Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.DownLoader.660.origin
Сетевая активность:
Подключается к:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.sdkce####.com:80
- TCP(HTTP/1.1) a####.online####.net:80
- TCP(HTTP/1.1) web.online####.net:80
- TCP(TLS/1.0) api.face####.com:443
Запросы DNS:
- a####.online####.net
- a####.sdkce####.com
- g####.face####.com
- i####.online####.net
- image####.online####.net
- web.online####.net
Запросы HTTP GET:
- a####.online####.net/index.php/admin/Index/getApi?appid=####&version=###...
- a####.online####.net/upload/2017/11/12bd3eaf2866710cd8215a0c066b6ad1/12c...
- a####.online####.net/upload/2017/11/1906c8e8439a28962d325a0425787062/190...
- a####.online####.net/upload/2017/11/2a20344f531a79f383025a0c0532f988/2a2...
- a####.online####.net/upload/2017/11/2d224d66b87290a4de285a042a25a929/2d2...
- a####.online####.net/upload/2017/11/30aac2681330569b87165a0c031014a0/30b...
- a####.online####.net/upload/2017/11/3280430a738f8415be655a0c06d1b78d/328...
- a####.online####.net/upload/2017/11/44b16553c3fabb22b4a25a0c0627b4ca/44b...
- a####.online####.net/upload/2017/11/817138bf991ccbf33e295a042933f335/817...
- a####.online####.net/upload/2017/11/819e6bb4ecf10d1ef7c65a0c05ab1669/81a...
- a####.online####.net/upload/2017/11/88c46423f2e6ed2e0b725a0c03c2a35e/88c...
- a####.online####.net/upload/2017/11/9cdfbb17443f7285c03d5a0c060048e0/9ce...
- a####.online####.net/upload/2017/11/a080f52ff27c2035e12e5a0c05db906a/a08...
- a####.online####.net/upload/2017/11/a23638665024e6b87d105a0c029b7d29/a23...
- a####.online####.net/upload/2017/11/cf2229b1c907d6b098e75a0c04ec1bbb/cf2...
- a####.online####.net/upload/2017/11/e928246fea9e63c1d7855a0c0322eabc/e92...
- a####.online####.net/upload/2017/headpicture/1.png
- a####.online####.net/upload/2017/headpicture/2.png
- a####.online####.net/upload/2017/headpicture/4.png
- a####.online####.net/upload/2017/headpicture/5.png
- a####.online####.net/upload/2017/headpicture/6.png
- web.online####.net/api/v1/album/getAnAlbum/list/646
- web.online####.net/api/v1/album/getAnAlbum/list/648
- web.online####.net/api/v1/album/list
- web.online####.net/api/v1/album/list?banner=####
- web.online####.net/api/v1/album/list?categoryName=####&limit=####
- web.online####.net/api/v1/album/list?limit=####
- web.online####.net/api/v1/comment/646/list
- web.online####.net/api/v1/comment/648/list
- web.online####.net/api/v1/user/devnum?deviceNumber=####&channelNumber=##...
- web.online####.net/api/v1/vip/isVip
Запросы HTTP POST:
- a####.sdkce####.com/
Изменения в файловой системе:
Создает следующие файлы:
- <Package Folder>/cache/####/0170e53afe05407e2daccec2bb0cd8f4393....0.tmp
- <Package Folder>/cache/####/067c42743e063e003c65c1a2395456f4684....0.tmp
- <Package Folder>/cache/####/2133b66f4daa8c05fe058ab91dac7766f77....0.tmp
- <Package Folder>/cache/####/296d29dd2c5b830e6a44eb2a0e3acd0933f....0.tmp
- <Package Folder>/cache/####/34494c76bac4f6f9e0477a3c89d0f3e6817....0.tmp
- <Package Folder>/cache/####/3c639a15fd2bb99a2269fc94f22dd7f2fab....0.tmp
- <Package Folder>/cache/####/3d526038795959e2a62054458b532e02a0b....0.tmp
- <Package Folder>/cache/####/3e8a1e1e33ea2fb0c403d70351a1fdd36f8....0.tmp
- <Package Folder>/cache/####/4200171b0c3d2e0fe374ea6daaa62b7d297....0.tmp
- <Package Folder>/cache/####/4589a1636fdd61a87da6e4fba26a7555bbd....0.tmp
- <Package Folder>/cache/####/5eb41e3447e9b81e1ea10457a5233af57b9....0.tmp
- <Package Folder>/cache/####/6015c81809868a2b22c4a59b972d33614d1....0.tmp
- <Package Folder>/cache/####/65b95448b6737865770802eeb00601fd7fc....0.tmp
- <Package Folder>/cache/####/677e500531d9f15dcad8c6fd83977e4a050....0.tmp
- <Package Folder>/cache/####/692e9296ab32c9a54b28a8489eefb0459e2....0.tmp
- <Package Folder>/cache/####/6a526bd47fe9066179d80090596e1f2beda....0.tmp
- <Package Folder>/cache/####/7607cccd9a1acca48196b20128e8c2e20b1....0.tmp
- <Package Folder>/cache/####/93532a1ffac262ada38ed4b594b08310a3d....0.tmp
- <Package Folder>/cache/####/9681cf1e2fef40d517ec5c9398e435185e3....0.tmp
- <Package Folder>/cache/####/99ba51179e2acb7f9cfe097b4917249912b....0.tmp
- <Package Folder>/cache/####/9b458cb2615c5066a76faa7f4afe6c4f53f....0.tmp
- <Package Folder>/cache/####/9e0601b682667aa9d2ce9fc09e7db4f775f....0.tmp
- <Package Folder>/cache/####/a35c3d0cd4828dd5dee197a76fe5b0bd4c2....0.tmp
- <Package Folder>/cache/####/a3728921bba8d4f971a6434d6fd97911e8e....0.tmp
- <Package Folder>/cache/####/a3f0f7096f6570883993e22a222d303d87d....0.tmp
- <Package Folder>/cache/####/aa40421c2a88c6dbac3ac74b96e9e1816db....0.tmp
- <Package Folder>/cache/####/b9a67e35b09bcc071a582d25dab508bf219....0.tmp
- <Package Folder>/cache/####/c0d20e1e56b84914ecf69628c86291dcafa....0.tmp
- <Package Folder>/cache/####/d0b75f3495cb909120dbf0b355709b7dab6....0.tmp
- <Package Folder>/cache/####/d0f261ab4b9c865ce7da1d730139684b3c1....0.tmp
- <Package Folder>/cache/####/d4d05ea9dce97935a3a8aab8ca060fd6663....0.tmp
- <Package Folder>/cache/####/d51a2c3f530b8819463b034929ce0241604....0.tmp
- <Package Folder>/cache/####/d7ec7e443c06f07eeb051ac696497455e74....0.tmp
- <Package Folder>/cache/####/eab58c68664c782c005207c0cf4c50b04f2....0.tmp
- <Package Folder>/cache/####/f23c0c08944a46e6f7c3b47eef6afaa3609....0.tmp
- <Package Folder>/cache/####/f9b4dd63e9d66d285e24858b35254d07110....0.tmp
- <Package Folder>/cache/####/journal.tmp
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/files/AppEventsLogger.persistedevents
- <Package Folder>/files/glcore.jar
- <Package Folder>/files/glso.jar
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/FBAdPrefs.xml
- <Package Folder>/shared_prefs/SDKIDFA.xml
- <Package Folder>/shared_prefs/all_info_data.xml
- <Package Folder>/shared_prefs/com.facebook.ads.FEATURE_CONFIG.xml
- <Package Folder>/shared_prefs/com.facebook.internal.preferences...GS.xml
- <Package Folder>/shared_prefs/com.facebook.sdk.appEventPreferences.xml
- <Package Folder>/shared_prefs/com.facebook.sdk.attributionTracking.xml
- <Package Folder>/shared_prefs/database.xml
- <Package Folder>/shared_prefs/database.xml.bak
Другие:
Осуществляет доступ к информации о сети.
Осуществляет доступ к информации о телефоне (номер, imei и тд.).
Осуществляет доступ к информации об установленных приложениях.
Осуществляет доступ к информации о запущенных приложениях.
Отрисовывает собственные окна поверх других приложений.
Парсит информацию из смс сообщений.
