Composition Strategy
- Standalone:
- Repackaging: Integrated
- Library:
Activation Strategy
- Event: BOOT, MEDIA, NET, SCREEN, SMS
- By Host App: ✔
- Scheduling: ✔
Information Stealing
- Personal Information:
- Device Information: ✔
Persistence
- Clean Evidence: block sms
- Prevent Destroy: kill av
Privilege Escalation
- Request Device Admin: ✔
- Root Exploits:
C&C
- Internet Server: ✔
- SMS Server:
- Command Encoding: XML
Anti-analysis Techniques
- Renaming: ✔
- String Encryption:
- Dynamic Loading:
- Native Payload: ✔
- Evade Dynamic Analysis:
Monetization Methods
- Subscribe to Premium Service: dynamic
- Banking Trojan:
- Ransom:
- Aggressive Advertisement: