contagio mobile: mRat

Showing posts with label mRat. Show all posts

Showing posts with label mRat. Show all posts

Wednesday, October 8, 2014

Xsser mRat Android and IOS samples

Sorry for the delay, here are the Xsser samples.

Xsser Android

Lacoon: Chinese Government Targets Hong Kong Protesters With Android mRAT Spyware

VXSecurity: Technical teardown fake code4HK mobile app

File: code4hk.apk

Size: 409709

MD5: 15E5143E1C843B4836D7B6D5424FB4A5

sample credit: Shalom Bublil

Xsser (mRat) for IOS

Lacoon: Lacoon Discovers Xsser mRAT, the First Advanced Chinese iOS Trojan

https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/iPh~InfoStl-O/detailed-analysis.aspx

File: xsser.0day_1.1_iphoneos-arm.deb

MD5 2ee65c7faeba0899d397f6e105cc53c3

Sample Credit: KernelMode forum and anonymous upload to Malwaredump

Dylib files from the C2 (e.g. http://www.xsser.com/upload/Lib/iLib.4.0.0.dylib|iLib.4.0.0.dylib|4.0.0|1033720)

FAB47459D191C09406DD15D90AF403CB_iLib.2.0.0.dylib

2CBA795AFF750259A2FC447CDD6EA1C7_iLib.3.0.0.dylib

CFC300B52BF0A4F09FE3E8F9B3459862_iLib.4.0.0.dylib

Download all files listed. Email me if you need the password

Subscribe to: Posts (Atom)

Malware List

See the categories for the malware listed on this blog.
Items listed below are old and were posted on contagio before - HERE
Android.Bgserv
BasebridgeA
BasebridgeB
CollectionofJavamobilemalware
CollectionofSymbianmalware
DDreamLight
Doombot_1.sis
DroidDreamvariants
DroidKungFu.A
DroidKungFu.B
Dust.exePocketPCfileinfector2004
Fake10086
FSCGAD_1.00.8.apk
Geinimi.1299167838 swampy.sexpos.apk
Holy***kingBible
iCalendar
ikeeBiphone
iMatch
JavaMobileMalwareSMSsender.zip
jSMSHider
MonkeyJump2.0.apk
Mosquito.1_1.sis
myournetpower.SuperSolo.apk
Palm:Phage
PJApps variants
PMCryptic.exeWindowsCEmalware-2008
PMSW_V1.8_.apk
pornoplayer.apk
RZStudio
SMS_Replicator_Secret.apk
SMStrojan-Tank_3d.jar
SymbianCabir
SymbOS_Zitmo.ACERT.SIS
Trojan.Palm.Liberty
Trojan.Palm.Vapor
Trojan-SMSforAndroidFakePlayerRUapk