Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.Click.234
- Android.RemoteCode.88.origin
Осуществляет доступ к приватному интерфейсу телефонии (ITelephony).
Сетевая активность:
Подключается к:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) 2####.177.13.68:8288
- TCP(HTTP/1.1) msg.api.9####.com:80
- TCP(HTTP/1.1) clinkad####.com:80
- TCP(HTTP/1.1) www.jp####.com:80
- TCP(HTTP/1.1) t####.z####.xyz:80
- TCP(HTTP/1.1) o####.d####.9####.com:80
- TCP(HTTP/1.1) wild####.9appsin####.com.####.net:80
- TCP(HTTP/1.1) www.zfr####.com:80
- TCP(HTTP/1.1) s####.mob####.b####.com:80
- TCP(HTTP/1.1) www.mmmmmm####.com:80
- TCP(HTTP/1.1) a####.bat####.net:80
- TCP(HTTP/1.1) cl####.ads####.com:80
- TCP(HTTP/1.1) mo.freeind####.com:80
- TCP(HTTP/1.1) akw.e####.space:80
- TCP(HTTP/1.1) g####.u####.com:80
- TCP(HTTP/1.1) clk.ar####.co:80
- TCP(HTTP/1.1) www.cu####.com:80
- TCP(HTTP/1.1) p####.u####.com:80
- TCP(HTTP/1.1) www.admobim####.com:80
- TCP(TLS/1.0) g####.gl:443
- TCP(TLS/1.0) y####.ali####.com:443
- TCP(TLS/1.0) msg.api.9####.com:443
- TCP(TLS/1.0) 2####.58.212.142:443
Запросы DNS:
- a####.bat####.net
- akw.e####.space
- api.9####.com
- api.migh####.com
- api.mob####.b####.com
- cl####.ads####.com
- clinkad####.com
- clk.ar####.co
- g####.gl
- g####.u####.com
- hl####.down####.9appsin####.com
- lo####.9####.com
- mo.freeind####.com
- msg.api.9####.com
- o####.d####.9####.com
- p####.u####.com
- po####.9####.com
- s####.9####.com
- s####.mob####.b####.com
- t####.hxc####.com
- t####.z####.xyz
- us.y####.al####.com
- www.admobim####.com
- www.cu####.com
- www.jp####.com
- www.mmmmmm####.com
- www.zfr####.com
Запросы HTTP GET:
- a####.bat####.net/call/v2/ad/click?recommend_id=####&ads_id=####&aff_id=...
- akw.e####.space/index.php?r=####
- akw.e####.space/index.php?r=####&al=####&l=####&p=####&hp=####&lc=####&s...
- akw.e####.space/strategy/api/v1/rule/get?p=####&hp=####&l=####&c=####&pr...
- cl####.ads####.com/index.php?m=####&p=####&app_id=####&offer_id=####&cli...
- clinkad####.com/tracking?camp=####&pubid=####&sid1=####&gaid=####&idfa=#...
- clk.ar####.co/aff_c?offer_id=####&aff_id=####&aff_sub=####&sub_channel=#...
- clk.ar####.co/click?campid=####&gid=####&imei=####&android=####&sub_chan...
- g####.u####.com/files/components/libcrash_x86_1.5.0.0/26/libcrashx86_V1....
- msg.api.9####.com/9apps/share?appSize=####&packageName=####&versionCode=...
- msg.api.9####.com/app.mustHaveColumns?app=####&versionCode=####&versionN...
- msg.api.9####.com/app/keywordWithTag?app=####&versionCode=####&versionNa...
- msg.api.9####.com/client/check/task?app=####&versionCode=####&versionNam...
- msg.api.9####.com/config.get?app=####&keys=####&versionCode=####&version...
- msg.api.9####.com/config?app=####&versionCode=####&versionName=####&um_c...
- msg.api.9####.com/config?app=####&versionCode=####&versionName=####&ver=...
- msg.api.9####.com/get/msg?app=####&updateTime=####&versionCode=####&vers...
- msg.api.9####.com/get/msg?app=####&versionCode=####&versionName=####&um_...
- msg.api.9####.com/installer/whitelist?app=####&versionCode=####&versionN...
- msg.api.9####.com/messageUser?app=####&versionCode=####&versioncode=####...
- msg.api.9####.com/price.comprasionSwitch?app=####&versionCode=####&versi...
- msg.api.9####.com/resourceBundle.getResource?app=####&versionCode=####&v...
- msg.api.9####.com/selfTrigger.getMsg?app=####&versionCode=####&versionNa...
- msg.api.9####.com/user/property?app=####&versionCode=####&versionName=##...
- msg.api.9####.com/v3/page/template?sid=####&app=####&versionCode=####&ve...
- o####.d####.9####.com/upload/9appsshare_musthave/2017/12/26/11/003605f6-...
- o####.d####.9####.com/upload/9appsshare_musthave/2017/12/26/11/7646bf83-...
- p####.u####.com/u1/ppruypsqtupvtrpwwupqspppppppqppqqppprrvv/bae5ea96fb73...
- t####.z####.xyz/click?campid=####&gid=####&imei=####&android=####&sub_ch...
- wild####.9appsin####.com.####.net/9apps/rs/2017/05c90a4bf491ea44e02e25e4...
- wild####.9appsin####.com.####.net/9apps/rs/2017/0989a40e38081da95afd72a2...
- wild####.9appsin####.com.####.net/9apps/rs/2017/0c006cfe3f174a23d76d4757...
- wild####.9appsin####.com.####.net/9apps/rs/2017/1a81912a4cf83fa6abd98f1d...
- wild####.9appsin####.com.####.net/9apps/rs/2017/2a9467c123e57fb402494966...
- wild####.9appsin####.com.####.net/9apps/rs/2017/3449ee15ce26a62f86bfc117...
- wild####.9appsin####.com.####.net/9apps/rs/2017/3a904e82178bd70d10bc790a...
- wild####.9appsin####.com.####.net/9apps/rs/2017/3eaa2f81788a524611e642db...
- wild####.9appsin####.com.####.net/9apps/rs/2017/435f5d20acac37c95ff395bc...
- wild####.9appsin####.com.####.net/9apps/rs/2017/4360ee14946109c6e67be401...
- wild####.9appsin####.com.####.net/9apps/rs/2017/4e6195022d7a64ec0807141b...
- wild####.9appsin####.com.####.net/9apps/rs/2017/55ca41aad7fba0a9c069660e...
- wild####.9appsin####.com.####.net/9apps/rs/2017/630e4c7d0c6fa148518cc0de...
- wild####.9appsin####.com.####.net/9apps/rs/2017/6429903ef9435451c2925594...
- wild####.9appsin####.com.####.net/9apps/rs/2017/65018623a07ef6aaa4c5ba92...
- wild####.9appsin####.com.####.net/9apps/rs/2017/65154eba50076d0fc24449cc...
- wild####.9appsin####.com.####.net/9apps/rs/2017/7656b1c015bb62ccf71d9a4a...
- wild####.9appsin####.com.####.net/9apps/rs/2017/7817748e1a8c830000de4d64...
- wild####.9appsin####.com.####.net/9apps/rs/2017/80b8318e01e332911de516d5...
- wild####.9appsin####.com.####.net/9apps/rs/2017/8b0b9ccf0bc1b0c074ed3f70...
- wild####.9appsin####.com.####.net/9apps/rs/2017/8f8220738f40effbc8612561...
- wild####.9appsin####.com.####.net/9apps/rs/2017/91035b181442ca33d82c84e3...
- wild####.9appsin####.com.####.net/9apps/rs/2017/9397a80920db54bb065f9bf7...
- wild####.9appsin####.com.####.net/9apps/rs/2017/962eaf058e59f0d39dbd4e8f...
- wild####.9appsin####.com.####.net/9apps/rs/2017/9a560a89d3c8b4bf2fc3e11c...
- wild####.9appsin####.com.####.net/9apps/rs/2017/a929e115f14125301fa4e185...
- wild####.9appsin####.com.####.net/9apps/rs/2017/ac85e22098df8c4e70fbdd4b...
- wild####.9appsin####.com.####.net/9apps/rs/2017/b2ab50245924a2a053b92fb6...
- wild####.9appsin####.com.####.net/9apps/rs/2017/b79d98c9ca9984f729fca3fb...
- wild####.9appsin####.com.####.net/9apps/rs/2017/c4eccdd88fe13a0b187a6127...
- wild####.9appsin####.com.####.net/9apps/rs/2017/c9800c6b9f244d9bf5ae18ed...
- wild####.9appsin####.com.####.net/9apps/rs/2017/ca32b510afce71ecf3168d92...
- wild####.9appsin####.com.####.net/9apps/rs/2017/cc4f6b5f2057ab1a20aa7837...
- wild####.9appsin####.com.####.net/9apps/rs/2017/cf408ceb0d15ad4f8414c648...
- wild####.9appsin####.com.####.net/9apps/rs/2017/cf5744c12beb6de0e775c500...
- wild####.9appsin####.com.####.net/9apps/rs/2017/d2b3e3d70ddaac1a0d7ed4a4...
- wild####.9appsin####.com.####.net/9apps/rs/2017/d868831027ccae0a0b6d2b4a...
- wild####.9appsin####.com.####.net/9apps/rs/2017/d8e358802b98eec47deacc11...
- wild####.9appsin####.com.####.net/9apps/rs/2017/dde87d1eae77fbfbb501db1c...
- wild####.9appsin####.com.####.net/9apps/rs/2017/e25134a10c8d483db0725f2c...
- wild####.9appsin####.com.####.net/9apps/rs/2017/e263fdb754f021d6be02c860...
- wild####.9appsin####.com.####.net/9apps/rs/2017/e857cd104961be97bd651667...
- wild####.9appsin####.com.####.net/9apps/rs/2017/f5717494067f71523cf46b14...
- wild####.9appsin####.com.####.net/9apps/rs/2017/f6e55a1f8fc483f192195fb2...
- wild####.9appsin####.com.####.net/9apps/rs/2017/f8a9992ccb4f50d98182d5cb...
- wild####.9appsin####.com.####.net/9apps/rs/2017/fc74c37acc67f5b3eaca9c0e...
- wild####.9appsin####.com.####.net/9apps/rs/2017/fce7739ba2f31f71449f396b...
- www.cu####.com/20171221152034.ExpDex_5.2.1_20171221.zip
- www.jp####.com/click/ssp/click?channel=####&uuid=####&id=####&aoid=####&...
- www.jp####.com/error.html
Запросы HTTP POST:
- mo.freeind####.com/detail/getOfferListNew?enc=####
- msg.api.9####.com/checkPublishStatus?app=####&gzip=####&versionCode=####...
- msg.api.9####.com/user/check-increment-update.json?app=####&gzip=####&ve...
- p####.u####.com/upgrade/index.xhtml?from=####
- s####.mob####.b####.com/cgi-bin-py/ad_sdk.cgi?ty=####&enc=####&bt=####
- www.admobim####.com/surl/api2_reg.action
- www.jp####.com/tracking/ds?sdk_version=####&platform=####&app_version=##...
- www.jp####.com/tracking/uc?sdk_version=####&platform=####&app_version=##...
- www.mmmmmm####.com/osp/oaen_get.action?tasktype=####&imei=####&imsi=####...
- www.mmmmmm####.com/osp/oaen_reg.action
- www.zfr####.com/up.do
Изменения в файловой системе:
Создает следующие файлы:
- <Package Folder>/HasStarted
- <Package Folder>/app_SGLib/####/libsgmainso-5.3.7011.so.tmp
- <Package Folder>/app_SGLib/####/lock.lock
- <Package Folder>/app_jniLibs/libcrash_1.5.0.0.so
- <Package Folder>/app_stat_log3/1510835577970
- <Package Folder>/app_stat_log3/1510835588122
- <Package Folder>/app_stat_log3/1510835598156
- <Package Folder>/app_stat_log3/1510835628554
- <Package Folder>/app_wa/####/11gpsdfe_1510835569024002074.wa
- <Package Folder>/app_wa/####/12hqtegf_1510835570680002074.wa
- <Package Folder>/app_wa/####/13irufhg_1510835574584002074.wa
- <Package Folder>/cache/####/16cab0f8bac502458ec40aa8495620bf.0.tmp
- <Package Folder>/cache/####/16cab0f8bac502458ec40aa8495620bf.1
- <Package Folder>/cache/####/494f6aaa4e0dafc747c3e2c1d65a3508.0.tmp
- <Package Folder>/cache/####/494f6aaa4e0dafc747c3e2c1d65a3508.1.tmp
- <Package Folder>/cache/####/49c3affa56f32cf797ea94228c5cb852.0.tmp
- <Package Folder>/cache/####/49c3affa56f32cf797ea94228c5cb852.1.tmp
- <Package Folder>/cache/####/5f08d915e4f9f0b34210d9d0ee6b3e27.0.tmp
- <Package Folder>/cache/####/5f08d915e4f9f0b34210d9d0ee6b3e27.1.tmp
- <Package Folder>/cache/####/6b85e15c5c554bb4cdaec112fcdda5a5.0.tmp
- <Package Folder>/cache/####/6b85e15c5c554bb4cdaec112fcdda5a5.1.tmp
- <Package Folder>/cache/####/75978b4c5cafda8911b63c38ab9004f4.0.tmp
- <Package Folder>/cache/####/75978b4c5cafda8911b63c38ab9004f4.1.tmp
- <Package Folder>/cache/####/7b134059faacc843c4215247e04f04fb.0.tmp
- <Package Folder>/cache/####/7b134059faacc843c4215247e04f04fb.1.tmp
- <Package Folder>/cache/####/88ea95254eb29938b9659937d656d5ca.0.tmp
- <Package Folder>/cache/####/88ea95254eb29938b9659937d656d5ca.1.tmp
- <Package Folder>/cache/####/96e85689b750d5f7d2f215ed4d49b660.0.tmp
- <Package Folder>/cache/####/96e85689b750d5f7d2f215ed4d49b660.1.tmp
- <Package Folder>/cache/####/97bbb4c231194b1797cbc5852d5248cf.0.tmp
- <Package Folder>/cache/####/97bbb4c231194b1797cbc5852d5248cf.1.tmp
- <Package Folder>/cache/####/99619669d2cbd188984ca5f162bc2bba.0.tmp
- <Package Folder>/cache/####/99619669d2cbd188984ca5f162bc2bba.1.tmp
- <Package Folder>/cache/####/a88c2d9d358c729b36e38442692400b7.0.tmp
- <Package Folder>/cache/####/a88c2d9d358c729b36e38442692400b7.1.tmp
- <Package Folder>/cache/####/b129183c08fc1a90472fbbaf2ac2942c.0.tmp
- <Package Folder>/cache/####/b129183c08fc1a90472fbbaf2ac2942c.1.tmp
- <Package Folder>/cache/####/b49b6b0ae526e74abaa399246b6434fb.0.tmp
- <Package Folder>/cache/####/b49b6b0ae526e74abaa399246b6434fb.1.tmp
- <Package Folder>/cache/####/b516842fa4d104e7b7f176ce4a91d2c5.0.tmp
- <Package Folder>/cache/####/b516842fa4d104e7b7f176ce4a91d2c5.1.tmp
- <Package Folder>/cache/####/bc6e976a17a9eb17f20647f87af3d709.0.tmp
- <Package Folder>/cache/####/bc6e976a17a9eb17f20647f87af3d709.1.tmp
- <Package Folder>/cache/####/beb7e439d09dc2cb7aa8b3639f9ee182.0.tmp
- <Package Folder>/cache/####/beb7e439d09dc2cb7aa8b3639f9ee182.1.tmp
- <Package Folder>/cache/####/d3f958447779d379382791d5c9d80397.0.tmp
- <Package Folder>/cache/####/d3f958447779d379382791d5c9d80397.1.tmp
- <Package Folder>/cache/####/data_0
- <Package Folder>/cache/####/data_1
- <Package Folder>/cache/####/data_2
- <Package Folder>/cache/####/data_3
- <Package Folder>/cache/####/df140f66583c96fbc3ee2a2348ff3c17.0.tmp
- <Package Folder>/cache/####/df140f66583c96fbc3ee2a2348ff3c17.1.tmp
- <Package Folder>/cache/####/f56019b5ba3ef174e174fd1c490e369c.0.tmp
- <Package Folder>/cache/####/f56019b5ba3ef174e174fd1c490e369c.1.tmp
- <Package Folder>/cache/####/fb10aa4c8868eb44b35a63632221e345.0.tmp
- <Package Folder>/cache/####/fb10aa4c8868eb44b35a63632221e345.1.tmp
- <Package Folder>/cache/####/index
- <Package Folder>/cache/####/journal.tmp
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.bb
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.ff
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.meminfo
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.pid
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.ps
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.start
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.time
- <Package Folder>/crashsdk/####/PPAIDNI0ELIBOM0MOC.uptime
- <Package Folder>/crashsdk/####/REKROW1PPAIDNI0ELIBOM0MOC.bb
- <Package Folder>/crashsdk/####/unique
- <Package Folder>/databases/9apps.db-journal
- <Package Folder>/databases/WaValue.db-journal
- <Package Folder>/databases/adblib.db-journal
- <Package Folder>/databases/downloader-journal
- <Package Folder>/databases/mc_cache.db-journal
- <Package Folder>/databases/message-journal
- <Package Folder>/databases/my.db
- <Package Folder>/databases/my.db-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/files/####/home_app_data_us.json
- <Package Folder>/files/####/hot_word_data_us.json
- <Package Folder>/files/0a231bd8575dcf72.txt
- <Package Folder>/files/SGMANAGER_DATA2.tmp
- <Package Folder>/files/d.zip
- <Package Folder>/files/daemon
- <Package Folder>/files/dc55c65cfc5a8ddc6d
- <Package Folder>/files/dtemp.apk
- <Package Folder>/files/google.db
- <Package Folder>/files/ob1.zip
- <Package Folder>/files/sp.lock
- <Package Folder>/files/w.zip
- <Package Folder>/no_backup/com.google.android.gms.appid-no-backup
- <Package Folder>/shared_prefs/3710d74b68e6af8cade5ec187cc0f996dabc7e3c.xml
- <Package Folder>/shared_prefs/9apps.xml
- <Package Folder>/shared_prefs/9apps.xml.bak
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/ActivatePreUtil.xml
- <Package Folder>/shared_prefs/AdsBusiness-data.xml
- <Package Folder>/shared_prefs/Alvin2.xml
- <Package Folder>/shared_prefs/BusinessPreUtil.xml
- <Package Folder>/shared_prefs/ContextData.xml
- <Package Folder>/shared_prefs/LoginPreUtil.xml
- <Package Folder>/shared_prefs/OfferPreUtil.xml
- <Package Folder>/shared_prefs/SYSTEM_CACHE.xml
- <Package Folder>/shared_prefs/aps.xml
- <Package Folder>/shared_prefs/apsad.xml
- <Package Folder>/shared_prefs/apscomm.xml
- <Package Folder>/shared_prefs/check_publish_status.xml
- <Package Folder>/shared_prefs/cn_rs.xml
- <Package Folder>/shared_prefs/com.google.android.gms.appid.xml
- <Package Folder>/shared_prefs/device_info.xml
- <Package Folder>/shared_prefs/f4acd030da61bd739ac44e37218b4567f7dd880f.xml
- <Package Folder>/shared_prefs/ffc1d42b1ca5e3db2657d00b91997f6a.xml
- <Package Folder>/shared_prefs/hunter_config.xml
- <Package Folder>/shared_prefs/install_list_info.xml
- <Package Folder>/shared_prefs/m_cfg.xml
- <Package Folder>/shared_prefs/other_config.xml
- <Package Folder>/shared_prefs/service_config.xml
- <Package Folder>/shared_prefs/sp_config.xml
- <Package Folder>/shared_prefs/t_ini.xml
- <Package Folder>/shared_prefs/upgrade_config.xml
- <Package Folder>/shared_prefs/worker_preferences.xml
- <Package Folder>/tiny_wa/1510835585476.wa
- <SD-Card>/.DataStorage/ContextData.xml
- <SD-Card>/.UTSystemConfig/####/Alvin2.xml
- <SD-Card>/.androidsystem/####/gads.db
- <SD-Card>/.com.taobao.dp/dd7893586a493dc3
- <SD-Card>/9appsPro/####/libcrash_1.5.0.0.so.tmp
- <SD-Card>/Android/####/.nomedia
- <SD-Card>/Android/####/00b270003fb866ac8c86c18748bfff93cebb3ec7....0.tmp
- <SD-Card>/Android/####/06df43c4e7353364ac33e7c626cc73451c7fecc3....0.tmp
- <SD-Card>/Android/####/088916fadb3e8fd43c16765550bb97c07e3c2fd2....0.tmp
- <SD-Card>/Android/####/0d5a5ddfa56b49c1512a7ef28fcd96773a29492f....0.tmp
- <SD-Card>/Android/####/13eebe731e3cde2a88573ae883001ac00adfee56....0.tmp
- <SD-Card>/Android/####/1b06a8f128a66e59b5df0e4bf340453ffada75e2....0.tmp
- <SD-Card>/Android/####/1dc15241d33f89ebd6f24ca1add4aea08265d31b....0.tmp
- <SD-Card>/Android/####/1decb9d448a02c3b78a920a31b0d2f88483b899a....0.tmp
- <SD-Card>/Android/####/203769e8d070b51100845d8944c38e48dd584f44....0.tmp
- <SD-Card>/Android/####/20b99ddf379773ba1a294e28c2a53d69c41cad71....0.tmp
- <SD-Card>/Android/####/219a8fff9e77eecc171609819e756bbe23257a25....0.tmp
- <SD-Card>/Android/####/21a6ffa6f3b9baec07618a53459368a5a470aa51....0.tmp
- <SD-Card>/Android/####/23484ad7ba01819b8e92e5f460552908e24b1e32....0.png
- <SD-Card>/Android/####/23484ad7ba01819b8e92e5f460552908e24b1e32....0.tmp
- <SD-Card>/Android/####/253000a70dbaab3018d36a83da3f6649a089ccac....0.tmp
- <SD-Card>/Android/####/290f40a1c2fd7a445f922630c11fbd3c7e5d56d8....0.tmp
- <SD-Card>/Android/####/2b733a07c68176f15c93f0c17f9736ba232dfd66....0.tmp
- <SD-Card>/Android/####/2eb5f6344c2520e3e970608e23da7b7a2ae1d7bf....0.tmp
- <SD-Card>/Android/####/36e55ca3d8c6bd02b461d7d819783a71d0b5cfba....0.tmp
- <SD-Card>/Android/####/3d0ae82689e8447419bcfb29bc34789d6997f757....0.tmp
- <SD-Card>/Android/####/4374fe989c7419f4e2487c47f33fd838339727aa....0.tmp
- <SD-Card>/Android/####/5d0ccece6c5006a1ebf0f0741faa3613f6aeae64....0.tmp
- <SD-Card>/Android/####/69601381eb9f49bd7ca195f523325931ea4c38e6....0.tmp
- <SD-Card>/Android/####/69bea8ce75ec28e083a69e3107377fdcd6ee2bad....0.tmp
- <SD-Card>/Android/####/6b9ea12f3e13c9af9f0159e4e4e9273965340018....0.tmp
- <SD-Card>/Android/####/6ca114977181e324e39b09bedbb740f0228c861d....0.tmp
- <SD-Card>/Android/####/7fbd41820f2260dcc87d4ba2931720e230a59daa....0.tmp
- <SD-Card>/Android/####/8094240ccdc36d36428cebc040923be4bdb14ac2....0.tmp
- <SD-Card>/Android/####/87119faacb546756c1715597d396a87e3619aff5....0.tmp
- <SD-Card>/Android/####/8c3f424812dda5cf090175de05f229965e4c46c9....0.tmp
- <SD-Card>/Android/####/9b4f729bcefb66cf78557bf64d1b7ba8cfa50119....0.tmp
- <SD-Card>/Android/####/9f7c61637a3f859fb05b32df0d28435df5e8ee6b....0.tmp
- <SD-Card>/Android/####/a0514d6c32854dfafa4057e9cf5e23ec0c93631f....0.tmp
- <SD-Card>/Android/####/a87fc714bd62e6be19a12babe059ced7340f2170....0.tmp
- <SD-Card>/Android/####/abf58830dfd122d90c212641417cafa8d3d77162....0.tmp
- <SD-Card>/Android/####/ace202487bf37a9e7b45892d3dfb9abf705bc58b....0.tmp
- <SD-Card>/Android/####/b3f5ed261e33b43e82d8b349688d815733594a91....0.tmp
- <SD-Card>/Android/####/b6cd155696cf7b0ce7606e58df9c58e1a8a11d45....0.tmp
- <SD-Card>/Android/####/b79b682f9be63cbffd6a6b58f48bcf8e5e39dba9....0.tmp
- <SD-Card>/Android/####/b9296fd86a9ffe33bbcf82790b13de00c73614f2....0.tmp
- <SD-Card>/Android/####/bc99daaac05ca99a5f280ed8d0c8d1593d80f5b4....0.tmp
- <SD-Card>/Android/####/c026158047d67e10b4b0b50c4aa85233626c26a3....0.tmp
- <SD-Card>/Android/####/c14b523965fff02832eb28311338e8b78bc69ea1....0.tmp
- <SD-Card>/Android/####/c7ab606e94d9c57e0e906547826c1d60f1bcc554....0.tmp
- <SD-Card>/Android/####/d59c4911eeca7f0d89fdbada28b50e085f17f6b5....0.tmp
- <SD-Card>/Android/####/d814f76036b55e3834c114b19c142e894072d1b0....0.tmp
- <SD-Card>/Android/####/d818b86de028adb2d8de11bc6839ac624934dd52....0.png
- <SD-Card>/Android/####/d818b86de028adb2d8de11bc6839ac624934dd52....0.tmp
- <SD-Card>/Android/####/e2234a769bd0c9642460adf6175693cae5051fd2....0.tmp
- <SD-Card>/Android/####/ed42fb7ed0bc697455ec7c0e76b93d8ad956edbb....0.tmp
- <SD-Card>/Android/####/f1afa923c4a8d46ff10eb27b31d191c1f955bdd5....0.tmp
- <SD-Card>/Android/####/f85b2fa4631f7e7468813eed7dc3c49cb806fe4c....0.tmp
- <SD-Card>/Android/####/journal.tmp
- <SD-Card>/LogG/####/sp
- <SD-Card>/baidu/####/journal.tmp
- <SD-Card>/baidu/.cuid
Другие:
Запускает следующие shell-скрипты:
- <Package Folder>/files/dc55c65cfc5a8ddc6d
- cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- ps
- sh
Загружает динамические библиотеки:
- IncrementalUpdate
- libcrash_1.5.0.0
- ppapkpatchso
- sgmainso-5.3
- uninstall
Осуществляет доступ к информации о сети.
Осуществляет доступ к информации о телефоне (номер, imei и тд.).
Осуществляет доступ к информации об установленных приложениях.
Осуществляет доступ к информации о запущенных приложениях.
Добавляет задания в системный планировщик.
Отрисовывает собственные окна поверх других приложений.
