I would like to provide virus analysts with a link to an app in Play Market that shows ads on top of other apps even without permission and modifies user root security certificates masquerading as a harmless app. Also, check out the user reviews for this app, where people are reporting aggressive ads en masse.
I can’t send the apk sample itself, but I think a link to this app on the Play Store will suffice: https://play.google.com/store/apps/details?id=com.scan.ocr.translate.easy
VT test result: https://www.virustotal.com/gui/file/66cb62f81923adc6d195833ac41d0582d3669e787470ba95215518fdccfc84d2?nocache=1
This app has been removed from the Google Play Market. But its sample can still be obtained from VirusTotal, please ask Avast to add detection
-
Avast can get undetected samples/uploads from VT as part of the participation is they get undetected samples.
-
Reporting a possible Malicious sample File or Website - https://www.avast.com/report-malicious-file.php.
From the link select File, Click Browse, that will open Explorer, select the file from the location you have it and Submit.
See attached image Avast-Submit-Undetected.png
How do I send a mobile sample if it was in Play Market and now deleted and I only have its hash?
If you didn’t save it and if it has been removed from the Play Store, then point 1 is the only option VT does send un detected samples to contributing AVs if they didn’t detect it…
Presumably if the Play Store removed it, then is less of an issue and hopefully before Google would allow it back in the checked it out.