Clicky

Thursday, October 30, 2014

Android icon vulnerability - malware sample


Research: Cheetah Mobile: Android icon vulnerability can cause serious system-level crashes
The malware uses a very large icon which overloads the system’s capabilities and causes some important processes to crash, such as the Settings and Launcher.



Sample credit: Weuzhu Liu

File: d.apk
Size: 12245344
MD5:  DD23039E2C18F2CD1CA2604478E8CD00


Download. Email me if you need the password







Android ransomware samples Koler. C



2c82604a5b8cd48e841f4a37173df1b0
b31ce7e8e63fb9eb78b8ac934ad5a2ec
6b0fa323d01fb7c363c9fcb9948812a1
153626fae2eaa8ae6ef4727958104ee7
3eea7a9bdeba1c6de34dc79de831784c
691f71c3cae19547df2a879789cc0b34
f60e6b977a4de0ec194c77cb12ef1101


Samples credit:  Mario Bono



Download. Email me if you need the password




SMS worm Selfmite


Research: Adaptive Mobile Take Two: Selfmite.b Hits the Road

Sample Credit: Charlie Bronson

1bf7a3639bf81e2260547fe5e04f864c


Download. Email me if you need the password






Wednesday, October 29, 2014

Android WipeLocker.A



File: Angry_BirdTransformers_1.1.0.apk
Size: 548938
MD5:  4E2201CDE26141715255D2421F0BCFB1

Sample credit: İbrahim BALİÇ




Download. Email me if you need the password



Android Chathook ptrace


Research: http://blog.csdn.net/androidsecurity/article/details/27504615

88870ad3c7bd42cfe1d728b4a4ccc104

Sample credit: Thomas Wang


Download. Email me if you need the password




Wednesday, October 8, 2014

Xsser mRat Android and IOS samples


Sorry for the delay, here are the Xsser samples.

Xsser Android
File: code4hk.apk
Size: 409709
MD5:  15E5143E1C843B4836D7B6D5424FB4A5
sample credit: Shalom Bublil


Xsser (mRat) for IOS
https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/iPh~InfoStl-O/detailed-analysis.aspx

File: xsser.0day_1.1_iphoneos-arm.deb
MD5 2ee65c7faeba0899d397f6e105cc53c3
Sample Credit: KernelMode forum and anonymous upload to Malwaredump

Dylib files from the C2 (e.g. http://www.xsser.com/upload/Lib/iLib.4.0.0.dylib|iLib.4.0.0.dylib|4.0.0|1033720) 

FAB47459D191C09406DD15D90AF403CB_iLib.2.0.0.dylib
2CBA795AFF750259A2FC447CDD6EA1C7_iLib.3.0.0.dylib
CFC300B52BF0A4F09FE3E8F9B3459862_iLib.4.0.0.dylib