/writeup.jsp?docid=2013-050820-4100-99

The Trojan prompts users for bank account and PIN code information and steals it

Download. Email me if you need the password





https://www.virustotal.com/en/file/00ce460c8b337110912066f746731a916e85bf1d7f4b44f09ca3cc39f9b52a98/analysis/

SHA256: 00ce460c8b337110912066f746731a916e85bf1d7f4b44f09ca3cc39f9b52a98
File name: 1cf41bdc0fdd409774eb755031a6f49d(Trojan.Zitmo).apk
Detection ratio: 27 / 46
Analysis date: 2013-09-12 07:27:51 UTC ( 2 months, 1 week ago )

Antivirus Result Update
Comodo UnclassifiedMalware 20130912
Ikarus Trojan.AndroidOS.Zitmo 20130912
VIPRE Trojan.AndroidOS.Generic.A 20130912
K7AntiVirus Trojan 20130911
K7GW Trojan 20130911
TrendMicro-HouseCall TROJ_GEN.F47V0422 20130912
Kaspersky HEUR:Trojan-Banker.AndroidOS.Zitmo.a 20130912
Baidu-International HEUR.Trojan-Banker.AndroidOS.Zitmo.a 20130911
McAfee Artemis!1CF41BDC0FDD 20130912
McAfee-GW-Edition Artemis!1CF41BDC0FDD 20130912
Commtouch AndroidOS/GenBl.1CF41BDC!Olympus 20130912
Avast Android:Zitmo-G [Trj] 20130912
Fortinet Android/Zitmo.D 20130912
AVG Android/Zitmo 20130911
AntiVir Android/Spy.Zitmo.B.1 20130912
ESET-NOD32 Android/Spy.Zitmo.B 20130911
CAT-QuickHeal Android.Zitmo.E 20130912
Symantec Android.ZertSecurity 20130912
PCTools Android.ZertSecurity 20130911
Emsisoft Android.Trojan.Zitmo.B (B) 20130912
BitDefender Android.Trojan.Zitmo.B 20130912
GData Android.Trojan.Zitmo.B 20130912
Kingsoft Android.Troj.Undef.a.(kcloud) 20130829
DrWeb Android.Spy.29.origin 20130912
AhnLab-V3 Android-Trojan/Zitmo 20130912
Sophos Andr/Zitmo-D 20130912
ClamAV Andr.Trojan.ZertSecurity-1 20130912

No comments:

Post a Comment