Android/DroidKungFu [Threat Name] go to Threat

Android/DroidKungFu.A [Threat Variant Name]

Category trojan
Size 1276012 B
Detection created Jun 06, 2011
Detection database version 6185
Detection Android db version 3.9
Aliases Backdoor.AndroidOS.KungFu.a (Kaspersky)
  Trojan:AndroidOS/DroidKrungFu.A (Microsoft)
  Android.Fokonge (Symantec)
Short description

Android/DroidKungFu.A is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine.

Installation

The trojan must be downloaded and manually installed.

Information stealing

Android/DroidKungFu.A is a trojan that steals sensitive information.


The following information is collected:

  • IMEI number
  • name, type and device version
  • operating system version
  • SDK value
  • device model
  • manufacturer of the product/hardware

The trojan attempts to send gathered information to a remote machine.


The trojan contains a list of (3) URLs. The HTTP protocol is used in the communication.

Other information

The trojan acquires data and commands from a remote computer or the Internet.


It can execute the following operations:

  • download files from a remote computer and/or the Internet
  • run executable files
  • uninstall and delete applications
  • open a specific URL address

Android/DroidKungFu.A attempts to get administrative privileges in the system.


To gain root access it uses one of these exploits:

  • RATC
  • NETLINK/Hotplug

Please enable Javascript to ensure correct displaying of this content and refresh this page.