SMS Flooder Apps (Hashes)

[Guest]

An SMS Flooder is a trojan that sends a massive amount of SMS messages to a single or multiple targets.

 

SMS Flooder apps not detected ( these are variant of Android/SMSFlooder.Agent)

54f5446feb0b4f1b9b01c42f332cd112821de8819c6c714ec54ffd0cfb9913fa

 

[itman 1,921]

No one detects this at VirusTotal.

The software is signed and appears to originate from India;

Refs,: https://buymeacoffee.com/romreviewer , https://bombitup.net/

 

Edited September 28, 2024 by itman

[itman 1,921]

Also. Eset detects attempted download as a PUA;

[Guest]

Well, I am also from India and I understand how these apps work. That's why I contacted ESET; they detected various versions of these same apps on VirusTotal, while none of the other antivirus software detected them. So, I shared the one that wasn’t detected at the time of downloading. These apps are developed by genuine developers, but they are developed with the same intent. In conclusion, I downloaded various versions of the same sample file; two were detected, and the third one that I provided to you went undetected.

[itman 1,921]

2 hours ago, hellosky11 said:

I downloaded various versions of the same sample file; two were detected, and the third one that I provided to you went undetected.

Which is a great example of why signatures can't exclusively be relied upon to detect malware.

Eset via its DNA signature capability is great at detecting polymorphic malware binaries. This however might not be applicable to Android software. Ditto for script detection in Windows.

Edited September 29, 2024 by itman

[Guest]

that is why i share the hashes so that they can be checked

[Guest]

@Marcos can you confirm on the detection, it seems you are simply ignoring the post!