ANDROIDOS_LIANGOU.HRX
Publish Date: 26 décembre 2015
Threat sub-type::
Premium Service Abuser, Malicious Downloader
Plate-forme:
Android OS
Overall Risk:
Dommages potentiels: :
Distribution potentielle: :
reportedInfection:
Information Exposure Rating::
Faible
Medium
Élevé
Critique
Type de grayware:
Trojan
Destructif:
Non
Chiffrement:
In the wild::
Oui
Overview
Überwacht alle eingehenden und ausgehenden Anrufe. Zeigt Popup-Werbung an. Dies ist die Erkennung von Trend Micro für Android-Anwendungen, die mit bösartigem Code gekoppelt sind.
Détails techniques
File size: 181215 bytes
Memory resident: Oui
Date de réception des premiers échantillons: 09 octobre 2015
Mobile Malware-Routine
Greift auf folgende bösartige URL(s) zu, um Dateien herunterzuladen:
- http://www.{BLOCKED}3.com/star/sifang/
- http://m.{BLOCKED}z.com/h/meihuo/
- http://m.{BLOCKED}3.com/gaoqingmeinv/
- http://www.{BLOCKED}1.com/xinggan/
- http://www.{BLOCKED}2.cc/xingganmeinv/
- http://www.{BLOCKED}z.com/a/xingganmeinv/
- http://m.{BLOCKED}u.com/
Überwacht alle eingehenden und ausgehenden Anrufe.
Zeigt Popup-Werbung an.
Fordert bei der Installation die folgenden Berechtigungen:
- android.permission.RECEIVE_BOOT_COMPLETED
- android.permission.SEND_SMS
- android.permission.RECEIVE_SMS
- android.permission.READ_SMS
- android.permission.WRITE_SMS
- android.permission.RECEIVE_MMS
- android.permission.RECEIVE_WAP_PUSH
- android.permission.INTERNET
- android.permission.ACCESS_NETWORK_STATE
- android.permission.READ_PHONE_STATE
- android.permission.CHANGE_NETWORK_STATE
- android.permission.CHANGE_WIFI_STATE
- android.permission.ACCESS_WIFI_STATE
- android.permission.DEVICE_POWER
- android.permission.WAKE_LOCK
- android.permission.WRITE_APN_SETTINGS
- android.permission.WRITE_SETTINGS
- android.permission.WRITE_EXTERNAL_STORAGE
- android.permission.MOUNT_UNMOUNT_FILESYSTEMS
- android.permission.INTERNET
- android.permission.READ_PHONE_STATE
- android.permission.ACCESS_NETWORK_STATE
- android.permission.ACCESS_WIFI_STATE
- android.permission.CHANGE_WIFI_STATE
- android.permission.BLUETOOTH
- android.permission.WRITE_EXTERNAL_STORAGE
- android.permission.RECEIVE_BOOT_COMPLETED
- android.permission.GET_TASKS
- android.permission.PACKAGE_USAGE_STATS
- android.permission.CHANGE_NETWORK_STATE
- android.permission.BROADCAST_STICKY
- android.permission.INSTALL_PACKAGES
- android.permission.DELETE_PACKAGES
- android.permission.WRITE_SECURE_SETTINGS
- android.permission.WAKE_LOCK
- android.permission.GET_TASKS
- android.permission.SYSTEM_ALERT_WINDOW
- android.permission.PACKAGE_USAGE_STATS
- com.android.launcher.permission.READ_SETTINGS
- com.android.launcher.permission.WRITE_SETTINGS
- com.android.launcher.permission.INSTALL_SHORTCUT
- com.android.launcher.permission.UNINSTALL_SHORTCUT
- android.permission.READ_EXTERNAL_STORAGE
- android.permission.MOUNT_UNMOUNT_FILESYSTEMS
- android.permission.READ_OWNER_DATA
Dies ist die Erkennung von Trend Micro für Android-Anwendungen, die mit bösartigem Code gekoppelt sind.
Kann die folgenden Aufgaben ausführen:
- download unwanted apps
- push adult ads
- register as device admin
Solutions
Moteur de scan minimum: 9.800