Tool.Androlua virus records are used to detect potentially dangerous versions of a specialized framework used to develop Android programs based on the Lua scripting language. The main logic of Lua-based apps resides in the respective scripts, which are encrypted and decoded prior to being executed by an interpreter. To work, this framework often requests access to a large number of system permissions. As a result, when executed through this framework, Lua scripts can potentially perform various malicious actions in accordance with the permissions obtained.