See: https://www.virustotal.com/nl/url/ba1a1980011ffd71c0c24d1a23c65b7e0e2bdfa5b9541d336d807aed63210b9c/analysis/1413040689/
and https://www.virustotal.com/nl/file/038c2a2cb603934e729f700e0e930bf04bf16ae68704c17dab7deeb4c0aa3f43/analysis/1413040730/
See file data: https://www.virustotal.com/nl/file/038c2a2cb603934e729f700e0e930bf04bf16ae68704c17dab7deeb4c0aa3f43/analysis/1413040730/
Found on site:
<?xml version="1.0" encoding="UTF-8" ?> <res result="102" uid="" did="" sid="6sq4ik05rupfun2j5ur37oqfc2"> <message>非法的使用请求,若有问题请联系客服!</message> </res>
In Chinese it says: “Illegal use request, please contact customer service with any questions!”.
FP? → https://www.virustotal.com/nl/ip-address/124.202.132.7/information/
→ http://whois.domaintools.com/m1905.com
Debugged requested uri here: http://linkeddata.informatik.hu-berlin.de/uridbg/index.php?url=http%3A%2F%2Fmapps.m1905.com%2Fservice%2FHtml%2FPack%2Fandroidyp%2F2.0%2F1905_V2.0_301_WAP.apk&useragentheader=&acceptheader=
One could admit a sample here: http://mobilesandbox.org/
polonus