Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Tool.SMSSend.76.origin
Сетевая активность:
Подключается к:
- m####.####.com
- i####.####.cn
- h####.####.com
- pag####.####.com
Запросы HTTP GET:
- m####.####.com/i/bang/bang_lingsheng_1.png
- m####.####.com/pic/zjpic/4/32111.jpg?x-oss-process=####
- h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&ep=####&et=####&ja=####&ln=####&lo=####<=####&nv=####&rnd=####&si=####&st=####&su=####&v=####&...
- m####.####.com/taoge/572.htm
- m####.####.com/pic/zjpic/14/139955.jpg?x-oss-process=####
- m####.####.com/9kuimg/newtj/20160628/a8c3c4ef98fff61d.jpg
- m####.####.com/9kuimg/zhuanji/20160530/1085ee0cd75d15ca.jpg?x-oss-process=####
- m####.####.com/lingsheng/
- m####.####.com/static/js/jquery.jplayer.lyric.js
- m####.####.com/static/images/top.png
- m####.####.com/hot/2010/08-26/370940.mp3
- m####.####.com/pic/zjpic/5/47303.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/47304.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/41542.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/41743.jpg?x-oss-process=####
- m####.####.com/9kuimg/newtj/20160628/49383153812227d8.jpg
- m####.####.com/static/images/logoBack.png
- m####.####.com/zhuanji/38.htm
- m####.####.com/static/images/play_btn.png
- m####.####.com/static/images/logo_lingsheng.png
- m####.####.com/9kuimg/taoge/20160603/8c5b274f2e50cf21.jpg
- m####.####.com/pic/zjpic/4/30433.jpg?x-oss-process=####
- m####.####.com/static/js/jquery.cookie.js
- m####.####.com/static/images/taste_04.png
- m####.####.com/9kuimg/newtj/20160628/cc689d298a689b28.jpg
- m####.####.com/9kuimg/newtj/20160628/501274243cdaf9bf.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/9/89369.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/7/64309.jpg?x-oss-process=####
- m####.####.com/pic/gstx/1/16.jpg?x-oss-process=####
- m####.####.com/pic/gstx/5/47650.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/4/33849.jpg?x-oss-process=####
- m####.####.com/static/images/tasteDefault.png
- m####.####.com/pic/zjpic/4/38107.jpg?x-oss-process=####
- h####.####.com/hm.js?141f152####
- m####.####.com/pic/zjpic/4/39335.jpg?x-oss-process=####
- m####.####.com/9kuimg/geshou/20170122/3b193d475c8bc569.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/10/95210.jpg?x-oss-process=####
- h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&et=####&ja=####&ln=####&lo=####&nv=####&rnd=####&si=####&st=####&su=####&v=####&lv=####&tt=####
- m####.####.com/pic/zjpic/5/41615.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/14/139956.jpg?x-oss-process=####
- i####.####.cn/iplookup/iplookup.php?format=####
- m####.####.com/9kuimg/zhuanji/20151125/13f8f92424c8c0ba.jpg?x-oss-process=####
- m####.####.com/static/images/searchBtn1.png
- m####.####.com/static/images/taste_01.png
- m####.####.com/9kuimg/geshou/20160521/871465a95f3d001d.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/14/131478.jpg?x-oss-process=####
- m####.####.com/static/images/downBtn.png
- h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&et=####&ja=####&ln=####&lo=####<=####&nv=####&rnd=####&si=####&st=####&su=####&v=####&lv=####&...
- m####.####.com/9kuimg/newtj/20160628/5f69a98e2d9a4ed1.jpg
- m####.####.com/9kuimg/newtj/20160628/501274243cdaf9bf.jpg
- m####.####.com/static/images/taste_08.png
- m####.####.com/static/js/player.js
- m####.####.com/pic/zjpic/5/41893.jpg?x-oss-process=####
- m####.####.com/
- m####.####.com/static/images/pause_btn.png
- m####.####.com/9kuimg/newtj/20160627/9dca47ea7efb1bce.jpg?x-oss-process=####
- m####.####.com/9kuimg/zhuanji/20170310/7a8153db7f8e2e2a.jpg?x-oss-process=####
- m####.####.com/9kuimg/newtj/20160628/4752909824312574.jpg
- m####.####.com/pic/zjpic/5/47269.jpg?x-oss-process=####
- m####.####.com/static/images/line1.png
- m####.####.com/pic/zjpic/5/41021.jpg?x-oss-process=####
- m####.####.com/9kuimg/newtj/20160627/9dca47ea7efb1bce.jpg
- m####.####.com/9kuimg/zhuanji/20170310/79de2d9e5af2c494.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/8/70522.jpg?x-oss-process=####
- m####.####.com/static/images/playBtn.png
- m####.####.com/play/412412.htm
- m####.####.com/pic/zjpic/14/139840.jpg?x-oss-process=####
- m####.####.com/pic/gstx/1/2827.jpg?x-oss-process=####
- pag####.####.com/pagead/js/r20170308/r20170110/show_ads_impl.js
- m####.####.com/9kuimg/zhuanji/20151126/82202814a7aa663c.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/47060.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/47198.jpg?x-oss-process=####
- m####.####.com/pic/gstx/1/3920.jpg?x-oss-process=####
- m####.####.com/9kuimg/newtj/20160628/4d35486f26871c9a.jpg
- m####.####.com/pic/zjpic/5/41640.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/4/37192.jpg?x-oss-process=####
- m####.####.com/9kuimg/zhuanji/20170310/da8298859e507ee9.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/15/141677.jpg?x-oss-process=####
- m####.####.com/images/no-small-avatar.png
- m####.####.com/play/574818.htm
- m####.####.com/9kuimg/zhuanji/20151124/3c684be1ff907ec9.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/15/141353.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/47316.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/41937.jpg?x-oss-process=####
- pag####.####.com/pagead/js/adsbygoogle.js
- m####.####.com/9kuimg/newtj/20160628/7642e0ead84269a4.jpg
- m####.####.com/pic/zjpic/3/27826.jpg?x-oss-process=####
- m####.####.com/pic/gstx/2/10736.jpg?x-oss-process=####
- m####.####.com/static/images/more_arrow.png
- m####.####.com/static/js/9kubdgw.js
- m####.####.com/tuijian.htm
- m####.####.com/static/js/jquery.jplayer.min.js
- m####.####.com/pic/zjpic/1/4062.jpg?x-oss-process=####
- m####.####.com/zhuanji/taste.htm
- m####.####.com/pic/zjpic/5/47248.jpg?x-oss-process=####
- m####.####.com/static/style/base.css
- m####.####.com/static/js/jquery.js
- m####.####.com/static/images/showLrc.png
- m####.####.com/static/js/TouchSlide.1.1.js
- m####.####.com/i/bang/bang_jingdian_1.png
- m####.####.com/play/370940.htm
- m####.####.com/pic/zjpic/15/141351.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/45403.jpg?x-oss-process=####
- m####.####.com/static/js/9ku.js
- m####.####.com/static/images/taste_05.png
- m####.####.com/pic/gstx/2/17185.jpg?x-oss-process=####
- m####.####.com/zhuanji/349.htm
- m####.####.com/9kuimg/geshou/20160420/bbef342e3c5776ef.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/46876.jpg?x-oss-process=####
- m####.####.com/9kuimg/newtj/20160628/a8c3c4ef98fff61d.jpg?x-oss-process=####
- m####.####.com/static/images/taste_07.png
- m####.####.com/static/js/base.js
- m####.####.com/static/images/taste_03.png
- m####.####.com/static/images/taste_02.png
- m####.####.com/9kuimg/newtj/20160628/5f69a98e2d9a4ed1.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/47315.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/15/140177.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/47309.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/4/36560.jpg?x-oss-process=####
- m####.####.com/9kuimg/zhuanji/20161203/539049a1c16947a0.jpg?x-oss-process=####
- m####.####.com/static/images/taste_06.png
- m####.####.com/9kuimg/zhuanji/20160414/0d62bcceb661ab11.jpg?x-oss-process=####
- m####.####.com/taoge/
- m####.####.com/pic/zjpic/12/111132.jpg?x-oss-process=####
- m####.####.com/static/images/titLine.png
- m####.####.com/9kuimg/newtj/20160628/3b3d1a03dceda440.jpg
- m####.####.com/static/images/logo.png
- m####.####.com/9kuimg/newtj/20160627/c05ee85420f7b5ce.jpg
- m####.####.com/pic/zjpic/5/41677.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/15/142807.jpg?x-oss-process=####
- m####.####.com/pic/gstx/2/12014.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/45947.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/15/140033.jpg?x-oss-process=####
- m####.####.com/pic/zjpic/5/42100.jpg?x-oss-process=####
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/cache/webviewCacheChromium/f_00000a
- /data/data/####/cache/webviewCacheChromium/f_00000c
- /data/data/####/cache/webviewCacheChromium/f_00000b
- /data/data/####/cache/webviewCacheChromium/f_00000e
- /data/data/####/cache/webviewCacheChromium/f_00000d
- /data/data/####/cache/webviewCacheChromium/f_00000f
- /data/data/####/cache/webviewCacheChromium/f_000016
- /data/data/####/cache/webviewCacheChromium/f_000018
- /data/data/####/cache/webviewCacheChromium/f_000017
- /data/data/####/cache/webviewCacheChromium/data_3
- /data/data/####/cache/webviewCacheChromium/data_2
- /data/data/####/cache/webviewCacheChromium/data_1
- /data/data/####/cache/webviewCacheChromium/data_0
- /data/data/####/cache/webviewCacheChromium/f_000012
- /data/data/####/cache/webviewCacheChromium/f_000014
- /data/data/####/cache/webviewCacheChromium/f_000010
- /data/data/####/cache/webviewCacheChromium/f_000011
- /data/data/####/databases/webviewCookiesChromium.db-journal
- /data/data/####/cache/webviewCacheChromium/f_000015
- /data/data/####/shared_prefs/WebViewSettings.xml
- /data/data/####/cache/webviewCacheChromium/f_000013
- /data/data/####/databases/webview.db-journal
- /data/data/####/cache/webviewCacheChromium/f_000008
- /data/data/####/cache/webviewCacheChromium/f_000001
- /data/data/####/cache/webviewCacheChromium/f_000003
- /data/data/####/cache/webviewCacheChromium/f_000002
- /data/data/####/cache/webviewCacheChromium/f_000005
- /data/data/####/cache/webviewCacheChromium/f_000004
- /data/data/####/cache/webviewCacheChromium/f_000007
- /data/data/####/cache/webviewCacheChromium/f_000006
- /data/data/####/cache/webviewCacheChromium/f_000009
- /data/data/####/files/dex/cj.jar
- /data/data/####/cache/webviewCacheChromium/index
Другие:
Может автоматически отправлять СМС-сообщения.
