Androguard - Open Source database of android malwares -

Open Source database of android malwares
Androguard (Android Guard) is a tool to play with :

• .class (JavaVM)
• .dex (DalvikVM)
• APK
• JAR
• Android's binary xml

APKInspector

APKInspector is a powerful GUI tool for analysts to analyze the Android applications. Some modules of APKinspector on based on Androguard http://code.google.com/p/androguard/.

APKinspector Installation Guide

DogoWar / Dog Wars - SMS Trojan, courtesy of Animal Rights defenders

Name:                    AndroidDogowar.apk
File Name:             AndroidDogowar.apk
MD5:                      16521eee3e74a4186ffe731dfaa77a83
Sample Credits:     many thanks to anonymous, August 19, 2011
Research:              Animal Rights protesters use mobile means for their message -  Symantec


Download  (pass infected)

One Year Of Android Malware (Full List) by Paolo Passeri

Il Blog di Paolo Passeri by Paolo Passeri
One Year Of Android Malware (Full List)

great reference for you

Lovetrap - SMS-Trojan

Name:                    Lovetrap-apk
File Name:             Lovetrap-apk
MD5:                     f3497516eab17c642c5ede5ad1e55a15
Sample Credits:     many thanks to anonymous, Aug 3, 2011
Research:              Android.Lovetrap - Symantec Security

Download  (pass infected)

GGTracker - SMS Trojan

Name:                    GGTracker
File Name:             com.space.sexypic.apk
MD5:                     156fdce65eb6e4287aed687a1c9c2589
Sample Credits:    thanks to Tim Strazzere Lookout Mobile Security, July 20, 2011

Name:                    GGTracker
File Name:             batterysaver.apk / t4t.power.management.apk
MD5:                     41080c6169d3e5843c0c0e4abef80e7e

Sample Credits:    thanks to Tim Strazzere Lookout Mobile Security, July 20, 2011
Research:               GGTracker Technical Tear Down - by Tim Strazzere Lookout Mobile Security
                               Security Alert: Android Trojan GGTracker Charges Premium Rate SMS Messages - Lookout Mobile Security

Download com.space.sexypic.apk (pass infected)
Download batterysaver.apk / t4t.power.management.apk (pass infected)

HippoSMS - SMS Trojan

Name:                    HippoSMS
File Name:             hippo.apk
MD5:                     f9bfec4403b573581c4d3807fb1bb3d2
Sample Credits:    thanks to anonymous, July 13, 2011
Research:              Security Alert: New Android Malware -- HippoSMS -- Found in Alternative Android Markets

Download  (pass infected)

HTC.apk - fake security patch

Name:                   HTC fake patch
File Name:             htc.apk
MD5:                    4c8f01db58987c2c3321cdbbb1a2e67a 
Sample Credits:    many thanks to William Hill CPU Media | Kinetoo.com: Android mobile malware scan July 12, 2011 
Research:              CPU Media | Kinetoo.com: Android mobile malware scan July 12, 2011
HTC.apk is a fake security patch found on circulating among Chinese users. It's a phishing attack disguised to appear as a security patch from China Mobile. The infected site is 1OO86.net (note that 10086.net is a legitimate China Mobile site).

Download  (pass infected)

New CONTAGIOminiDUMP

Please welcome the new section of Contagio - CONTAGIOminiDUMP.BLOGSPOT.COM
The old mobile malware Mini-dump (aka "Take a sample, leave a sample" ) grew too large and difficult to use. This section will allow better organization of all the mobile malware. There are not that many samples but it is steadily growing.

This is a work in progress and please send or post your comments regarding the design, hosting, organization and such.

Many thanks to Tim Strazzere for catalyzing the upgrade :)

 ~ Mila

Take a sample, leave a sample. Mobile malware mini-dump - July 8 Update

Download

Download files http://contagiomobile.deependresearch.org/index.html

 use infected for the password or contact me for the password

Current list (~50+ downloads = around 200 individual files as of June, 2011). Hyperlinks lead to Virustotal
Download from the dump link above or click on "download" link if present

1. Zitmo Android Edition (Zeus for mobile) ecbbce17053d6eaf9bf9cb7c71d0af8d  Download (thanks to anonymous, July 8, 2011)  Zitmo hits Android Axelle Apvrille- Fortinet
2. GoldDream.A  BloodvsZombie_com.gamelio.DrawSlasher_1_1.0.1.apk b87f2f3a927bf967736ed43ca2dbfb60 (many  thanks for the sample to oren@avg-mobilation July 6,2011) Download Read more:Security Alert: New Android Malware -- GoldDream -- Found in Alternative App Markets  Xuxian Jiang
3. GoldDream.B v1.0_com.GoldDream.pg_1_1.0.apk f66ee5b8625192d0c17c0736d208b0b (many  thanks for the sample to oren@avg-mobilation July 6,2011) Download Read more: Security Alert: New Android Malware -- GoldDream -- Found in Alternative App Markets  Xuxian Jiang
   
4. DroidKungFu2 -A _com.allen.txthej_1_1.0 F438ED38B59F772E03EB2CAB97FC7685 (many  thanks for the sample to oren@avg-mobilation July 3,2011) Download  Read more: Security Alert: New DroidKungFu Variants Found in Alternative Chinese Android Markets 

Zitmo Android Edition (Zeus for mobile)

MD5:        ecbbce17053d6eaf9bf9cb7c71d0af8d
Credits:     thanks to anonymous, July 8, 2011
Research links:

• Zitmo hits Android Axelle Apvrille- Fortinet
• Dissecting ZeuS for Android (Or is it just an SMS spyware?) July 11, 2011 by Carlos Castillo

Download  (pass infected)

GoldDream

Name:          GoldDream.A
File Name:    BloodvsZombie_com.gamelio.DrawSlasher_1_1.0.1.apk
MD5:            b87f2f3a927bf967736ed43ca2dbfb60
Name:           GoldDream.B
File Name:    v1.0_com.GoldDream.pg_1_1.0.apk
MD5:            f66ee5b8625192d0c17c0736d208b0b
Research:     Security Alert: New Android Malware -- http://www.cs.ncsu.edu/faculty/jiang/GoldDream/ -- Found in Alternative App Markets  Xuxian Jiang
Sample credits: many  thanks for the sample to oren@avg-mobilation July 6,2011

Download GoldDream.A
Download GoldDream.B

DroidKungFu2

Name:                   DroidKungFu2.A
File Name:            _com.tutusw.onekeyvpn_7_1.1.6.apk
MD5:                    F438ED38B59F772E03EB2CAB97FC7685
Name:                   DroidKungFu2.B
File Name:            _com.allen.txthej_1_1.0 F4.apk
MD5:                   54bc7a8fb184884a26e4cce74697d3a5
Sample Credits:     many  thanks for the sample to oren@avg-mobilation July 3,2011
Research:               Security Alert: New DroidKungFu Variants Found in Alternative Chinese Android Markets  

Download DroidKungFu2 -A (pass infected)
Download DroidKungFu2 -B (pass infected)

Tap Snake - Spy app

Name:                    android.snake
File Name:             net.maxicom.android.snake 
MD5:                     7937c1ab615de0e71632fe9d59a259cf
Sample Credits:     with many thanks to anonymous
              


Download  (pass infected)

jSMSHider - Malware Targeting Custom ROMs

Name:                    jSMSHider
File Name:             jSMSHider org.expressme.love.ui.apk
MD5:                      24663299e69db8bfce2094c15dfd2325
Sample Credits:     many thanks to Tim Strazzere from Lookout Mobile Security, June 16, 2011
Research:              Lookout blog: Security Alert: Malware Found Targeting Custom ROMs (jSMSHider)

Download  (pass infected)

Angry Birds - fake cheats

Name:                    Angry Birds malicious
File Name:             com.crazyapps.angry.birds.rio.unlocker-1.apk
MD5:                     106e27df8c0bdd78d668f9a3baab95c5
Sample Credits:     with special thanks to Prasad Purandarear June 14, 2011
Info:                      Google removes malicious Angry Birds apps from Android Market


Download  (pass infected)