Clicky

Sunday, November 24, 2013

Roidsec / Sinpon - Android Infostealer


Roidsec D4A557EC086E52C443BDE1B8ACE51739

Research http://www.symantec.com/security_response/writeup.jsp?docid=2013-052022-1227-99&tabid=2


Functionality
The Trojan collects the following information from the compromised computer:
Sends SMS messages
Forces the phone to stay on
Collect call log
Collect contacts
Collect installed apps
Collect GPS location
Collect memory size available on phone memory
Collect SD memory size available
List all files on SD with timestamps
Collect incoming SMS messages
Collect outgoing SMS messages
List of apps currently running
Collect total amount of RAM
Status of WiFi being on or off
List all files on phone memory with timestamps
Deletes files on SD card


Download. Email me if you need the password






https://www.virustotal.com/en/file/f8a7b7f377c94c84ffa6cd7338734ceccf9bb7e5b25292bf449f39c778b4e3e4/analysis/

SHA256: f8a7b7f377c94c84ffa6cd7338734ceccf9bb7e5b25292bf449f39c778b4e3e4
File name: f8a7b7f377c94c84ffa6cd7338734ceccf9bb7e5b25292bf449f39c778b4e3e4
Detection ratio: 22 / 47
Analysis date: 2013-11-09 21:02:42 UTC ( 2 weeks, 1 day ago )
 t Update
Comodo UnclassifiedMalware 20131109
F-Secure Trojan:Android/Roidsec.A 20131109
VIPRE Trojan.AndroidOS.Generic.A 20131109
Baidu-International Trojan.Android.Sinpon.A 20131109
Kaspersky HEUR:Backdoor.AndroidOS.Sinpon.a 20131109
McAfee Artemis!D4A557EC086E 20131109
McAfee-GW-Edition Artemis!D4A557EC086E 20131109
TrendMicro-HouseCall ANDROIDOS_SMSSENDER.VTD 20131109
TrendMicro ANDROIDOS_SMSSENDER.VTD 20131109
Ikarus AndroidOS.Roidsec.A 20131109
AVG Android_dc.AEYF 20131109
Avast Android:Roidsec-A [Trj] 20131109
AntiVir Android/Sinpon.a 20131109
Fortinet Android/Sinpon.A 20131109
Emsisoft Android.Trojan.Roidsec.A (B) 20131109
MicroWorld-eScan Android.Trojan.Roidsec.A 20131109
BitDefender Android.Trojan.Roidsec.A 20131109
GData Android.Trojan.Roidsec.A 20131109
Kingsoft Android.Troj.at_roidsecspy.a.(kcloud) 20130829
DrWeb Android.Roids.1.origin 20131109
AhnLab-V3 Android-Spyware/Synphone 20131109
ESET-NOD32 a variant of Android/Sinpon.A 20131109
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)