Android DKFBootKit aka LeNa.b and LeNa.c DroidKungFu variant) - new samples

File: com.rovio.new.ads-LeNa.c.apk
MD5:  3B524DD4A7BBD2DE633EBFCFF167FED2


Research: Security Alert: New Variants of Legacy Native (LeNa) Identified By Tim Wyatt

Sample Credits:   with many thanks to Tim Strazzere, April 3, 2012

File:        com.atools.cuttherope-LeNa.b.apk
MD5:      7503128D14FA8FC6B9B64CE6E9CD90E3
SHA1      64013d749086e90bdcfccb86146ad6e62b214cfa

Sample Credits:   with many thanks to Tim Strazzere, March 31, 2012

Research:  2012 NQMobile Security Alert: New Android Malware — DKFBootKit — Moves Towards The First Android BootKit 

which is the same as LeNa featured below

Contagio:  Legacy Native (LeNa) - DroidKungFu variant  

Research 2011:  Lookout Mobile Security LeNa Technical Tear Down Tim Strazzere 

Research 2011:  Lookout Mobile Security Alert: Legacy Makes Another Appearance, Meet Legacy Native (LeNa)   By Tim Strazzere


 Download 3B524DD4A7BBD2DE633EBFCFF167FED2- password infected

Download  7503128D14FA8FC6B9B64CE6E9CD90E3 - password infected

Virustotal 

SHA256:     8aeba630bb19a47102b0d048906a0f0316be315c1a7405824e4a35ceb8169946
SHA1:     64013d749086e90bdcfccb86146ad6e62b214cfa
MD5:     7503128d14fa8fc6b9b64ce6e9cd90e3
File size:     61.7 KB ( 63222 bytes )
File name:     com.atools.cuttherope-LeNa.b.apk
File type:     Android
Detection ratio:     8 / 42
Analysis date:     2012-03-31 15:11:14 UTC ( 0 minutes ago )
Avast     Android:Fakengry-C [Trj]     20120331
Comodo     UnclassifiedMalware     20120331
DrWeb     Adware.Izp.origin     20120331
F-Secure     Trojan:Android/DroidKungFu.A     20120331
GData     Android:Fakengry-C     20120331
Kaspersky     HEUR:Backdoor.AndroidOS.KungFu.a     20120331
Sophos     Andr/KongFu-G     20120331
SUPERAntiSpyware     -     20120329
TrendMicro-HouseCall     AndroidOS_LENA.B     20120331