Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.MobiDash.1.origin
Сетевая активность:
Подключается к:
- s####.####.com
- clinkad####.com
- g####.####.com
- i####.####.com
- c####.####.net
- a####.####.net
- r####.####.com
- fullmov####.####.net
- a####.####.mobi
- x####.####.mobi
- g####.####.com:443
- gl####.####.com
- l####.####.com
- movi####.####.mobi
- a####.####.com
- recom####.####.mobi
- movi####.####.mobi:8999
Запросы HTTP GET:
- fullmov####.####.net//music/album/thumbnail/196398/original_poster
- i####.####.com/vi/79A1oZAmT9k/mqdefault.jpg
- fullmov####.####.net//music/album/thumbnail/699110/original_poster
- i####.####.com/vi/5EjeDJM2jOQ/mqdefault.jpg
- clinkad####.com/tracking?camp=####&pubid=####&sid=####&subpubid=####&gaid=####&aid=####
- i####.####.com/vi/6Y07FrdHh7U/mqdefault.jpg
- a####.####.mobi/images/icon3/dailymotion-2.png
- i####.####.com/vi/G62HrubdD6o/mqdefault.jpg
- a####.####.mobi/images/icon3/facebook-2.png
- l####.####.com/8VI09LFD_Sm62X2fMwWKGtyiKMIxoEa8AGG8C9iLPzb4YUnFGiNF6ehhUg6nELq0Vpc=w144
- i####.####.com/vi/ud5mHccuj4o/mqdefault.jpg
- a####.####.net/stat/v2/request?aff_id=####&ak_id=####&local=####&channel=####&from_sdk=####&aid=####&placement_id=####&oid=####&ads_id_list=####&req_a...
- a####.####.net/call/v2/ad/click?ads_id=####&aff_id=####&ak_id=####&local=####&channel=####&recommend_id=####&from_sdk=####&aid=####&click_route=####&s...
- a####.####.com/adunion/slot/getSrcPrio?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=...
- a####.####.com/adunion/rtb/getInmobiAd?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=...
- fullmov####.####.net//music/album/thumbnail/194516/original_poster
- gl####.####.com/trace?offer_id=####&app_id=####&type=####&aff_sub=####&aff_sub6=####&aff_sub7=####&aff_sub8=####&google_adv_id=####&sub_affiliate_id=#...
- i####.####.com/vi/23UiMaJmW5c/mqdefault.jpg
- movi####.####.mobi/Fastdfsimg.php?type=####&s=####&imgid=####
- movi####.####.mobi:8999/Fastdfsimg.php?type=####&s=####&imgid=####
- a####.####.mobi/images/icon3/youtube-2.png
- fullmov####.####.net//music/album/thumbnail/641490/original_poster
- i####.####.com/vi/QTHtT9TzANQ/mqdefault.jpg
- movi####.####.mobi/Fastdfsimg.php?type=####&imgid=####
- i####.####.com/vi/9QzsVzvW9Qg/mqdefault.jpg
- fullmov####.####.net//music/album/thumbnail/572327/original_poster
- s####.####.com/wead/start?ps=####
- i####.####.com/vi/eYNFTbatj98/mqdefault.jpg
- c####.####.net/image/auto/20170318/1358d1f664aa4bc994f88dbf2b2d4ee0/9302209e372c437dbc61a9c60d8c4919_com.powerd.cleaner_320x200.png
- a####.####.net/native/v2/recommend?pversion=####&request_id=####&appkey=####&channel=####&ua=####&adv_id=####&aid=####&local=####&lang=####&sys_name=#...
- a####.####.com/adunion/slot/getDlAd?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=###...
- i####.####.com/vi/IeHnj9LilvM/mqdefault.jpg
- i####.####.com/vi/AkHJFMylpVQ/mqdefault.jpg
- a####.####.net/stat/v2/imp?aff_id=####&ak_id=####&local=####&channel=####&from_sdk=####&aid=####&placement_id=####&oid=####&ads_id_list=####
- fullmov####.####.net//music/album/thumbnail/737991/original_poster
- i####.####.com/vi/zyXevag9OFY/mqdefault.jpg
- a####.####.com/adunion/rtb/fetchAd?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=####...
Запросы HTTP POST:
- a####.####.mobi/home_tab
- a####.####.mobi/video_tab_conf
- a####.####.mobi/update_list
- a####.####.mobi/welcome_get2
- a####.####.mobi/update_get
- g####.####.com/V1/fetchpolicy/?api_key=####
- a####.####.mobi/check_nav
- g####.####.com:443/V1/fetchconfig/?api_key=####
- r####.####.com/orts/rpb?h=####&w=####&model=####&vendor=####&sdk=####&dpi=####&sv=####&svn=####&pkg=####&v=####&vn=####&op=####&locale=####&ntt=####&l...
- a####.####.mobi/v3/home
- a####.####.mobi/signin
- x####.####.mobi/allhotkey
- a####.####.mobi/setup
- a####.####.mobi/domain
- a####.####.mobi/gcm_conf_get
- a####.####.mobi/pingv2
- recom####.####.mobi/video_recommend_list
- a####.####.mobi/get_nav
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/shared_prefs/settings.xml.bak
- /sdcard/VidMate/data/bin.-1544841859
- /data/data/####/files/VMDataList.db
- /sdcard/VidMate/data/bin.-412544119
- /sdcard/VidMate/data/bin.-800672761
- /data/data/####/shared_prefs/sharedpreferences_batmobi_ad_clicks_offers.xml
- /sdcard/Android/data/####/cache/387795334.tmp
- /sdcard/Android/data/####/cache/879605018.tmp
- /data/data/####/code_cache/secondary-dexes/####-1.apk.classes-1140376591.zip
- /data/data/####/shared_prefs/Alvin2.xml
- /sdcard/VidMate/data/bin.-1026730799
- /sdcard/VidMate/data/bin.-1782377034
- /sdcard/Android/data/####/cache/1459163808.tmp
- /data/data/####/databases/pushmessage-journal
- /sdcard/VidMate/data/bin.-1472237808
- /data/data/####/shared_prefs/####_serviceproviderspreferences.xml
- /sdcard/VidMate/data/bin.919189290
- /data/data/####/databases/du_ad_cache.db-journal
- /sdcard/VidMate/data/bin.-1224419390
- /sdcard/VidMate/data/bin.1010072486
- /data/data/####/databases/bat_statistics.db-journal
- /data/data/####/files/asdfg
- /sdcard/Android/data/####/cache/858463252.tmp
- /data/data/####/shared_prefs/####_startupinfopreferences.xml.bak
- /sdcard/VidMate/data/bin.-513665842
- /data/data/####/shared_prefs/multidex.version.xml
- /sdcard/VidMate/data/bin.230529367
- /sdcard/VidMate/data/bin.-1444304893
- /data/data/####/shared_prefs/####_startupinfopreferences.xml
- /sdcard/.DataStorage/ContextData.xml
- /sdcard/VidMate/data/bin.42982088
- /sdcard/Android/data/####/cache/-1103259254.tmp
- /data/data/####/shared_prefs/p_vidmate.xml
- /data/data/####/shared_prefs/####_preferences.xml.bak
- /sdcard/VidMate/data/bin.-1574310414
- /sdcard/VidMate/data/bin.-741659545
- /sdcard/VidMate/data/bin.-697456421
- /data/data/####/shared_prefs/sharedpreferences_batmobi_ad_clicks.xml
- /sdcard/VidMate/cache/597493799
- /data/data/####/files/gaClientId
- /sdcard/VidMate/data/bin.2100872772
- /data/data/####/shared_prefs/sharedpreferences_batmobi_offers.xml
- /sdcard/VidMate/data/bin.570895930
- /sdcard/VidMate/cache/-970525265
- /sdcard/VidMate/data/bin.-1730210793
- /sdcard/VidMate/data/bin.-2070460954
- /data/data/####/cache/wemob/switch
- /sdcard/Android/data/####/cache/996725184.tmp
- /sdcard/VidMate/log/sub/1485415847311
- /sdcard/Android/data/####/cache/-1815877978.tmp
- /data/data/####/shared_prefs/com.facebook.ads.FEATURE_CONFIG.xml
- /sdcard/VidMate/data/bin.1610459767
- /sdcard/Android/data/####/cache/-770665526
- /data/data/####/shared_prefs/####_startupserviceinfopreferences.xml
- /data/data/####/shared_prefs/device_settings.xml.xml
- /sdcard/VidMate/data/bin.2076957192
- /sdcard/VidMate/data/bin.693631636
- /data/data/####/shared_prefs/####_migrationpreferences.xml
- /data/data/####/shared_prefs/CONFIG_SETTING.xml
- /sdcard/Android/data/####/cache/44523943.tmp
- /data/data/####/shared_prefs/####_boundentrypreferences.xml.bak
- /data/data/####/databases/_nohttp_cookies_db.db
- /data/data/####/shared_prefs/####_boundentrypreferences.xml
- /data/data/####/databases/vidmate.db
- /sdcard/.UTSystemConfig/Global/Alvin2.xml
- /data/data/####/shared_prefs/SDKIDFA.xml
- /data/data/####/databases/metrica_data.db-journal
- /sdcard/VidMate/cache/-2088103286
- /sdcard/VidMate/cache/1790842066
- /sdcard/Android/data/####/cache/1882950403.tmp
- /sdcard/Android/data/####/cache/427830987.tmp
- /data/data/####/shared_prefs/_toolbox_prefs.xml.bak
- /sdcard/VidMate/data/bin.578088182
- /sdcard/VidMate/data/bin.1364668828
- /data/data/####/app_app_apk/vidmate.dat.jar
- /data/data/####/shared_prefs/sharedpreferences_batmobi_ad_marketurl.xml
- /sdcard/VidMate/data/bin.-883123340
- /data/data/####/shared_prefs/####_initpreferences.xml
- /sdcard/Android/data/####/cache/-191913667.tmp
- /sdcard/Android/data/####/cache/.nomedia
- /sdcard/VidMate/data/bin.427448984
- /data/data/####/shared_prefs/p_vidmate.xml.bak
- /sdcard/Android/data/####/cache/-1522098588.tmp
- /sdcard/Android/data/####/cache/-2019373894
- /sdcard/VidMate/log/1485415841819
- /sdcard/VidMate/data/bin.-1648247619
- /sdcard/VidMate/data/bin.289312685
- /sdcard/Android/data/####/cache/1076347422.tmp
- /sdcard/VidMate/data/bin.1308605173
- /data/data/####/shared_prefs/settings.xml
- /sdcard/VidMate/data/bin.-367494951
- /data/data/####/shared_prefs/_toolbox_prefs.xml
- /sdcard/VidMate/data/bin.859628415
- /data/data/####/shared_prefs/####_servertimeoffset.xml
- /sdcard/Android/data/####/cache/-364160777.tmp
- /sdcard/Android/data/####/cache/-823214752.tmp
- /sdcard/Android/data/####/cache/-417565351.tmp
- /data/data/####/files/observedFile
- /sdcard/VidMate/cache/1638991180
- /sdcard/VidMate/cache/-1891502096
- /data/data/####/shared_prefs/FBAdPrefs.xml
- /sdcard/Android/data/####/cache/1157526844.tmp
- /sdcard/Android/data/####/cache/-287498816
- /data/data/####/shared_prefs/CONFIG_SETTING.xml.bak
- /sdcard/VidMate/data/2033049159
- /sdcard/VidMate/data/bin.2125480456
- /sdcard/VidMate/data/bin.965183625
- /sdcard/VidMate/data/bin.686532630
- /sdcard/VidMate/data/bin.-1906250314
- /data/data/####/databases/_nohttp_cookies_db.db-journal
- /data/data/####/files/HOME_TAB_RU
- /sdcard/Android/data/####/cache/-752928363.tmp
- /sdcard/VidMate/data/bin.284768489
- /sdcard/VidMate/data/bin.1389311627
- /data/data/####/shared_prefs/sharedpreferences_batmobi_settings.xml
- /data/data/####/databases/google_analytics_v2.db-journal
- /sdcard/VidMate/data/bin.-531083186
- /data/data/####/files/credentials.dat
- /sdcard/VidMate/data/bin.-1256009472
- /sdcard/Android/data/####/cache/387813385.tmp
- /sdcard/Android/data/####/cache/-1288277420.tmp
- /sdcard/Android/data/####/cache/-2123070736.tmp
- /sdcard/VidMate/data/bin.293957621
- /sdcard/Android/data/####/cache/615742047
- /sdcard/VidMate/data/bin.883815625
- /data/data/####/shared_prefs/####_preferences.xml
- /data/data/####/shared_prefs/com.google.android.gcm.xml
- /sdcard/.ooa/198182191512657692
- /sdcard/Android/data/####/cache/1693653001.tmp
- /sdcard/VidMate/data/bin.-197998865
- /sdcard/Android/data/####/cache/287365085.tmp
- /sdcard/Android/data/####/cache/344013033.tmp
- /sdcard/VidMate/data/bin.-126454448
- /sdcard/VidMate/config/task-journal
- /data/data/####/shared_prefs/VidMate.xml.bak
- /sdcard/VidMate/data/bin.328319508
- /sdcard/VidMate/data/bin.-1481878012
- /data/data/####/databases/du_ad_ts.db-journal
- /sdcard/VidMate/data/bin.1120611423
- /sdcard/VidMate/data/bin.-283094937
- /data/data/####/shared_prefs/ContextData.xml
- /sdcard/VidMate/data/bin.660386629
- /data/data/####/databases/db_metrica_####-journal
- /data/data/####/shared_prefs/VidMate.xml
- /sdcard/Android/data/####/cache/1906906070
- /sdcard/Android/data/####/cache/-503566206
- /sdcard/Android/data/####/cache/1069667587.tmp
- /sdcard/Android/data/####/cache/-1290451529.tmp
- /sdcard/VidMate/data/bin.-2070376201
- /sdcard/Android/data/####/cache/73542811.tmp
- /sdcard/VidMate/cache/1140747702
- /sdcard/VidMate/data/bin.-1960654866
- /sdcard/VidMate/data/bin.-1115310979
- /sdcard/VidMate/data/bin.1535183609
- /sdcard/VidMate/data/bin.1077858207
- /data/data/####/databases/vidmate.db-journal
- /data/data/####/cache/wemob/auconf
- /sdcard/VidMate/data/bin.315773902
- /sdcard/VidMate/data/bin.801553237
Другие:
Может автоматически отправлять СМС-сообщения.
