Interesting call from my dad a few nights ago, claiming to have the FBI virus on his tablet. Sure enough as soon as I turn it on, its been hit with the virus that locks us out of everything.
In my research I found a new useful tool for both Windows executable (.exe) and android programs (.apk)
http://www.anubis.iseclab.org
You can upload a suspicious file and it will be ran in a virtual environment, observed and report given to you within a few minutes (10 minutes or less in my case) on what exactly the program tried to do and was able to do.
Here is the report for a particular file I knew to be suspicious of on this Motorola Xoom tablet.
http://anubis.iseclab.org/?action=resul ... ormat=html
So as we can see, this file is clearly the culprit for the virus. It appears to unpack itself and uses Adobe Flash plugins (big surprise) to run its front end for MoneyPak. This further assures me that Flash plugins even on Android are insecure as hell and alternatives should be used to avoid this kind of infection in the future.
Since his tablet isn't setup to allow me root access I'm going to have to find a way to manually remove the files that are running the virus/malware. It also can't be scanned by Avast because windows recognizes the device as a "Portable Device" and wont assign it as a drive letter (MTP to PTP)
Hope this info helps someone and I'll let you know the resolution as soon as I have one (just started on this issue)