Clicky

Tuesday, February 26, 2013

Saturday, February 16, 2013

Android Tetus - Infostealer



File: com.stephbriggs5.batteryimprove-2.apk
Size: 293777
MD5:  6408DF6ABA4C7F1803C2AAC8F17C4CA3


File: 85CE55DC130F214B0567987EDFF77DC0
Size: 274999
MD5:  85CE55DC130F214B0567987EDFF77DC0


File: com.droidmojo.awesomejokes.apk
Size: 268360
MD5:  01772AEFE0230C3669E21D79FC920D2E



File: 65C75AF5DE2628BD6215BB99DD76D3AC
MD5:  65c75af5de2628bd6215bb99dd76d3ac
Size: 277644

Research: Symantec. Android Tetus

When the Trojan is executed, it registers an SMS observer to record SMS messages and send them to the following command-and-control (C&C) server:
[http://]android.tetulus.com

The Trojan may delete some SMS messages from the device.

It may also register an SMS receiver to send SMS messages without the user's consent.

The Trojan may send a list of all installed apps on the device to the following remote location:
[http://]fast.app-engines.com

Download. Email me if you need the password





Android SMSSend sample - Package Installer

com.android.packageinstaller
File: install.apk
MD5:  5d9c622b240dab5d6e883e26e9ea0fc0
Size: 261887

credit: anonymous donation





Android Armour sample



File: Scan-For-Viruses-Now.apk
MD5:  084a7b576f5df438abba3131a90af493
Size: 1427490

Sample credit: anonymous donation

Research: A chink in Android Armour - Sophos

It is not malware but a very sketchy app with poor performance and false positives,  extorting money for nothing, considering there are many reputable free AV apps like Lookout or Sophos

Download. Email me if you need the password






Android Plankton / Counterclank sample - Collage Creator


com.changedroid.picture.collage.creator.apk
Size: 9842061
MD5:  DE842DD94324492ACE8C2C8EBD350BC8
sample credit: anonymous donation


Download. Email me if you need the password






Monday, February 4, 2013

Android - Trojan!Extension.A


Update: Feb 16
Added 2nd stage file  Loaded runtime, no need to install - credit Thomas Wang

Feb 4, 2013
Research: Trustgo: Trojan!Extension.A – Complex Malware Escapes AV Detection
Sample credit: Thomas Wang


File: 6d43b3bc85770fafeb598eb5297bc341.apk
Size: 434436
MD5:  6D43B3BC85770FAFEB598EB5297BC341



Download the original (1st stage). Email me if you need the password
2nd stage download Email me if you need the password





Android/Windows Spy:Android/Ssucl - DroidCleaner and Superclean.


Research: Kaspersky: Mobile attacks  - Android with Windows malware downloads



File: smart.apps.superclean-1.apk
Size: 502441
MD5:  2529085824C55DBBAED0B86EDE7B3C60

File: smart.apps.droidcleaner-1.apk
Size: 310274
MD5:  C5A2D14BC52F109A06641C1F15E90985


File: smart.apps.droidcleaner-1.apk 
Size: 330984
MD5:  123478A70219D24A5E5A40074B8775BA


File: SuperClean-11.apk 
Size: 528630
MD5:  B0C28334373332D4677C01BD48EED431


Download 
android files listed above plus




from http://claco.hopto.org 


    Controller.exe
    svchost.exe

plus from claco.kicks-ass.org  

    Extra_Fotos.zip
    Kst.exe
    pwd.exe