- March 17, 2013
- April 1, 2013 6:53:27 PM
- 1,770,924 bytes
Android.Uracto is a Trojan horse for Android devices that steals personal information and sends spam SMS messages to contacts found on the compromised device.
Android package file
The Trojan may arrive as a package with the following characteristics:
Will vary and includes TubePlayer, MAMANAVI, and Infrared X-ray.
Once installed, the application may display various icons depicting the following:
- a pink background with Janaese text
- the Android robot with Japanese text
- a pink play button with "TubePlayer" text
- "mama NAVI" with text
- a book with gold star and Japanese text
- a camera lens with "Infrared X-ray" text
This Trojan is a variant of Android.Maistealer
For more information, please see the following resources:
Antivirus Protection Dates
Initial Rapid Release version March 17, 2013 revision 033
Latest Rapid Release version March 25, 2013 revision 005
Initial Daily Certified version March 18, 2013 revision 004
Latest Daily Certified version March 25, 2013 revision 016
Initial Weekly Certified release date March 20, 2013
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Wild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Damage Level: Medium
Payload: Sends spam SMS messages to contacts found on the compromised device.
Releases Confidential Info: Steals contact information from the compromised device.
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.
Writeup By: Takashi Katsuki