Rewterz Threat Alert – New Android Malware – Active IOCs
Severity
High
Analysis Summary
A gear shaped icon is displayed for the apploication in an android device.
After execution, the “permission granted” warning appears on the screen. The process managers continues to run in the backgroud. The number of permissions requested by the application amounts to 18:
ACCESS_COARSE_LOCATION – Access to the phone location.
ACCESS_FINE_LOCATION – Access to the location based on GPS.
ACCESS_NETWORK_STATE – View the status of all networks.
ACCESS_WIFI_STATE – View WIFI information.
CAMERA – Take pictures and videos from the camera
FOREGROUND_SERVICE – Allows to put in foreground
INTERNET – Allows to create internet sockets
MODIFY_AUDIO_SETTINGS – Allows to modify audio settings
REAL_CALL_LOG – Allows to read a telephone call
READ_CONTACTS – Allows to read contacts information
READ_EXTERNAL_STORAGE – Allows to read external storage devices
WRITE_EXTERNAL_STORAGE – Allows to write to the Memory Card
READ_PHONE_STATE – Allows to read phone status and its id
READ_SMS – Allows to read SMS stored on the SIM card
RECEIVE_BOOT_COMPLETED – Allows to start the app when the device is turned on
RECORD_AUDIO – Access to the audio recorder
SEND_SMS – Allows to send sms
WAKE_LOG – Prevents the device from locking/hibernating