Clicky

Monday, July 9, 2012

April 2012 - Dougalek.A - Android spyware

File

00e74c118fa3902e5c85fd8e37f3d084.apk
9d1625aa79b55a79064dac7a0ecc2f91.apk
857ee29d88796e1f1b7b440dc9eadc77.apk
b9622e587ae28cfff8ffc5645221e422.apk
c2dfe44d9f130033ecd89ba33f8a2e0a.apk
e8237a583fe7b2362b4addf01518600b.apk

Research McAfee: Android Malware Promises Video While Stealing Contacts - April 2012
Credit Thomas Wang

Download (password infected)






https://www.virustotal.com/file/e13ad0dc56eb6c81334fe1634ed48238b55be7e3b5e595f7a4a0beb68db0c3db/analysis/1341889960/

SHA256: e13ad0dc56eb6c81334fe1634ed48238b55be7e3b5e595f7a4a0beb68db0c3db
SHA1: 6e8671113b86f5410001c5050edd91c4d7bd7a57
MD5: c2dfe44d9f130033ecd89ba33f8a2e0a
File size: 18.2 KB ( 18665 bytes )
File name: c2dfe44d9f130033ecd89ba33f8a2e0a.apk
File type: Android
Detection ratio: 23 / 42
Analysis date: 2012-07-10 03:12:40 UTC ( 0 minutes ago )
00
More details
Antivirus Result Update
AhnLab-V3 - 20120709
AntiVir Android/Dougalek.A.13 20120709
Antiy-AVL Trojan/AndroidOS.Dougalek 20120710
Avast Android:Dougalek-B [Trj] 20120709
AVG - 20120709
BitDefender Android.Trojan.Dougalek.A 20120710
ByteHero - 20120704
CAT-QuickHeal Android.Dougalek.A 20120708
ClamAV - 20120710
Commtouch - 20120710
Comodo - 20120709
DrWeb Android.Douga.1.origin 20120710
Emsisoft AndroidOS.DougaLeaker!IK 20120710
eSafe - 20120708
F-Prot - 20120709
F-Secure Trojan:Android/Bizimovie.A 20120710
Fortinet Android/DougaLk.A 20120710
GData Android.Trojan.Dougalek.A 20120710
Ikarus AndroidOS.DougaLeaker 20120710
Jiangmin TrojanSpy.AndroidOS.ud 20120710
K7AntiVirus - 20120709
Kaspersky HEUR:Trojan-Spy.AndroidOS.Dougalek.a
McAfee-GW-Edition - 20120710
Microsoft Trojan:AndroidOS/Dougalek.A 20120710
NOD32 Android/Dougalek.A 20120709
PCTools Android.Dougalek 20120710
Sophos Andr/DougaLk-A 20120710
SUPERAntiSpyware - 20120710
Symantec Android.Dougalek 20120710
TrendMicro AndroidOS_DOUGALEK.A 20120710
TrendMicro-HouseCall AndroidOS_DOUGALEK.A 20120709
VBA32 Trojan-Spy.AndroidOS.Dougalek.a 20120709
VIPRE Trojan.AndroidOS.Dougalek.a (v) 20120710
ViRobot - 20120709
VirusBuster Trojan.AndroidOS.Dougalek.A 20120709

4 comments:

  1. Each APK file contains a different variant of the malware. Use my dexid tool and you'll see.

    ReplyDelete
    Replies
    1. Bontchev, where can I check out your dexid tool?

      Delete
  2. http://dl.dropbox.com/u/34034939/dexid.zip if you are on mobile malware google group, there are more details from the author in the archives

    ReplyDelete
  3. dude! what the password? i want to install the apk file. help me

    ReplyDelete