Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.RemoteCode.41.origin
Осуществляет доступ к приватному интерфейсу телефонии (ITelephony).
Сетевая активность:
Подключается к:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) analy####.163.com:80
- TCP(HTTP/1.1) 1####.75.95.72:80
- TCP(HTTP/1.1) ipser####.163.com:80
- TCP(HTTP/1.1) c.m.1####.com:80
- TCP(HTTP/1.1) 3g.163.com.####.com:80
- TCP(HTTP/1.1) hm.b####.com:80
- TCP(HTTP/1.1) cha####.m.163.com:80
- TCP(HTTP/1.1) g.1####.com:80
- TCP(HTTP/1.1) ptmgtd0####.wsclou####.com:80
- TCP(HTTP/1.1) c.3g.1####.com:80
- TCP(HTTP/1.1) s####.jom####.com:80
- UDP(NTP) 2.and####.p####.####.org:123
- TCP(TLS/1.0) w####.reg.163.com:443
- TCP(TLS/1.0) ptmgtd0####.wsclou####.com:443
- TCP(TLS/1.0) 3g.163.com.####.com:443
Запросы DNS:
- 2.and####.p####.####.org
- 3g.1####.com
- analy####.163.com
- api.s####.b####.com
- c####.n####.127.net
- c.3g.1####.com
- c.m.1####.com
- cha####.m.163.com
- cms-bu####.n####.127.net
- com####.n####.163.com
- din####.n####.127.net
- g.1####.com
- hm.b####.com
- i####.c####.net####.com
- i####.c####.net####.com
- i####.c####.net####.com
- i####.c####.net####.com
- ipser####.163.com
- n####.163.com
- p####.zhanz####.b####.com
- pic-bu####.n####.127.net
- sp####.n####.127.net
- st####.ws.126.net
- w####.reg.163.com
Запросы HTTP GET:
- 3g.163.com.####.com/api/v1/products/a2869674571f77b5a0867c3d71db5856/thr...
- 3g.163.com.####.com/news/18/0302/10/DBSSOMJ6000187UE.html
- 3g.163.com.####.com/touch/
- 3g.163.com.####.com/touch/behavior.html?feedback=####
- 3g.163.com.####.com/touch/jsonp/releate/wap/new/DBSSOMJ6000187UE.html?ca...
- 3g.163.com.####.com/touch/reconstruct/article/list/BBM54PGAwangning/0-10...
- 3g.163.com.####.com/touch/reconstruct/article/list/BCR0CBQ2wangning/0-1....
- 3g.163.com.####.com/touch/reconstruct/article/list/BHB31870wangning/0-5....
- 3g.163.com.####.com/wap/special/0040ad/wap_piapia_article.js
- analy####.163.com/ntes.js
- analy####.163.com/ntes?_nacc=####&_nvid=####&_nvtm=####&_nvsf=####&_nvfi...
- analy####.163.com/ntes_u?_nacc=####&_npurl=####&_nch=####&_msl=####
- analy####.163.com/ntes_u?_nacc=####&_npurl=####&_nch=####&_nct=####&_mcn...
- c.3g.1####.com/nc/article/list/T1429173762551/0-20.html
- c.m.1####.com/nc/article/headline/T1348647853363/0-20.html
- c.m.1####.com/nc/article/list/T1348648141035/0-20.html
- c.m.1####.com/nc/article/list/T1348648517839/0-20.html
- c.m.1####.com/nc/article/list/T1348649079062/0-20.html
- c.m.1####.com/nc/article/list/T1348649580692/0-20.html
- c.m.1####.com/nc/article/list/T1348650593803/0-20.html
- c.m.1####.com/nc/article/list/T1348654151579/0-20.html
- c.m.1####.com/nc/article/list/T1356600029035/0-20.html
- c.m.1####.com/nc/article/list/T1368497029546/0-20.html
- c.m.1####.com/nc/backflow/jsonp/clickrate.html?callback=####
- cha####.m.163.com/data/d/iosTracking/lite_wap_docend/click?callback=####...
- cha####.m.163.com/data/d/iosTracking/news_wap_docfooter/click?callback=#...
- cha####.m.163.com/data/d/iosTracking/news_wap_doclist/click?callback=###...
- g.1####.com/q?c=####&t=####&l=####&app=####&nt=####&os=####&cb=####
- g.1####.com/ur?site=####&affiliate=####&cat=####&type=####&location=####...
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&ep=####&et=#...
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&et=####&ja=#...
- hm.b####.com/hm.js?b2d0b08####
- ipser####.163.com/locate/api/getLoc?key=####&callback=####
- ptmgtd0####.wsclou####.com/06f4804a00734ab7b212c6f346b91be92018030209215...
- ptmgtd0####.wsclou####.com/0a9145473a994335adb89c608268bd362018030210581...
- ptmgtd0####.wsclou####.com/11bd3ff60d7847a789e426eff4f188b22018030209342...
- ptmgtd0####.wsclou####.com/18d5dd401db7420fbfcfbdb9279867112018030210324...
- ptmgtd0####.wsclou####.com/1d4ce3393a07492aa3f8a369d48b41f72018030211462...
- ptmgtd0####.wsclou####.com/1efc02156e404090a6852a7079dccf852018030208441...
- ptmgtd0####.wsclou####.com/1f0bbd962e5b49ab9f469a643c91e3a22018030210043...
- ptmgtd0####.wsclou####.com/22466d07273243edb50725acd0467e802018030211004...
- ptmgtd0####.wsclou####.com/22bd8cf9314448c88a73e8bbf98aadda2018030118564...
- ptmgtd0####.wsclou####.com/237d0ea38dcc4d74aba24bbdec618e2f2018030211041...
- ptmgtd0####.wsclou####.com/248c1a02bbcb4d368d652c3c54dd821d2018030210212...
- ptmgtd0####.wsclou####.com/252f9e18bf9a428291c96be906ddb7812018030211041...
- ptmgtd0####.wsclou####.com/2574f481815047d4a12afa8c51e138252018030110264...
- ptmgtd0####.wsclou####.com/26393d50797e49cf9de44c75080c11142018030204333...
- ptmgtd0####.wsclou####.com/33e305ce82824054beb3415cfe55d7732018030207442...
- ptmgtd0####.wsclou####.com/37fcb1ed3a36dadbd3e6f674782cc80a.jpg?image###...
- ptmgtd0####.wsclou####.com/3a411c5817094a4fa7a99645396b5c9a2018030203593...
- ptmgtd0####.wsclou####.com/43364dd505f94ebb82312e7002bde4652018030210212...
- ptmgtd0####.wsclou####.com/436df1271372455a92fc1c929266cbd82018030209420...
- ptmgtd0####.wsclou####.com/481e7e79a9bd49788055e95dc74adaaf2018030211402...
- ptmgtd0####.wsclou####.com/493956a5bfc740c6af226ba309bd3fdd2018030211390...
- ptmgtd0####.wsclou####.com/4a8ccba220484d04a3fa5a0594aa37ac2018030118340...
- ptmgtd0####.wsclou####.com/4c267644c0fa49f3915b43d2d1caceea2018030210574...
- ptmgtd0####.wsclou####.com/54b8c9f7834441a4bd77e97df670b24a2018030211090...
- ptmgtd0####.wsclou####.com/58d180b3796148f18edb05860c8766a82018030119463...
- ptmgtd0####.wsclou####.com/5c23f1c25da649c1812d678b022e798e2018030208330...
- ptmgtd0####.wsclou####.com/5f9f6af3b4f1441b866e42fce75e94542018030209452...
- ptmgtd0####.wsclou####.com/6334ba6f710f06cc90e43f3a51f153c1.jpeg?image##...
- ptmgtd0####.wsclou####.com/685dbdcd062447a3b136377d486b9f1b2018030211135...
- ptmgtd0####.wsclou####.com/68daffb3fd3944b5b120755dfc4ce0cc2018030209343...
- ptmgtd0####.wsclou####.com/6953c76d83484f789f5473f36075e0a22018030209464...
- ptmgtd0####.wsclou####.com/6bea5e96cc9e4f708ee32b13303102672018030211073...
- ptmgtd0####.wsclou####.com/707fa10f9fc542e09a17c3c115cd7f2c2017110616390...
- ptmgtd0####.wsclou####.com/720048eb85af46fd929a09fbe696327f2018030120491...
- ptmgtd0####.wsclou####.com/7d1ac2f325494cb6b70d04e241f06e1f2018030117383...
- ptmgtd0####.wsclou####.com/802f985189b84e2989015ccd023ff4252018030207275...
- ptmgtd0####.wsclou####.com/81d84ea8d263455ea9cde1052d9c9e7b2018030211531...
- ptmgtd0####.wsclou####.com/82e73a0e83304583a73ad00b629ca35f2018030210043...
- ptmgtd0####.wsclou####.com/867e098b5775407ca6b53666a9da8c552018030210235...
- ptmgtd0####.wsclou####.com/87f864396f6e4b7e8b2a1a58c27a11192018010910492...
- ptmgtd0####.wsclou####.com/8b4ce6d98f884673bc92be8155c61e1f2018022710330...
- ptmgtd0####.wsclou####.com/8f7285a27d804605b81b73f28c9074dd2018030211094...
- ptmgtd0####.wsclou####.com/8f7d13aea3e4472faec20151384981f62018030211071...
- ptmgtd0####.wsclou####.com/994e49ab567d45908e522399fab4e6652018030119111...
- ptmgtd0####.wsclou####.com/9a2d0d6a6ec244ffa3269ce3ec8b30192018030119372...
- ptmgtd0####.wsclou####.com/9c56aa3cc5ea43ffbe066ee731c9117a2018030210043...
- ptmgtd0####.wsclou####.com/TGZO0NkvD4Hr7qkeu5SzS5s2NkfCGBqw87J6PMTM=0Tbs...
- ptmgtd0####.wsclou####.com/a1d32f0b4f814858ae50bddfbee9426e2018030207434...
- ptmgtd0####.wsclou####.com/a1f611717f9a4114a1131d2edd811bae2018030210005...
- ptmgtd0####.wsclou####.com/a57ed06223c441b1a8bef7854b73af4d2018030209271...
- ptmgtd0####.wsclou####.com/a9c1d3d74e9341b4a6043a9584068cc02018030207494...
- ptmgtd0####.wsclou####.com/b3f88b3f2f6d4cc088792d2a5997e22e2018030211424...
- ptmgtd0####.wsclou####.com/b8f605e0614b2e2e08c45ea07bf46a3e.jpg?image###...
- ptmgtd0####.wsclou####.com/b9e1c8a6d0434f3c9f89e2329bdf97e42018030211032...
- ptmgtd0####.wsclou####.com/c52595060a6f48bdad897c48d26df0c72018030207212...
- ptmgtd0####.wsclou####.com/c5ad7861cdd9421fb274198342917c672018030207432...
- ptmgtd0####.wsclou####.com/catchpic/9/96/9644431c552764a0d1ad6564888d5de...
- ptmgtd0####.wsclou####.com/de283ab637ce4aa2a7f326b39c9566d52018030203593...
- ptmgtd0####.wsclou####.com/df07d902c00c4b71b74ae2ce61bd44392018030206552...
- ptmgtd0####.wsclou####.com/e007b4bca3634c40948c524e4a6d77272018030207494...
- ptmgtd0####.wsclou####.com/e1eec2c5b78f40c9ba58d321aaec92582018030210005...
- ptmgtd0####.wsclou####.com/e2b07d5c8554426da392a9eda03978ae2018030211383...
- ptmgtd0####.wsclou####.com/e655b660ece149408f807b5de7fa7d642018030210232...
- ptmgtd0####.wsclou####.com/e68321abc01844468596ed9d5dc2b2122018030210213...
- ptmgtd0####.wsclou####.com/e859467d4d9b01c2bf2f5e0dbb903dfd.jpeg
- ptmgtd0####.wsclou####.com/ebd846292b3e4cb6a42cbfc2b73988a52018030210005...
- ptmgtd0####.wsclou####.com/ee5c215e987e47a58b939b29074e05392018022120542...
- ptmgtd0####.wsclou####.com/ee9c915584084a17ac87ba4e2ef778022018030210221...
- ptmgtd0####.wsclou####.com/f139f89ad8d143eab5a8f773cf1793a92018030207424...
- ptmgtd0####.wsclou####.com/f2e/wap/common/thirdpartylibs/zepto.1059675.m...
- ptmgtd0####.wsclou####.com/f2e/wap/common_tmp_for_ssp/images/ath.5a2c8e....
- ptmgtd0####.wsclou####.com/f2e/wap/touch_article_2016/ssr_trunk/dist/art...
- ptmgtd0####.wsclou####.com/f2e/wap/touch_index_2016/trunk/images/downloa...
- ptmgtd0####.wsclou####.com/f2e/wap/touch_index_2016/trunk/images/icon-em...
- ptmgtd0####.wsclou####.com/f2e/wap/touch_index_2016/trunk/images/icon-pe...
- ptmgtd0####.wsclou####.com/f2e/wap/touch_index_2016/trunk/images/logo_20...
- ptmgtd0####.wsclou####.com/f2e/wap/touch_index_2016/trunk/images/version...
- ptmgtd0####.wsclou####.com/f2e/wap/touch_index_2016/trunk/index_rc-artic...
- ptmgtd0####.wsclou####.com/f2e/wap/touch_index_2016/trunk/index_rc-newap...
- ptmgtd0####.wsclou####.com/f335ae7eb29d4d278bc0b3b2370de9602018030211123...
- ptmgtd0####.wsclou####.com/f75a977566d0446989961157df22660c2018030210212...
- ptmgtd0####.wsclou####.com/fc343a8810234475bbeb344d979e2fa02018030207494...
- ptmgtd0####.wsclou####.com/fd1870c483844df3a5911f38fd7db9032018030209431...
- ptmgtd0####.wsclou####.com/game/diablo3/d3/news/201803/7.jpg
- ptmgtd0####.wsclou####.com/img/d6c24c5b363e3a5f16482b64a5879cbd.jpg?imag...
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSQRT8J4T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSQRT8K4T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSQRT8L4T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSTGBO04T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSTGBO14T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSTGBO24T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSTP5JK4T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSTP5JL4T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSTP5JM4T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSUVGC44T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSUVGC54T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0001/2018-03-02/DBSUVGC64T8E0001NOS.jpg
- ptmgtd0####.wsclou####.com/photo/0031/2018-03-01/DBRHB3BL56HR0031NOS.jpg
- ptmgtd0####.wsclou####.com/utf8/3g/libs/4.3.4/openNewsapp.js
- ptmgtd0####.wsclou####.com/utf8/3g/touch/images/toast-download.png
- s####.jom####.com/push.js
- s####.jom####.com/s.gif?l=####
- s####.jom####.com/s.gif?r=####&l=####
Изменения в файловой системе:
Создает следующие файлы:
- <Package Folder>/cache/####/data_0
- <Package Folder>/cache/####/data_1
- <Package Folder>/cache/####/data_2
- <Package Folder>/cache/####/data_3
- <Package Folder>/cache/####/f_000001
- <Package Folder>/cache/####/f_000002
- <Package Folder>/cache/####/f_000003
- <Package Folder>/cache/####/f_000004
- <Package Folder>/cache/####/f_000005
- <Package Folder>/cache/####/f_000006
- <Package Folder>/cache/####/f_000007
- <Package Folder>/cache/####/f_000008
- <Package Folder>/cache/####/f_000009
- <Package Folder>/cache/####/f_00000a
- <Package Folder>/cache/####/f_00000b
- <Package Folder>/cache/####/f_00000c
- <Package Folder>/cache/####/f_00000d
- <Package Folder>/cache/####/f_00000e
- <Package Folder>/cache/####/f_00000f
- <Package Folder>/cache/####/f_000010
- <Package Folder>/cache/####/f_000011
- <Package Folder>/cache/####/f_000012
- <Package Folder>/cache/####/f_000013
- <Package Folder>/cache/####/f_000014
- <Package Folder>/cache/####/index
- <Package Folder>/databases/Login.db
- <Package Folder>/databases/Login.db-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/files/006f01faa23617c2e62e77fb1931e074.0
- <Package Folder>/files/05e1470ee6979ca53bffd9f892cb14f8.0
- <Package Folder>/files/085fe3201158fd3a74108b4195ff6765.0
- <Package Folder>/files/0d5a74cbd1daef38603aff4729a1c608.0
- <Package Folder>/files/0eaba59bf95f150c8cbf3541f85592f6.0
- <Package Folder>/files/1180597199099eb8e500548caa806f07.0
- <Package Folder>/files/11fa8012b43f667e4e5219879602a895.0
- <Package Folder>/files/16334fe6a070dce1910779cfbb6aa51b.0
- <Package Folder>/files/1d71cbfcdb920c938b0f3f8b024d572d.0
- <Package Folder>/files/1e5901b513b0b62feb3d4c1548a456af.0
- <Package Folder>/files/1e6a6c7c7bbbc323c7b29276d97fe0d1.0
- <Package Folder>/files/25263db5377da24eeaac86996d311661.0
- <Package Folder>/files/29bfed8ea099ed22099883fa9590c2a1.0
- <Package Folder>/files/3325a478c790636e0c203ef06c866f48.0
- <Package Folder>/files/367f1abc73c5afb88ac0df360de52a50.0
- <Package Folder>/files/3b6bd8cf79a5299efce771e11c2f7a4a.0
- <Package Folder>/files/42867743436bb9ecc817625148c6d89c.0
- <Package Folder>/files/44d6ecfd00b2daf2d059367b41ae75e3.0
- <Package Folder>/files/452885240b080b3db8c3e586933893b7.0
- <Package Folder>/files/4ce65cf5ce808f1e76076475720b5ac4.0
- <Package Folder>/files/50743437e8ab8431ba54815efb946816.0
- <Package Folder>/files/5852de1ef7168101f43291d357222120.0
- <Package Folder>/files/5b05f37a52ce1bbc637fff4939af6a40.0
- <Package Folder>/files/5bc93504cf99209aa5a124958b7bff20.0.tmp (deleted)
- <Package Folder>/files/5f2174482d3d9beca6888ccd350e1edf.0
- <Package Folder>/files/5f2c7c5e4275f9f7fd3a68182b0c8da4.0
- <Package Folder>/files/621e4ae6da9ca4950d18c38822a30ce8.0
- <Package Folder>/files/64ff55ad0d3a6a49207e47e42cbe9cde.0
- <Package Folder>/files/65ad7669528fc2c6fc627a1d6d89a2d9.0
- <Package Folder>/files/669b81b6f6eab580106e93791e340739.0
- <Package Folder>/files/746fc76d20c24ef7d7936d4e6d73d13c.0
- <Package Folder>/files/772408587a0e62620bc9c76c80714849.0
- <Package Folder>/files/775e2581ac9d019ca4706025491c1934.0
- <Package Folder>/files/7a307c1548a764765bdbabff788455ad.0
- <Package Folder>/files/7b6945408186353c5d8ea9f67c04a83b.0
- <Package Folder>/files/7c5a847be0787dd1f907e1522cfa92d3.0
- <Package Folder>/files/7e00450088fb23113957a3c8d40abffd.0
- <Package Folder>/files/84d990c42f0f95219a71bcb82d7e2a53.0
- <Package Folder>/files/85431bc3373baa9eb328ff5e4439d998.0
- <Package Folder>/files/866679e3a5a539f9211e8f0a6dd6246c.0
- <Package Folder>/files/86985d591336654b46aa0e3222b678cb.0
- <Package Folder>/files/86abfab89a56838995e7e2fe88356063.0
- <Package Folder>/files/86d8cacd4c1141541db0d1f77fc4f23b.0
- <Package Folder>/files/8d76f55d99be5775ddc165597eea4845.0
- <Package Folder>/files/8d9854fc2b70eb47a6a2ed927b262d35.0
- <Package Folder>/files/9189ddfc899205d2080b4f97d97920a8.0
- <Package Folder>/files/95992a768b810af546304ea47dbaad53.0
- <Package Folder>/files/97d06f8c2aa1779beaba6dd3b135e02a.0
- <Package Folder>/files/99255bedb6eac7c17c60461152b3ad6a.0
- <Package Folder>/files/9bdc1669d0d2f64a09179a7fc94eda81.0
- <Package Folder>/files/9d1a6d82b172ef489411d6ebe94a3af3.0
- <Package Folder>/files/a2c4a3cd4d52cd47ab954a53119669c3.0
- <Package Folder>/files/a349af4e812e4faed92c5a876cde0c6b.0
- <Package Folder>/files/a8db777181a1fcb3da3c5d3af38295b6.0
- <Package Folder>/files/ab651e3119016784f1e1e2ec93f63b91.0
- <Package Folder>/files/abf614de57af987dd81a14f36d995bfd.0
- <Package Folder>/files/adeyimrg.so
- <Package Folder>/files/b383d6141caeacc227844c6d8349b752.0
- <Package Folder>/files/b53c760f3d923bfda36e38a5bfe94f7d.0
- <Package Folder>/files/b93f338b3014eb220dc77daa31363192.0
- <Package Folder>/files/bf9748f88b3e33d9e3c3a2c9f9be72c1.0
- <Package Folder>/files/c64a449a459bc87d5d98c664eaff34cb.0
- <Package Folder>/files/c81fe78ceb55d722945b25142a4fb68f.0.tmp (deleted)
- <Package Folder>/files/c864b2110588a061aba22ff9f3c7d2bb.0
- <Package Folder>/files/ca6cd324a741943c0015f5f4e2f57956.0
- <Package Folder>/files/cb3a3e81a6caf1664f57921673e302d0.0
- <Package Folder>/files/cd863159c40df08f39bf9cc7a1c3c316.0
- <Package Folder>/files/d00363006b27fa154adb2577549c834b.0
- <Package Folder>/files/d7ddb215c443e4a9d470b19dc20268af.0
- <Package Folder>/files/daf7cc5b1b02ce6d7b4391b0ea1c4bd0.0
- <Package Folder>/files/dd12e1558ae4d41a425867dc28f2a9ec.0
- <Package Folder>/files/de3fedeb2ef3d9882c6bd0c76c3c346b.0
- <Package Folder>/files/dea72c71c8367625f73534b114e2f626.0
- <Package Folder>/files/ed23961b198d0406e1f524fee99b1df0.0
- <Package Folder>/files/f2165a7e80167fe48d16c45683f79d8e.0
- <Package Folder>/files/f4b60a8c216c495d466352ebcfaf0e54.0
- <Package Folder>/files/f54e0989ffcfcac1514092280f5cee11.0
- <Package Folder>/files/f58f37e63ea1a38455f6943f8fdf8e04.0
- <Package Folder>/files/f79613cd2e64a39e1b27d6307951c7f3.0
- <Package Folder>/files/f7adb6a4c9d8742156ea8cc4e34b241f.0
- <Package Folder>/files/fa70d81b2965261530bde74fdc418433.0
- <Package Folder>/files/journal.tmp
- <Package Folder>/shared_prefs/WebViewSettings.xml
- <Package Folder>/shared_prefs/config.xml
- <Package Folder>/shared_prefs/welcome.xml
Другие:
Загружает динамические библиотеки:
- adeyimrg
Использует следующие алгоритмы для шифрования данных:
- DES-CBC-PKCS5Padding
Использует следующие алгоритмы для расшифровки данных:
- AES-CFB-NoPadding
Осуществляет доступ к информации о геолокации.
Осуществляет доступ к информации о сети.
Осуществляет доступ к информации о телефоне (номер, imei и тд.).
Осуществляет доступ к информации об установленных приложениях.
Добавляет задания в системный планировщик.
Отрисовывает собственные окна поверх других приложений.
Осуществляет доступ к информации об отправленых/принятых смс.
