Android.Packed.24301

Техническая информация

Вредоносные функции:

Загружает на исполнение код следующих детектируемых угроз:

Android.Xiny.78.origin

Загружает из Интернета следующие детектируемые угрозы:

Android.Xiny.78.origin

Сетевая активность:

Подключается к:

a####.####.com

Запросы HTTP GET:

a####.####.com/push/init.jsp?appid=####

Изменения в файловой системе:

Создает следующие файлы:

<Package Folder>/.cache/hkyghktur.jar
<Package Folder>/files/####/1.png
<Package Folder>/files/####/2.png
<Package Folder>/files/####/3.png
<Package Folder>/files/####/4.png
<Package Folder>/files/####/5.png
<Package Folder>/files/####/6.png
<Package Folder>/files/####/7.png
<Package Folder>/files/####/8.png
<Package Folder>/files/####/Py25Queue.pyo
<Package Folder>/files/####/Queue.pyo
<Package Folder>/files/####/StringIO.pyo
<Package Folder>/files/####/UserDict.pyo
<Package Folder>/files/####/__future__.pyo
<Package Folder>/files/####/__init__.pyo
<Package Folder>/files/####/_abcoll.pyo
<Package Folder>/files/####/_threading_local.pyo
<Package Folder>/files/####/_weakrefset.pyo
<Package Folder>/files/####/a.png
<Package Folder>/files/####/abc.pyo
<Package Folder>/files/####/aliases.pyo
<Package Folder>/files/####/ambience.ogg
<Package Folder>/files/####/apk.pyo
<Package Folder>/files/####/arcade.png
<Package Folder>/files/####/ascii.pyo
<Package Folder>/files/####/ast.pyo
<Package Folder>/files/####/atexit.pyo
<Package Folder>/files/####/b.png
<Package Folder>/files/####/back.png
<Package Folder>/files/####/backg.jpg
<Package Folder>/files/####/base.so
<Package Folder>/files/####/base64.pyo
<Package Folder>/files/####/base64_codec.pyo
<Package Folder>/files/####/bgcity.png
<Package Folder>/files/####/bisect.pyo
<Package Folder>/files/####/blueleft.png
<Package Folder>/files/####/blueright.png
<Package Folder>/files/####/bufferproxy.so
<Package Folder>/files/####/calendar.pyo
<Package Folder>/files/####/codecs.pyo
<Package Folder>/files/####/collections.pyo
<Package Folder>/files/####/color.so
<Package Folder>/files/####/colordict.pyo
<Package Folder>/files/####/compat.pyo
<Package Folder>/files/####/compileall.pyo
<Package Folder>/files/####/constants.so
<Package Folder>/files/####/contextlib.pyo
<Package Folder>/files/####/copy.pyo
<Package Folder>/files/####/copy_reg.pyo
<Package Folder>/files/####/core.so
<Package Folder>/files/####/credit.png
<Package Folder>/files/####/creds.jpg
<Package Folder>/files/####/cursors.pyo
<Package Folder>/files/####/decoder.pyo
<Package Folder>/files/####/difflib.pyo
<Package Folder>/files/####/dis.pyo
<Package Folder>/files/####/display.so
<Package Folder>/files/####/draw.so
<Package Folder>/files/####/dummy_thread.pyo
<Package Folder>/files/####/dummy_threading.pyo
<Package Folder>/files/####/encoder.pyo
<Package Folder>/files/####/event.so
<Package Folder>/files/####/exit_button.png
<Package Folder>/files/####/fastevent.so
<Package Folder>/files/####/fnmatch.pyo
<Package Folder>/files/####/font.so
<Package Folder>/files/####/front.png
<Package Folder>/files/####/ftplib.pyo
<Package Folder>/files/####/functools.pyo
<Package Folder>/files/####/genericpath.pyo
<Package Folder>/files/####/getopt.pyo
<Package Folder>/files/####/gfxdraw.so
<Package Folder>/files/####/glob.pyo
<Package Folder>/files/####/godown.png
<Package Folder>/files/####/goup.png
<Package Folder>/files/####/gzip.pyo
<Package Folder>/files/####/hashlib.pyo
<Package Folder>/files/####/heapq.pyo
<Package Folder>/files/####/hex_codec.pyo
<Package Folder>/files/####/holi1.png
<Package Folder>/files/####/holi2.png
<Package Folder>/files/####/how_to_play.png
<Package Folder>/files/####/httplib.pyo
<Package Folder>/files/####/idna.pyo
<Package Folder>/files/####/image.so
<Package Folder>/files/####/imageext.so
<Package Folder>/files/####/inspect.pyo
<Package Folder>/files/####/io.pyo
<Package Folder>/files/####/joystick.so
<Package Folder>/files/####/kSelect.jpg
<Package Folder>/files/####/kaipoche.ogg
<Package Folder>/files/####/key.so
<Package Folder>/files/####/keyword.pyo
<Package Folder>/files/####/kf.png
<Package Folder>/files/####/ktb.png
<Package Folder>/files/####/latin_1.pyo
<Package Folder>/files/####/linecache.pyo
<Package Folder>/files/####/locals.pyo
<Package Folder>/files/####/mask.so
<Package Folder>/files/####/md5.pyo
<Package Folder>/files/####/menu_bg.jpg
<Package Folder>/files/####/mimetools.pyo
<Package Folder>/files/####/mimetypes.pyo
<Package Folder>/files/####/mixer.pyo
<Package Folder>/files/####/mouse.so
<Package Folder>/files/####/opcode.pyo
<Package Folder>/files/####/optparse.pyo
<Package Folder>/files/####/os.pyo
<Package Folder>/files/####/overlay.so
<Package Folder>/files/####/phirki.png
<Package Folder>/files/####/pickle.pyo
<Package Folder>/files/####/pkgdata.pyo
<Package Folder>/files/####/platform.pyo
<Package Folder>/files/####/posixpath.pyo
<Package Folder>/files/####/pprint.pyo
<Package Folder>/files/####/py_compile.pyo
<Package Folder>/files/####/pygame.ico
<Package Folder>/files/####/random.pyo
<Package Folder>/files/####/raw_unicode_escape.pyo
<Package Folder>/files/####/re.pyo
<Package Folder>/files/####/rect.so
<Package Folder>/files/####/repr.pyo
<Package Folder>/files/####/rfc822.pyo
<Package Folder>/files/####/runtitled.1 (Custom).png
<Package Folder>/files/####/runtitled.2 (Custom).png
<Package Folder>/files/####/runtitled.3 (Custom).png
<Package Folder>/files/####/runtitled.4 (Custom).png
<Package Folder>/files/####/runtitled.5 (Custom).png
<Package Folder>/files/####/runtitled.6 (Custom).png
<Package Folder>/files/####/rwobject.so
<Package Folder>/files/####/scanner.pyo
<Package Folder>/files/####/score.png
<Package Folder>/files/####/scorescreen.jpg
<Package Folder>/files/####/sets.pyo
<Package Folder>/files/####/shlex.pyo
<Package Folder>/files/####/shutil.pyo
<Package Folder>/files/####/site.pyo
<Package Folder>/files/####/socket.pyo
<Package Folder>/files/####/sound.so
<Package Folder>/files/####/splash.jpg
<Package Folder>/files/####/sprite.pyo
<Package Folder>/files/####/sre_compile.pyo
<Package Folder>/files/####/sre_constants.pyo
<Package Folder>/files/####/sre_parse.pyo
<Package Folder>/files/####/ssl.pyo
<Package Folder>/files/####/start_button.png
<Package Folder>/files/####/stat.pyo
<Package Folder>/files/####/stb.png
<Package Folder>/files/####/string.pyo
<Package Folder>/files/####/stringprep.pyo
<Package Folder>/files/####/struct.pyo
<Package Folder>/files/####/subprocess.pyo
<Package Folder>/files/####/surface.so
<Package Folder>/files/####/surflock.so
<Package Folder>/files/####/swipebutton.png
<Package Folder>/files/####/symbol.pyo
<Package Folder>/files/####/symtable.pyo
<Package Folder>/files/####/sysconfig.pyo
<Package Folder>/files/####/sysfont.pyo
<Package Folder>/files/####/tarfile.pyo
<Package Folder>/files/####/tempfile.pyo
<Package Folder>/files/####/textwrap.pyo
<Package Folder>/files/####/themesong.ogg
<Package Folder>/files/####/threading.pyo
<Package Folder>/files/####/time.so
<Package Folder>/files/####/timeit.pyo
<Package Folder>/files/####/token.pyo
<Package Folder>/files/####/tokenize.pyo
<Package Folder>/files/####/tool.pyo
<Package Folder>/files/####/traceback.pyo
<Package Folder>/files/####/transform.so
<Package Folder>/files/####/tutorial.jpg
<Package Folder>/files/####/types.pyo
<Package Folder>/files/####/uifinalresized.png
<Package Folder>/files/####/untitled.1 (Custom).png
<Package Folder>/files/####/untitled.2 (Custom).png
<Package Folder>/files/####/untitled.3 (Custom).png
<Package Folder>/files/####/untitled.4 (Custom).png
<Package Folder>/files/####/untitled.5 (Custom).png
<Package Folder>/files/####/untitled.6 (Custom).png
<Package Folder>/files/####/urllib.pyo
<Package Folder>/files/####/urllib2.pyo
<Package Folder>/files/####/urlparse.pyo
<Package Folder>/files/####/utf_16_be.pyo
<Package Folder>/files/####/utf_16_le.pyo
<Package Folder>/files/####/utf_32_be.pyo
<Package Folder>/files/####/utf_8.pyo
<Package Folder>/files/####/uuid.pyo
<Package Folder>/files/####/version.pyo
<Package Folder>/files/####/warnings.pyo
<Package Folder>/files/####/weakref.pyo
<Package Folder>/files/####/webbrowser.pyo
<Package Folder>/files/####/zipfile.pyo
<Package Folder>/files/####/zlib_codec.pyo
<Package Folder>/files/.nomedia
<Package Folder>/files/AirstreamNF.ttf
<Package Folder>/files/_io.so
<Package Folder>/files/ac.pyo
<Package Folder>/files/android_modules.so
<Package Folder>/files/bg.pyo
<Package Folder>/files/bird.pyo
<Package Folder>/files/birdrtl.pyo
<Package Folder>/files/buttons.pyo
<Package Folder>/files/cnhtp.pyo
<Package Folder>/files/credts.pyo
<Package Folder>/files/gameplay.pyo
<Package Folder>/files/gocondition.pyo
<Package Folder>/files/htpt.pyo
<Package Folder>/files/kite.pyo
<Package Folder>/files/kitefight.pyo
<Package Folder>/files/kiteselect.pyo
<Package Folder>/files/ktbm.pyo
<Package Folder>/files/main.pyo
<Package Folder>/files/modesbuttons.pyo
<Package Folder>/files/optbuttons.pyo
<Package Folder>/files/optionsSel.pyo
<Package Folder>/files/otherkite.pyo
<Package Folder>/files/overscreen.pyo
<Package Folder>/files/phirki.pyo
<Package Folder>/files/private.version
<Package Folder>/files/pygame_modules.so
<Package Folder>/files/score.pyo
<Package Folder>/files/selectkitemenu.pyo
<Package Folder>/files/splash.pyo
<Package Folder>/files/startbuttons.pyo
<Package Folder>/files/startgame.pyo
<Package Folder>/files/unicodedata.so
<Package Folder>/files/userInterface.pyo
<Package Folder>/shared_prefs/mappcfg.xml
<Package Folder>/shared_prefs/mappcfg.xml.bak
<SD-Card>/ddad/####/<Package>.txt

Другие:

Запускает следующие shell-скрипты:

<dexopt>

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней