Техническая информация
Вредоносные функции:
Загружает из Интернета следующие детектируемые угрозы:
- Android.Xiny.20
Сетевая активность:
Подключается к:
- s####.####.com
- 1####.####.73
- i####.####.com
- 6####.####.34
- o####.####.com
- a####.####.cn
- l####.####.com
- a####.####.com
Запросы HTTP GET:
- i####.####.com/game/2016/03/07/3df88da5fee32ee536dcba851511324b_100_100.png
- l####.####.com/game/2016/04/12/6bee6fc8ab5f7736989ee616126367e5.apk
- i####.####.com/game/2016/01/16/a960cb8b7b98add016640fdddf7d568c_175_175.png
- i####.####.com/game/2015/09/23/1564e4c282c81e02baa2a32217ea6ed2_534_320.jpg
- i####.####.com/game/2016/06/30/9485165ac3e3da408d6732fbf0e8343a_100_100.png
- a####.####.cn/jarFile/SDKAutoUpdate/newmon.jar
- i####.####.com/game/2015/09/23/8274082bfb415b6cd96605f3d2cedeb3_534_320.jpg
- i####.####.com/article/2015/08/11/5e977c917bd9748e8aa454197b442743.png
- i####.####.com/game/2015/09/23/731aa1239fba53e23cca04489cbe7370_534_320.jpg
- i####.####.com/article/2015/08/11/7139bb23a67bb46217b1276fe03b31c9.png
- i####.####.com/game/2016/04/13/9226f1cecc11f7c9277a03a199a89c58_534_320.jpg
- a####.####.com/moapi/game_ad.php?cpu=####&brand=####&model=####&kyxversion=####&gpu=####&key=####
- i####.####.com/game/2016/04/12/8b6b72a825f76addf5bb10ed465363dc_100_100.png
- i####.####.com/game/2015/09/23/f24d94677c63d610a6e758b1a4a49067_1_1.webp
- a####.####.com/moapi/home_hotgame.php?cpu=####&brand=####&model=####&kyxversion=####&gpu=####&key=####
- i####.####.com/vert/2016/05/17/6660e423dc6d52468abc00dbb4097bb5.jpg
- a####.####.com/mzw4m/mzw_time.php
- i####.####.com/game/2016/03/23/ec1eb2e3c657c149f6c59903f13ad59f_100_100.png
- i####.####.com/vert/2017/01/06/fb20feb5f562d83be97194e995dd4aca.png
- a####.####.com/moapi/search_word_recommend.php?cpu=####&brand=####&model=####&kyxversion=####&gpu=####&key=####
- i####.####.com/game/2015/04/09/95e7c370e55deea79290e1bc1b97c69a_175_175.png
- i####.####.com/game/2015/09/23/731aa1239fba53e23cca04489cbe7370_1_1.webp
- i####.####.com/game/2015/02/13/a29353b9a6843702b448301737c8bb49_175_175.jpg
- l####.####.com/game/2015/02/13/kuaiyouxi.com_com.ea.games.nfs13_ssg_s4_na-V1.5.01.gpk
- i####.####.com/game/2015/09/23/bbb4318cbf87d9f6e1818ea513c7b424_1_1.webp
- i####.####.com/game/2016/04/12/fa070b17c9a2be05c1fb42b3550fec5c_100_100.png
- a####.####.com/moapi/game_category.php?cpu=####&brand=####&model=####&kyxversion=####&gpu=####&key=####
- i####.####.com/game/2015/09/23/05cad17913059813db00b96fbda11ed8_534_320.jpg
- i####.####.com/game/2015/09/23/8274082bfb415b6cd96605f3d2cedeb3_1_1.webp
- i####.####.com/game/2014/12/17/ff5888235c46e65dc93b2be6d70cee32_175_175.png
- i####.####.com/game/2015/07/21/240645380b08bd76dbba6bb61e4f73c9_175_175.png
- a####.####.com/moapi/game_rank_list.php?pagesize=####&model=####&order=####&cpu=####&pagenum=####&brand=####&kyxversion=####&gpu=####&key=####
- i####.####.com/game/2015/10/08/e619644d60c54eb69e36a117943aae25_175_175.png
- a####.####.com/moapi/game_app_detail.php?cpu=####&brand=####&appid=####&model=####&kyxversion=####&gpu=####&key=####
- i####.####.com/game/2016/03/28/d1ec0df56fbce03330182b94e105c874_100_100.png
- i####.####.com/vert/2016/04/12/d61540d4cbdf9521a7a0588c90843752.jpg
- i####.####.com/game/2015/09/23/bbb4318cbf87d9f6e1818ea513c7b424_534_320.jpg
- i####.####.com/game/2016/04/13/748aa5ccfe00b66a827988bee3410f98_534_320.jpg
- i####.####.com/vert/2016/03/28/fb5143ef5e5510bfe1fbaba710ba2891.jpg
- i####.####.com/game/2015/05/19/52318a9b006268d7fb8b963363094133_175_175.png
- i####.####.com/game_type/2015/09/09/9d063a8270df5ea221b43d4f5293cd3d.png
- i####.####.com/game/2016/05/17/a6c9d26cd4ac8d8198151ca1a7d39a8b_175_175.jpg
- i####.####.com/game/2016/04/13/f35e22bb1c68409aa431d906ff7f7b15_534_320.jpg
- i####.####.com/game/2015/09/23/f24d94677c63d610a6e758b1a4a49067_534_320.jpg
- i####.####.com/game/2015/09/23/05cad17913059813db00b96fbda11ed8_1_1.webp
- i####.####.com/game/2016/04/13/fb77495ff03655be90aa743c9cde4ab0_534_320.jpg
- i####.####.com/game/2016/04/12/e49fd534e445438676fc304468bff661_100_100.png
- i####.####.com/article/2015/08/13/e63379cd3e00a07696d81147ac655c82.png
- i####.####.com/game/2016/04/13/6b33ca3b806e286dd34d628e95649291_534_320.jpg
- 1####.####.73/192/17/111/gugeanzhuangqi/0/letv.cdn.muzhiwan.com/game/2016/04/12/6bee6fc8ab5f7736989ee616126367e5.apk?crypt=####&b=####&nlh=####&nlt=##...
- i####.####.com/game/2015/06/08/857b77d9d12299c72a8e675613716b2a_175_175.png
- i####.####.com/game/2015/10/29/e303659d946a5e5d12d12891d9a1e280_175_175.png
- 6####.####.34/166/38/36/gugeanzhuangqi/0/letv.cdn.muzhiwan.com/game/2015/02/13/kuaiyouxi.com_com.ea.games.nfs13_ssg_s4_na-V1.5.01.gpk?crypt=####&b=###...
- a####.####.com/moapi/games.php?tid=####&key=####
- i####.####.com/game/2015/09/01/40dcec8ea6379015e09c72edad1f4e24_175_175.png
- i####.####.com/article/2015/08/11/fdd0de15024c2f8c23c197ac55d46608.png
- i####.####.com/game/2015/09/23/d41ab78fcf4216aded282a987842bc76_175_175.png
Запросы HTTP POST:
- a####.####.com/moapi/applist_update.php
- s####.####.com/cw/interface!u2.action?protocol=####&version=####
- a####.####.com/countapi/mo_count.php?number=####
- a####.####.com/api/check_app_update
- o####.####.com/v2/get_update_time
- s####.####.com/cw/cp.action?requestId=####&g=####
- o####.####.com/v2/check_config_update
- a####.####.com/app_logs
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/files/cache/img/1690136208.tmp
- /data/data/####/files/cache/img/-899046298.tmp
- /data/data/####/files/cache/img/-1173096653.tmp
- /data/data/####/files/cache/img/-857433965.tmp
- /data/data/####/files/cache/img/7501801
- /data/data/####/files/cache/img/2063012270.tmp
- /data/data/####/files/cache/img/-2071665418.tmp
- /data/data/####/files/cache/servers/396ebf449e12949aa2137eeabb835569
- /data/data/####/files/cache/img/-1587650768.tmp
- /data/data/####/files/cache/img/-1529881517
- /data/data/####/files/cache/img/1487781075.tmp
- /data/data/####/shared_prefs/umeng_general_config.xml
- /data/data/####/files/cache/img/-2000622378.tmp
- /data/data/####/files/cache/img/819399407
- /data/data/####/files/cache/img/1081638366
- /data/data/####/files/cache/img/1352266808
- /sdcard/kuaiyouxi/downloads/com.ea.games.nfs13_ssg_s4_na_1485415430774.gpk
- /data/data/####/files/cache/img/-490214726.tmp
- /sdcard/kuaiyouxi/logs/####/70011
- /data/data/####/files/cache/img/1601837430
- /data/data/####/shared_prefs/W_Key.xml.bak
- /data/data/####/files/cache/img/1179890831
- /data/data/####/shared_prefs/mobclick_agent_online_setting_####.xml
- /data/data/####/files/cache/img/878846316.tmp
- /data/data/####/databases/downloadswc
- /data/data/####/files/cache/img/-1529881517.tmp
- /data/data/####/files/cache/img/-2000622378
- /data/data/####/files/cache/img/1601837430.tmp
- /data/data/####/files/cache/img/316881629.tmp
- /data/data/####/files/cache/img/-1821263466
- /data/data/####/files/cache/img/-857433965
- /data/data/####/files/cache/img/1081638366.tmp
- /data/data/####/files/cache/img/589312008
- /data/data/####/files/cache/img/-2021266188
- /data/data/####/files/cache/img/2063012270
- /data/data/####/shared_prefs/mzw_time.xml
- /data/data/####/files/cache/img/-2021266188.tmp
- /data/data/####/files/cache/img/-203502612
- /data/data/####/files/cache/img/1352266808.tmp
- /data/data/####/files/cache/img/-1821263466.tmp
- /data/data/####/files/cache/img/-1998595282.tmp
- /data/data/####/files/cache/img/413182133.tmp
- /data/data/####/files/cache/servers/abd2d5a7f66bc0b695a52b24bf2d08c0
- /data/data/####/shared_prefs/kyx_coc_preferences.xml
- /sdcard/kuaiyouxi/logs/####/70009
- /sdcard/kuaiyouxi/logs/####/70008
- /data/data/####/shared_prefs/cwdata.xml
- /sdcard/kuaiyouxi/logs/####/70005
- /sdcard/kuaiyouxi/logs/####/70004
- /sdcard/kuaiyouxi/logs/####/70007
- /sdcard/kuaiyouxi/logs/####/70006
- /sdcard/kuaiyouxi/logs/####/70001
- /sdcard/kuaiyouxi/logs/####/70003
- /sdcard/kuaiyouxi/logs/####/70002
- /data/data/####/files/cache/img/-1754480157.tmp
- /data/data/####/files/cache/img/-1173096653
- /data/data/####/files/cache/img/-899046298
- /data/data/####/files/cache/img/1985852342.tmp
- /data/data/####/files/cache/servers/fccaf6165393675e9988e7eb7a096f1c
- /data/data/####/files/umeng_it.cache
- /data/data/####/files/cache/img/-149279035.tmp
- /data/data/####/files/cache/img/1536975880.tmp
- /data/data/####/files/cache/img/-1281225380
- /data/data/####/files/cache/img/1725982496
- /data/data/####/files/cache/img/-490214726
- /data/data/####/files/cache/img/633806180.tmp
- /data/data/####/files/cache/img/282992107
- /data/data/####/files/cache/img/-1764950153
- /sdcard/kuaiyouxi/logs/####/70010
- /sdcard/kuaiyouxi/downloads/com.ea.gp.fifaworld/application.apk.temp
- /data/data/####/files/cache/img/-1754480157
- /sdcard/.rwtest
- /data/data/####/files/cache/img/878846316
- /data/data/####/files/cache/img/1985852342
- /data/data/####/files/cache/servers/27092b4894876fd733f7b4d10fca62fb
- /data/data/####/files/cache/img/-1764950153.tmp
- /data/data/####/files/cache/img/1536975880
- /data/data/####/files/gamefilter/10d4caf760dbba4144125a0262fd062a
- /data/data/####/databases/kuaiyouxi_mobile_downloads.db-journal
- /sdcard/cw/assetstime.dat
- /data/data/####/files/cache/img/-1587650768
- /data/data/####/files/cache/img/-1998595282
- /data/data/####/files/cache/img/1806014299
- /data/data/####/shared_prefs/st.xml
- /data/data/####/files/cache/img/-325046624.tmp
- /data/data/####/files/cache/img/413182133
- /data/data/####/files/cache/img/316881629
- /data/data/####/files/cache/servers/9360d79e0ee42fa652223bc6fddf9a59
- /data/data/####/files/cache/img/282992107.tmp
- /data/data/####/files/cache/img/863786491
- /data/data/####/files/cache/img/-860444813.tmp
- /data/data/####/files/cache/img/1865471017
- /data/data/####/files/cache/img/1725982496.tmp
- /data/data/####/files/cache/img/863786491.tmp
- /data/data/####/files/cache/img/589312008.tmp
- /data/data/####/files/cache/img/-1925801594.tmp
- /data/data/####/files/cache/img/-480754624.tmp
- /data/data/####/files/cache/img/7501801.tmp
- /data/data/####/databases/downloadswc-journal
- /data/data/####/files/cache/img/1806014299.tmp
- /data/data/####/files/cache/img/-1925801594
- /data/data/####/files/cache/img/1690136208
- /data/data/####/files/cache/img/-325046624
- /data/data/####/files/cache/img/1487781075
- /sdcard/kuaiyouxi/downloads/com.palmjoys.android.jfjh.mi_1485415429764.apk
- /data/data/####/files/cache/img/1323128200.tmp
- /data/data/####/files/cache/img/-860444813
- /data/data/####/files/.imprint
- /data/data/####/files/cache/img/1865471017.tmp
- /data/data/####/files/cache/img/-480754624
- /data/data/####/shared_prefs/W_Key.xml
- /data/data/####/files/cache/img/1323128200
- /data/data/####/files/cache/img/633806180
- /data/data/####/files/cache/img/1156590435.tmp
- /data/data/####/files/cache/servers/d65f04060b45874ba07b952f5a9d6df9
- /data/data/####/files/cache/servers/da823658b2f9f404bd68037d5e4f28dd
- /sdcard/Download/ndo/3.7_newmon.jar.tmp
- /data/data/####/files/cache/img/-2071665418
- /data/data/####/files/cache/img/-203502612.tmp
- /data/data/####/shared_prefs/umeng_general_config.xml.bak
- /data/data/####/files/cache/img/1156590435
- /data/data/####/files/cache/img/-2006073541.tmp
Другие:
Запускает следующие shell-скрипты:
- getprop ro.board.platform
Может автоматически отправлять СМС-сообщения.
