Android.Mobifun.4 in virus library:

A family of Trojans for Android whose main function is to download other software.

The Android.Mobifun Trojans send the following information to the command and control server:

• IMEI identifier;
• IMSI identifier;
• BSSID identifier of the current Wi-Fi access point;
• Current operating system version;
• Display parameters;
• MCC (Mobile Country Code) identifier;
• MNC (Mobile Network Code) identifier;
• Mobile network operator;
• GSM Cell ID (an identifier of the mobile operator’s base station to which the user’s phone is connected);
• GSM Cell Location area code (a code for determining coordinates of the mobile operator’s base station);
• RAM amount;
• ROM amount;
• SD card memory amount;
• Presence of the malicious application in the /system folder.

Upon cybercriminals’ command, Trojans can execute the following actions:

• Download an APK file and show a notification prompting a user to install the corresponding application.
• Load a specified URL in the browser window.

Some versions of the Android.Mobifun Trojans can also send SMS messages.