Android ScarePackage Ransomware

Research: Lookout. U.S. targeted by coercive mobile ransomware impersonating the FBI
Sample Credit: Tim Strazzere

File: com.android.locker.apk
Size: 488296
MD5:  645A60E6F4393E4B7E2AE16758DD3A11

Download. Email me if you need the password

(Another) Android Trojan Scheme Using Google Cloud Messaging - SMS Spyware

Research: Andrototal - (Another) Android Trojan Scheme Using Google Cloud Messaging 

Sample credit: Federico Maggi

File: test98.apk

Size: 1051288

MD5:  D65C5EF9739ABAE77F5B13B8B562B18A

File: test99.apk

Size: 1051283

MD5:  D968FF20B7A25A79E922511101B7F7CC\

File: test97.apk

Size: 1051286

MD5:  5A7C8EB61061F86FDCDBF9118711CC53

Download. Email me if you need the password.

Simplocker - Android File-Encrypting, TOR-enabled Ransomware

File: fd694cf5ca1dd4967ad6e8c67241114c.bin
Size: 4917678
MD5:  FD694CF5CA1DD4967AD6E8C67241114C

Research: ESET Analyzes First Android File-Encrypting, TOR-enabled Ransomware
Sample credit: Sanjay Gupta


Download. Email me if you need the password

Android Koler - Cryptolocker/Ransomware (sample #2, Reveton team)

Please see the previous post with another sample here:
http://contagiominidump.blogspot.com/2014/05/android-locker-from-reveton-team.html (Posted by Kafeine)

File: koler.apk
Size: 316715
MD5:  67BDE6039310B4BB9CCD9FCF2A721A45

Research/News:
Avast: Fake government ransomware holding Android devices hostage
手机毒霸：敲诈者安卓病毒（Cryptolocker）正横扫美国  

Sample credit: Yu Liang

Download. Email me if you need the password

Android Monitor spyware - HGSpy.A / QlySpy.a

File: com.exp.tele.apk
Size: 721665
MD5:  3709F87D2B6FF0BD7937112974DC1143

Sample credit: Steven Chen
Research:

Download. Email me if you need the password


Forsafe report

http://www.foresafe.com/report/3709F87D2B6FF0BD7937112974DC1143

Ijinshan Fireeye:

http://fireeye.ijinshan.com/analyse.html?md5=3709f87d2b6ff0bd7937112974dc1143&sha1=42d7c21c13316eec6ad7d190f324130da7221987&type=1#full

Android SMS trojan - Google fake installer (downloader from Dropbox url)

憑證.apk
67235B16BC2FAB6836847EA51703E298


Download. Email me if you need the password

IOS iphone Stealer.A - malware acting as a Substrate module

Research: iOS Malware Campaign "Unflod Baby Panda" sektioneins.de\
http://www.reddit.com/r/jailbreak/comments/23b7qs/what_is_unflod_its_a_mobile_substrate_addon_that/
http://www.reddit.com/r/jailbreak/comments/23bdwr/beware_unfloddylib_sends_apple_id_and_password_to/

Download. Email me if you need the password

Android fake AV - Se-cure MobieAV

Research: VisualThreat Security Lab Uncovers "Se-Cure Mobile AV": a new suspicious Android Fake A

Sample credit: Wei Yan

16BD4B23B55F0ADE6DF16D8C6DCF502C



Download. Email me if you need the password

Android Samsapo.A

Research: ESET: Android malware worm catches unwary users
Sample credit: Steven Chen

Size: 473650
MD5:  60B4EF7037CA6A4D1EE7E3C35C8E27D7
Size: 473875
MD5:  C1F9283B7AD8457160D3C189430F2C75

Download. Email me if you need the password

Android locker from the Reveton team

MD5 fb14553de1f41e3fcdc8f68fd9eed831
hone_Police_Ransom.apk

Sample credit -  Kafeine

Download : http://malware.dontneedcoffee.com/2014/05/police-locker-available-for-your.html?m=1

Android Fake banker

MD5
7276e76298c50d2ee78271cf5114a176
a15b704743f53d3edb9cdd1182ca78d1
aac4d15741abe0ee9b4afe78be090599

Sample credit - anonymous (thank you)



Download. Email me if you need the password

Android SMS trojan Flash fake installer

File: imauyfxuhxd.qhlsrdb-1(20140414)(2).apk
Size: 141987
MD5:  7D25D4CDBF3CFC8B6E9466729B84D348

Sample credit - anonymous




Download. Email me if you need the password

Oldboot.B - Android bootkit

Research: Oldboot.B：与Bootkit技术结合的木马隐藏手段的运用 Chinese version: 
English version: Oldboot.B: Bootkit technology combined with the use of a means to hide Trojans 
Author: iRiqium, Zhaorun Ze, Jiang Xuxian

Sample credit: Qing Dong

phone1
sbin/adb_server  a4c89abc46bbb34c6dd2c23caad99d61
sbin/meta_chk 6976d12388939d6cb93e28236212c8c7
init.rc 51b52552baf91d00e8f34ec052339f13

phone2
sbin/meta_chk cea6dd8a13cbce59097ad87fafb91fcd
init.rc f8f8e0b089bedbd58bea8a262229a234

phone3
sbin/agentsysline e5d27b3e64ed5e2ae6d6c063e3ddf08a
sbin/boot_tst 04c6dfa8457f1dd88258d427be089e00
init.rc eec3292341177d9e39530d0ab481ead0


Download. Email me if you need the password (new link)

Image by 360.cn

Android CoinKrypt - bitcoin miner malware

Research: Lookout. CoinKrypt: How criminals use your phone to mine digital currency
https://github.com/strazzere/android-scripts/blob/master/Decoders/MuchSad/dogekrypt.java
Sample credit: Tim Strazzere


File: com.melodis.midomiMusicIdentifier.apk
Size: 8248809
MD5:  61253FAAC66F34BCF35B80FE767F136E

File: com.ventel.android.radardroid2.apk
Size: 6026091
MD5:  738A0109AB5C37F9EFA7729EACDBE314

File: mikado.bizcalpro.apk
Size: 3330167
MD5:  BCCC62AE0129D484F0407FEDD701D211

Download. Email me if you need the password

iOS adware using Cydia

Research: 
New iOS malware use Cydia Substrate to steal advertisement promotion fee by Claud Xiao
or in Chinese http://bbs.pediy.com/showthread.php?p=1270415

1)
File: spad.plist
Size: 302
MD5:  D90A9E9DD3C95E9C12CAFE48F5362781

File: spad.dylib
Size: 166976
MD5:  8099C75F8F3A7BE16A8246FD5B90185A

2) 
Additional binaries
downloaded by the adware to the victims device

File: libgad.dylib
Size: 1070048
MD5:  CE0A6550E51F3C1B1F49C39A297077E0

File: sad
Size: 31952
MD5:  E890CF2B1F9ADC4364B9A38FFFA14ABC

Download. Email me if you need the password
Download additional binaries

Dendroid - Android spyware

Research: Lookout - Dendroid malware can take over your camera, record audio, and sneak into Google Play

Sample credit: Tim Strazzere

File: com.parental.control.v4.apk
Size: 942846
MD5:  DB01F96D5E66D82F7EB61B85EB96EF6E

File: com.parental.control.v4-dexguarded.apk
Size: 833648
MD5:  52A30B58257D338617A39643E2216D0C

Download: Email me if you need the password

Android iBanking

Research: iBanking Mobile Bot Source Code Leaked

apk files
1F68ADDF38F63FE821B237BC7BAABB3D Chase.apk
009E60205B8FBC780A2DD3083CDD61CB
D1059B52B6127B758581EB86247BC34F
E1B86054468D6AC1274188C0C579CCAF_
F1BC8520754D2AC4A920B3EF5C732380 bot.apk_
F06AF629D33F17938849F822930AE428 ING.apk_

Download. Email me if you need the password

Droidpak - Android targeting Windows malware

Research: Kaspersky -

Sync'n'steal: Hackers brew Android-targeting Windows malware

df4045aa9cb62699bd2ae12f860f2ed1.exe_
577a8c571e2dd610247ecfa0fb3c6cb3_install.exe_
04e8ff68ead683e52b53e174d08eddf4_Voip.dll_

Download. Email me if you need the password

Android Tor Trojan

Research:  Kaspersky: The first Tor Trojan for Android
File: video.mp4.apk
Size: 4885996
MD5:
58FED8B5B549BE7ECBFBC6C63B84A728

apk URL

http:// sexnine .ru /download/video.mp4.apk

Download (email me if you need the password)

Android.FakeRegSMS.B (Steganography) - Feb 2012

Research: http://forensics.spreitzenbarth.de/2012/02/03/detailed-analysis-of-android-fakeregsms-b/


MD5:  41ca3efde1fb6228a3ea13db67bd0722
Size: 65207

Download (email me if you need the password) 


----------------