[kodo]

http://www.f-secure.com/weblog/archives/00002538.html

SHA1:

2157fd7254210ef2e8b09493d0e1be3b70d6ce69
9416551d3965d3918eef3788b0377963d7b77032
1ebfc6f1f3e15773f23083c9d8d54771e28f5680
ec14ed31a85f37fad7c7d9c8c0d2aad3a60c8b36
60e1cd1191e0553f8d02289b96804e4ab48953b3

VT:

https://www.virustotal.com/en/file/032a ... /analysis/
https://www.virustotal.com/en/file/ccad ... /analysis/
https://www.virustotal.com/en/file/80b0 ... /analysis/

[Xylitol]

In attach

[Mosh]

Hi All

I want to share some android's malware samples that I found recently, not yet tested, I hope it works.

62c9e72900f24beda116129b25a5d768.apk
4201c0167798f2b94423e62ef250148b
495cfc61a21965f07fc9c0c9ddb49ab6c2acb796
https://www.virustotal.com/en/file/0d7e ... 369602135/

60279xy8a0.penetratepro.apk
d17bfdd736a96079c47ab4912b6bf51a
c723da5fadf97c4b6e2118650cbb0b84858f8028
https://www.virustotal.com/en/file/a8ad ... 369602165/

Avatar_Android_200.apk
d10b8341ae0252b7ddb36aca2ddc87bd
1615d86738b5603ea924f9f4416f216ccabfbd3c
https://www.virustotal.com/en/file/31c2 ... 369602250/

com.daulyye.HelloTabWidget.1318862094315.apk
17a68d8eeec3c3922b6d0f645621506b
98e7b348269782e360668995683b1cf838c91b99
https://www.virustotal.com/en/file/fc2f ... 369602298/

e-security.apk
02462f235a01a6f8287900d04598b4a4
e55c3a9586a858ee931c21ec7cae90276e7ddc16
https://www.virustotal.com/en/file/181f ... 369602439/

HotDatingBabe_lmt_my0319.apk
d42f0db1af18f7b8a1fe5b280e6e0983
da70db46ec56cf092c5dd8a55149b991fdc58053
https://www.virustotal.com/en/file/49bc ... 369602450/

hq2.itqmmi.hjbr_94100600_0.apk
2a96b4721c638ec5d67b9b318bb0b3e0
c1a286565ec2f1b497b169424b2d2a888737bafb
https://www.virustotal.com/en/file/0602 ... 369602533/

install.apk
75b72e9050c8120ca3972058070a85a6
7edc08680769d4514978a587fe08c2038a0cc05a
https://www.virustotal.com/en/file/9253 ... 369602621/

Jiker20121511119570.apk
5dc267e6d2dc2d75c326801ce8b3e9cd
4bb8b684d162445d5f64bca067b6cbca7ed948f7
https://www.virustotal.com/en/file/e664 ... 369602632/

Jiker20125511523718.apk
247e99e20b02aba63a161f765a88ccf0
a94d12514d243ba4e8050eb549bfdce4d847a3fb
https://www.virustotal.com/en/file/a8a7 ... 369602700/

oms.mmc.fortunetelling.fengshui.apk
7ff1904ceef53ff406686a60d290a15b
c248941ade1b22c2c0acab6e6ab377e7720c6c9e
https://www.virustotal.com/en/file/9534 ... 369602757/

smsbox.apk
3730644a31647ad648b67bd1d5b132c0
28e7d95daba56643875ef1a481e498f8eb363e16
https://www.virustotal.com/en/file/bc92 ... 369602823/

Universal.apk
8bde66cac774bacf175e65bfb24f4f2b
edd57c3c0796aad01554273065999e5bdd4b5d65
https://www.virustotal.com/en/file/32ad ... 369602837/

[iks]

Sorry, I did not speak English as a Google Translator ups.

Smishing malware (target korean)
VT:
https://www.virustotal.com/en/file/2144 ... /analysis/

String:
http://pone.allyac.net/login.php (open port: 21, 80, 3306, 3389)

Victims of malware
FTP can be accessed
index.php(source code)
ID: admin PW: abc6789
or
http://pone.allyac.net/login.php?get=1

[hnpl2011]

Hello, I'm looing for Android.fakedefender
MD5:
3dcea4358e6229828cfa5a052327088f
https://www.virustotal.com/en/file/983e ... /analysis/
article: http://www.symantec.com/connect/blogs/f ... nes-ransom
Thank,

[Xylitol]

attached.

[rough_spear]

Hi All,

can somebody provide me following malware sample.

md5:283d16309a5a35a13f8fa4c5e1ae01b1

Md5 : 3321bea891776125dde3e8ffa299fe87

Article for reference.

http://www.f-secure.com/weblog/archives ... Slinger%29

Regards,

rough_spear.

[360Tencent]

http://forum.xda-developers.com/showthr ... ?t=1656497

16th May 2012

very "quick" response

[hnpl2011]

Hello again,
Unfortunately, the samples in http://www.kernelmode.info/forum/viewto ... =21&t=2798 is not android.fakedefender in Symantec's article.
I found these new MD5:
- e827ce6805327671a16078d8f1f1ed72
https://www.virustotal.com/en/file/bb11 ... /analysis/
- d4bb359b346a115c22596650d575a930
https://www.virustotal.com/en/file/3769 ... /analysis/
Anyone can help me, please
Thank,

[Xylitol]

Hello again,
Unfortunately, the samples in http://www.kernelmode.info/forum/viewto ... =21&t=2798 is not android.fakedefender in Symantec's article.
I found these new MD5:
- e827ce6805327671a16078d8f1f1ed72
https://www.virustotal.com/en/file/bb11 ... /analysis/
- d4bb359b346a115c22596650d575a930
https://www.virustotal.com/en/file/3769 ... /analysis/
Anyone can help me, please
Thank,

ok.