Clicky

Saturday, July 2, 2016

Android spyware for Viber app (Beaver Gang Counter)


Research: Sophos: “Beaver Gang Counter” malware ejected from Play Store

MD5 65065b53381ebc971160a91ef81dec99
SHA-1 433293e2689e8377c890940ed77f8fb9db24a53e
SHA-256 a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4

Download. Email me if you need the password



https://www.virustotal.com/en/file/a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4/analysis/



android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
 Activities
gr.georkouk.kastorakiacounter_new.ActMain
gr.georkouk.kastorakiacounter_new.ActPlayers
gr.georkouk.kastorakiacounter_new.ActGame
gr.georkouk.kastorakiacounter_new.ActStats
gr.georkouk.kastorakiacounter_new.ActHelp
com.google.android.gms.ads.AdActivity
com.google.android.gms.ads.purchase.InAppPurchaseActivity
 Activity-related intent filters
gr.georkouk.kastorakiacounter_new.ActPlayers
actions: gr.georkouk.kastorakiacounter_new.ACTPLAYERS
categories: android.intent.category.DEFAULT
gr.georkouk.kastorakiacounter_new.ActMain
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
gr.georkouk.kastorakiacounter_new.ActStats
actions: gr.georkouk.kastorakiacounter_new.ACTSTATS
categories: android.intent.category.DEFAULT
gr.georkouk.kastorakiacounter_new.ActHelp
actions: gr.georkouk.kastorakiacounter_new.ACTHELP
categories: android.intent.category.DEFAULT
gr.georkouk.kastorakiacounter_new.ActGame
actions: gr.georkouk.kastorakiacounter_new.ACTGAME
categories: android.intent.category.DEFAULT

Avast Android:SpyAgent-WD [Trj] 20160701
Cyren AndroidOS/ViberSt.A 20160701
DrWeb Android.Vibleaker.1.origin 20160701
ESET-NOD32 Android/Spy.Vibleaker.A 20160701
F-Prot AndroidOS/ViberSt.A 20160701
Fortinet Malware_Generic.P0 20160701
Kaspersky HEUR:Trojan-Spy.AndroidOS.Vibleaker.a 20160701
McAfee Artemis!65065B53381E 20160701
McAfee-GW-Edition Artemis!65065B53381E 20160630
Sophos Andr/Spy-AIS 20160701

Avast Android:SpyAgent-WD [Trj] 20160701
Cyren AndroidOS/ViberSt.A 20160701
DrWeb Android.Vibleaker.1.origin 20160701
ESET-NOD32 Android/Spy.Vibleaker.A 20160701
F-Prot AndroidOS/ViberSt.A 20160701
Fortinet Malware_Generic.P0 20160701
Kaspersky HEUR:Trojan-Spy.AndroidOS.Vibleaker.a 20160701
McAfee Artemis!65065B53381E 20160701
McAfee-GW-Edition Artemis!65065B53381E 20160630
Sophos Andr/Spy-AIS 20160701

No comments:

Post a Comment