Analysis by: Yinfeng Qiu


Information Stealer


Android OS


  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes


This malicious app received widespread media attention in Japan. It steals affected users' contacts information and sends the stolen data to a server.

To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.

This Trojan may be manually installed by a user.

It sends the information it gathers to remote sites.


File Size: 32768 bytes
File Type: APK
Memory Resident: Yes
Payload: Steals information

Arrival Details

This Trojan may be manually installed by a user.

Information Theft

This Trojan sends the information it gathers to remote sites.


Upon installation, the malicious app appears on the home screen as a legitimate battery saving app.

It asks for the following permissions:

Examining the decompiled code of the app, its malicious routines are confirmed:

It queries the affected user's contacts information and sends said information to following remote servers through HTTP POST.

  • http://jac{BLOCKED}
  • http://max{BLOCKED}
  • http://sta{BLOCKED}
  • http://app{BLOCKED}
  • http://122.{BLOCKED}GetContacts/getInfo.php
  • http://app{BLOCKED}
  • http://gre{BLOCKED}.biz/bl.php
  • http://p{BLOCKED}

It may arrive using the following package names and installed as the following applications:

App Label Package Name
電池長持ち com.mmmm.batterylong
スマソーラー jp.fw.solar_s006
app電話帳リーダー my.testApp.getContact
Power Charge com.appz.solf
Solar Charge net.appzg


Minimum Scan Engine: 9.200
VSAPI OPR PATTERN File: 1.295.00
VSAPI OPR PATTERN Date: 14 Aug 2012

Step 1

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.

Step 2

Remove unwanted apps on your Android mobile device

[ Learn More ]

Did this description help? Tell us how we did.