Cisco Talos identifies GPlayed as a malware written in .NET using the Xamarin environment for mobile applications. It is considered powerful because of its capability to adapt after its deployment. In order to achieve this adaptability, the operator has the capability to remotely load plugins, inject scripts and even compile new .NET code that can be executed.
GPlayed's younger brother is a banker — and it's after Russian banks
GPlayed Trojan - .Net playing with Google Market
There is no Yara-Signature yet.