Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.DownLoader.396.origin
- Android.DownLoader.455.origin
Сетевая активность:
Подключается к:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) c.m.1####.com:80
- TCP(HTTP/1.1) ptmgtd0####.wsclou####.com:80
Запросы DNS:
- b1.v####.com
- c.m.1####.com
- cms-bu####.n####.127.net
- k1.yo####.com
- p1.jz####.com
Запросы HTTP GET:
- ptmgtd0####.wsclou####.com/016bf7fb7d7a4593a37de0acfa0283392017121716455...
- ptmgtd0####.wsclou####.com/0948ab2bfe514891a0b7b33e1fe4818b2017121716355...
- ptmgtd0####.wsclou####.com/0d66b65a117b4b83a86c8e8d64181e602017121717383...
- ptmgtd0####.wsclou####.com/192f324327d44fcdb1069a82dd34bc122017121716514...
- ptmgtd0####.wsclou####.com/2051a5c6ce1b404295d5efcd9ec55ef62017121715541...
- ptmgtd0####.wsclou####.com/240c989245d34598ae17ad193f66fa092017121716172...
- ptmgtd0####.wsclou####.com/39fa54086bc549eb9945860667252e1b2017121716293...
- ptmgtd0####.wsclou####.com/3eb8694f8f53453ab266adec2de323182017121716201...
- ptmgtd0####.wsclou####.com/45672dc9cda64c40a003f66651d4e3872017121716473...
- ptmgtd0####.wsclou####.com/4f1f965e30b5468a952701ce55f68e1c2017121716584...
- ptmgtd0####.wsclou####.com/5fe052d2c12542a49493c2dddeec46102017121716515...
- ptmgtd0####.wsclou####.com/6e3db992933443c28aab5e1e7f59e5022017121717094...
- ptmgtd0####.wsclou####.com/7523d11698034355bb6c65a5acddeed12017121715423...
- ptmgtd0####.wsclou####.com/7b8e98cbee89414399110609c98631282017121714553...
- ptmgtd0####.wsclou####.com/7cf161c3ece144f089b90e09a24d6ef82017121715443...
- ptmgtd0####.wsclou####.com/81753bfc286f463a82ae4c0caf5be1fe2017121717133...
- ptmgtd0####.wsclou####.com/86e04e23941945bea9a1ba28487915c82017121716172...
- ptmgtd0####.wsclou####.com/8ace03d06a204e6699991e5f3b434a912017121715190...
- ptmgtd0####.wsclou####.com/932edde258654b59bb2d2a15b19b00e72017121716142...
- ptmgtd0####.wsclou####.com/98dc6277591e47c7a8e0f754684c34212017121717203...
- ptmgtd0####.wsclou####.com/bd3c0615c6de480bb7948a5a23e1d0802017121717115...
- ptmgtd0####.wsclou####.com/catchpic/0/04/04c1a3ae5b09c9ed3ddfe846ffd95a1...
- ptmgtd0####.wsclou####.com/catchpic/2/2a/2ad764347f007baf85a7123120107ee...
- ptmgtd0####.wsclou####.com/e7156d7f6bdf4f54a1bf6a03670565b42017121716344...
- ptmgtd0####.wsclou####.com/e9e7db91629547cfa25110177e375e9d2017121715484...
- ptmgtd0####.wsclou####.com/ef0a83a6d9854c6e90f4c8d9521454ec2017121716565...
Изменения в файловой системе:
Создает следующие файлы:
- <Package Folder>/cache/####/009b821c54e0c5c75b9f393d9f7a55cd2c0....0.tmp
- <Package Folder>/cache/####/04af445779d282388f8311a80a8a8c62.0.tmp
- <Package Folder>/cache/####/04af445779d282388f8311a80a8a8c62.1.tmp
- <Package Folder>/cache/####/0a891fe419481ac9bfccd2244425df8e886....0.tmp
- <Package Folder>/cache/####/12abbda796d449aa1d310f75c1aeb0fd.0.tmp
- <Package Folder>/cache/####/12abbda796d449aa1d310f75c1aeb0fd.1.tmp
- <Package Folder>/cache/####/19301793ef2ad52d31f8eab5d81a4981942....0.tmp
- <Package Folder>/cache/####/24072174d5505adad06146e373e6f2e1fb9....0.tmp
- <Package Folder>/cache/####/2ec575e346f31941bc05bbd1bbec4cebdf1....0.tmp
- <Package Folder>/cache/####/330eff3131197c03b80aa29166d3ee6a668....0.tmp
- <Package Folder>/cache/####/33114aff5fe8d52142077a10e9fcc9956cb....0.tmp
- <Package Folder>/cache/####/356c58155fdc8cf02018f3e4e7264bb4bd1....0.tmp
- <Package Folder>/cache/####/381e2d2adf06de9c37083c4eb3ea7379c2f....0.tmp
- <Package Folder>/cache/####/3d73735e98ca36ef12b1b7429392d6b015b....0.tmp
- <Package Folder>/cache/####/3e2f8618498a36dfa14b8858d5b0772e.0.tmp
- <Package Folder>/cache/####/3e2f8618498a36dfa14b8858d5b0772e.1.tmp
- <Package Folder>/cache/####/3e694dcf2fa63b8209b8d0357fd79d121fe....0.tmp
- <Package Folder>/cache/####/4666f5be7cbf79e5c22534cb372ef2e3c47....0.tmp
- <Package Folder>/cache/####/4692776ea610e055444babca709b570a7f4....0.tmp
- <Package Folder>/cache/####/47a26165eed94f564d7a0f607bb0cda9b40....0.tmp
- <Package Folder>/cache/####/4aa134932043cbb91cd65604756d6e76b13....0.tmp
- <Package Folder>/cache/####/5b4d9af851e0e32792cf379f3deb135d.0.tmp
- <Package Folder>/cache/####/5b4d9af851e0e32792cf379f3deb135d.1.tmp
- <Package Folder>/cache/####/5d770fc45ddcd21ba180e53de47eb7817b7....0.tmp
- <Package Folder>/cache/####/5fdb906dfb3731609a6ac2a92456c775.0.tmp
- <Package Folder>/cache/####/5fdb906dfb3731609a6ac2a92456c775.1.tmp
- <Package Folder>/cache/####/6be6d3464cd1f761e00d60f9642c7319f48....0.tmp
- <Package Folder>/cache/####/727c31aedc3c2968e4f1d406fdf576f9c86....0.tmp
- <Package Folder>/cache/####/773e911528913675c246511cbeb08fe3366....0.tmp
- <Package Folder>/cache/####/7b36e2b2ceb360ff66c59234b922c0285b2....0.tmp
- <Package Folder>/cache/####/7d34f0a754652fcdeedb26516e043584c5e....0.tmp
- <Package Folder>/cache/####/7fc7dcd2228ed19010dea53a5a3ba182.0.tmp
- <Package Folder>/cache/####/7fc7dcd2228ed19010dea53a5a3ba182.1.tmp
- <Package Folder>/cache/####/840f7dfc89a2754ac758930df6d9280b713....0.tmp
- <Package Folder>/cache/####/8aa201efa00b222a3067a6af5d8a30353ff....0.tmp
- <Package Folder>/cache/####/8b7d344e45960d3978ed87c0d60dfc1a0d5....0.tmp
- <Package Folder>/cache/####/97f6a5037bb322282d5082011efa757b168....0.tmp
- <Package Folder>/cache/####/98d5f37c2177f1deec136ce9b6ead35f.0.tmp
- <Package Folder>/cache/####/98d5f37c2177f1deec136ce9b6ead35f.1.tmp
- <Package Folder>/cache/####/a5d36981ad1b6b6b6437a7ef8ba6249a993....0.tmp
- <Package Folder>/cache/####/a5f1563fdc2176091598454258cb06e1b3c....0.tmp
- <Package Folder>/cache/####/a84edf4af9e8fdb3d9fe3644b5d6951b671....0.tmp
- <Package Folder>/cache/####/a8bab8f772b157122120b9f27f650de135a....0.tmp
- <Package Folder>/cache/####/aa93a50b1d752f763f8efee3728103ab.0.tmp
- <Package Folder>/cache/####/aa93a50b1d752f763f8efee3728103ab.1.tmp
- <Package Folder>/cache/####/ad571fe84bcf500682966800957b0fa7e9e....0.tmp
- <Package Folder>/cache/####/af8cf42b430fe1eba41a286ffa2ba59afb6....0.tmp
- <Package Folder>/cache/####/b117d0b6e7e48ecda0c29de54a85ee59.0.tmp
- <Package Folder>/cache/####/b117d0b6e7e48ecda0c29de54a85ee59.1.tmp
- <Package Folder>/cache/####/b90e476d812cbc222cfce165ee178ff35f8....0.tmp
- <Package Folder>/cache/####/c2bbc6b5e3263ae226c624e9c45d3d836ca....0.tmp
- <Package Folder>/cache/####/c78789137d4318ce38131473d4208b76507....0.tmp
- <Package Folder>/cache/####/c95128bb2393b02e1e2bc73c2b0ccc2eb70....0.tmp
- <Package Folder>/cache/####/ccab70d0a46053e922a2a0a6fe0931559e8....0.tmp
- <Package Folder>/cache/####/d2798ecb34385274c196bc637c1909e70e4....0.tmp
- <Package Folder>/cache/####/d53c9be329a1f334a12c85eb29aa7e0bcc0....0.tmp
- <Package Folder>/cache/####/dbb0348faeb73e0e305bdd585350b9c9856....0.tmp
- <Package Folder>/cache/####/e17f4ec2e263ddf6b01837856b05c477eea....0.tmp
- <Package Folder>/cache/####/f1a75b455ff4b210606541fd8b6acb00143....0.tmp
- <Package Folder>/cache/####/f3a7462062036d0f96f04ff29affcc59abc....0.tmp
- <Package Folder>/cache/####/fa436b9145581cb27325f75f52cecebf4bc....0.tmp
- <Package Folder>/cache/####/fa9bcdd920544750d7d9761dba7979231bd....0.tmp
- <Package Folder>/cache/####/fd815b3813877bfa75a3ccb1a5d938d2ae1....0.tmp
- <Package Folder>/cache/####/febd87a95e93fea68d71cf1b644570c8031....0.tmp
- <Package Folder>/cache/####/journal.tmp
- <Package Folder>/files/15135151791779.jar
- <Package Folder>/files/15135151799249.jar
- <Package Folder>/files/1513515180499b.jar
- <Package Folder>/files/1513515185974o.jar
- <Package Folder>/files/15135152041129.jar
- <Package Folder>/files/1513515205099b.jar
- <Package Folder>/files/1513515210426o.jar
- <Package Folder>/shared_prefs/fcut_appInfo_pre.xml
- <Package Folder>/shared_prefs/fcut_conf_pre.xml
- <Package Folder>/shared_prefs/i.xml
- <Package Folder>/shared_prefs/i_fionf_pre<IMEI>.xml
- <Package Folder>/shared_prefs/ybappInfo_pre.xml
- <Package Folder>/shared_prefs/ybconf_pre.xml
Другие:
Осуществляет доступ к информации о сети.
Осуществляет доступ к информации о телефоне (номер, imei и тд.).
Отрисовывает собственные окна поверх других приложений.
