Today, i'll be telling you guys about Adware.Avazu.1.origin as well as give you guys info about other Dropper Trojans, malwares/adwares that can drop other malware. Let's get started!
What is Adware.Avazu.1.origin and what does it do?
Adware.Avazu.1.origin is an advertising module that may be dropped by Android.Toorch.1.origin's malicious modifications. It is installed onto the infected device's system directory(/system/app) as an application named GoogleSettings.apk. This adware displays advertisements on the infected device's screen whenever the user installs a new game or program. It also creates special shortcuts on the home screen of the infected device which leads to other software programs advertised by the adware on Google Play.
 |
| Adware.Avazu.1.origin's sample screen shot |
Another Dropper malware is Android.Cooee.1. This is a firmware Trojan included in a launching application which contains various special SDK modules that are capable of displaying advertisements on an infected device.
This malware has the ability to download and launch additional advertising packages and as well as other malicious apps.
If the user decides to remove Android.Cooee.1's graphical shell, the next time that the infected device is turned on, the operating system will not load. The malware forces the user to download another launching application and set it as default before it is uninstalled.
The last dropper malware i'll talk about(for this article) is Android.CaPson.1. This trojan is actually an executable Linux file that has been integrated into an Android firmware.
When Android.CaPson.1 is launched, it extracts various encrypted modules onto the infected device. The malware then decrypts and installs the extracted files into the infected device's RAM.
Android.CaPson.1 removes source files and initiates its malicious activity which is to secretly send and intercept SMS messages, open webpages, divulge user information to a remote server, and download other malicious applications.
Article Refs: http://vms.drweb.com/virus/?i=4363026(for Adware.Avazu.1.origin), http://vms.drweb.com/virus/?i=7676530(for Android.Cooee.1) and http://vms.drweb.com/virus/?i=7859950(for AndroidCaPson.1)
No comments:
Post a Comment