We did a quickly write-up yesterday about a DroidKungfu sample that appeared to utilize a novel infection vector. Now, as promised, significantly more technical details. The application we ve been analyzing is called com.ps.keepaccount, along with a quickly check into its content reveals a few findings. The original application (SHA-1: 5e2fb0bef9048f56e461c746b6a644762f0b0b54) will not show any trace of
See significantly more..
