Analisado por: Jordan Pan   
 Threat sub-type::

Premium Service Abuser, Malicious Downloader

 Plataforma:

Android OS

 Classificao do risco total:
 Potencial de dano:
 Potencial de distribuição:
 infecção relatada:
 Exposição das informações:
Baixo
Medium
Alto
Crítico

  • Tipo de grayware:
    Trojan

  • Destrutivo:
    Não

  • Criptografado:
     

  • In the Wild:
    Sim

  Visão geral

Überwacht alle eingehenden und ausgehenden Anrufe. Zeigt Popup-Werbung an. Dies ist die Erkennung von Trend Micro für Android-Anwendungen, die mit bösartigem Code gekoppelt sind.

  Detalhes técnicos

Tipo de compactação: 181215 bytes
Residente na memória: Sim
Data de recebimento das amostras iniciais: 09 outubro 2015

Mobile Malware-Routine

Greift auf folgende bösartige URL(s) zu, um Dateien herunterzuladen:

  • http://www.{BLOCKED}3.com/star/sifang/
  • http://m.{BLOCKED}z.com/h/meihuo/
  • http://m.{BLOCKED}3.com/gaoqingmeinv/
  • http://www.{BLOCKED}1.com/xinggan/
  • http://www.{BLOCKED}2.cc/xingganmeinv/
  • http://www.{BLOCKED}z.com/a/xingganmeinv/
  • http://m.{BLOCKED}u.com/

Überwacht alle eingehenden und ausgehenden Anrufe.

Zeigt Popup-Werbung an.

Fordert bei der Installation die folgenden Berechtigungen:

  • android.permission.RECEIVE_BOOT_COMPLETED
  • android.permission.SEND_SMS
  • android.permission.RECEIVE_SMS
  • android.permission.READ_SMS
  • android.permission.WRITE_SMS
  • android.permission.RECEIVE_MMS
  • android.permission.RECEIVE_WAP_PUSH
  • android.permission.INTERNET
  • android.permission.ACCESS_NETWORK_STATE
  • android.permission.READ_PHONE_STATE
  • android.permission.CHANGE_NETWORK_STATE
  • android.permission.CHANGE_WIFI_STATE
  • android.permission.ACCESS_WIFI_STATE
  • android.permission.DEVICE_POWER
  • android.permission.WAKE_LOCK
  • android.permission.WRITE_APN_SETTINGS
  • android.permission.WRITE_SETTINGS
  • android.permission.WRITE_EXTERNAL_STORAGE
  • android.permission.MOUNT_UNMOUNT_FILESYSTEMS
  • android.permission.INTERNET
  • android.permission.READ_PHONE_STATE
  • android.permission.ACCESS_NETWORK_STATE
  • android.permission.ACCESS_WIFI_STATE
  • android.permission.CHANGE_WIFI_STATE
  • android.permission.BLUETOOTH
  • android.permission.WRITE_EXTERNAL_STORAGE
  • android.permission.RECEIVE_BOOT_COMPLETED
  • android.permission.GET_TASKS
  • android.permission.PACKAGE_USAGE_STATS
  • android.permission.CHANGE_NETWORK_STATE
  • android.permission.BROADCAST_STICKY
  • android.permission.INSTALL_PACKAGES
  • android.permission.DELETE_PACKAGES
  • android.permission.WRITE_SECURE_SETTINGS
  • android.permission.WAKE_LOCK
  • android.permission.GET_TASKS
  • android.permission.SYSTEM_ALERT_WINDOW
  • android.permission.PACKAGE_USAGE_STATS
  • com.android.launcher.permission.READ_SETTINGS
  • com.android.launcher.permission.WRITE_SETTINGS
  • com.android.launcher.permission.INSTALL_SHORTCUT
  • com.android.launcher.permission.UNINSTALL_SHORTCUT
  • android.permission.READ_EXTERNAL_STORAGE
  • android.permission.MOUNT_UNMOUNT_FILESYSTEMS
  • android.permission.READ_OWNER_DATA

Dies ist die Erkennung von Trend Micro für Android-Anwendungen, die mit bösartigem Code gekoppelt sind.

Kann die folgenden Aufgaben ausführen:

  • download unwanted apps
  • push adult ads
  • register as device admin

  Solução

Mecanismo de varredura mínima: 9.800
Participe da nossa pesquisa!