ANDROIDOS_BOXER.A

 Analysis by: Xingqi Ding

 THREAT SUBTYPE:

Premium Service Abuser

 PLATFORM:

Android OS

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

Infection Channel:

Downloaded from the Internet

This malware poses as a free Flash player installer.

It sends SMS based on different country code and operation code thus users are charged.

This Trojan may be downloaded unknowingly by a user when visiting malicious website(s).

  TECHNICAL DETAILS

File Size:

1,659,759 bytes

File Type:

APK

Memory Resident:

No

Initial Samples Received Date:

08 May 2012

Payload:

Sends SMS

Arrival Details

This Trojan may be downloaded unknowingly by a user when visiting the following malicious website(s):

  • {BLOCKED}ayerandroid-apk.ru
  • {BLOCKED}us-api.ru

NOTES:

This malware poses as a free Flash Player installer.

It sends SMS based on different country code and operation code thus users are charged.

Below is the screenshot of the code that initializes SMS content and number.

  SOLUTION

Minimum Scan Engine:

9.200

TMMS Pattern File:

1.239.00

TMMS Pattern Date:

11 May 2012

Step 1

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.

Step 2

Remove unwanted apps on your Android mobile device

[ Learn More ]

Did this description help? Tell us how we did.