News
First SMS Trojan detected for smartphones running Android
First Trojan for Android Phones Goes Wild
Technical write up
Download Ru.apk (pass infected)
SEE OTHER ANDROID MALWARE AT CONTAGIOMINIDUMP.BLOGSPOT.COM
RU.apk
http://www.virustotal.com/file-scan/report.html?id=14ebc4e9c7c297f3742c41213938ee01fd198dd4f4a5f188bbbb6ffcf4db5f14-1281468088
Submission date:
2010-08-10 19:21:28 (UTC)
5 /41 (12.2%)
AntiVir 8.2.4.34 2010.08.10 TR/SMS.AndroidOS.A
DrWeb 5.0.2.03300 2010.08.10 Android.SmsSend.1
F-Secure 9.0.15370.0 2010.08.10 Trojan:Android/Fakeplayer.A
Kaspersky 7.0.0.125 2010.08.10 Trojan-SMS.AndroidOS.FakePlayer.a
VBA32 3.12.12.8 2010.08.10 Android.SmsSend.1
MD5 : fdb84ff8125b3790011b83cc85adce16
SHA1 : 1e993b0632d5bc6f07410ee31e41dd316435d997
SHA256: 14ebc4e9c7c297f3742c41213938ee01fd198dd4f4a5f188bbbb6ffcf4db5f14
classes.dex
http://www.virustotal.com/file-scan/report.html?id=3ac25c787686082892d94d625e64355000aac27d4bd1ddf4ea06b4aed9e9aaaa-1281470565
6 /41 (14.6%)
AntiVir 8.2.4.34 2010.08.10 TR/SMS.AndroidOS.A
DrWeb 5.0.2.03300 2010.08.10 Android.SmsSend.1
F-Secure 9.0.15370.0 2010.08.10 Trojan:Android/Fakeplayer.A
Kaspersky 7.0.0.125 2010.08.10 Trojan-SMS.AndroidOS.FakePlayer.a
NOD32 5356 2010.08.10 Android.FakePlayer.A
VBA32 3.12.12.8 2010.08.10 Android.SmsSend.1
Additional information
Show all
MD5 : a386b4b56e3e5df95f75d3f816dd44fb
First SMS Trojan detected for smartphones running Android
First Trojan for Android Phones Goes Wild
Technical write up
Donato "Ratsoul" Ferrante InReverse.net Dissecting Android Malware
Analysis of [Trojan-SMS.AndroidOS.FakePlayer.a] by AegisLab Security Blog
SEE OTHER ANDROID MALWARE AT CONTAGIOMINIDUMP.BLOGSPOT.COM
With many thanks to kind people from malwaredatabase.net
RU.apk
http://www.virustotal.com/file-scan/report.html?id=14ebc4e9c7c297f3742c41213938ee01fd198dd4f4a5f188bbbb6ffcf4db5f14-1281468088
Submission date:
2010-08-10 19:21:28 (UTC)
5 /41 (12.2%)
AntiVir 8.2.4.34 2010.08.10 TR/SMS.AndroidOS.A
DrWeb 5.0.2.03300 2010.08.10 Android.SmsSend.1
F-Secure 9.0.15370.0 2010.08.10 Trojan:Android/Fakeplayer.A
Kaspersky 7.0.0.125 2010.08.10 Trojan-SMS.AndroidOS.FakePlayer.a
VBA32 3.12.12.8 2010.08.10 Android.SmsSend.1
MD5 : fdb84ff8125b3790011b83cc85adce16
SHA1 : 1e993b0632d5bc6f07410ee31e41dd316435d997
SHA256: 14ebc4e9c7c297f3742c41213938ee01fd198dd4f4a5f188bbbb6ffcf4db5f14
classes.dex
http://www.virustotal.com/file-scan/report.html?id=3ac25c787686082892d94d625e64355000aac27d4bd1ddf4ea06b4aed9e9aaaa-1281470565
6 /41 (14.6%)
AntiVir 8.2.4.34 2010.08.10 TR/SMS.AndroidOS.A
DrWeb 5.0.2.03300 2010.08.10 Android.SmsSend.1
F-Secure 9.0.15370.0 2010.08.10 Trojan:Android/Fakeplayer.A
Kaspersky 7.0.0.125 2010.08.10 Trojan-SMS.AndroidOS.FakePlayer.a
NOD32 5356 2010.08.10 Android.FakePlayer.A
VBA32 3.12.12.8 2010.08.10 Android.SmsSend.1
Additional information
Show all
MD5 : a386b4b56e3e5df95f75d3f816dd44fb
Hello. Your protected archive is damaged. :(
ReplyDeleteYou can check further analysis made by AegisLab. http://blog.lionic.com/index.php?op=ViewArticle&articleId=12&blogId=1
ReplyDeleteAnonymous, Archive is not damaged. Please try again and make sure you are using the correct password.
ReplyDeleteRoger, thank you very much for your analysis
would it be possible for you to send me the password to arun.mrsincere@gmail.com??
ReplyDeletewould it be possible for you to send me the password to clydee@gmail.com
ReplyDeleteHi, could you send me the password to mongo787@yahoo.com?
ReplyDeleteThanks
All - please email me if you need a password. Do not post this in comments. Thanks
ReplyDelete