Clicky

Saturday, October 22, 2011

Kmin - Wallpaper Changer- Infostealer


MD5:          
   231696ffdf8d00c9d09af7fb85b4991d
MD5:                 be63349846165811da4e3444c5d15dea
MD5:                  2289293578008531755462e4e88afc17

MD5:                  8a0c4006157c766a08c313fa2143f1fe
MD5:                  3284493FB26FFCE5A1C23AF6B2383B6D
MD5:                  b5444e6c3c8376f7d2eccb974f31c7c3
MD5:                 b1c866ff733a3cb89bc101878e41523e
MD5:                  0f182524c0fe8ff999bfa3d63c9a9e97



Sample Credits:     many thanks to a very generous anonymous donation, October  21, 2011 


  1. Download  231696ffdf8d00c9d09af7fb85b4991d (password infected)
  2. Download be63349846165811da4e3444c5d15dea (password infected) 
  3. Download 2289293578008531755462e4e88afc17 (password infected) 
  4. Download 8a0c4006157c766a08c313fa2143f1fe (password infected) 
  5. Download 3284493FB26FFCE5A1C23AF6B2383B6D (password infected) 
  6. Download b5444e6c3c8376f7d2eccb974f31c7c3 (password infected)
  7. Download  b1c866ff733a3cb89bc101878e41523e (password infected)
  8. Download 0f182524c0fe8ff999bfa3d63c9a9e97 (password infected)

or Download an archive with all the files donated on Oct. 21. 2011


It appears data is going to http://su.5k3g.com/portal/m/c5/0.ashx

File name:
2FD961CABEC3F652A3B48AF3E26FB131AB99352881A465AD651669C22[...].APK
Result: 15 /43 (34.9%)
http://www.virustotal.com/file-scan/report.html?id=2fd961cabec3f652a3b48af3e26fb131ab99352881a465ad651669c22542662e-1319246131
Antiy-AVL     2.0.3.7     2011.10.21     Backdoor/AndroidOS.Kmin
Avast     6.0.1289.0     2011.10.21     Android:Kmin-A [Trj]
Comodo     10521     2011.10.22     UnclassifiedMalware
DrWeb     5.0.2.03300     2011.10.21     Android.Monter.1
Emsisoft     5.1.0.11     2011.10.22     Backdoor.AndroidOS!IK
F-Secure     9.0.16440.0     2011.10.21     Trojan:Android/Kmin.A!mfb
GData     22     2011.10.22     Android:Kmin-A
Ikarus     T3.1.1.107.0     2011.10.22     Backdoor.AndroidOS
Jiangmin     13.0.900     2011.10.21     Backdoor/AndroidOS.av
Kaspersky     9.0.0.837     2011.10.21     Backdoor.AndroidOS.Kmin.c
Symantec     20111.2.0.82     2011.10.22     Trojan.Gen.2
TrendMicro     9.500.0.1008     2011.10.21     AndroidOS_KMIN.A
TrendMicro-HouseCall     9.500.0.1008     2011.10.22     AndroidOS_KMIN.A
VBA32     3.12.16.4     2011.10.21     Backdoor.AndroidOS.Kmin.c
VIPRE     10835     2011.10.22     Trojan.AndroidOS.Kmin.a (v)
MD5   : 231696ffdf8d00c9d09af7fb85b4991d


04CDFD2F08208E2759A6CF201DFE4C5EE6F724FB4CA752B5D2B924024[...].APK
2011-10-22 01:15:55 (UTC)
8 /43 (18.6%)

Antiy-AVL     2.0.3.7     2011.10.21     Backdoor/AndroidOS.Kmin
Avast     6.0.1289.0     2011.10.21     Android:Kmin-B [Trj]
Comodo     10521     2011.10.22     UnclassifiedMalware
Emsisoft     5.1.0.11     2011.10.22     Backdoor.AndroidOS.Kmin!IK
F-Secure     9.0.16440.0     2011.10.21     Trojan:Android/Kmin.A!mfb
GData     22     2011.10.22     Android:Kmin-B
Ikarus     T3.1.1.107.0     2011.10.22     Backdoor.AndroidOS.Kmin
Kaspersky     9.0.0.837     2011.10.21     Backdoor.AndroidOS.Kmin.b
MD5   : be63349846165811da4e3444c5d15dea

4CECF454DF76F187DF67D6C1D185A625C63007CE72E414AB8A8112A60[...].APK
Result: 8/ 43 (18.6%)
Antiy-AVL    2.0.3.7    2011.10.22    Backdoor/AndroidOS.Kmin
Avast    6.0.1289.0    2011.10.22    Android:Kmin-B [Trj]
Comodo    10529    2011.10.22    UnclassifiedMalware
Emsisoft    5.1.0.11    2011.10.22    Backdoor.AndroidOS.Kmin!IK
F-Secure    9.0.16440.0    2011.10.22    Trojan:Android/Kmin.A!mfb
GData    22    2011.10.22    Android:Kmin-B
Ikarus    T3.1.1.107.0    2011.10.22    Backdoor.AndroidOS.Kmin
Kaspersky    9.0.0.837    2011.10.22    Backdoor.AndroidOS.Kmin.b
MD5   : 2289293578008531755462e4e88afc17

4EBF42FF9F90A302FE42CC4E5DA0E65C902B1C18D8CF5396B5A30C2DD[...].APK
8/ 43 (18.6%)
Antiy-AVL    2.0.3.7    2011.10.22    Backdoor/AndroidOS.Kmin
Avast    6.0.1289.0    2011.10.22    Android:Kmin-B [Trj]
Comodo    10529    2011.10.22    UnclassifiedMalware
Emsisoft    5.1.0.11    2011.10.22    Backdoor.AndroidOS.Kmin!IK
F-Secure    9.0.16440.0    2011.10.22    Trojan:Android/Kmin.A!mfb
GData    22    2011.10.22    Android:Kmin-B
Ikarus    T3.1.1.107.0    2011.10.22    Backdoor.AndroidOS.Kmin
Kaspersky    9.0.0.837    2011.10.22    Backdoor.AndroidOS.Kmin.b

MD5   : 8a0c4006157c766a08c313fa2143f1fe

6A8255E23FF5CEE1587BA914CA9D29C3646F16405CE2309EEBA916363[...].APK
Submission date:
2011-10-22 18:18:09 (UTC)
Result:16/ 43 (37.2%)
Antiy-AVL    2.0.3.7    2011.10.22    Backdoor/AndroidOS.Kmin
Avast    6.0.1289.0    2011.10.22    Android:Kmin-B [Trj]
Comodo    10529    2011.10.22    UnclassifiedMalware
Emsisoft    5.1.0.11    2011.10.22    Backdoor.AndroidOS!IK
F-Secure    9.0.16440.0    2011.10.22    Trojan:Android/Kmin.A!mfb
Fortinet    4.3.370.0    2011.10.22    W32/AndroidOS_Kmin.D!tr.bdr
GData    22    2011.10.22    Android:Kmin-B
Ikarus    T3.1.1.107.0    2011.10.22    Backdoor.AndroidOS
Jiangmin    13.0.900    2011.10.22    Backdoor/AndroidOS.ci
Kaspersky    9.0.0.837    2011.10.22    Backdoor.AndroidOS.Kmin.d
Sophos    4.70.0    2011.10.22    Andr/Kmin-A
Symantec    20111.2.0.82    2011.10.22    Trojan.Gen.2
TrendMicro    9.500.0.1008    2011.10.22    AndroidOS_KMIN.A
TrendMicro-HouseCall    9.500.0.1008    2011.10.22    AndroidOS_KMIN.A
VBA32    3.12.16.4    2011.10.21    Backdoor.AndroidOS.Kmin.d
VIPRE    10841    2011.10.22    Trojan.AndroidOS.Kmin.a (v)
MD5   : b5444e6c3c8376f7d2eccb974f31c7c3

6D63F257DB64A32B71E0E37DBE08FA727F0BA238DA039DB46BFA8C54F[...].APK
Submission date:
2011-10-22 18:28:47 (UTC)
Result:14/ 42 (33.3%)
Antiy-AVL    2.0.3.7    2011.10.22    Backdoor/AndroidOS.Kmin
Avast    6.0.1289.0    2011.10.22    Android:Kmin-A [Trj]
Comodo    10529    2011.10.22    UnclassifiedMalware
DrWeb    5.0.2.03300    2011.10.22    Android.Monter.1
Emsisoft    5.1.0.11    2011.10.22    Backdoor.AndroidOS!IK
F-Secure    9.0.16440.0    2011.10.22    Trojan:Android/Kmin.A!mfb
GData    22    2011.10.22    Android:Kmin-A
Ikarus    T3.1.1.107.0    2011.10.22    Backdoor.AndroidOS
Jiangmin    13.0.900    2011.10.22    Backdoor/AndroidOS.av
Symantec    20111.2.0.82    2011.10.22    Trojan.Gen.2
TrendMicro    9.500.0.1008    2011.10.22    AndroidOS_KMIN.A
TrendMicro-HouseCall    9.500.0.1008    2011.10.22    AndroidOS_KMIN.A
VBA32    3.12.16.4    2011.10.21    Backdoor.AndroidOS.Kmin.c
VIPRE    10841    2011.10.22    Trojan.AndroidOS.Kmin.a (v)
MD5   : b1c866ff733a3cb89bc101878e41523e






No comments:

Post a Comment