Composition Strategy
- Standalone: ✔
- Repackaging:
- Library:
Activation Strategy
- Event: BOOT, CALL, MAIN, MEDIA, NET, PKG, SCREEN, SMS, STORAGE, SYS, batt
- By Host App:
- Scheduling:
Information Stealing
- Personal Information: Contacts, GPS Location, SMS
- Device Information: ✔
Persistence
- Clean Evidence: hide icon
- Prevent Destroy:
Privilege Escalation
- Request Device Admin:
- Root Exploits:
C&C
- Internet Server:
- SMS Server: ✔
- Command Encoding: custom_protocol
Anti-analysis Techniques
- Renaming: ✔
- String Encryption:
- Dynamic Loading:
- Native Payload:
- Evade Dynamic Analysis: encrypt SMS message
Monetization Methods
- Subscribe to Premium Service:
- Banking Trojan:
- Ransom:
- Aggressive Advertisement: