Clicky

Friday, February 3, 2012

Android Rootsmart malware utilizing Gingerbreak Root exploit


File:                        com.google.android.smart.apk
MD5:                     F70664BB0D45665E79BA9113C5E4D0F4
Sample Credits:   with many thanks to Sanjay and anonymous, February 3, 2012
Research:           Security Alert: New RootSmart Android Malware Utilizes the GingerBreak Root Exploit  


Download  - password infected 






SHA256: 8cb40e8dce05482907ff83b39911831daf20e4a69ee63a6cff523c880eed1acf
SHA1: 67cf01ee7ff0e65cb7ec78cdbd274077153add4e
MD5: f70664bb0d45665e79ba9113c5e4d0f4
File size: 307.1 KB ( 314445 bytes )
File name: suspect.apk
File type: ZIP
Detection ratio: 1 / 43
Analysis date: 2012-02-04 05:41:48 UTC ( 0 minutes ago )


SHA256: 8cb40e8dce05482907ff83b39911831daf20e4a69ee63a6cff523c880eed1acf
SHA1: 67cf01ee7ff0e65cb7ec78cdbd274077153add4e
MD5: f70664bb0d45665e79ba9113c5e4d0f4
File size: 307.1 KB ( 314445 bytes )
File name: suspect.apk
File type: ZIP
Detection ratio: 1 / 43
Analysis date: 2012-02-04 05:41:48 UTC ( 0 minutes ago )
Symantec Android.Bmaster 20120204
Labels: ,

1 comment:

  1. c0d3inj3cTFebruary 26, 2012 at 9:24 AM

    Thank you for uploading the sample. There are a set of Chinese domains where the Exploit Scripts are hosted at present and these are downloaded by the Rootsmart APK.

    ReplyDelete

Subscribe to: Post Comments (Atom)