SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.finfisher (Back to overview)

FinFisher

There is no description at this point.

References
2021-09-28Kaspersky LabsGReAT
@online{great:20210928:finspy:52097c8, author = {GReAT}, title = {{FinSpy: unseen findings}}, date = {2021-09-28}, organization = {Kaspersky Labs}, url = {https://securelist.com/finspy-unseen-findings/104322/}, language = {English}, urldate = {2021-10-08} } FinSpy: unseen findings
FinFisher FinFisher FinFisher FinFisher RAT
2020-10-14Netzpolitik.orgAndre Meister
@online{meister:20201014:german:be3eea7, author = {Andre Meister}, title = {{German Made State Malware Company FinFisher Raided}}, date = {2020-10-14}, organization = {Netzpolitik.org}, url = {https://netzpolitik.org/2020/our-criminal-complaint-german-state-malware-company-finfisher-raided/}, language = {English}, urldate = {2020-10-15} } German Made State Malware Company FinFisher Raided
FinFisher FinFisher FinFisher FinFisher RAT
2020-09-25Amnesty InternationalAmnesty International
@online{international:20200925:germanmade:49d85d3, author = {Amnesty International}, title = {{German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed}}, date = {2020-09-25}, organization = {Amnesty International}, url = {https://www.amnesty.org/en/latest/research/2020/09/german-made-finspy-spyware-found-in-egypt-and-mac-and-linux-versions-revealed/}, language = {English}, urldate = {2020-09-25} } German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed
FinFisher FinFisher FinFisher FinFisher RAT
2020-08Defensive Lab AgencyDefensive Lab Agency
@techreport{agency:202008:finspy:9de4cba, author = {Defensive Lab Agency}, title = {{FinSpy Android Technical Analysis}}, date = {2020-08}, institution = {Defensive Lab Agency}, url = {https://raw.githubusercontent.com/DefensiveLabAgency/FinSpy-for-Android/master/20200806_finspy_android_analysis_public_release.pdf}, language = {English}, urldate = {2020-10-02} } FinSpy Android Technical Analysis
FinFisher
2019-12-26Github (Linuzifer)Linus Neumann
@online{neumann:20191226:finspydokumentation:6ec7c63, author = {Linus Neumann}, title = {{FinSpy-Dokumentation}}, date = {2019-12-26}, organization = {Github (Linuzifer)}, url = {https://github.com/linuzifer/FinSpy-Dokumentation}, language = {English}, urldate = {2020-01-08} } FinSpy-Dokumentation
FinFisher
2019-07-10Kaspersky LabsGReAT, AMR
@online{great:20190710:new:f1277c3, author = {GReAT and AMR}, title = {{New FinSpy iOS and Android implants revealed ITW}}, date = {2019-07-10}, organization = {Kaspersky Labs}, url = {https://securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/}, language = {English}, urldate = {2019-12-20} } New FinSpy iOS and Android implants revealed ITW
FinFisher
Yara Rules
[TLP:WHITE] apk_finfisher_w0 (20200109 | Detect Gamma/FinFisher FinSpy for Android #GovWare)
// Published under the GNU-GPLv2 license. It’s open to any user or organization,
//    as long as you use it under this license.

rule apk_finfisher_w0 {
    meta:
        description = "Detect Gamma/FinFisher FinSpy for Android #GovWare"
        date = "2020/01/07"
        author = "Thorsten Schröder - ths @ ccc.de (https://twitter.com/__ths__)"
		reference = "https://github.com/devio/FinSpy-Tools"
		reference = "https://github.com/Linuzifer/FinSpy-Dokumentation"
		reference = "https://www.ccc.de/de/updates/2019/finspy"
        hash = "c2ce202e6e08c41e8f7a0b15e7d0781704e17f8ed52d1b2ad7212ac29926436e"
        malpedia_reference = "https://malpedia.caad.fkie.fraunhofer.de/details/apk.finfisher"
        malpedia_version = "20200109"
        malpedia_sharing = "TLP:WHITE"
        malpedia_license = ""

    strings:
        $re = /\x50\x4B\x01\x02[\x00-\xff]{32}[A-Za-z0-9+\/]{6}/
    condition:
        $re and (#re > 50)
}
Download all Yara Rules