AndroidOS.Opfake.a malware analysis

While sifting through the Clean-MX malware database I found one suspicious APK with a low detection rate (3/39 on VirusTotal), so I decided it was worth to a look at what seemed to be an OpFake variant. Clean-MX Link: http://support.clean-mx.de/clean-mx/viruses.php?id=14835516 VT Link: https://www.virustotal.com/it/file/f0a24c53a84c413175594bd8b25a9eebe3f04d6fbf944a9e88cc293d7e911944/analysis/ APK Link: OpFake (as usual password is infected) The malicious application has the […]

Android Fake Вrowser Update Analysis

Recently our colleague N3mes1s found a fake browser updater (password, as usual is: infected) for Android, so I decided to take a look at it. Before we begin I suggest you to download the de-obfuscated java files. The malicious application has the following characteristics: Size: 178111 bytes MD5: 3dcea4358e6229828cfa5a052327088f SHA1: 2f146ea64d5439c243f8e14ecb00b717c60aaacf SHA256: 983e662c5fa649ab25a5209d8996d6ddf581f15ef73d8e14c8360125d2c5f920 Platform: Android Tools: AndroChef Java Decompiler: just to […]

RootSmart Android Malware Analysis

Android’s increasing popularity, combined with the possibility to create alternative markets, makes this platform a fertile ground for malware authors. While most of these applications just exploit the inexperience of the average user that is looking for free software, others are pretty smart and use more sophisticated techniques to take, and keep, control of the […]