Техническая информация
Вредоносные функции:
Отправляет СМС-сообщения:
- 12114: HZSY#####
Отправляет данные получаемых СМС-сообщений на удалённый хост.
Сетевая активность:
Подключается к:
- sdku####.####.com
- mo####.####.com
- dynami####.####.com
- 1####.####.com
- mmy####.####.com
- i####.####.cn
- vide####.####.cn
- priceru####.####.com
Запросы HTTP GET:
- 1####.####.com/ic.asp
- vide####.####.cn/TOUXIANGS14.png
- mmy####.####.com/mmys-cps/styleTopChlVideo.service?pageNo=####&pageSize=####&showStyle=####&rv=####&deviceId=####&uuid=####&imei=####&imsi=####&manufa...
- vide####.####.cn/TOUXIANGS218.png
- vide####.####.cn/20170317/62911c63-a7b8-4c15-bbae-908df8f834a6-%E7%8C%A5%E8%A4%BB%E3%81%AA%E6%80%A7%E6%AC%B21.jpg
- vide####.####.cn/20170328/336dd91d-1570-40fc-ace4-600c066d1e15-2.jpg
- vide####.####.cn/TOUXIANGS182.png
- mmy####.####.com/mmys-cps/rdContent.service?deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=####&app...
- vide####.####.cn/20170324/fe661741-1499-4bd3-873a-b1bd34c39de9-%E6%AF%8D%E3%81%AE%E5%8F%8B%E4%BA%BA.jpg
- i####.####.cn/iplookup/iplookup.php?format=####
- vide####.####.cn/20170329/6c85c910-9262-4e09-a0a9-63ab2da65037-20170329.PNG
- vide####.####.cn/TOUXIANGS270.png
- vide####.####.cn/20170317/aa6c2a95-ee12-4034-aa98-5378c30213ce-109cm%E3%81%AEAV%E7%9B%A3%E7%9D%A3%E3%81%AB%E3%81%97%E3%81%8F%E3%82%93%E3%81%A7%E3%81%9...
- vide####.####.cn/TOUXIANGS250.png
- vide####.####.cn/20170317/9f638fff-74b3-41f7-8230-b9b4ef514e6c-%E5%B1%88%E8%BE%B1%E3%81%AE%E5%A4%B1%E7%A6%81.jpg
- mmy####.####.com/mmys-cps/vdtRmdVideoList.service?showStyle=####&id=####&itemCount=####&rv=####&deviceId=####&uuid=####&imei=####&imsi=####&manufactur...
- vide####.####.cn/20170329/dc76930e-db0e-41d3-be64-167c278715dd-154027-0.PNG
- vide####.####.cn/TOUXIANGS252.png
- vide####.####.cn/20170324/dd03a907-d010-4593-b171-b096a300c583-4.jpg
- vide####.####.cn/TOUXIANGS255.png
- vide####.####.cn/20160808/33b86cc8-88b0-4d61-bc29-fb3e61362fbc-1_%E5%89%AF%E6%9C%AC.png
- vide####.####.cn/TOUXIANGS256.png
- vide####.####.cn/TOUXIANGS34.png
- priceru####.####.com/price-rule-cmp/rule/matchRule?version=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=#...
- vide####.####.cn/TOUXIANGS201.png
- mmy####.####.com/mmys-cps/videoDtl.service?id=####&rv=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&d...
- vide####.####.cn/TOUXIANGS233.png
- vide####.####.cn/TOUXIANGS235.png
- vide####.####.cn/20170324/cf01a267-8877-4669-a218-6a164c779461-2.jpg
- vide####.####.cn/20170308/26027932-5107-47cb-9191-485f4093e3e2-1%20(10).jpg
- vide####.####.cn/tou2086.jpg
- mmy####.####.com/mmys-cps/runConfig.service?deviceId=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=####&appId=####&dc...
- vide####.####.cn/20160808/387bb650-ea05-4c55-8b44-6ce713cf811f-2_%E5%89%AF%E6%9C%AC.png
- vide####.####.cn/TOUXIANGS251.png
- vide####.####.cn/20160808/b3bcbfa4-d361-4058-a326-1d947e98d640-1.png
- mmy####.####.com/mmys-cps/bannerInfo.service?showStyle=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&...
- vide####.####.cn/TOUXIANGS12.png
- vide####.####.cn/tou1014.gif
- vide####.####.cn/20170324/6de0ecf8-a5ca-4521-a21a-5d0a94fb19e1-1.jpg
- vide####.####.cn/20170317/bf739e2a-c8dc-42ca-b101-b019fd57f9fe-%E4%B8%80%E8%BC%AA%E8%BB%8A%E3%80%81%E5%A9%A6%E8%AD%A6%E3%81%95%E3%82%93.jpg
- vide####.####.cn/20170318/bc18eea1-de23-43ab-a656-8da400b3af8e-oba00312jp-9.jpg
- vide####.####.cn/TOUXIANGS234.png
- vide####.####.cn/20170323/220a918a-fb3b-491b-8691-44e3ff185e5b-h_068mxgs00837jp-3.jpg
- mmy####.####.com/mmys-cps/videoComment2.service?videoId=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####...
- vide####.####.cn/tou2034.jpg
- vide####.####.cn/20170324/ae5a831c-e53e-44e4-b97f-1ed5238f1a63-12.jpg
- vide####.####.cn/TOUXIANGS2.png
- vide####.####.cn/TOUXIANGS26.png
- vide####.####.cn/TOUXIANGS253.png
Запросы HTTP POST:
- dynami####.####.com/dynamicpay//getSyFormalChannels.json?
- mmy####.####.com/mmys-cps/userVisit.service?deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=####&app...
- mmy####.####.com/mmys-cps/userActivation.service?deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=###...
- sdku####.####.com/sdk-update/sdkUpdateCdnUpload.json
- mo####.####.com/mobile-service/getImsiMobilePhone.json
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/cache/picasso-cache/4f58e4fdeac33ed877eb906071df75aa.1.tmp
- /data/data/####/cache/picasso-cache/a6213fd5faccb13b505167ad47ba38c4.0.tmp
- /data/data/####/cache/picasso-cache/60d220cc27ae14a79dfc49146ab714f2.0.tmp
- /data/data/####/cache/picasso-cache/aca48d1db211e070befd09d917282e1e.0.tmp
- /data/data/####/cache/picasso-cache/3d536b0f01f76c6f36d30e17362227ae.0.tmp
- /data/data/####/cache/picasso-cache/2eaf0249178876bbfe09180f4b0c5ed3.0.tmp
- /data/data/####/cache/picasso-cache/885da13da7af7a1da90668f4ba59caaf.0.tmp
- /data/data/####/cache/picasso-cache/2703966f41b6704359c797847ac80e44.0.tmp
- /data/data/####/cache/picasso-cache/b7280993da674aec9e68c9a32e61eef6.0.tmp
- /data/data/####/cache/picasso-cache/847e14a58b28f7a99df816eec2512795.1.tmp
- /data/data/####/shared_prefs/uuid.xml
- /data/data/####/cache/picasso-cache/a1137aafdd725bf5fcc35b427e971799.0.tmp
- /data/data/####/cache/picasso-cache/3d536b0f01f76c6f36d30e17362227ae.1.tmp
- /data/data/####/cache/picasso-cache/dbbc04b289be830c5dc781bced5cd38c.0.tmp
- /data/data/####/cache/picasso-cache/38445dc7cee9c6a2d23265f896838bab.0.tmp
- /data/data/####/cache/picasso-cache/afc8dfea0c9b36158cecca800c17bcbb.0.tmp
- /data/data/####/cache/picasso-cache/004e5f920e0eb876c8610acf5efb466f.1.tmp
- /data/data/####/cache/picasso-cache/a6213fd5faccb13b505167ad47ba38c4.1.tmp
- /data/data/####/databases/webview.db-journal
- /data/data/####/cache/picasso-cache/b7280993da674aec9e68c9a32e61eef6.1.tmp
- /data/data/####/shared_prefs/p_config.xml
- /data/data/####/cache/picasso-cache/2703966f41b6704359c797847ac80e44.1.tmp
- /data/data/####/files/gaClientId
- /data/data/####/databases/sy_video_data_cache-journal
- /data/data/####/cache/picasso-cache/journal.tmp
- /data/data/####/databases/statistics_db
- /data/data/####/cache/picasso-cache/aa337919c5da4e405d7bef2fd58a7558.1.tmp
- /data/data/####/cache/picasso-cache/0e6ea9e62ba614e0d5b6569d48192d55.1.tmp
- /data/data/####/cache/picasso-cache/383df07cbfb188070c16b5c33c8b5335.0.tmp
- /data/data/####/cache/picasso-cache/c8f6800f50b1513f4b2385de2b451af0.1.tmp
- /data/data/####/cache/picasso-cache/ae97d4343444ba4cc3fbc325f82fbf99.1.tmp
- /data/data/####/cache/picasso-cache/004e5f920e0eb876c8610acf5efb466f.0.tmp
- /data/data/####/shared_prefs/ds_configer.xml
- /data/data/####/cache/picasso-cache/b1724e7d763f3549d93cf8c43d4ec99f.0.tmp
- /data/data/####/cache/picasso-cache/4f58e4fdeac33ed877eb906071df75aa.0.tmp
- /data/data/####/cache/picasso-cache/b14bdb08771cf1e42c13a6a3f8acdb16.0.tmp
- /data/data/####/cache/picasso-cache/a1137aafdd725bf5fcc35b427e971799.1.tmp
- /data/data/####/cache/picasso-cache/885da13da7af7a1da90668f4ba59caaf.1.tmp
- /data/data/####/cache/picasso-cache/60d220cc27ae14a79dfc49146ab714f2.1.tmp
- /data/data/####/cache/picasso-cache/573ceda337cba3ba1f89caca6b992da9.0.tmp
- /data/data/####/cache/picasso-cache/ae97d4343444ba4cc3fbc325f82fbf99.0.tmp
- /data/data/####/shared_prefs/global_count.xml
- /data/data/####/cache/picasso-cache/7f655385fbfd2a71231cc646f0b1f900.1.tmp
- /data/data/####/cache/picasso-cache/c8f6800f50b1513f4b2385de2b451af0.0.tmp
- /data/data/####/cache/picasso-cache/719f3c65b764b8e42dfb2c1a70552d90.0.tmp
- /data/data/####/cache/picasso-cache/b58890a777da444069c146d855f6e490.1.tmp
- /data/data/####/cache/picasso-cache/573ceda337cba3ba1f89caca6b992da9.1.tmp
- /data/data/####/cache/picasso-cache/6ffd2d659338f01c776f87a6fc8e9103.0.tmp
- /data/data/####/cache/picasso-cache/683369d0c1659aa7aef143a43624b5cc.1.tmp
- /data/data/####/shared_prefs/trigger_recorder.xml
- /data/data/####/cache/picasso-cache/6134d992660c09eb1c9586ad7a410737.0.tmp
- /data/data/####/shared_prefs/global_count.xml.bak
- /data/data/####/cache/picasso-cache/bb0d02dfa42b7b056fd3156d3d60b04d.0.tmp
- /data/data/####/cache/picasso-cache/b3101df3166a55550d98d523e4326e00.1.tmp
- /data/data/####/cache/picasso-cache/b14bdb08771cf1e42c13a6a3f8acdb16.1.tmp
- /data/data/####/cache/picasso-cache/383df07cbfb188070c16b5c33c8b5335.1.tmp
- /data/data/####/cache/picasso-cache/9e09d9f5e31c00768c20df5022f18882.0.tmp
- /data/data/####/cache/picasso-cache/6134d992660c09eb1c9586ad7a410737.1.tmp
- /data/data/####/cache/picasso-cache/b58890a777da444069c146d855f6e490.0.tmp
- /data/data/####/cache/picasso-cache/7e7be6b207d6beddc3fa0071f5b362c7.0.tmp
- /data/data/####/cache/picasso-cache/afc8dfea0c9b36158cecca800c17bcbb.1.tmp
- /data/data/####/cache/picasso-cache/683369d0c1659aa7aef143a43624b5cc.0.tmp
- /data/data/####/cache/picasso-cache/847e14a58b28f7a99df816eec2512795.0.tmp
- /data/data/####/cache/picasso-cache/7f655385fbfd2a71231cc646f0b1f900.0.tmp
- /data/data/####/cache/picasso-cache/96589e44cc57fb671404c760e9cecc63.0.tmp
- /data/data/####/cache/picasso-cache/aa337919c5da4e405d7bef2fd58a7558.0.tmp
- /data/data/####/cache/picasso-cache/2dbb1dd3e9254fc97340593d7e51b850.0.tmp
- /data/data/####/databases/upgrade_app-journal
- /data/data/####/databases/statistics_db-journal
- /data/data/####/cache/picasso-cache/7e7be6b207d6beddc3fa0071f5b362c7.1.tmp
- /data/data/####/cache/picasso-cache/b1724e7d763f3549d93cf8c43d4ec99f.1.tmp
- /data/data/####/cache/picasso-cache/38445dc7cee9c6a2d23265f896838bab.1.tmp
- /data/data/####/cache/picasso-cache/5442d8bb93c34d4cbcd3349dd62af1a8.0.tmp
- /data/data/####/cache/picasso-cache/2dbb1dd3e9254fc97340593d7e51b850.1.tmp
- /data/data/####/databases/google_analytics_v2.db-journal
- /data/data/####/cache/picasso-cache/cd5ae256a5cd2c46c7dba44d99544689.0.tmp
- /data/data/####/cache/picasso-cache/719f3c65b764b8e42dfb2c1a70552d90.1.tmp
- /data/data/####/cache/picasso-cache/aca48d1db211e070befd09d917282e1e.1.tmp
- /data/data/####/cache/picasso-cache/bb0d02dfa42b7b056fd3156d3d60b04d.1.tmp
- /data/data/####/cache/picasso-cache/42421e912917428a8c371a191ca119b0.1.tmp
- /data/data/####/cache/picasso-cache/96589e44cc57fb671404c760e9cecc63.1.tmp
- /data/data/####/shared_prefs/trigger_recorder.xml.bak
- /data/data/####/cache/picasso-cache/72191092ceb36d7ace46bd3e27efbff7.0.tmp
- /data/data/####/cache/picasso-cache/9e09d9f5e31c00768c20df5022f18882.1.tmp
- /data/data/####/shared_prefs/time.xml
- /data/data/####/cache/picasso-cache/6ffd2d659338f01c776f87a6fc8e9103.1.tmp
- /data/data/####/databases/sy_pay_record-journal
- /data/data/####/cache/picasso-cache/5442d8bb93c34d4cbcd3349dd62af1a8.1.tmp
- /data/data/####/cache/picasso-cache/2eaf0249178876bbfe09180f4b0c5ed3.1.tmp
- /data/data/####/cache/picasso-cache/72191092ceb36d7ace46bd3e27efbff7.1.tmp
- /sdcard/SYPAYFILENAME/CACHE/SMSCACHE/ISDELSMS
- /data/data/####/cache/picasso-cache/b3101df3166a55550d98d523e4326e00.0.tmp
- /data/data/####/cache/picasso-cache/dbbc04b289be830c5dc781bced5cd38c.1.tmp
- /data/data/####/cache/picasso-cache/cd5ae256a5cd2c46c7dba44d99544689.1.tmp
- /data/data/####/cache/picasso-cache/0e6ea9e62ba614e0d5b6569d48192d55.0.tmp
- /data/data/####/databases/recommend_app-journal
- /data/data/####/cache/picasso-cache/42421e912917428a8c371a191ca119b0.0.tmp
Другие:
Может автоматически отправлять СМС-сообщения.
