Техническая информация
Вредоносные функции:
Осуществляет доступ к приватному интерфейсу телефонии (ITelephony).
Сетевая активность:
Подключается к:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) s####.j####.cn:80
- TCP(HTTP/1.1) cdn.i####.mo####.com:80
- TCP(HTTP/1.1) 54.2####.253.4:8080
- TCP(HTTP/1.1) oc.u####.com:80
- TCP(HTTP/1.1) api.mo####.com:80
- TCP(TLS/1.0) ssl.google-####.com:443
- TCP 1####.121.49.84:3011
- UDP s.j####.cn:19000
Запросы DNS:
- a####.u####.com
- api.mo####.com
- cdn.i####.mo####.com
- oc.u####.com
- s####.j####.cn
- s.j####.cn
- ssl.google-####.com
Запросы HTTP GET:
- api.mo####.com/router/rest?appId=app_gkt_lookerplus_1&method=register.ap...
- api.mo####.com/router/rest?appId=app_gkt_lookerplus_1&method=stats.appUs...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang088/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang089/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang090/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang091/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang092/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang093/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang094/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang095/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang096/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang097/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang098/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang099/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang100/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang101/0...
- cdn.i####.mo####.com/sexy_girls/FengYiYongZhuang/FengYingYongZhuang102/0...
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi030/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi031/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi032/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi033/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi034/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi035/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi036/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi037/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi038/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi039/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi040/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi041/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi042/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi043/00.jpg
- cdn.i####.mo####.com/sexy_girls/MengXiLuoLi/MengXiLuoLi044/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng074/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng075/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng076/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng077/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng078/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng079/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng080/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng081/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng082/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng083/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng084/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng085/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng086/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng087/00.jpg
- cdn.i####.mo####.com/sexy_girls/QingChunNvSheng/QingChunNvSheng088/00.jpg
Запросы HTTP POST:
- a####.u####.com/app_logs
- oc.u####.com/check_config_update
- s####.j####.cn/v1/report
Изменения в файловой системе:
Создает следующие файлы:
- <Package Folder>/app_database/####/file__0.localstorage-journal
- <Package Folder>/app_database/CachedGeoposition.db
- <Package Folder>/app_database/CachedGeoposition.db-journal
- <Package Folder>/databases/google_analytics_v2.db-journal
- <Package Folder>/databases/lookerplus-db-journal
- <Package Folder>/databases/rep.db-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/files/.imprint
- <Package Folder>/files/PrefsFile
- <Package Folder>/files/gaClientId
- <Package Folder>/files/jpush_stat_cache.json
- <Package Folder>/files/jpush_stat_cache_history.json
- <Package Folder>/files/mobclick_agent_cached_<Package>8
- <Package Folder>/shared_prefs/JPushSA_Config.xml
- <Package Folder>/shared_prefs/cn.jpush.serverconfig.xml
- <Package Folder>/shared_prefs/jpush_device_info.xml
- <Package Folder>/shared_prefs/mobclick_agent_online_setting_<Package>.xml
- <Package Folder>/shared_prefs/pa.preference.xml
- <Package Folder>/shared_prefs/umeng_general_config.xml
- <SD-Card>/.ypa/####/category.zip
- <SD-Card>/.ypa/####/fengyingyongzhuang.png
- <SD-Card>/.ypa/####/jinrituijian.png
- <SD-Card>/.ypa/####/manhuakatong.png
- <SD-Card>/.ypa/####/mengxiluoli.png
- <SD-Card>/.ypa/####/qingchunnvsheng.png
- <SD-Card>/.ypa/####/qingshuyujie.png
- <SD-Card>/.ypa/####/teseliangmei.png
- <SD-Card>/.ypa/####/teseshunv.png
- <SD-Card>/.ypa/####/teseyongzhuang.png
- <SD-Card>/.ypa/####/zhifumote.png
- <SD-Card>/Android/####/.nomedia
- <SD-Card>/Android/####/18x91l64f2ze1dftgk55mssvd
- <SD-Card>/Android/####/1btteyr9l826xnqtt2kk1x55s
- <SD-Card>/Android/####/1d3whfr142321e14e0h4chiym
- <SD-Card>/Android/####/1eol24zgpwaogijfs7hju9rdn
- <SD-Card>/Android/####/1im89z2c3yt3xpan3ygcrg3ql
- <SD-Card>/Android/####/1lsdgsfco06bq6nfqhrtc5d64
- <SD-Card>/Android/####/1z55wg77d3r7w7s7xsutjlyn8
- <SD-Card>/Android/####/2293zksxsz6o01lzjx3hd3adj
- <SD-Card>/Android/####/2huqhmw9nijt5nj0wwun070wd
- <SD-Card>/Android/####/2lssl2qz5dpja7nvzktmqkeig
- <SD-Card>/Android/####/2n29nm10dece15n9yn6lxyyu3
- <SD-Card>/Android/####/2tryok97lr7yosozxvks1oppm
- <SD-Card>/Android/####/2y3m3rqn22av7955cl3dryqnd
- <SD-Card>/Android/####/37ufg2y76sysjtv5udui23vm6
- <SD-Card>/Android/####/3u91sc4mp23pyvj3ya18ox59z
- <SD-Card>/Android/####/42yx7hoglmgnrh6dhf4ogngsm
- <SD-Card>/Android/####/47m3dpk7wsxkgycki7uidut7a
- <SD-Card>/Android/####/4hbmbaphtu1q0lssye94e8qgt
- <SD-Card>/Android/####/4lt7jlb73on4yup9gfy0jy0kx
- <SD-Card>/Android/####/4qil5t8s1kj8f0ic8f7qer5ok
- <SD-Card>/Android/####/4qtjmkt5rn9tmpow3raqdibxs
- <SD-Card>/Android/####/4u1g1lla2927sz3e1dyo38lj6
- <SD-Card>/Android/####/52ekx5tpqw93kmrl7wsrfr6xa
- <SD-Card>/Android/####/56frq2ncjlb5njkxog2hrcjx0
- <SD-Card>/Android/####/57syjurxdtu4ped1s1cqsbq11
- <SD-Card>/Android/####/5o5xd3y5j92pybadz2fjnhf36
- <SD-Card>/Android/####/5pb5xfag2sonuoktdxmusft1r
- <SD-Card>/Android/####/5uqfgck2r4ar37cuu5tmh3weo
- <SD-Card>/Android/####/5yqvbpl1fy2as3jqpnep2z5kf
- <SD-Card>/Android/####/5ysl385m2mw4qjuzju7zi3p19
- <SD-Card>/Android/####/6574ksmafnxwir71cpb9ge7pl
- <SD-Card>/Android/####/67jf87duftpdvvdrlob9a1eal
- <SD-Card>/Android/####/680mbyixui3brpxnnj74lvksy
- <SD-Card>/Android/####/6axyxiqaz0keq7t8ar7duh1ff
- <SD-Card>/Android/####/6lec4gvf7tw36wfon2o1wgzyj
- <SD-Card>/Android/####/6t7ggezpuw93mgk5mp5djg7yp
- <SD-Card>/Android/####/75brij6b1n8uk9mekmeauo21k
- <SD-Card>/Android/####/7eciw91gt6qxzed8xp1vh5ffp
- <SD-Card>/Android/####/7in79dy2vsa2jj4a4va9h4vdj
- <SD-Card>/Android/####/8c7z1yxebt87es1g24bbk0vc
- <SD-Card>/Android/####/93xuqagct21hhfq4f7ql4qgv
- <SD-Card>/Android/####/fi2xr7g68lrd4afpig041y6o
- <SD-Card>/Android/####/g45ccdbs1915989n8p5ytr24
- <SD-Card>/Android/####/rou5porxsasxgkz7acdnben7
- <SD-Card>/Android/####/yumzu10c24wsl7tpa0qje2yw
Другие:
Загружает динамические библиотеки:
- jpush
Осуществляет доступ к информации о геолокации.
Осуществляет доступ к информации о сети.
Осуществляет доступ к информации о телефоне (номер, imei и тд.).
Добавляет задания в системный планировщик.
Отрисовывает собственные окна поверх других приложений.
