Analysis by: Veo Zhang


Information Stealer, Premium Service Abuser, Click Fraud, Malicious Downloader, Spying Tool


Android OS


  • Threat Type: Backdoor

  • Destructiveness: Yes

  • Encrypted:

  • In the wild: Yes


This Android malware installs itself as an administrator and uses a vulnerability found in Android.

To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below.

This backdoor may be downloaded from app stores/third party app stores.


File Size:

243828 bytes

File Type:


Memory Resident:


Initial Samples Received Date:

30 May 2013


Compromises system security, Steals information

Arrival Details

This backdoor may be downloaded from app stores/third party app stores.

Other Details

This backdoor connects to the following possibly malicious URL:

  • http://www.{BLOCKED}


This malware disguises itself as Device Administrator app and root app.

Users cannot cancel the app's message prompt, even back to home screen. It repeatedly shows a message prompt, specially after device reboot.

If user chooses to activate the Device Administrator, the malware runs in stealth mode. Users cannot find it in Device Administrator list and uninstall it.

It executes the following routines in the background:

  • Distributes malware via Bluetooth
  • Downloads, installs and uninstalls packages (with root priviliges this can be done silently)
  • Gathers user’s contacts, call logs, SMS inbox and installed apps
  • Hides launcher, which runs in the background service and set to highest priority
  • Opens Wi-Fi connections and connects to remote server


Minimum Scan Engine:


TMMS Pattern File:


TMMS Pattern Date:

03 Jun 2013

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.

Did this description help? Tell us how we did.