A new android malware, Parasites Android Malware, has been reported by my friend Rick’s malware team. After I got the sample last night, I have done a quick analysis using trustlook’s malware analysis platform. Here you are the detail report.
Note: here is Zhi Xu’s original report
The malware application general information.
Here is the permissions the malware reserved
Here is the two android package embedded in the application itself.
When the application loaded, it will load a dynamic Jar library included in its package and also try to get ROOT shell by running “su” command.
It will read your device information
Some of its DNS related traffic
steal user’s IMEI number using HTTP POST: