Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.MobiDash.1.origin
Сетевая активность:
Подключается к:
- trac####.####.com
- set####.####.com
- h####.####.com
- analy####.####.com
- s####.####.com
- fullmov####.####.net
- i####.####.com
- l####.####.mobi
- a####.####.mobi
- l####.####.com
- movi####.####.mobi
- movi####.####.mobi:8999
- x####.####.mobi
- recom####.####.mobi
- a####.####.net
- a####.####.com
- g####.####.com
- g####.####.net
- c####.####.net
- d####.####.com
- g####.####.com:443
- n####.####.com
Запросы HTTP GET:
- fullmov####.####.net//music/album/thumbnail/196398/original_poster
- i####.####.com/vi/itoebYckupk/mqdefault.jpg
- fullmov####.####.net//music/album/thumbnail/699110/original_poster
- l####.####.com/7uRfJe2KkpKxZuMvY4OjhIq-TJrMeHgWYQt0H7LHZl4WNDAYjI6FFrLSsLhj2g8cqKr5=w144
- g####.####.net/prod/upload/adunion/images/a3c/170_170_6c5505aead7f642f.png
- i####.####.com/vi/HgmZ_1szE4U/mqdefault.jpg
- s####.####.com/wead/start?ps=####
- a####.####.mobi/images/icon3/dailymotion-2.png
- a####.####.mobi/images/icon3/facebook-2.png
- h####.####.com/v2/ad/cfg?subsite_id=####&geo=####&uid=####&t=####&v=####&k=####
- a####.####.net/stat/v2/request?aff_id=####&ak_id=####&local=####&channel=####&from_sdk=####&aid=####&placement_id=####&oid=####&ads_id_list=####&req_a...
- g####.####.net/prod/upload/adunion/images/6de/800_400_e5c2496474b33fc2.jpeg
- a####.####.com/adunion/slot/getSrcPrio?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=...
- c####.####.net/batmobi/sdk/20170222115035.png
- i####.####.com/vi/bo9NexzWRwo/mqdefault.jpg
- a####.####.com/adunion/rtb/getInmobiAd?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=...
- fullmov####.####.net//music/album/thumbnail/194516/original_poster
- trac####.####.com/click?mb_pl=####&mb_nt=####&mb_campid=####&aff_sub=####&mb_subid=####&mb_devid=####&mb_gaid=####&mb_devid=####
- movi####.####.mobi/Fastdfsimg.php?type=####&s=####&imgid=####
- n####.####.com/openapi/ad/v3?app_id=####&unit_id=####&category=####&req_type=####&sign=####&ad_num=####&ping_mode=####&only_impression=####&offset=###...
- movi####.####.mobi:8999/Fastdfsimg.php?type=####&s=####&imgid=####
- a####.####.mobi/images/icon3/youtube-2.png
- i####.####.com/vi/b6ChR9AxeKc/mqdefault.jpg
- fullmov####.####.net//music/album/thumbnail/641490/original_poster
- set####.####.com/appwall/setting?app_id=####&sign=####&platform=####&os_version=####&package_name=####&app_version_name=####&app_version_code=####&ori...
- movi####.####.mobi/Fastdfsimg.php?type=####&imgid=####
- l####.####.com/XejlngMx43PdGfSBnq3cK4ZHlBDxW2DACy1jkscE-kSnUj6EEBnMyrtxyMn71aO_xuc=w144
- fullmov####.####.net//music/album/thumbnail/572327/original_poster
- n####.####.com/image?app_id=####&unit_id=####&sign=####&platform=####&os_version=####&package_name=####&app_version_name=####&app_version_code=####&or...
- set####.####.com/setting?app_id=####&sign=####&platform=####&os_version=####&package_name=####&app_version_name=####&app_version_code=####&orientation...
- a####.####.com/adunion/slot/getDlAd?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=###...
- i####.####.com/vi/qD-6d8Wo3do/mqdefault.jpg
- i####.####.com/vi/AkHJFMylpVQ/mqdefault.jpg
- i####.####.com/vi/qAM8wEHPccU/mqdefault.jpg
- d####.####.com/ttc?h=####&p=####&q=####
- fullmov####.####.net//music/album/thumbnail/737991/original_poster
- i####.####.com/vi/9QzsVzvW9Qg/mqdefault.jpg
- a####.####.com/adunion/rtb/fetchAd?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=####...
Запросы HTTP POST:
- a####.####.mobi/update_list
- a####.####.mobi/video_tab_conf
- a####.####.net/native/v2/recommend
- a####.####.mobi/welcome_get2
- a####.####.mobi/update_get
- analy####.####.com/
- g####.####.com/V1/fetchconfig/?api_key=####
- a####.####.mobi/check_nav
- l####.####.mobi/log
- a####.####.mobi/v3/home
- a####.####.mobi/home_tab
- a####.####.mobi/signin
- x####.####.mobi/allhotkey
- a####.####.mobi/setup
- g####.####.com:443/V1/fetchpolicy/?api_key=####
- a####.####.mobi/domain
- a####.####.mobi/gcm_conf_get
- a####.####.mobi/pingv2
- recom####.####.mobi/video_recommend_list
- a####.####.mobi/get_nav
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/shared_prefs/settings.xml.bak
- /sdcard/VidMate/data/bin.-1544841859
- /data/data/####/files/VMDataList.db
- /sdcard/VidMate/data/bin.-1026730799
- /data/data/####/shared_prefs/sharedpreferences_batmobi_ad_clicks_offers.xml
- /sdcard/VidMate/cache/-2122674173
- /sdcard/Android/data/####/cache/-945696149.tmp
- /data/data/####/shared_prefs/Alvin2.xml
- /sdcard/VidMate/data/bin.-1481878012
- /data/data/####/databases/pushmessage-journal
- /sdcard/Android/data/####/cache/1693653001
- /sdcard/VidMate/data/bin.919189290
- /data/data/####/databases/du_ad_cache.db-journal
- /sdcard/VidMate/data/bin.1010072486
- /data/data/####/databases/bat_statistics.db-journal
- /sdcard/VidMate/data/bin.-1256009472
- /data/data/####/files/batfiles/20170222115035.png
- /data/data/####/shared_prefs/multidex.version.xml
- /sdcard/Android/data/####/cache/1065571394.tmp
- /sdcard/VidMate/data/bin.-1444304893
- /sdcard/.DataStorage/ContextData.xml
- /sdcard/VidMate/data/bin.42982088
- /sdcard/Android/data/####/cache/-1103259254.tmp
- /data/data/####/shared_prefs/p_vidmate.xml
- /data/data/####/shared_prefs/mobvista.xml
- /sdcard/Android/data/####/cache/-2019373894.tmp
- /data/data/####/databases/webview.db-journal
- /sdcard/VidMate/data/bin.-1574310414
- /sdcard/VidMate/data/bin.-741659545
- /data/data/####/shared_prefs/conf.xml
- /sdcard/VidMate/data/bin.-697456421
- /data/data/####/shared_prefs/sharedpreferences_batmobi_ad_clicks.xml
- /sdcard/VidMate/cache/597493799
- /data/data/####/files/gaClientId
- /sdcard/VidMate/data/bin.2100872772
- /data/data/####/shared_prefs/sharedpreferences_batmobi_offers.xml
- /sdcard/Android/data/####/cache/-817729107.tmp
- /sdcard/VidMate/log/1485418956738
- /sdcard/VidMate/cache/-970525265
- /sdcard/VidMate/data/bin.-1730210793
- /sdcard/VidMate/data/bin.-2070460954
- /data/data/####/cache/wemob/switch
- /sdcard/Android/data/####/cache/996725184.tmp
- /sdcard/Android/data/####/cache/-1815877978.tmp
- /data/data/####/shared_prefs/conf.xml.bak
- /data/data/####/shared_prefs/com.facebook.ads.FEATURE_CONFIG.xml
- /sdcard/VidMate/data/bin.1610459767
- /sdcard/Android/data/####/cache/858463252
- /data/data/####/files/file
- /sdcard/Android/data/####/cache/-770665526
- /data/data/####/databases/simple.db
- /data/data/####/shared_prefs/device_settings.xml.xml
- /sdcard/VidMate/data/bin.693631636
- /sdcard/VidMate/data/-1507862792
- /data/data/####/shared_prefs/CONFIG_SETTING.xml
- /data/data/####/code_cache/secondary-dexes/tmp-####-1.apk.classes1609280947.zip
- /data/data/####/databases/_nohttp_cookies_db.db
- /sdcard/Android/data/####/cache/-1068826546.tmp
- /data/data/####/databases/vidmate.db
- /sdcard/.UTSystemConfig/Global/Alvin2.xml
- /data/data/####/shared_prefs/SDKIDFA.xml
- /data/data/####/databases/mobvista.msdk.db-journal
- /sdcard/Android/data/####/cache/344013033
- /sdcard/VidMate/cache/-2088103286
- /sdcard/VidMate/cache/1790842066
- /sdcard/Android/data/####/cache/-503566206.tmp
- /sdcard/Android/data/####/cache/427830987.tmp
- /data/data/####/shared_prefs/_toolbox_prefs.xml.bak
- /sdcard/VidMate/data/bin.578088182
- /sdcard/VidMate/data/bin.1364668828
- /data/data/####/app_app_apk/vidmate.dat.jar
- /data/data/####/shared_prefs/sharedpreferences_batmobi_ad_marketurl.xml
- /sdcard/VidMate/data/bin.-883123340
- /sdcard/Android/data/####/cache/.nomedia
- /sdcard/Android/data/####/cache/1861778515.tmp
- /data/data/####/databases/simple.db-journal
- /sdcard/VidMate/data/bin.427448984
- /data/data/####/code_cache/secondary-dexes/MultiDex.lock
- /data/data/####/shared_prefs/p_vidmate.xml.bak
- /data/data/####/shared_prefs/mobvista.xml.bak
- /sdcard/Android/data/####/cache/-1522098588.tmp
- /sdcard/Android/data/####/cache/1797658752
- /data/data/####/databases/offers.db-journal
- /sdcard/VidMate/data/bin.-1648247619
- /sdcard/VidMate/data/bin.289312685
- /sdcard/Android/data/####/cache/1076347422.tmp
- /data/data/####/shared_prefs/settings.xml
- /sdcard/VidMate/data/bin.-367494951
- /data/data/####/shared_prefs/_toolbox_prefs.xml
- /sdcard/VidMate/data/bin.859628415
- /sdcard/Android/data/####/cache/-823214752.tmp
- /data/data/####/files/observedFile
- /sdcard/Android/data/####/cache/-1561736348
- /sdcard/Android/data/####/cache/945437752.tmp
- /data/data/####/shared_prefs/FBAdPrefs.xml
- /data/data/####/files/HOME_TAB_RU
- /sdcard/Android/data/####/cache/-1462174278.tmp
- /data/data/####/shared_prefs/CONFIG_SETTING.xml.bak
- /data/data/####/shared_prefs/VidMate.xml
- /sdcard/VidMate/data/bin.2125480456
- /sdcard/VidMate/data/bin.-513665842
- /sdcard/VidMate/data/bin.965183625
- /sdcard/VidMate/data/bin.686532630
- /sdcard/VidMate/data/bin.-1906250314
- /data/data/####/databases/_nohttp_cookies_db.db-journal
- /sdcard/Android/data/####/cache/1157526844.tmp
- /sdcard/Android/data/####/cache/-752928363.tmp
- /sdcard/VidMate/data/bin.284768489
- /sdcard/VidMate/data/bin.1389311627
- /data/data/####/shared_prefs/sharedpreferences_batmobi_settings.xml
- /sdcard/Android/data/####/cache/-364160777
- /data/data/####/databases/google_analytics_v2.db-journal
- /data/data/####/databases/offers.db
- /sdcard/Android/data/####/cache/387813385.tmp
- /sdcard/Android/data/####/cache/-2123070736.tmp
- /sdcard/VidMate/data/bin.293957621
- /sdcard/VidMate/data/bin.883815625
- /data/data/####/shared_prefs/share_date.xml.bak
- /data/data/####/shared_prefs/####_preferences.xml
- /data/data/####/shared_prefs/com.google.android.gcm.xml
- /sdcard/.ooa/198182191512657692
- /sdcard/VidMate/data/bin.-126454448
- /sdcard/VidMate/config/task-journal
- /data/data/####/shared_prefs/VidMate.xml.bak
- /sdcard/VidMate/data/bin.328319508
- /sdcard/Android/data/####/cache/1335900688.tmp
- /data/data/####/databases/du_ad_ts.db-journal
- /sdcard/VidMate/log/sub/1485418958703
- /sdcard/VidMate/data/bin.-283094937
- /data/data/####/shared_prefs/ContextData.xml
- /sdcard/VidMate/data/bin.660386629
- /sdcard/VidMate/data/bin.570895930
- /sdcard/VidMate/log/1485418953435
- /sdcard/Android/data/####/cache/-1290451529.tmp
- /sdcard/VidMate/data/bin.-2070376201
- /data/data/####/shared_prefs/####_preferences.xml.bak
- /sdcard/Android/data/####/cache/2104754728.tmp
- /sdcard/Android/data/####/cache/-417565351
- /sdcard/VidMate/data/bin.-1115310979
- /sdcard/VidMate/data/bin.1535183609
- /data/data/####/databases/vidmate.db-journal
- /data/data/####/cache/wemob/auconf
- /data/data/####/shared_prefs/share_date.xml
- /sdcard/VidMate/data/bin.315773902
- /sdcard/VidMate/data/bin.801553237
Другие:
Может автоматически отправлять СМС-сообщения.
