ANDROIDOS_KSAPP.A | Low Risk | Trend Micro Threat Encyclopedia

Export page to PDF

ANDROIDOS_KSAPP.A

Malware type: Trojan
Threat sub-type: Information Stealer, Malicious Downloader, Spying Tool
Destructive: No
Platform: Android OS
Infection Count: 1
In the wild: Yes

Overall Risk Rating:

Low

Damage Potential:

Low

Distribution Potential:

Low

Reported Infection:

Low

Technical Details

File size: 3543345 bytes
Memory resident: Yes
Initial samples received date: 08 Nov 2012

NOTES:
This is the Trend Micro detection for 3rd-party apps infected with malicious code known as KSAPP. Once executed, the app may download possibly malicious files from the following URLs:

http://{BLOCKED}y.{BLOCKED}i.com:5222/kspp/do?imei=xxxx&wid=yyyy&type=&step=0
http://{BLOCKED}n.{BLOCKED}1302.com:5222/kspp/do?imei=xxxx&wid=yyyy&type=&step=0
http://{BLOCKED}1.com:5101/ks/do?imei=xxxx&wid=yyyy&type=&step=0

The remote script may perform the following:

Download other malicious APK
Prompt users to install the downloaded APK
Popup website to users
Invoke more extended API through remote control script.

Solution

Minimum scan engine: 9.300
First VSAPI Pattern File: 1.359.00
First VSAPI Pattern Release Date: 30 Jan 2013

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.

Did this description help? Tell us how we did.

Analysis By: Veo Zhang

Product Support

Go To:

Popular Products

More Support

Go to:

Popular Products

Threat Encyclopedia

Technical Details

Solution