Android.MobiDash.313

Техническая информация

Вредоносные функции:

Загружает на исполнение код следующих детектируемых угроз:

Android.MobiDash.2.origin

Сетевая активность:

Подключается к:

UDP(DNS) <Google DNS>
TCP(HTTP/1.1) st####.xx.f####.net:80
TCP(HTTP/1.1) a####.go####.com:80
TCP(HTTP/1.1) www.face####.com:80
TCP(HTTP/1.1) android####.club:80
TCP(HTTP/1.1) mc.ya####.ru:80
TCP(HTTP/1.1) con####.face####.net:80
TCP(HTTP/1.1) plat####.twi####.com:80
TCP(TLS/1.0) plat####.twi####.com:443
TCP(TLS/1.0) sconten####.xx.f####.net:443
TCP(TLS/1.0) syndica####.twi####.com:443
TCP(TLS/1.0) mc.ya####.ru:443
TCP(TLS/1.0) www.go####.com:443
TCP(TLS/1.0) www.face####.com:443
TCP(TLS/1.0) cdn.syndica####.t####.com:443
TCP(TLS/1.0) a####.go####.com:443
TCP(TLS/1.0) st####.xx.f####.net:443

Запросы DNS:

a####.go####.com
android####.club
cdn.syndica####.t####.com
con####.face####.net
mc.ya####.ru
plat####.twi####.com
sconten####.xx.f####.net
st####.xx.f####.net
stat####.face####.com
syndica####.twi####.com
www.face####.com
www.go####.com
www.google-####.com

Запросы HTTP GET:

a####.go####.com/analytics.js
a####.go####.com/collect?v=####&_v=####&a=####&t=####&_s=####&dl=####&ul...
a####.go####.com/r/collect?v=####&_v=####&a=####&t=####&_s=####&dl=####&...
android####.club/
android####.club/csstoprak/toprakmobile.css
android####.club/logo-androidoyunclub-son.png
android####.club/wp-admin/admin-ajax.php?action=####&style=####&ver=####
android####.club/wp-content/plugins/slideshow-jquery-image-gallery/image...
android####.club/wp-content/plugins/slideshow-jquery-image-gallery/js/mi...
android####.club/wp-content/plugins/slideshow-jquery-image-gallery/style...
android####.club/wp-content/plugins/stkit/assets/images/icons/32/glyphs/...
android####.club/wp-content/plugins/stkit/assets/js/jquery.stkit.js
android####.club/wp-content/plugins/stkit/assets/plugins/mediaelement/me...
android####.club/wp-content/plugins/stkit/components/lightbox/assets/css...
android####.club/wp-content/plugins/stkit/components/lightbox/assets/js/...
android####.club/wp-content/plugins/stkit/components/postviews/assets/js...
android####.club/wp-content/plugins/stkit/components/shortcodes/assets/j...
android####.club/wp-content/themes/Grimag/assets/css/alt/dark.css
android####.club/wp-content/themes/Grimag/assets/css/responsive.css
android####.club/wp-content/themes/Grimag/assets/css/shortcodes.css
android####.club/wp-content/themes/Grimag/assets/images/bg-black-25.png
android####.club/wp-content/themes/Grimag/assets/images/bg-white-05.png
android####.club/wp-content/themes/Grimag/assets/images/bg-white-10.png
android####.club/wp-content/themes/Grimag/assets/images/icons/16/glyphs/...
android####.club/wp-content/themes/Grimag/assets/images/icons/32/glyphs/...
android####.club/wp-content/themes/Grimag/assets/images/line-light.png
android####.club/wp-content/themes/Grimag/assets/images/line-white-light...
android####.club/wp-content/themes/Grimag/assets/images/line-white.png
android####.club/wp-content/themes/Grimag/assets/images/line.png
android####.club/wp-content/themes/Grimag/assets/js/jquery.menu.js
android####.club/wp-content/themes/Grimag/assets/js/jquery.theme.js
android####.club/wp-content/themes/Grimag/framework/assets/js/jquery.ie.js
android####.club/wp-content/themes/Grimag/framework/assets/js/jquery.st.js
android####.club/wp-content/themes/Grimag/style.css
android####.club/wp-content/uploads/2014/11/androidoyunclub-toprakkoc.png
android####.club/wp-content/uploads/2016/08/dead-trigger-2-android-1.png
android####.club/wp-content/uploads/2016/08/driving-school-2017-android....
android####.club/wp-content/uploads/2016/08/minecraft-android.png
android####.club/wp-content/uploads/2016/08/plants-vs-zombies-android.png
android####.club/wp-content/uploads/2017/12/bridge-constructor-portal-v1...
android####.club/wp-content/uploads/2017/12/dead-trigger-2-v1-3-3-mod-ap...
android####.club/wp-content/uploads/2017/12/drift-max-pro-v1-2-3-mod-apk...
android####.club/wp-content/uploads/2017/12/hungry-shark-evolution-v5-4-...
android####.club/wp-content/uploads/2017/12/linda-brown-interactive-stor...
android####.club/wp-content/uploads/2017/12/mortal-kombat-x-v1-16-0-mod-...
android####.club/wp-content/uploads/grimag_custom.css
android####.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=####
android####.club/wp-includes/js/jquery/jquery.js?ver=####
android####.club/wp-includes/js/wp-embed.min.js?ver=####
android####.club/wp-includes/js/wp-emoji-release.min.js?ver=####
con####.face####.net/en_US/sdk.js
mc.ya####.ru/metrika/watch.js
plat####.twi####.com/widgets.js
st####.xx.f####.net/connect/xd_arbiter/r/lY4eZXm_YWu.js?version=####
www.face####.com/plugins/likebox.php?href=####&width=####&height=####&co...

Изменения в файловой системе:

Создает следующие файлы:

<Package Folder>/app_app_apk/DungeonShooter.dat.jar
<Package Folder>/code_cache/####/MultiDex.lock
<Package Folder>/code_cache/####/tmp-<Package>-1.apk.classes-16...01.zip
<Package Folder>/code_cache/####/tmp-<Package>-1.apk.classes881057963.zip
<Package Folder>/files/sCxKfGcRu
<Package Folder>/shared_prefs/<Package>.v2.playerprefs.xml
<Package Folder>/shared_prefs/<Package>_preferences.xml
<Package Folder>/shared_prefs/multidex.version.xml
<Package Folder>/shared_prefs/savegame.xml

Другие:

Загружает динамические библиотеки:

main
sCxKfGcRu

Добавляет задания в системный планировщик.

Отрисовывает собственные окна поверх других приложений.

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней