Skip to content

Export page to PDF
ANDROIDOS_KSAPP.A
Malware type: Trojan
Threat sub-type: Information Stealer, Malicious Downloader, Spying Tool
Destructive: No
Platform: Android OS
Infection Count: 1
In the wild: Yes

Technical Details


File size: 3543345 bytes
Memory resident: Yes
Initial samples received date: 08 Nov 2012

NOTES:
This is the Trend Micro detection for 3rd-party apps infected with malicious code known as KSAPP. Once executed, the app may download possibly malicious files from the following URLs:

  • http://{BLOCKED}y.{BLOCKED}i.com:5222/kspp/do?imei=xxxx&wid=yyyy&type=&step=0
  • http://{BLOCKED}n.{BLOCKED}1302.com:5222/kspp/do?imei=xxxx&wid=yyyy&type=&step=0
  • http://{BLOCKED}1.com:5101/ks/do?imei=xxxx&wid=yyyy&type=&step=0
The remote script may perform the following:
  • Download other malicious APK
  • Prompt users to install the downloaded APK
  • Popup website to users
  • Invoke more extended API through remote control script.

Solution


Minimum scan engine: 9.300
First VSAPI Pattern File: 1.359.00
First VSAPI Pattern Release Date: 30 Jan 2013

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.


Did this description help? Tell us how we did.
Analysis By: Veo Zhang

Connect with us on