Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.Xiny.78.origin
Сетевая активность:
Подключается к:
- ton####.####.com
- googl####.####.net
- a####.####.com
- i####.####.com
- b####.####.com
Запросы HTTP GET:
- i####.####.com/2014/5/8/5b5ad8eb-0e86-4f85-af7d-d6a83b32105a.jpg
- i####.####.com/2016/1/27/32f8fda7-3042-4c24-baea-b1ddf4097db2.png
- a####.####.com/ad.ashx/azboxzmtb2.js?
- ton####.####.com/count.do?sc=####
- i####.####.com/new/site/2015/0507/20150507103527520.png
- i####.####.com/2015/11/24/d6f522e2-4a5b-4abe-a1ed-469bc38d14da.png
- i####.####.com/2016/8/17/45109256-11b7-4609-af61-06e7ebbeb51b.gif
- i####.####.com/2016/7/6/445d4af1-7269-459b-be01-14433b4b784c.jpg
- a####.####.com/open/soft/list.json?type=####&page=####
- i####.####.com/2016/11/18/9eff6dbc-3e6c-4214-8699-288ecdb01a08.png
- googl####.####.net/mads/static/mad/sdk/native/sdk-core-v40.appcache
- b####.####.com/gg/update.json
- googl####.####.net/mads/static/mad/sdk/native/sdk-core-v40.js
- googl####.####.net/mads/static/mad/sdk/native/canary/sdk-core-v40-impl.js
- i####.####.com/2016/3/18/92485450-3695-4c47-8dfb-6da05964d2cc.jpg
- i####.####.com/2016/4/22/230d7f96-c254-401e-9aad-1989510dde11.jpg
- i####.####.com/2016/4/27/c4a0ae72-d3e0-4e51-953e-87adfdf5c55a.png
- i####.####.com/2016/3/31/80ce6d62-f8fe-4f46-9fa6-ff481457aa14.png
- i####.####.com/2016/4/27/a3b4b8be-5dd7-4a63-bd27-9f78cf79ee82.png
- i####.####.com/2016/9/23/fbe16bc7-998c-4d4e-8eba-27bc1930d2e4.png
- i####.####.com/2015/5/13/b562f07e-f577-4e41-b26c-67f720a51492.png
- a####.####.com/open/block/box_home_scroll.json?
- a####.####.com/open/azboxzmtb2.js?
- i####.####.com/2016/12/22/c609c4f6-6250-4b94-bcad-9ca6412f9e69.gif
- a####.####.com/open/soft/list.json?ver=####&type=####
- i####.####.com/2016/9/21/28ebcbaa-8ea8-41d9-8784-d648727eb443.jpg
- i####.####.com/2015/12/8/be3df467-253c-46dc-809b-82f29154767e.jpg
- googl####.####.net/mads/static/mad/sdk/native/production/sdk-core-v40-impl.js
- i####.####.com/2016/4/5/1926c0ce-eae9-4182-9aa2-d094f941964f.png
- i####.####.com/2015/8/19/f7c4455b-0924-453a-a712-abb1eca5984f.png
- i####.####.com/2016/4/22/42ddd0f0-f180-489a-8a5e-6938075b097f.png
- i####.####.com/2016/2/19/eab7d854-c93f-4efb-b80a-13b353925ab3.png
- i####.####.com/2016/4/11/9e9a5056-c279-4ede-bc75-418ea9a93b3a.jpg
- googl####.####.net/mads/static/mad/sdk/native/sdk-core-v40.html
- i####.####.com/2015/6/29/b301c46b-3b97-4fc5-a973-200597b1a0e1.png
- a####.####.com/open/soft/list.json?ver=####&type=####&page=####
- a####.####.com/open/xiaoshuoapk_zmtb.json
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/shared_prefs/_mapp_cfg.xml.bak
- /data/data/####/shared_prefs/_mapp_cfg.xml
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/2gaup3i2ce9x1oe5n4qqnlzum0.tmp
- /data/data/####/shared_prefs/shortcut.xml
- /data/data/####/Plugin/com.cn.appdownloader/apk/base-1.apk
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/546gjqdqtjoh5k7mizn9ai3080.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/5v66qdhz7e00mugwcx5zzj6gz0.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/58xo9ytj8v8figlulesr29lnr0.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/ndyxlovvmogx0uqc0w3ctisj0.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/20p0j5msaz8f2v468fozy9jax0.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/3uockornqvdntwlezjkdq299a0.tmp
- /sdcard/PluginLog/CrashLog/CrashLog_20170126072238_2112.log
- /data/data/####/cache/webviewCacheChromium/data_2
- /data/data/####/cache/webviewCacheChromium/data_1
- /data/data/####/cache/webviewCacheChromium/data_0
- /data/data/####/databases/webviewCookiesChromium.db-journal
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/2h83qdydx5ncwcohhx6krsy650.tmp
- /data/data/####/cache/webviewCacheChromium/data_3
- /data/data/####/Plugin/com.cn.appdownloader/dalvik-cache/base-1.dex
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/1gopxb709u48pnd0qj5w0qgwz0.tmp
- /data/data/####/shared_prefs/cbPrefs.xml
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/4vvpr06rrurz03gjiumo0364d0.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/1eoqltcbhzxarvw7wyziqfzrk0.tmp
- /data/data/####/cache/ads2093793135.jar
- /data/data/####/Plugin/com.cn.appdownloader/Signature/Signature_0.key
- /sdcard/Android/data/com.cn.appdownloader/cache/.nomedia
- /data/data/####/files/tcom
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/1n8zfvi9o5igkp2l4gtwfad560.tmp
- /data/data/####/shared_prefs/cbPrefs.xml.bak
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/290azhlbejmybxyfwvurcwu2r0.tmp
- /sdcard/Android/data/####/cache/gamebox.apk
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/5b7m7v582sjsm9oudzbd714xb0.tmp
- /data/data/####/databases/webview.db-journal
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/5y7dyndewcs43s675jv9wumkz0.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/1fyx4ziv376oj4cw35pqtnbq80.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/5ts7h26db678gtn7g63rxkx5a0
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/1yzwyzswtfd0r0cxbfxm64vt30.tmp
- /data/data/####/cache/webviewCacheChromium/f_000001
- /data/data/####/cache/webviewCacheChromium/f_000003
- /data/data/####/cache/webviewCacheChromium/f_000002
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/m68elcik8kksfjab0n1ei3m00.tmp
- /data/data/####/files/wbecautious.jar
- /data/data/####/cache/__chartboost/CBTrackingDirectory/cb_previous_session_info
- /data/data/####/databases/com.google.android.gms.ads.db/localstorage/http_googleads.g.doubleclick.net_0.localstorage-journal
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/1scwti0d0ykv0u3pkqjs7gui80.tmp
- /data/data/####/cache/webviewCacheChromium/index
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/2avwfh20jnwsloxu0kjt29vnp0.tmp
- /data/data/####/cache/ApplicationCache.db-journal
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/journal.tmp
- /sdcard/Android/data/com.cn.appdownloader/cache/uil-images/1n8zfvi9o5igkp2l4gtwfad560
Другие:
Может автоматически отправлять СМС-сообщения.
