Android.Packed.18156

Техническая информация

Вредоносные функции:

Загружает на исполнение код следующих детектируемых угроз:

Tool.SMSSend.76.origin

Сетевая активность:

Подключается к:

m####.####.net
thetest####.####.net
i####.####.net
h####.####.com
j####.####.com
ni####.####.net
google-####.com
p####.####.com
r####.####.com
c####.####.com
d####.####.com
w####.####.com
a####.####.com

Запросы HTTP GET:

ni####.####.net/yp/360/s/508128.jpg
i####.####.net/auth/t/8509.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905941.jpg
i####.####.net/auth/t/7245.jpg
i####.####.net/auth/t/8912.jpg
i####.####.net/auth/s/10458.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905939.jpg
c####.####.com/cm.gif?dspid=####
i####.####.net/auth/t/9569.jpg
ni####.####.net/yp/360/s/508981.jpg
i####.####.net/js/swiper.jquery.min.js
i####.####.net/auth/s/5180.jpg
i####.####.net/auth/t/10365.jpg
i####.####.net/m/2017/img/app_jf4.png
thetest####.####.net/s?di=####&dri=####&dis=####&dai=####&ps=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=####&tpr=####&ti=####&ari=####&dbv=...
i####.####.net/auth/t/3274.jpg
i####.####.net/auth/s/10551.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905934.jpg
google-####.com/analytics.js
i####.####.net/auth/t/5916.jpg
i####.####.net/auth/t/4481.jpg
j####.####.com/js/urljiankang.php
i####.####.net/auth/s/2194.jpg
i####.####.net/auth/t/11475.jpg
i####.####.net/auth/t/2403.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905935.jpg
i####.####.net/auth/s/1037.jpg
i####.####.net/auth/t/4278.jpg
ni####.####.net/yp/20130913/2/783273.jpg%20alt=
i####.####.net/PictureLib/A/f76/20170126/org_905942.jpg
r####.####.com/open/js/jweixin-1.0.0.js
i####.####.net/PictureLib/A/f76/20170126/org_905936.jpg
c####.####.com/zc3a1dcf99fec9f03fdb1c749fa4ed23a106bb930a3ef6.js
i####.####.net/auth/t/9564.jpg
h####.####.com/hm.js?a2d1880####
ni####.####.net/yp/360/2nd/L/5/509742.jpg
i####.####.net/script/api/wx.min.js
i####.####.net/auth/t/11614.jpg
i####.####.net/auth/s/1586.jpg
i####.####.net/m/2017/img/OneApp.jpg
i####.####.net/auth/s/322.jpg
i####.####.net/gy/Head_Tools_For_M.js
i####.####.net/m/2017/img/loading.gif
c####.####.com/sync.htm?cproid=####
c####.####.com/youku?mzid=####
i####.####.net/auth/t/10324.jpg
i####.####.net/PictureLib/A/f76/20161017/org_772134.jpg
p####.####.com/gcbm?sz=####&rdid=####&dc=####&exps=####&di=####&dri=####&dis=####&dai=####&ps=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=##...
ni####.####.net/20160105?pv=####&sp=####&ec=####&re=####&jsv=####&cb=####&seq=####&fs=####
i####.####.net/auth/s/1147.jpg
p####.####.com/gcbm?di=####&dri=####&dis=####&dai=####&ps=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=####&tpr=####&ti=####&ari=####&dbv=###...
h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&et=####&ja=####&ln=####&lo=####&nv=####&rnd=####&si=####&st=####&v=####&lv=####&tt=####
i####.####.net/auth/s/348.jpg
ni####.####.net/yp/360/s/563887.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905933.jpg
c####.####.com/ec3a1dc298f1ccf73adb1c749fa4ed23a106bb930a3ef6.js
i####.####.net/auth/s/9477.jpg
i####.####.net/auth/s/635.jpg
i####.####.net/PictureLib/A/f76/20140918/org_325089.jpg
i####.####.net/auth/t/10844.jpg
i####.####.net/PictureLib/A/f76/20161117/org_811944.jpg
i####.####.net/auth/s/2055.jpg
i####.####.net/js/jquery-2.1.4.min.js
i####.####.net/PictureLib/A/f76/20161017/org_772135.jpg
thetest####.####.net/ec3a1dc298f1ccf73adb1c749fa4ed23a106bb930a3ef6.js
i####.####.net/auth/s/1736.jpg
i####.####.net/auth/s/10459.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905931.jpg
i####.####.net/auth/s/11128.jpg
i####.####.net/m/2017/img/app_jf3.png
i####.####.net/auth/s/362.jpg
i####.####.net/m/2017/js/m.js?v=####
c####.####.com/cpro/expire/time2.js
i####.####.net/auth/t/757.jpg
m####.####.net/
i####.####.net/auth/s/556.jpg
i####.####.net/auth/s/9131.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905940.jpg
i####.####.net/PictureLib/A/f76/20161017/org_772132.jpg
p####.####.com/sync_pos.htm?cproid=####
i####.####.net/auth/t/10268.jpg
i####.####.net/auth/s/349.jpg
i####.####.net/PictureLib/A/f76/20161017/org_772131.jpg
c####.####.com/cpro/ui/noexpire/img/2.0.1/bd-logo4.png
i####.####.net/auth/t/2027.jpg
i####.####.net/auth/s/9420.jpg
w####.####.com/adx.php?c=####
i####.####.net/auth/t/1579.jpg
i####.####.net/art2013/js/ad-icon.js
ni####.####.net/test/k.js
i####.####.net/PictureLib/A/f76/20161017/org_772129.jpg
i####.####.net/PictureLib/A/f76/20161117/org_811935.jpg
i####.####.net/auth/s/93.jpg
c####.####.com/cpro/ui/cm.js
i####.####.net/PictureLib/A/f76/20161017/org_772128.jpg
i####.####.net/auth/t/11004.jpg
google-####.com/r/collect?v=####&_v=####&a=####&t=####&_s=####&dl=####&ul=####&de=####&dt=####&sd=####&sr=####&vp=####&je=####&_u=####&jid=####&cid=##...
i####.####.net/PictureLib/A/f76/20161017/org_772130.jpg
d####.####.com/2e4d8bc2a586a37d.js
i####.####.net/tools/djan_async.js
i####.####.net/auth/s/7426.jpg
ni####.####.net/yy/2014/1/22/57fa1ffbc58.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905943.jpg
i####.####.net/auth/s/9128.jpg
ni####.####.net/yp/360/xs/622325.jpg
i####.####.net/PictureLib/A/f76/20170126/org_905938.jpg
ni####.####.net/yy/2013/4/15/82b8f1317ea.jpg
thetest####.####.net/zc3a1dcf99fec9f03fdb1c749fa4ed23a106bb930a3ef6.js
i####.####.net/m/2017/css/style.css?v=####
i####.####.net/m/2017/img/app_jf2.png
i####.####.net/PictureLib/A/f76/20161017/org_772133.jpg

Запросы HTTP POST:

a####.####.com/app_logs

Изменения в файловой системе:

Создает следующие файлы:

/data/data/####/cache/webviewCacheChromium/f_00000a
/data/data/####/cache/webviewCacheChromium/f_00000c
/data/data/####/cache/webviewCacheChromium/f_00000b
/data/data/####/cache/webviewCacheChromium/f_00000e
/data/data/####/cache/webviewCacheChromium/f_00000d
/data/data/####/cache/webviewCacheChromium/f_00000f
/data/data/####/cache/webviewCacheChromium/data_3
/data/data/####/cache/webviewCacheChromium/f_000018
/data/data/####/cache/webviewCacheChromium/f_000019
/data/data/####/cache/webviewCacheChromium/f_000016
/data/data/####/cache/webviewCacheChromium/data_2
/data/data/####/cache/webviewCacheChromium/f_000014
/data/data/####/cache/webviewCacheChromium/f_000015
/data/data/####/cache/webviewCacheChromium/f_000012
/data/data/####/cache/webviewCacheChromium/f_000013
/data/data/####/cache/webviewCacheChromium/f_000010
/data/data/####/cache/webviewCacheChromium/f_000011
/data/data/####/databases/webviewCookiesChromium.db-journal
/data/data/####/cache/webviewCacheChromium/data_0
/data/data/####/shared_prefs/umeng_general_config.xml
/data/data/####/files/.umeng/exchangeIdentity.json
/data/data/####/files/dex/yylld.jar
/data/data/####/files/.imprint
/data/data/####/shared_prefs/setting.xml.bak
/data/data/####/cache/webviewCacheChromium/f_00001f
/data/data/####/shared_prefs/setting.xml
/data/data/####/cache/webviewCacheChromium/f_00001d
/data/data/####/cache/webviewCacheChromium/f_00001e
/data/data/####/cache/webviewCacheChromium/f_000017
/data/data/####/cache/webviewCacheChromium/f_00001c
/data/data/####/cache/webviewCacheChromium/f_00001a
/data/data/####/databases/webview.db-journal
/data/data/####/cache/webviewCacheChromium/f_000008
/data/data/####/cache/webviewCacheChromium/f_000020
/data/data/####/cache/webviewCacheChromium/f_000001
/data/data/####/cache/webviewCacheChromium/f_000003
/data/data/####/cache/webviewCacheChromium/f_000002
/data/data/####/cache/webviewCacheChromium/f_000005
/data/data/####/cache/webviewCacheChromium/f_000004
/data/data/####/cache/webviewCacheChromium/f_000007
/data/data/####/cache/webviewCacheChromium/f_000006
/data/data/####/cache/webviewCacheChromium/f_000009
/data/data/####/cache/webviewCacheChromium/data_1
/data/data/####/shared_prefs/umeng_general_config.xml.bak
/data/data/####/files/umeng_it.cache
/data/data/####/cache/webviewCacheChromium/index
/data/data/####/cache/webviewCacheChromium/f_00001b

Другие:

Может автоматически отправлять СМС-сообщения.

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней