arrow_back
search
close

ANDROIDOS_ADCLICK.A

June 06, 2017
 Analysis by: Chunbo Song
 PLATFORM:

Android

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Adware

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes


  TECHNICAL DETAILS

File Size:

43274012 bytes

File Compression:

ZIP

Memory Resident:

Yes

Initial Samples Received Date:

18 Apr 2017

NOTES:
This adware can make clicks automatically in the background. Once the adware running on the device, it can do any of the following.

  1. Establish a connection with the C&C server silently.

    C&C server: http://www.{BLOCKED}a21.net/new/apps_kakao_judis_5.php?pkg=com..&sdk=

  2. Get the malicious auto-clicking JavaScript code from C&C server.
  3. Locate the banners of Google ads infrastructure.
  4. Make auto-clicking on banners of Google ads

It gathers the following device information:

  1. IMEI
  2. Phone Number

Based on analysis above, it has the following capabilities:

  1. Auto-clicking advertisements.
  2. Gathering the device information