Android.Packed.26578

Техническая информация

Вредоносные функции:

Загружает на исполнение код следующих детектируемых угроз:

Android.MobiDash.2.origin

Сетевая активность:

Подключается к:

cmp####.####.com
d####.####.com
m####.####.com

Запросы HTTP GET:

cmp####.####.com/download/taptapdash/large/1500989805989/anpt2kp0622bg_e...
d####.####.com/static/res/e3/08/an1pt2kp0715bg11_en.png
m####.####.com/api/magic/notify?lan=####&apkversion=####&channelid=####&...

Изменения в файловой системе:

Создает следующие файлы:

<Package Folder>/app_Parse/installationId
<Package Folder>/app_app_apk/taptapdash.dat.jar
<Package Folder>/app_deep_cloud_config/cloudmsgadv.json
<Package Folder>/cache/####/applicationId
<Package Folder>/cache/15c8190ffce1a6f5e62793259ddf6153_DL0812button_en.png
<Package Folder>/cache/270c002c32913db9e4fdcb27ddb390be_rskp0801button_en.png
<Package Folder>/cache/2795e472b980e5500a30e1461010c5a2_anpt2kp0530bg_en.png
<Package Folder>/cache/3cde7d01a088660dad999db7de6b5c45_andttfkp0728kpbg_en.png
<Package Folder>/cache/46b3a838d27edb684534d1ec1e693d3d_anttfkp0613btn_en.png
<Package Folder>/cache/621ad47e5764fb0902271e470961caf2_anttfkp0720kpbg_en.png
<Package Folder>/cache/6aac33852ad41279b0d37c0e1ba63422_anttfkp0803kpbg_en.png
<Package Folder>/cache/8a1c35b47b7d1bce0bf29b362b8c41d7_Androidrskp0801bg_en.png
<Package Folder>/cache/8a95ba010b1fcfaa2ce82992a02da555_anttfkp0613btn_en.png
<Package Folder>/cache/95d24f71878b0d76985d2b988a4ef7ba_andrskp0808bg_en.png
<Package Folder>/cache/9e3e0d56e305034b75061da1b0773c43_anttfkp0613btn_en.png
<Package Folder>/cache/a3893c781c1cfd8cc85174ee0d315785_an1pt2kp0715bg11_en.png
<Package Folder>/cache/a737a4df26b1ff74b57fc7faff56ebc7_DL0715button_en.png
<Package Folder>/cache/b1bc1723a46f90026566d2969f81af0b_rskp0808button_en.png
<Package Folder>/cache/b40369d2abcc7ee7fceed27c37a1a078_anpt2kp0622bg_en.png
<Package Folder>/cache/d06dfec3f6145417ef85abf3b12b15a3_andl0805bg_en.png
<Package Folder>/cache/d0887987566c69082f74cf3462e4c716_andl0722bg_en.png
<Package Folder>/cache/f4a65f2045aea0d3ba87a637a4a68c4a_dl0722button_en.png
<Package Folder>/code_cache/####/MultiDex.lock
<Package Folder>/code_cache/####/tmp-<Package>-1.apk.classes-126605549.zip
<Package Folder>/code_cache/####/tmp-<Package>-1.apk.classes-1981656870.zip
<Package Folder>/files/####/101-5a15b48a-59846a64-2.ich_tmp
<Package Folder>/files/####/102-2d7c022-59846a94-4.ich_tmp
<Package Folder>/files/####/102-91992cd3-59846a93-3.ich_tmp
<Package Folder>/files/####/104-535f4e27-59846a98-3.ich_tmp
<Package Folder>/files/####/104-e8cbe64d-59846a94-2.ich_tmp
<Package Folder>/files/####/59846A5A0154-0001-0842-C558BE7DE92C.cls_temp
<Package Folder>/files/####/59846A5A0154-0001-0842-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5A0154-0001-0842-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5A0154-0001-0842-C558BE7DE92CSessionCrash.cls_temp
<Package Folder>/files/####/59846A5A0154-0001-0842-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5A0154-0001-0842-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5A02D2-0001-086D-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5A02D2-0001-086D-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5A02D2-0001-086D-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5A02D2-0001-086D-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5A02D2-0001-086D-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A5B00E1-0002-0842-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5B00E1-0002-0842-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5B00E1-0002-0842-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5B00E1-0002-0842-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5B00E1-0002-0842-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A5B01D3-0001-08A3-C558BE7DE92C.cls_temp
<Package Folder>/files/####/59846A5B01D3-0001-08A3-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5B01D3-0001-08A3-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5B01D3-0001-08A3-C558BE7DE92CSessionCrash.cls_temp
<Package Folder>/files/####/59846A5B01D3-0001-08A3-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5B01D3-0001-08A3-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5B01D3-0001-08A3-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A5C01C8-0002-08A3-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5C01C8-0002-08A3-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5C01C8-0002-08A3-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5C01C8-0002-08A3-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5C02F1-0001-08DC-C558BE7DE92C.cls_temp
<Package Folder>/files/####/59846A5C02F1-0001-08DC-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5C02F1-0001-08DC-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5C02F1-0001-08DC-C558BE7DE92CSessionCrash.cls_temp
<Package Folder>/files/####/59846A5C02F1-0001-08DC-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5C02F1-0001-08DC-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5C02F1-0001-08DC-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A5C03A5-0002-08DC-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5C03A5-0002-08DC-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5C03A5-0002-08DC-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5C03A5-0002-08DC-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5C03A5-0002-08DC-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A5D0191-0001-090F-C558BE7DE92C.cls_temp
<Package Folder>/files/####/59846A5D0191-0001-090F-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A5D0191-0001-090F-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A5D0191-0001-090F-C558BE7DE92CSessionCrash.cls_temp
<Package Folder>/files/####/59846A5D0191-0001-090F-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A5D0191-0001-090F-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A5D0191-0001-090F-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A7003B3-0002-090F-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A7003B3-0002-090F-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A7003B3-0002-090F-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A7003B3-0002-090F-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A710100-0001-095C-C558BE7DE92C.cls_temp
<Package Folder>/files/####/59846A710100-0001-095C-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A710100-0001-095C-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A710100-0001-095C-C558BE7DE92CSessionCrash.cls_temp
<Package Folder>/files/####/59846A710100-0001-095C-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A710100-0001-095C-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A710100-0001-095C-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A7101C7-0002-095C-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A7101C7-0002-095C-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A7101C7-0002-095C-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A7101C7-0002-095C-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A7101C7-0002-095C-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A7102B6-0001-098E-C558BE7DE92C.cls_temp
<Package Folder>/files/####/59846A7102B6-0001-098E-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A7102B6-0001-098E-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A7102B6-0001-098E-C558BE7DE92CSessionCrash.cls_temp
<Package Folder>/files/####/59846A7102B6-0001-098E-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A7102B6-0001-098E-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A7102B6-0001-098E-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A72015F-0002-098E-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A72015F-0002-098E-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A72015F-0002-098E-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A72015F-0002-098E-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/59846A72015F-0002-098E-C558BE7DE92CSessionUser.cls_temp
<Package Folder>/files/####/59846A770157-0001-09C7-C558BE7DE92CBeginSession.cls_temp
<Package Folder>/files/####/59846A770157-0001-09C7-C558BE7DE92CSessionApp.cls_temp
<Package Folder>/files/####/59846A770157-0001-09C7-C558BE7DE92CSessionDevice.cls_temp
<Package Folder>/files/####/59846A770157-0001-09C7-C558BE7DE92CSessionOS.cls_temp
<Package Folder>/files/####/com.crashlytics.settings.json
<Package Folder>/files/####/crash_marker
<Package Folder>/files/####/initialization_marker
<Package Folder>/files/####/sa_2b842ff1-0c9a-4d93-ab56-adbf37b1c7b1_1501850204907.tap
<Package Folder>/files/####/sa_3416c5f5-3dc1-4f53-84f9-66cfb17d4443_1501850232067.tap
<Package Folder>/files/####/sa_35225bf3-c60e-41c6-bc27-984e8bc2e736_1501850203657.tap
<Package Folder>/files/####/sa_4917a7a9-40b9-429c-8a72-f19acdedf1fc_1501850225419.tap
<Package Folder>/files/####/sa_611483e5-16a8-41ff-aff3-767130009a3a_1501850203209.tap
<Package Folder>/files/####/sa_d5978eb4-d5cd-4d12-9d61-79a747977b07_1501850202756.tap
<Package Folder>/files/####/session_analytics.tap
<Package Folder>/files/####/session_analytics.tap (deleted)
<Package Folder>/files/####/session_analytics.tap.tmp
<Package Folder>/files/Chanel.dat
<Package Folder>/files/FEhmCGcZY
<Package Folder>/files/innerpush_944af810a3f80a56a38cb6ed0f28bb40_DL_1280x720_15sec_1.mp4
<Package Folder>/selflib/-1482664888.so
<Package Folder>/shared_prefs/<Package>_preferences.xml
<Package Folder>/shared_prefs/<Package>_preferences.xml.bak
<Package Folder>/shared_prefs/TwitterAdvertisingInfoPreferences.xml
<Package Folder>/shared_prefs/cloudconfig.xml
<Package Folder>/shared_prefs/com.cmplay.kinfoc.svr.xml
<Package Folder>/shared_prefs/com.crashlytics.prefs.xml
<Package Folder>/shared_prefs/com.crashlytics.sdk.android.crashlytics-core;com.crashlytics.android.core.CrashlyticsCore.xml
<Package Folder>/shared_prefs/com.crashlytics.sdk.android;answers;settings.xml
<Package Folder>/shared_prefs/com.facebook.internal.preferences.APP_SETTINGS.xml
<Package Folder>/shared_prefs/com.facebook.sdk.appEventPreferences.xml
<Package Folder>/shared_prefs/com.facebook.sdk.attributionTracking.xml
<Package Folder>/shared_prefs/innerpushvideo_save_data.xml
<Package Folder>/shared_prefs/innerpushvideo_save_data2.xml
<Package Folder>/shared_prefs/io.fabric.sdk.android;fabric;io.fabric.sdk.android.Onboarding.xml
<Package Folder>/shared_prefs/misc.xml
<Package Folder>/shared_prefs/multidex.version.xml
<Package Folder>/shared_prefs/openscreen_save_data.xml
<Package Folder>/shared_prefs/openscreen_save_data_service.xml

Другие:

Запускает следующие shell-скрипты:

chmod 777 <Package Folder>/cache/15c8190ffce1a6f5e62793259ddf6153_DL0812button_en.png
chmod 777 <Package Folder>/cache/270c002c32913db9e4fdcb27ddb390be_rskp0801button_en.png
chmod 777 <Package Folder>/cache/2795e472b980e5500a30e1461010c5a2_anpt2kp0530bg_en.png
chmod 777 <Package Folder>/cache/2c01fdd09522e1f708dbf7549cfd714c_dl72.png
chmod 777 <Package Folder>/cache/3cde7d01a088660dad999db7de6b5c45_andttfkp0728kpbg_en.png
chmod 777 <Package Folder>/cache/40900978204b4f7f65e3ade9ced40c6b_TTF72.png
chmod 777 <Package Folder>/cache/46b3a838d27edb684534d1ec1e693d3d_anttfkp0613btn_en.png
chmod 777 <Package Folder>/cache/6189450209f36245b68e84addf4db2d7_dl-icon.png
chmod 777 <Package Folder>/cache/621ad47e5764fb0902271e470961caf2_anttfkp0720kpbg_en.png
chmod 777 <Package Folder>/cache/68eb7e3bd544ed1195b9926d7ee7b06c_RS72.png
chmod 777 <Package Folder>/cache/6aac33852ad41279b0d37c0e1ba63422_anttfkp0803kpbg_en.png
chmod 777 <Package Folder>/cache/8a1c35b47b7d1bce0bf29b362b8c41d7_Androidrskp0801bg_en.png
chmod 777 <Package Folder>/cache/8a95ba010b1fcfaa2ce82992a02da555_anttfkp0613btn_en.png
chmod 777 <Package Folder>/cache/8fc6f6a50c3693b5a4ce0fa6274e2cbc_andl0718bg_en.png
chmod 777 <Package Folder>/cache/95d24f71878b0d76985d2b988a4ef7ba_andrskp0808bg_en.png
chmod 777 <Package Folder>/cache/9e3e0d56e305034b75061da1b0773c43_anttfkp0613btn_en.png
chmod 777 <Package Folder>/cache/a3893c781c1cfd8cc85174ee0d315785_an1pt2kp0715bg11_en.png
chmod 777 <Package Folder>/cache/a737a4df26b1ff74b57fc7faff56ebc7_DL0715button_en.png
chmod 777 <Package Folder>/cache/b1bc1723a46f90026566d2969f81af0b_rskp0808button_en.png
chmod 777 <Package Folder>/cache/b40369d2abcc7ee7fceed27c37a1a078_anpt2kp0622bg_en.png
chmod 777 <Package Folder>/cache/b4655d2720e2cfaf3ad379dc9e3f7d59_PT2_72.png
chmod 777 <Package Folder>/cache/d06dfec3f6145417ef85abf3b12b15a3_andl0805bg_en.png
chmod 777 <Package Folder>/cache/d0887987566c69082f74cf3462e4c716_andl0722bg_en.png
chmod 777 <Package Folder>/cache/d2a4f4f9e6994c53e9b2fa520b26a1b7_1080x1080.jpg
chmod 777 <Package Folder>/cache/d67fcd92ec0fef7110d4923f8b2f4a69_anpt2kp0530bg_en.png
chmod 777 <Package Folder>/cache/f4a65f2045aea0d3ba87a637a4a68c4a_dl0722button_en.png

Загружает динамические библиотеки:

1501850195627_1824_libinfoc
FEhmCGcZY
gdx
infoc

Осуществляет доступ к информации о сети.

Осуществляет доступ к информации о телефоне (номер, imei и тд.).

Осуществляет доступ к информации о настроках APN.

Добавляет задания в системный планировщик.

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней