Arspam AlSalah - Android malware (Middle East Hactivism - spammer)

Name:                    Arspam AlSalah.apk
MD5:                     E7584031896CB9485D487C355BA5E545
Sample Credits:    with many thanks to Sanjay Gupta and his friends for sharing, December 24, 2011
Research:           Symantec: Android.Arspam
Hactivism goes mobile with Android.Arspam by Stilgherrian

Download  - password infected

Russian Android malware - fake installer

Name:                    com.android.installer.full
MD5:                     F056EE7F8D4931C905157EBD2CC4A795
Sample Credits:     many thanks to Shane Hartman, December 22, 2011

  Download  - password infected

CarrerIQ

Name:   CarrierIQ
Sample credit with many thanks to S.Guerrero, Ryan Johnson, Jojo Edmonds and other kind folks from mobile malware google group for sharing
Information: Carrier IQ: What it is, what it isn't, and what you need to know By Zachary Lutz


List of files - see below


Download all samples  (pass infected)

♫

FakeSMSInstaller_Geared_1.0.2 + Collection of Russian malware and links to malware resources

Name:                   FakeSMSInstaller_Geared_1.0.2
MD5:                    1EFA9D22D9142D73596B17228F37998A
Sample Credits:     many thanks to William Hill, CPU Media, November 11, 2011
Research:             AVG Mobilation Malware information: Android SMS Fake installer from 3^rd party Russian app stores

Name:                   Russian Malware Collection
MD5:                   See the list of files below
Research            Last month I uploaded a collection of the same as above and similar Russian mobile malware together with corresponding links to Russian alternative (often fake) Android markets where you can find more samples.  You can download it from here: RuMarketsMalwarefromMila.zip  See below for the list of malware included

Download FakeSMSInstaller_Geared_1.0.2- password infected
Download  RuMarketsMalwarefromMila.zip

RogueSPPush - SMS-Trojan

Name:                 RogueSPPush
File Name:          1314935990854.apk
MD5:                  56CD8AC9ADFC0E38496939385AA510FA
Research:           New Rogue Android App -- RogueSPPush -- Found in Alternative Android Markets By Xuxian Jiang -Aug 2011
Sample Credits:    with  many thanks to MasterMRZ , October  23, 2011

   Download  (password infected)

Legacy Native (LeNa) - DroidKungFu variant

Name:                   Legacy Native (LeNa)
MD5:                     com.safesys.myvpn.apk 1F5628300EF2A477E39E226FEE73CE51
MD5:                     com.safesys.onekeyvpn.apk EC056818D38D18CB940A64BF89714DF2
Sample Credits:     many thanks to Armando, October 21, 2011
Research:               Lookout Security Alert: Legacy Makes Another Appearance, Meet Legacy Native (LeNa)   By Tim Strazzere

Download both samples - password infected

Collection of 96 mobile malware samples for Kmin, Basebridge, Geinimi, Root exploits, and PJApps

All files are sorted by types in folders and named by MD5. The list of files is below. I posted examples of what you will find in the previous 20 posts.  Enjoy

Download Android-Malware_SortedTYPE-MD5.zip (password infected)
 

MALWARE TYPE (number of samples)
BASEBRIDGE (3)
YZHC (2)
ROOT EXPLOIT (7)
PJAPPS (16)
GEINIMI (28)

KMIN (40)


Sample credit: Thank to anonymous, Oct. 22, 2011

Root Exploit - Z4Mod Root

Name:               Z4mod
MD5:                 30587d7e5ac828f8b1eaf476d4b19bd2
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)


or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - OPDA CacheMate v2.5.9

Name:                Geinimi  - OPDA CacheMate v2.5.9
MD5:                 8b12ccdc8a69cf2d6a7e6c00f698aaa6
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)


or Download an archive with all the files donated on Oct. 21. 2011

Root Exploit - Universal Androot

File Name:            corner23.android.universal androot.apk

MD5:                    4e26a200ab149819dcdcf273f5ab171a
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011 
Download  (password infected)

or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - Android SPL meter

File Name:              com.splGUI.splMeter.apk

MD5:                      08e4a73f0f352c3accc03ea9d4e9467f
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)

or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - com.feasy.jewels.Gel

File name:          com.feasy.jewels.Bears

MD5:                543e9d86dd28005342a3313bdc588009
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)

or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - Banking Trojan www.ipay.com.cn

MD5:                    3374d6322542d6aec9d319df335215e5
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)

or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - Armored Strike

Name:                Armored Strike
File Name:         com.requiem.armoredStrike.apk
MD5:                 5d27c7d0c5630f4c7a8b7a8f45512f09
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)

or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - MetroXing Chinese metro maps

 
Name:              com.etagmedia.metro.apk   Beijing, Guangzhou, Shanghai, Shenzhen  - metro maps
MD5:              54fad8426e03a05279223173ec7d2fe2
 Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)


or Download an archive with all the files donated on Oct. 21. 2011

PJApps.A - Mail/FTP app

    
MD5:                      de759e9fdb3ec577d753ff240fc91a13
 Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)

or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - Kosenkov Protector

Name:               com.kosenkov.protector.
MD5:                404fd6f9113870d1b6e63dcd23cfe206
 Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)


or Download an archive with all the files donated on Oct. 21. 2011

PJApps - Fingerprint Screensaver

Name:               Fingerprint Screensaver 
MD5:                 722da6cdfa8bac482c9c6be105b0ff2a
File Name:        com.jiubang.screenguru.apk
Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)


or Download an archive with all the files donated on Oct. 21. 2011

Geinimi - Shopper 's Paradise

 
Name:               com.sgg.sp.ShoppersParadise.apk
MD5:                ea80ae4c4a17e8608e0fc7d6e34bf37e
 Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download  (password infected)

or Download an archive with all the files donated on Oct. 21. 2011

Root Exploit - ITFUNZ Lotoor

 
Name:               ITFUNZ 
MD5:          951c8a2efbe2acafeb351525d5bd52e2
MD5:          81614d2c1175ee32a6967d13630be8a9
 Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011
 
Download 951c8a2efbe2acafeb351525d5bd52e2 (password infected)
Download  81614d2c1175ee32a6967d13630be8a9 (password infected)

or Download an archive with all the files donated on Oct. 21. 2011