{"id":276,"date":"2013-12-18T10:36:04","date_gmt":"2013-12-18T18:36:04","guid":{"rendered":"http:\/\/www.android-decompiler.com\/blog\/?p=276"},"modified":"2018-12-19T13:40:02","modified_gmt":"2018-12-19T21:40:02","slug":"decompiled-java-code-for-android-misosms","status":"publish","type":"post","link":"https:\/\/www.pnfsoftware.com\/blog\/decompiled-java-code-for-android-misosms\/","title":{"rendered":"Decompiled Java code for Android MisoSMS"},"content":{"rendered":"<p>Yesterday was eventful on the Android malware front. After <a href=\"http:\/\/www.android-decompiler.com\/blog\/2013\/12\/17\/decompiling-android-mouabad\/\">Mouabad<\/a> reported by Lookout, FireEye reported <a href=\"http:\/\/www.fireeye.com\/blog\/technical\/botnet-activities-research\/2013\/12\/misosms.html\">Mi<span style=\"font-size: 1rem;\">soSM<\/span><\/a><span style=\"line-height: 1.714285714; font-size: 1rem;\"><a href=\"http:\/\/www.fireeye.com\/blog\/technical\/botnet-activities-research\/2013\/12\/misosms.html\">S<\/a>. It might also have been reported by <a href=\"http:\/\/www.sophos.com\/en-us\/threat-center\/threat-analyses\/viruses-and-spyware\/Andr~MisoSMS-A.aspx\">Sophos<\/a> at roughly the same time.<\/span><\/p>\n<p><span style=\"line-height: 1.714285714; font-size: 1rem;\">The malicious application is used in several campaigns to steal SMS and send them to China, according to FireEye&#8217;s blog post.<\/span><\/p>\n<p>Many of you would like to examine and study its code, that&#8217;s why I uploaded an archive with the source code decompiled by JEB 1.4, as well as a cleaned-up manifest. Link: <a href=\"http:\/\/www.android-decompiler.com\/blog\/wp-content\/uploads\/2013\/12\/MisoSMS_JEB_decomp_20131217.zip\">MisoSMS_JEB_decomp_20131217<\/a><\/p>\n<p><a href=\"http:\/\/www.android-decompiler.com\/blog\/wp-content\/uploads\/2013\/12\/misosms_mainact.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-278\" alt=\"misosms_mainact\" src=\"http:\/\/www.android-decompiler.com\/blog\/wp-content\/uploads\/2013\/12\/misosms_mainact-300x145.jpg\" width=\"300\" height=\"145\" srcset=\"https:\/\/www.pnfsoftware.com\/blog\/wp-content\/uploads\/2013\/12\/misosms_mainact-300x145.jpg 300w, https:\/\/www.pnfsoftware.com\/blog\/wp-content\/uploads\/2013\/12\/misosms_mainact-1024x498.jpg 1024w, https:\/\/www.pnfsoftware.com\/blog\/wp-content\/uploads\/2013\/12\/misosms_mainact-624x303.jpg 624w, https:\/\/www.pnfsoftware.com\/blog\/wp-content\/uploads\/2013\/12\/misosms_mainact.jpg 1110w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday was eventful on the Android malware front. After Mouabad reported by Lookout, FireEye reported MisoSMS. It might also have been reported by Sophos at roughly the same time. The malicious application is used in several campaigns to steal SMS and send them to China, according to FireEye&#8217;s blog post. Many of you would like &hellip; <a href=\"https:\/\/www.pnfsoftware.com\/blog\/decompiled-java-code-for-android-misosms\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Decompiled Java code for Android MisoSMS<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,3,2],"tags":[],"class_list":["post-276","post","type-post","status-publish","format-standard","hentry","category-android","category-decompilation","category-malware"],"_links":{"self":[{"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/posts\/276","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/comments?post=276"}],"version-history":[{"count":0,"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/posts\/276\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/media?parent=276"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/categories?post=276"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pnfsoftware.com\/blog\/wp-json\/wp\/v2\/tags?post=276"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}