DB01F96D5E66D82F7EB61B85EB96EF6E
52A30B58257D338617A39643E2216D0C
The original sample is protected with Dexguard to give extra protection on its code as its will appeared to be obfuscated when decompiling.
The following permission can be used once it has been installed:
- directly call phone numbers
- read phone status and identity
- reroute outgoing calls
- edit your text messages (SMS or MMS)
- read your text messages (SMS or MMS)
- receive text messages (SMS)
- send SMS messages
- take pictures and videos
- record audio
- precise location (GPS and network-based)
- read call log
- read your contacts
- read your Web bookmarks and history
- modify or delete the contents of your SD card
- find accounts on the device
- full network access
- view network connections
- retrieve running apps
- prevent phone from sleeping
- modify system settings
- test access to protected storage
initiate() load pre-defined configuration with base64 encoded.
Here from VirusTotal detection list:
https://www.virustotal.com/en/file/099a57328de9335c524f44514e225d50731c808145221affdd684d8b4dad5a1d/analysis/
Although, this sample is an earlier version of Dendroid. Some user might already found recent version of it bind with other application to make it seem legitimate apps.
~ alternat0r
No comments:
Post a Comment