A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #28022  by Xylitol
 Mon Mar 14, 2016 5:31 pm
gmbot
http://www.ibtimes.co.uk/google-android ... in-1545345
Archive leak: https://www.virustotal.com/en/file/c542 ... 459365791/

• dns: 1 ›› ip: 88.198.116.209 - adress: BIG-ASSMOVS.TK
• dns: 1 ›› ip: 88.198.116.209 - adress: FACEBOOK-VIDEO-DOWNLOAD.GQ
• dns: 1 ›› ip: 88.198.116.209 - adress: MOVIESEX.CF

https://www.virustotal.com/en/file/cab0 ... 457975774/
https://www.virustotal.com/en/file/3d22 ... 457976274/
https://www.virustotal.com/en/file/58a7 ... 458069950/
Attachments
infected
(1.51 MiB) Downloaded 125 times
 #28157  by ajohnston9
 Wed Mar 30, 2016 5:21 pm
[quote="boni11"]Detail analysis of MazarBOT - locking and erasing the device.
Analysis of new MazarBOT stealing credit cards in Italy.

I've gone through the binary of this bot and can elaborate a bit more:

It seems to go through and exfiltrate vital information from the phone: IMEI, Phone number, installed apps, etc. In addition, it uploads every new text message to its C&C server (running as a hidden service). It appears that it can also take commands sent to it via pinging the C&C server or possibly via text.

There are now multiple variants of this particular virus, all with similar tricks to get a user to install it.
 #28275  by rkhunter
 Mon Apr 11, 2016 10:46 am
Android banking trojan masquerades as Flash Player and bypasses 2FA

http://www.welivesecurity.com/2016/03/0 ... ing-users/

SHA-256: fe0e760fbe30b16ddc94ed71d18890d3a0aaec667889184dbcf30f5009ee96e8
Attachments
pass:infected
(26.71 KiB) Downloaded 85 times
 #28373  by Mosh
 Fri Apr 22, 2016 10:04 pm
A new image for this Ransomware:

MD5: 825da14a0a6a4528b3fcf6e656a3f463
SHA1: e5bdd38eb212354a484fd8ba1702de97238b04d4
SHA256: 0daee2e56a7a79e15dcb804a211453718c844f8d7688b87337dcfb8f1063722f

Image
Attachments
(194.48 KiB) Downloaded 95 times
 #28471  by geoffreyvdb
 Tue May 10, 2016 11:52 am
Attachments
(7.09 MiB) Downloaded 88 times
(5.84 MiB) Downloaded 86 times
(5 MiB) Downloaded 84 times
  • 1
  • 7
  • 8
  • 9
  • 10
  • 11