Wednesday, April 2, 2014

Oldboot.B - Android bootkit

Research: Oldboot.B:与Bootkit技术结合的木马隐藏手段的运用 Chinese version: 
English version: Oldboot.B: Bootkit technology combined with the use of a means to hide Trojans 
Author: iRiqium, Zhaorun Ze, Jiang Xuxian

Sample credit: Qing Dong

sbin/adb_server  a4c89abc46bbb34c6dd2c23caad99d61
sbin/meta_chk 6976d12388939d6cb93e28236212c8c7
init.rc 51b52552baf91d00e8f34ec052339f13

sbin/meta_chk cea6dd8a13cbce59097ad87fafb91fcd
init.rc f8f8e0b089bedbd58bea8a262229a234

sbin/agentsysline e5d27b3e64ed5e2ae6d6c063e3ddf08a
sbin/boot_tst 04c6dfa8457f1dd88258d427be089e00
init.rc eec3292341177d9e39530d0ab481ead0

Download. Email me if you need the password (new link)

Image by