A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #8423  by rough_spear
 Mon Sep 05, 2011 6:34 pm
Android malware DroidDeluxe. ;)


File Name - DroidDeluxe.7z
password - malware.


Regards,


rough_spear.
Attachments
password - malware.
(645.94 KiB) Downloaded 187 times
 #9378  by rough_spear
 Sun Oct 23, 2011 6:30 pm
Hi All, :D
One more Android malware called z4root(Linux Exploit.Lotoor) :twisted:

Web Link - hxxp://static.droidnetwork.net/wicked/files/z4root.1.3.0.apk

VT link - http://www.virustotal.com/file-scan/rep ... 1319032694

MD5 : 46965bd41dac0e4988515aa2f9f95b19
SHA1 : 446481a3a8b3b85f8d1caa4ada713c21e98572b4
SHA256: d49733d22389edd8ed0615f6cb86613ec1a86092a58da2faf81736cb17326d0d
ssdeep: 24576:nbsaV1vXbWfmh69rKr7H7b1cr9Z/3f1/3urI0xq:b31vXbUmhDrzfSrzPledxq
File size : 978414 bytes


Regards,


rough_spear. ;)
Attachments
password - malware.
(890.56 KiB) Downloaded 127 times
 #9386  by cjbi
 Mon Oct 24, 2011 12:05 pm
rough_spear wrote:One more Android malware called z4root(Linux Exploit.Lotoor) :twisted:
AFAIK, z4root is not malware. It's Android root tool.
Potentially dangerous? Yes.
Malware? No.
 #11512  by hnpl2011
 Thu Feb 09, 2012 4:08 am
I'm looking for:
- GingerMaster: First Android Malware Utilizing a Root Exploit on Android 2.3 (Gingerbread)- http://www.csc.ncsu.edu/faculty/jiang/GingerMaster/
MD5: 31c560685c44e4b2a11d37b679d0dcf7a32d415c
SHA256: 000c5743faf355f0ce976de9a9d33f51c7e9248728886609b7f2242d408285af
https://www.virustotal.com/file/000c574 ... /analysis/
- DroidLive--SMS Android Trojan -- Being Disguised as a Google Library - http://www.csc.ncsu.edu/faculty/jiang/DroidLive/
 #11530  by Xylitol
 Thu Feb 09, 2012 1:17 pm
hnpl2011 wrote:I'm looking for:
- GingerMaster: First Android Malware Utilizing a Root Exploit on Android 2.3 (Gingerbread)- http://www.csc.ncsu.edu/faculty/jiang/GingerMaster/
MD5: 31c560685c44e4b2a11d37b679d0dcf7a32d415c
SHA256: 000c5743faf355f0ce976de9a9d33f51c7e9248728886609b7f2242d408285af
https://www.virustotal.com/file/000c574 ... /analysis/
- DroidLive--SMS Android Trojan -- Being Disguised as a Google Library - http://www.csc.ncsu.edu/faculty/jiang/DroidLive/
Attachments
pw: infected
(151.97 KiB) Downloaded 107 times
 #14103  by 360Tencent
 Tue Jun 19, 2012 3:57 am
https://www.virustotal.com/file/5e43837 ... /analysis/ (updateandroid.biz)

http://whois.domaintools.com/updateandroid.biz
IP Address:195.242.161.166 Reverse-IP | Ping | DNS Lookup | Traceroute ASN: AS47434 IP Location: - Ukraine - Fortune Science And Production Company
dead link on clean-mx.de :cry:

http://bancomovil.info/cajamar.apk

Sorry,other five C&C servers are hard to find out
 #16203  by hnpl2011
 Mon Oct 22, 2012 4:57 am
I Looking for two Android.Sumzand:
384fe8649c6e11083c19fc25fe9fcd1f
6850fa8f9495d96e7355cca7f9dee89a
Thank :)
  • 1
  • 2
  • 3
  • 4
  • 5
  • 11