A Sophisticated Android Malware

-Disguises as "Avast Mobile Security for Android" to deceive users.

-Gains control through accessibility permissions, enabling notifications and excluding itself from battery optimization.

-Simulates user actions to silently grant further permissions and prevent uninstallation.

-Operates in the background, restarting services if stopped.

-Uses obfuscation to avoid static analysis and reverse engineering.

-Adapts to different device brands for persistence.

-Targets cryptocurrency and wallet data.

-Steals information from other apps and deletes data from external storage (e.g., sdcard) to cover tracks.

-Monitors network for active internet connection and connects to a command-and-control (C2) server for data exfiltration.

-Detects emulators and virtual machines to evade analysis.