Tuesday, December 30, 2014

The Interview movie app - Android banking trojan sample


Research: Fake “The Interview” app is really an Android banking trojan by Graham Cluley | December 27, 2014

Sample credit: Mario Bono

File: com.movieshow.down.apk
Size: 2236959
MD5:  0882C94E141B2B000B8805D51722F70D

Download. Email me if you need the password








Sunday, December 21, 2014

Android FBI Ransomlocker sample

Research: Emerging threats. FBI ransomlocker

File: FBI_ransomlocker_645A60E6F4393E4B7E2AE16758DD3A11
MD5:  645a60e6f4393e4b7e2ae16758dd3a11

Download. Email me if you need the password





Android SMS worm sample


Research: Fireeye. SMS Worm Runs Wild in Singapore


File: sms-worm_F6D3A35BE0366EB994A0425A15871F5B
Size: 2666008
MD5:  F6D3A35BE0366EB994A0425A15871F5B\



Download. Email me if you need the password




Infected HTML Files (Windows malware) in Android Apps - samples


Research: Malwarebytes: Infected HTML Files Bundled in Android Apps


nameMD5
air.ELA4.A00196BA842449CDEDD5C22AB5037D2022
air.ELA4.A00AD96A161E350D709B216FE0046D6ADB
air.ELA4.A02D31F784B43F70DE1C7D935BD9FE64CE
air.ELA4.A05E1249EACD38108F154F4052F62AACEB
air.ELA4.A06331C7053A63ABA6635C4ABE741D46F8
air.ELA4.A09502CE34A896C67B54DE50628F272258
air.ELA4.A0DBAC184F71C79E1E79ACE356A37C6C67
com.amd.menggambar759F7EC766C6203AA331E00B8FDDAF5C
com.amd.tebaktimnasBE0788A38153562C63B0F711130AC054
com.aviatosystems786339A22AED23AE699458FB2A5DB565
com.aviatosystems929E2F4F59985E2D2517FEB730EC8750
com.aviatosystems65D456B0FAB474457E5BA33852E227B0


Download. Email me if you need the password.





Android BankBot.34. using Tor


Research: Dr. Web Android.BankBot.34.origin

MD5 08aaa6d38cdbb20b651a6dbb892eb000
SHA-1 6005341dc5e30898f63ba134a2c366babe986a14
SHA-256  a51af8022b684d2c3598aa44224c25ab73159ae68adec05d514918dd6b30b008
ssdeep 49152:qrn9O5dzxb4PcGe7VtepeMQlHNyW+G7KZDH0:yChxb4/enepeMQp+P0
Size 3.8 MB (3940824 bytes)


Download file bankbot34_classes.zip. Email me if you need the password (New Link)


Saturday, December 20, 2014

Assassins Creed - Android infostealer


Research: ZScaler - Trojanized and Pirated Assassins Creed app 

File: 3E076979644672A0EF750A4C3226F553_assassins_creed.apk
MD5:  3e076979644672a0ef750a4c3226f553
Size: 3411513

Download. Email me if you need the password






Cloud Atlas / Inception APT - Blackberry samples


Research:
Blue Coat. Inception APT Framework
Kaspersky.  Cloud Atlas: RedOctober APT is back in style


File: 4e037e1e945e9ad4772430272512831c_WhatsAppUpdate.deb
MD5:  4e037e1e945e9ad4772430272512831c
Size: 1238788


File: 0FB60461D67CD4008E55FECEEDA0EE71
Size: 69888
MD5:  0FB60461D67CD4008E55FECEEDA0EE71

File: 60DAC48E555D139E29EDAEC41C85E2B4
Size: 41564
MD5:  60DAC48E555D139E29EDAEC41C85E2B4

Download. Email me if you need the password


Cloud Atlas / Inception iOS - WhatsAppUpdate.deb


Research:
Blue Coat. Inception APT Framework
Kaspersky.  Cloud Atlas: RedOctober APT is back in style


File: 4e037e1e945e9ad4772430272512831c_WhatsAppUpdate.deb
MD5:  4e037e1e945e9ad4772430272512831c
Size: 1238788


Android.Cloudatlas.A / Inception APT iOS sample - targeting jailbroken devices


Research:
Blue Coat. Inception APT Framework
Kaspersky.  Cloud Atlas: RedOctober APT is back in style

iOS malware targeting jailbroken devices

Sample Credit: Claud Xiao

File: iPhoneOS_Cloudatlas_a_ e30b70974bb05ea1cbf7279e71bddb81
MD5:  e30b70974bb05ea1cbf7279e71bddb81
Size: 1166720


Download. Email me if you need the password


DroidJack RAT - Androrat - Android - Sample


Research: Symantec: DroidJack RAT: A tale of how budding entrepreneurism can turn to cybercrime

Sample credit: Paul Burbage and Fran

File: SandroRat.apk
Size: 215839
MD5:  3BCCA99E4D99B4CF733D8EBB79D35782


Download. Email me if you need the password






Thursday, December 4, 2014

Deathring, preloaded Android malware sample



Research: Lookout. DeathRing: Pre-loaded malware hits smartphones for the second time in 2014

Sample credit: Tim Strazzere

File: com.android.Materialflow.apk
Size: 95024
MD5:  1E799AC26231D64DD496353FB78A5C46


Download. Email me if you need the password