Skip to content
1-888-762-8736(M-F 8:00am-5:00pm CST)
1-877-218-7353(M-F 8:00am-5:00pm CST)
href="http://www.trendmicro.com/us/enterprise/index.html" id="ENT-overview-test2" title="SEE ALL ENTERPRISE SOLUTIONS">Enterprise Overview
This malware is a cross-platform threat, affecting both Android and Windows.
To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
This malware presents itself as a system cleaner that helps you clean and speed up your system. After installation, it shows the icon launcher below:
Once the malicious app is launched, the user will see the home screen:
The app presents several different “clean options” for the user to choose, but they actually do nothing except show a process bar.
At the same time, this malware starts up a service, which is really malicious, in background.
This malware registers a location listener to collect and upload user location information through HTTP to the following server:
This malware also receives commands from the following C&C server:
The protocol used by malware to communicate with C&C server is a self-defined protocol.
This malware executes several routines such as:
One of the three downloaded files is a classic auto-run malware on Windows. If the user selects the USB mode on their mobile device and connects it to a Windows PC, this malware (svchosts.exe) will run automatically. On Windows, this auto-run malware is designed to record your voice with the microphone .
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.
Download and install the Trend Micro Mobile Security App via Google Play.
Remove unwanted apps on your Android mobile device
To remove unwanted apps on your mobile device:
Connect with us on
| | | |