Basic Information
- Samples: 14
- Creation Date: 2012-10
- Detected Date: 2012-07
- Fraud: No
- Studied Sample: /Mmarketpay/variety1/26d9dd5cabe328f4f0627639ee350706.apk
- References:
http://blog.trustgo.com/mmarketpay/
- Language: CN
Composition Strategy
- Standalone:
- Repackaging: Isolated
- Library:
Installation Strategy
- Drop: ✔
- Drive-by Download:
Activation Strategy
- Event: BOOT, NET, SMS, SYS
- By Host App:
- Scheduling: ✔
Information Stealing
- Personal Information: GPS Location
- Device Information: ✔
Persistence
- Clean Evidence: block sms
- Prevent Destroy:
Privilege Escalation
- Request Device Admin:
- Root Exploits:
C&C
- Internet Server: ✔
- SMS Server:
- Command Encoding: custom_protocol
Anti-analysis Techniques
- Renaming:
- String Encryption:
- Dynamic Loading:
- Native Payload:
- Evade Dynamic Analysis:
Monetization Methods
- Subscribe to Premium Service: dynamic
- Banking Trojan:
- Ransom:
- Aggressive Advertisement: