Tuesday, February 26, 2013

Saturday, February 16, 2013

Android Tetus - Infostealer

File: com.stephbriggs5.batteryimprove-2.apk
Size: 293777
MD5:  6408DF6ABA4C7F1803C2AAC8F17C4CA3

File: 85CE55DC130F214B0567987EDFF77DC0
Size: 274999
MD5:  85CE55DC130F214B0567987EDFF77DC0

File: com.droidmojo.awesomejokes.apk
Size: 268360
MD5:  01772AEFE0230C3669E21D79FC920D2E

File: 65C75AF5DE2628BD6215BB99DD76D3AC
MD5:  65c75af5de2628bd6215bb99dd76d3ac
Size: 277644

Research: Symantec. Android Tetus

When the Trojan is executed, it registers an SMS observer to record SMS messages and send them to the following command-and-control (C&C) server:

The Trojan may delete some SMS messages from the device.

It may also register an SMS receiver to send SMS messages without the user's consent.

The Trojan may send a list of all installed apps on the device to the following remote location:

Download. Email me if you need the password

Android SMSSend sample - Package Installer

File: install.apk
MD5:  5d9c622b240dab5d6e883e26e9ea0fc0
Size: 261887

credit: anonymous donation

Android Armour sample

File: Scan-For-Viruses-Now.apk
MD5:  084a7b576f5df438abba3131a90af493
Size: 1427490

Sample credit: anonymous donation

Research: A chink in Android Armour - Sophos

It is not malware but a very sketchy app with poor performance and false positives,  extorting money for nothing, considering there are many reputable free AV apps like Lookout or Sophos

Download. Email me if you need the password

Android Plankton / Counterclank sample - Collage Creator

Size: 9842061
MD5:  DE842DD94324492ACE8C2C8EBD350BC8
sample credit: anonymous donation

Download. Email me if you need the password

Monday, February 4, 2013

Android - Trojan!Extension.A

Update: Feb 16
Added 2nd stage file  Loaded runtime, no need to install - credit Thomas Wang

Feb 4, 2013
Research: Trustgo: Trojan!Extension.A – Complex Malware Escapes AV Detection
Sample credit: Thomas Wang

File: 6d43b3bc85770fafeb598eb5297bc341.apk
Size: 434436
MD5:  6D43B3BC85770FAFEB598EB5297BC341

Download the original (1st stage). Email me if you need the password
2nd stage download Email me if you need the password

Android/Windows Spy:Android/Ssucl - DroidCleaner and Superclean.

Research: Kaspersky: Mobile attacks  - Android with Windows malware downloads

File: smart.apps.superclean-1.apk
Size: 502441
MD5:  2529085824C55DBBAED0B86EDE7B3C60

File: smart.apps.droidcleaner-1.apk
Size: 310274
MD5:  C5A2D14BC52F109A06641C1F15E90985

File: smart.apps.droidcleaner-1.apk 
Size: 330984
MD5:  123478A70219D24A5E5A40074B8775BA

File: SuperClean-11.apk 
Size: 528630
MD5:  B0C28334373332D4677C01BD48EED431

android files listed above plus

from http://claco.hopto.org 


plus from claco.kicks-ass.org