Техническая информация
Вредоносные функции:
Отправляет СМС-сообщения:
- 12114: HZSY#####
Загружает из Интернета следующие детектируемые угрозы:
- Android.SkyMobi.5.origin
Отправляет данные получаемых СМС-сообщений на удалённый хост.
Сетевая активность:
Подключается к:
- sdku####.####.com
- mo####.####.com
- dynami####.####.com
- 1####.####.com
- mmy####.####.com
- i####.####.cn
- vide####.####.cn
- a####.####.com
- priceru####.####.com
Запросы HTTP GET:
- 1####.####.com/ic.asp
- mmy####.####.com/mmys-cps/styleTopChlVideo.service?pageNo=####&pageSize=####&showStyle=####&rv=####&deviceId=####&uuid=####&imei=####&imsi=####&manufa...
- a####.####.com/9fc7bd6ef69a4437ac508463c8a66a11.apk
- vide####.####.cn/20170317/62911c63-a7b8-4c15-bbae-908df8f834a6-%E7%8C%A5%E8%A4%BB%E3%81%AA%E6%80%A7%E6%AC%B21.jpg
- vide####.####.cn/20170320/7a30270b-babc-494e-b31a-f3387dade631-3.jpg
- vide####.####.cn/20170328/336dd91d-1570-40fc-ace4-600c066d1e15-2.jpg
- vide####.####.cn/20170330/cc0d1087-75ef-451d-ae75-9831b3faa110-1.jpg
- mmy####.####.com/mmys-cps/rdContent.service?deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=####&app...
- vide####.####.cn/TOUXIANGS22.png
- i####.####.cn/iplookup/iplookup.php?format=####
- vide####.####.cn/TOUXIANGS4.png
- vide####.####.cn/20170324/c815399e-0a60-40ad-a05e-955c5eaf68f0-f79056a88ddb4ad0ba50797727b7b5d2.jpg
- vide####.####.cn/20170317/9f638fff-74b3-41f7-8230-b9b4ef514e6c-%E5%B1%88%E8%BE%B1%E3%81%AE%E5%A4%B1%E7%A6%81.jpg
- vide####.####.cn/TOUXIANGS281.png
- vide####.####.cn/20170330/ab0d814e-01d0-44f0-ab72-fb432defc8a9-2.jpg
- vide####.####.cn/20170330/01608e6e-cb95-4ab8-8496-4719cd96faad-20170330.PNG
- vide####.####.cn/20160808/15110d5e-dfa1-4203-ab1a-c08455250af7-16.png
- mmy####.####.com/mmys-cps/vdtRmdVideoList.service?showStyle=####&id=####&itemCount=####&rv=####&deviceId=####&uuid=####&imei=####&imsi=####&manufactur...
- vide####.####.cn/20170324/6de0ecf8-a5ca-4521-a21a-5d0a94fb19e1-1.jpg
- vide####.####.cn/20170324/ae5a831c-e53e-44e4-b97f-1ed5238f1a63-12.jpg
- mmy####.####.com/mmys-cps/videoDtl.service?id=####&rv=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&d...
- vide####.####.cn/TOUXIANGS19.png
- vide####.####.cn/20160808/14649d34-3a91-4fe8-aee7-c0f3582cc711-dsf008.png
- mmy####.####.com/mmys-cps/runConfig.service?deviceId=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=####&appId=####&dc...
- vide####.####.cn/20170324/9c16759d-b074-43e2-8da2-dec5b87f1985-%E5%90%8C%E5%9F%8E%E4%B8%A4%E6%80%A7%E4%BA%A4%E5%8F%8B.jpg
- vide####.####.cn/tou1008.gif
- mmy####.####.com/mmys-cps/bannerInfo.service?showStyle=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&...
- priceru####.####.com/price-rule-cmp/rule/matchRule?version=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=#...
- vide####.####.cn/20170330/78ff2c88-9fa0-4648-9830-9ceb59565dc5-1.jpg
- vide####.####.cn/20170330/79d3429e-0570-4080-be32-a4706f81daef-%E6%AF%8D%E3%81%AE%E5%8F%8B%E4%BA%BA.jpg
- vide####.####.cn/20160808/52301a91-6a7d-4337-981d-3c285cf246c2-dsf009.png
- vide####.####.cn/20170317/bf739e2a-c8dc-42ca-b101-b019fd57f9fe-%E4%B8%80%E8%BC%AA%E8%BB%8A%E3%80%81%E5%A9%A6%E8%AD%A6%E3%81%95%E3%82%93.jpg
- vide####.####.cn/20170318/bc18eea1-de23-43ab-a656-8da400b3af8e-oba00312jp-9.jpg
- mmy####.####.com/mmys-cps/videoComment2.service?videoId=####&deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####...
- vide####.####.cn/20160808/297ee544-4974-48e2-9a62-91b2ee4b8280-13.png
- a####.####.com/b78bf2e1565449c8b551bc1d82320ea4.apk
- vide####.####.cn/20170330/3a7fe1eb-998c-460a-a48c-9ac840a9543d-%E5%AB%82%E5%AD%90%E5%AF%B9%E6%88%91%E6%AD%A5%E6%AD%A5%E7%B4%A7%E9%80%BC.jpg
- vide####.####.cn/tou1005.gif
- vide####.####.cn/tou1004.gif
Запросы HTTP POST:
- dynami####.####.com/dynamicpay//getSyFormalChannels.json?
- mmy####.####.com/mmys-cps/userVisit.service?deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=####&app...
- mmy####.####.com/mmys-cps/userActivation.service?deviceId=####&uuid=####&imei=####&imsi=####&manufacturer=####&model=####&versionCode=####&ditchNo=###...
- sdku####.####.com/sdk-update/sdkUpdateCdnUpload.json
- mo####.####.com/mobile-service/getImsiMobilePhone.json
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/cache/picasso-cache/24b78197ad4f11ecb2554c8e54eb69ba.1.tmp
- /data/data/####/cache/picasso-cache/870f8c8bb18a1c1d3c659533ed040cc0.1.tmp
- /data/data/####/cache/picasso-cache/c8f6800f50b1513f4b2385de2b451af0.1.tmp
- /data/data/####/cache/picasso-cache/55076c6efcb7a27617304f28374ad65b.0.tmp
- /sdcard/SYPAYFILENAME/CACHE/SMSCACHE/ISDELSMS
- /data/data/####/cache/picasso-cache/e2240005e3dc4e3ccbccd1cbf1c5d751.1.tmp
- /data/data/####/cache/picasso-cache/c24822fc7e784973d7511a158beb6b75.1.tmp
- /data/data/####/cache/picasso-cache/87d3c4144d31c791f07b453d67ddc12e.1.tmp
- /data/data/####/cache/picasso-cache/c721efc7d440844ba021ea1b9ba1d3f1.0.tmp
- /data/data/####/cache/picasso-cache/a6213fd5faccb13b505167ad47ba38c4.0.tmp
- /data/data/####/cache/picasso-cache/ee68cfaf945ea870854f7b06868e4d0a.0.tmp
- /data/data/####/shared_prefs/time.xml
- /data/data/####/cache/picasso-cache/aca48d1db211e070befd09d917282e1e.0.tmp
- /data/data/####/shared_prefs/ds_configer.xml
- /data/data/####/cache/picasso-cache/b1724e7d763f3549d93cf8c43d4ec99f.0.tmp
- /data/data/####/cache/picasso-cache/24b78197ad4f11ecb2554c8e54eb69ba.0.tmp
- /data/data/####/cache/picasso-cache/c24822fc7e784973d7511a158beb6b75.0.tmp
- /data/data/####/cache/picasso-cache/e07ade92f474fc50ae5a314dcdca0016.1.tmp
- /data/data/####/cache/picasso-cache/e07ade92f474fc50ae5a314dcdca0016.0.tmp
- /data/data/####/cache/picasso-cache/885da13da7af7a1da90668f4ba59caaf.0.tmp
- /data/data/####/cache/picasso-cache/448bab2f7e2e2e203026cf038ac6357e.1.tmp
- /data/data/####/databases/sy_pay_record-journal
- /data/data/####/cache/picasso-cache/6134d992660c09eb1c9586ad7a410737.1.tmp
- /data/data/####/cache/picasso-cache/279660a8a570b82d965ba3d19706e95a.1.tmp
- /data/data/####/cache/picasso-cache/448bab2f7e2e2e203026cf038ac6357e.0.tmp
- /sdcard/sydownloads/20170126_081934758.apk
- /data/data/####/cache/picasso-cache/c721efc7d440844ba021ea1b9ba1d3f1.1.tmp
- /data/data/####/cache/picasso-cache/e30102e64ec3e2e061aa977e08423e3b.1.tmp
- /data/data/####/cache/picasso-cache/afc8dfea0c9b36158cecca800c17bcbb.1.tmp
- /data/data/####/shared_prefs/uuid.xml
- /data/data/####/cache/picasso-cache/55076c6efcb7a27617304f28374ad65b.1.tmp
- /data/data/####/cache/picasso-cache/526a9c87e64d5ffbba80e57a34ce72f0.0.tmp
- /data/data/####/cache/picasso-cache/3e942c724ca4f4e9c92264322c578e2b.1.tmp
- /data/data/####/cache/picasso-cache/98724913a388847309f4acf82ce773b5.1.tmp
- /data/data/####/cache/picasso-cache/87d3c4144d31c791f07b453d67ddc12e.0.tmp
- /data/data/####/cache/picasso-cache/afc8dfea0c9b36158cecca800c17bcbb.0.tmp
- /data/data/####/cache/picasso-cache/4beae5d4a571d38a869ee519cdfb6213.0.tmp
- /data/data/####/cache/picasso-cache/446cd03067e38b4e35ad7032edc72406.1.tmp
- /data/data/####/cache/picasso-cache/98724913a388847309f4acf82ce773b5.0.tmp
- /data/data/####/cache/picasso-cache/a6213fd5faccb13b505167ad47ba38c4.1.tmp
- /data/data/####/cache/picasso-cache/6f721c777fce06e49b72c1b46e740571.0.tmp
- /data/data/####/cache/picasso-cache/c8f6800f50b1513f4b2385de2b451af0.0.tmp
- /data/data/####/databases/webview.db-journal
- /data/data/####/cache/picasso-cache/e30102e64ec3e2e061aa977e08423e3b.0.tmp
- /data/data/####/cache/picasso-cache/b1724e7d763f3549d93cf8c43d4ec99f.1.tmp
- /data/data/####/cache/picasso-cache/279660a8a570b82d965ba3d19706e95a.0.tmp
- /data/data/####/databases/statistics_db-journal
- /data/data/####/cache/picasso-cache/ee68cfaf945ea870854f7b06868e4d0a.1.tmp
- /data/data/####/cache/picasso-cache/ac6b2d53b358b29a83749c7902ff25af.0.tmp
- /data/data/####/cache/picasso-cache/526a9c87e64d5ffbba80e57a34ce72f0.1.tmp
- /data/data/####/databases/recommend_app-journal
- /data/data/####/shared_prefs/p_config.xml
- /data/data/####/cache/picasso-cache/ac6b2d53b358b29a83749c7902ff25af.1.tmp
- /data/data/####/cache/picasso-cache/248946480dcf3f89d45628d178f3b063.0.tmp
- /data/data/####/cache/picasso-cache/885da13da7af7a1da90668f4ba59caaf.1.tmp
- /data/data/####/databases/upgrade_app-journal
- /data/data/####/files/gaClientId
- /data/data/####/databases/sy_video_data_cache-journal
- /sdcard/sydownloads/20170126_08193811.apk
- /data/data/####/cache/picasso-cache/journal.tmp
- /data/data/####/cache/picasso-cache/248946480dcf3f89d45628d178f3b063.1.tmp
- /data/data/####/cache/picasso-cache/e2240005e3dc4e3ccbccd1cbf1c5d751.0.tmp
- /data/data/####/databases/google_analytics_v2.db-journal
- /data/data/####/cache/picasso-cache/870f8c8bb18a1c1d3c659533ed040cc0.0.tmp
- /data/data/####/cache/picasso-cache/446cd03067e38b4e35ad7032edc72406.0.tmp
- /data/data/####/databases/statistics_db
- /data/data/####/cache/picasso-cache/6f721c777fce06e49b72c1b46e740571.1.tmp
- /data/data/####/databases/andro_download-journal
- /data/data/####/cache/picasso-cache/6134d992660c09eb1c9586ad7a410737.0.tmp
- /data/data/####/cache/picasso-cache/4beae5d4a571d38a869ee519cdfb6213.1.tmp
- /data/data/####/cache/picasso-cache/aca48d1db211e070befd09d917282e1e.1.tmp
- /data/data/####/cache/picasso-cache/3e942c724ca4f4e9c92264322c578e2b.0.tmp
Другие:
Может автоматически отправлять СМС-сообщения.
