Clicky

Saturday, May 10, 2014

Android Koler - Cryptolocker/Ransomware (sample #2, Reveton team)

Please see the previous post with another sample here:
http://contagiominidump.blogspot.com/2014/05/android-locker-from-reveton-team.html (Posted by Kafeine)

File: koler.apk
Size: 316715
MD5:  67BDE6039310B4BB9CCD9FCF2A721A45

Research/News:
Avast: Fake government ransomware holding Android devices hostage
手机毒霸:敲诈者安卓病毒(Cryptolocker)正横扫美国  

Sample credit: Yu Liang

Download. Email me if you need the password





https://www.virustotal.com/en-gb/file/4d3de2103f740345aa2041691fde0878d7d32e9e4985adf6b030d2e679560118/analysis/

SHA256: 4d3de2103f740345aa2041691fde0878d7d32e9e4985adf6b030d2e679560118
File name: badoink.apk
Detection ratio: 22 / 52

 Behavioural information
Antivirus Result Update
Ad-Aware Android.Trojan.Koler.A 20140510
AegisLab SUSPICIOUS 20140510
AhnLab-V3 Android-Malicious/Lockse 20140510
AntiVir Android/Koler.A.Gen 20140510
Baidu-International Trojan.AndroidOS.Koler.aaqi 20140510
BitDefender Android.Trojan.Koler.A 20140510
Commtouch AndroidOS/Koler.A.gen!Eldorado 20140510
Comodo UnclassifiedMalware 20140510
DrWeb Android.Locker.1.origin 20140510
ESET-NOD32 a variant of Android/Koler.A 20140510
Emsisoft Android.Trojan.Koler.A (B) 20140510
F-Secure Trojan:Android/Koler.A 20140510
GData Android.Trojan.Koler.A 20140510
Ikarus Trojan.AndroidOS.PoliceLock 20140510
Kaspersky HEUR:Trojan.AndroidOS.Koler.a 20140510
Kingsoft Android.Troj.at_Koler.a.(kcloud) 20140510
McAfee Artemis!67BDE6039310 20140510
McAfee-GW-Edition Artemis!67BDE6039310 20140510
MicroWorld-eScan Android.Trojan.Koler.A 20140510
Qihoo-360 Trojan.Generic 20140510
Sophos Andr/Koler-A 20140510
TrendMicro-HouseCall TROJ_GEN.F47V0507 20140510

No comments:

Post a Comment