contagio mobile: Tetus

Saturday, February 16, 2013

Android Tetus - Infostealer

File: com.stephbriggs5.batteryimprove-2.apk
Size: 293777
MD5: 6408DF6ABA4C7F1803C2AAC8F17C4CA3

File: 85CE55DC130F214B0567987EDFF77DC0
Size: 274999
MD5: 85CE55DC130F214B0567987EDFF77DC0

File: com.droidmojo.awesomejokes.apk
Size: 268360
MD5: 01772AEFE0230C3669E21D79FC920D2E

File: 65C75AF5DE2628BD6215BB99DD76D3AC
MD5: 65c75af5de2628bd6215bb99dd76d3ac
Size: 277644

Research: Symantec. Android Tetus

When the Trojan is executed, it registers an SMS observer to record SMS messages and send them to the following command-and-control (C&C) server:
[http://]android.tetulus.com

The Trojan may delete some SMS messages from the device.

It may also register an SMS receiver to send SMS messages without the user's consent.

The Trojan may send a list of all installed apps on the device to the following remote location:
[http://]fast.app-engines.com

Download. Email me if you need the password

Malware List

See the categories for the malware listed on this blog.
Items listed below are old and were posted on contagio before - HERE
Android.Bgserv
BasebridgeA
BasebridgeB
CollectionofJavamobilemalware
CollectionofSymbianmalware
DDreamLight
Doombot_1.sis
DroidDreamvariants
DroidKungFu.A
DroidKungFu.B
Dust.exePocketPCfileinfector2004
Fake10086
FSCGAD_1.00.8.apk
Geinimi.1299167838 swampy.sexpos.apk
Holy***kingBible
iCalendar
ikeeBiphone
iMatch
JavaMobileMalwareSMSsender.zip
jSMSHider
MonkeyJump2.0.apk
Mosquito.1_1.sis
myournetpower.SuperSolo.apk
Palm:Phage
PJApps variants
PMCryptic.exeWindowsCEmalware-2008
PMSW_V1.8_.apk
pornoplayer.apk
RZStudio
SMS_Replicator_Secret.apk
SMStrojan-Tank_3d.jar
SymbianCabir
SymbOS_Zitmo.ACERT.SIS
Trojan.Palm.Liberty
Trojan.Palm.Vapor
Trojan-SMSforAndroidFakePlayerRUapk