Clicky

Sunday, November 24, 2013

Fakebank.A and Fakebank.B - Android Infostealer trojan


Functionality
When executed, the Trojan displays a form asking the user to enter in banking details.

Android.Fakebank (A and B) is a Trojan horse that steals information from the compromised device.

FakebankB_8BF10991F292EC7D165086506E8F0EDA
FakebankB_98EEA1D94A479E022E46D69B0FBE2453
FakebankB_A0721023EC39948251818306A15D3268
Fakebanker_37DFF309CC911A1DC16CCE4E51F9827B
Fakebanker_67E7BB573EAA1F25772809A471CDA327












SHA256: b9cbe8b737a6f075d4d766d828c9a0206c6fe99c6b25b37b539678114f0abffb
File name: b9cbe8b737a6f075d4d766d828c9a0206c6fe99c6b25b37b539678114f0abffb
Detection ratio: 25 / 48
Analysis date: 2013-10-07 16:52:22 UTC ( 1 month, 2 weeks ago ) 

Antivirus Result Update
Comodo UnclassifiedMalware 20131007
F-Secure Trojan:Android/Smforw.A 20131007
NANO-Antivirus Trojan.TrojanSMS.cbzghr 20131007
VIPRE Trojan.AndroidOS.Generic.A 20131007
TrendMicro-HouseCall TROJ_GEN.F47V0816 20131007
Kaspersky HEUR:Trojan-Spy.AndroidOS.SmForw.o 20131007
McAfee Artemis!67E7BB573EAA 20131007
McAfee-GW-Edition Artemis!67E7BB573EAA 20131007
Commtouch AndroidOS/Trojan.ISBD-5 20131007
Ikarus AndroidOS.SMForw.U 20131007
AVG Android_dc.AJEG 20131007
Avast Android:SMForw-U [Trj] 20131007
Fortinet Android/FakeKRB.B 20131007
AntiVir Android/Agent.RD.11 20131007
Kingsoft Android.Troj.at_Fakeguard.e.(kcloud) 20130829
Emsisoft Android.Spyware.SmsSpy.F (B) 20131007
MicroWorld-eScan Android.Spyware.SmsSpy.F 20131007
BitDefender Android.Spyware.SmsSpy.F 20131007
GData Android.Spyware.SmsSpy.F 20131007
DrWeb Android.Spy.30.origin 20131007
CAT-QuickHeal Android.Smforw.O5dd5 20131007
Symantec Android.Fakebank 20131007
PCTools Android.Fakebank 20131002
Sophos Andr/FakeKRB-B 20131007
ESET-NOD32 a variant of Android/Spy.Banker.B 20131007


SHA256: 4aeccf56981a32461ed3cad5e197a3eedb97a8dfb916affc67ce4b9e75b67d98
File name: 4AECCF56981A32461ED3CAD5E197A3EEDB97A8DFB916AFFC67CE4B9E75B67D98....
Detection ratio: 23 / 48
Analysis date: 2013-10-11 13:59:22 UTC ( 1 month, 2 weeks ago ) 
Antivirus Result Update
Comodo UnclassifiedMalware 20131011
F-Secure Trojan:Android/Smforw.I 20131011
NANO-Antivirus Trojan.TrojanSMS.cgfxqu 20131011
VIPRE Trojan.AndroidOS.Generic.A 20131011
Ikarus Trojan-SMS.AndroidOS.Agent 20131011
TrendMicro-HouseCall TROJ_GEN.F47V0816 20131011
Kaspersky HEUR:Trojan-Spy.AndroidOS.SmForw.o 20131011
McAfee Artemis!37DFF309CC91 20131011
McAfee-GW-Edition Artemis!37DFF309CC91 20131011
Commtouch AndroidOS/GenBl.37DFF309!Olympus 20131011
AVG Android_dc.AIWZ 20131011
Avast Android:SMForw-U [Trj] 20131011
AntiVir Android/Agent.RD.9 20131011
Fortinet Android/Agent.RD!tr 20131011
Kingsoft Android.Troj.at_Fakeguard.e.(kcloud) 20130829
Emsisoft Android.Spyware.SmsSpy.F (B) 20131011
BitDefender Android.Spyware.SmsSpy.F 20131011
GData Android.Spyware.SmsSpy.F 20131011
DrWeb Android.Spy.30.origin 20131011
Symantec Android.Fakebank 20131011
PCTools Android.Fakebank 20131002
Sophos Andr/FakeKRB-B 20131011
ESET-NOD32 a variant of Android/Spy.Banker.B 20131011

No comments:

Post a Comment