Техническая информация
Вредоносные функции:
Загружает на исполнение код следующих детектируемых угроз:
- Android.Spy.127.origin
Осуществляет доступ к приватному интерфейсу телефонии (ITelephony).
Сетевая активность:
Подключается к:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) d####.g####.p####.com:80
- TCP(HTTP/1.1) sr4.pp####.cn:80
- TCP(HTTP/1.1) nav.cn.ron####.com:80
- TCP(HTTP/1.1) int.d####.s####.####.cn:80
- TCP(HTTP/1.1) sr2.pp####.com:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) api.usergr####.p####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) t####.p####.com:80
- TCP(HTTP/1.1) m####.api.p####.com:80
- TCP(HTTP/1.1) m.i####.com:80
- TCP(HTTP/1.1) recom####.p####.com:80
- TCP(HTTP/1.1) way.p####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) apm.su####.cn:80
- TCP(HTTP/1.1) apilo####.a####.com:80
- TCP(HTTP/1.1) w####.p####.com.####.com:80
- TCP(TLS/1.0) ssl.gst####.com:443
- TCP(TLS/1.0) www.go####.com:443
- TCP(TLS/1.0) api.pass####.p####.com:443
- TCP(TLS/1.0) www.gst####.com:443
- TCP(TLS/1.0) adser####.go####.nl:443
- TCP(TLS/1.0) s####.cn.ron####.com:443
- TCP(TLS/1.0) www.go####.nl:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5226
- TCP 38.1####.109.58:8003
- TCP 1####.92.36.75:8619
Запросы DNS:
- a####.u####.com
- ac####.d####.pp####.com
- adser####.go####.com
- adser####.go####.nl
- and####.co####.syna####.com
- api####.a####.com
- api.pass####.p####.com
- api.usergr####.p####.com
- apm.su####.cn
- c####.g####.ig####.com
- c.sz.gt.####.com
- cld####.mo####.p####.com
- epg.api.p####.com
- f####.mo####.p####.com
- gro####.p####.com
- i####.pp####.cn
- i####.pp####.cn
- i####.pp####.cn
- int.d####.s####.####.cn
- ios.syna####.com
- m####.api.p####.com
- m.i####.com
- nav.cn.ron####.com
- recom####.p####.com
- s####.cn.ron####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sp####.mo####.p####.com
- sr1.pp####.cn
- sr1.pp####.com
- sr2.pp####.cn
- sr2.pp####.com
- sr3.pp####.cn
- sr3.pp####.com
- sr4.pp####.cn
- sr4.pp####.com
- ssl.gst####.com
- t####.p####.com
- vas.d####.pp####.com
- way.p####.com
- wocao####.p####.com
- www.go####.com
- www.go####.nl
- www.gst####.com
Запросы HTTP GET:
- api.usergr####.p####.com/get/aphone?index=####&appplt=####&dstr=2l####&m...
- api.usergr####.p####.com/getUserCreditDoublePolicy?appid=####&from=####&...
- d####.g####.p####.com/1.html?sdPg0uXTraCSqrOWlrKpmpyoraSSrKeioJawpqmapqW...
- d####.g####.p####.com/1.html?sdPg0uXTraCSqrOWoJaupqeLs62gj7mWraCSrbOYpaa...
- d####.g####.p####.com/jk/1.html?0eDcpuP####
- int.d####.s####.####.cn/iplookup/iplookup.php?format=####
- m####.api.p####.com/check_update?platform=####&appplt=####&osv=####&appi...
- m####.api.p####.com/control?ver=####&userLevel=####&platform=####&osv=##...
- m####.api.p####.com/generalConfig?platform=####&appplt=####&configType=#...
- m####.api.p####.com/generalConfig?platform=####&configkey=####&appplt=##...
- m####.api.p####.com/v4/module?lang=####&platform=####&appid=####&appver=...
- m.i####.com/cfg/appkey-81a95b3d9ff4dd16
- recom####.p####.com/recTopic?uid=####&extraFields=####&rmTopicIds=####&s...
- recom####.p####.com/recommend?uid=####&ppi=####&vipUser=####&num=####&re...
- sr2.pp####.com/cms/11/83/4bc75805d5b84fe30379e1a044934941.png
- sr2.pp####.com/cms/16/35/c66c61fda8eb103aaf86bdf565afa2bc.png
- sr2.pp####.com/cms/25/07/a3aceb1b5e5f4aa060efeddd192d55b9.png
- sr4.pp####.cn/cms/10/94/8dee5855fa296d7a96a385d2d77a622e.jpg
- sr4.pp####.cn/cms/11/05/88b043f06328e438f903e238dd163ba5.jpg
- sr4.pp####.cn/cms/14/77/2f54d4899af567e2eb17b81b31f1687d.jpg
- sr4.pp####.cn/cms/14/81/87ae34ca35167d5e9e6fdce2df604144.jpg
- sr4.pp####.cn/cms/16/27/711f531d4fdd9fca04e94405bd9d6676.jpg
- sr4.pp####.cn/cms/16/65/a0c68297f4609fbe5c687adf00c30e68.jpg
- sr4.pp####.cn/cms/18/10/fa7426723f7614bf947f30f8659c1260.png
- sr4.pp####.cn/cms/18/64/d4687c6eb192828351d16ba5ffd4bd2b.jpg
- sr4.pp####.cn/cms/19/50/8be57d72356269ba350f6c22180ba113.png
- sr4.pp####.cn/cms/22/25/1ed6d002b6ee6e5b6488d3d52598237b.jpg
- sr4.pp####.cn/cms/23/38/26aa26a008fefa9e1028061a72c32dc8.jpg
- sr4.pp####.cn/cms/23/81/ae04f46e429e4a961b5d58c4da0cd195.jpg
- sr4.pp####.cn/cms/23/85/aee791dc696c8e4cb3a6da03554a709b.png
- sr4.pp####.cn/cms/24/66/c20af89d12b8919df813096c00a4afca.jpg
- sr4.pp####.cn/cms/25/31/e188879ed514ce824fdc66a1995872af.jpg
- sr4.pp####.cn/cms/26/81/11325d0347f8277a0b7e98be8ed21ef2.png
- sr4.pp####.cn/cms/27/19/b6f43cf5a2ff15c4f2fc363f04b5b4ca.jpg
- sr4.pp####.cn/cms/27/80/a0ea836a3b872190bddad8caa55ceeb0.gif
- sr4.pp####.cn/cms/30/55/cb9e5e68aa72a94ca163d62f3dd51969.jpg
- sr4.pp####.cn/cms/34/21/4a6362dc2579005cb449f7f7c5188279.jpg
- sr4.pp####.cn/cms/34/66/d2f3e59edbeeef530f958fb34f772f33.jpg
- sr4.pp####.cn/cms/48/85/c29168dfc4812bbf3d806d015a22761f.jpg
- sr4.pp####.cn/cms/48/97/067c16e392ec51f31747b959e01a9cd3.jpg
- sr4.pp####.cn/cms/49/89/608a80e121b76cfa56cf85e817edd8c9.jpg
- sr4.pp####.cn/cms/61/47/e2b25b18913f8d72528fafdec7130917.jpg
- sr4.pp####.cn/cms/71/10/43c0591b927f0537f5745101e3fdc028.jpg
- sr4.pp####.cn/cms/75/13/5623e6380b94990473b3e07696d80689.jpg
- sr4.pp####.cn/cms/76/43/5288500044d4f822705a15be6c4bfb1e.jpg.webp
- sr4.pp####.cn/cms/87/19/f74fa77b8d1d511e7c95b1a6b4ef1bb1.jpg
- sr4.pp####.cn/cms/94/19/7c337d33441c23288d225f26c8484ef7.jpg
- sr4.pp####.cn/competition/v1/list
- sr4.pp####.cn/competitionschedule/v1/list?competitionid=####
- sr4.pp####.cn/content/get?tabid=####&platform=####&appid=####&appver=###...
- sr4.pp####.cn/control?ver=####&userLevel=####&platform=####&osv=####&sv=...
- sr4.pp####.cn/detail.api?auth=####&canal=####&userLevel=####&ppi=####&ap...
- sr4.pp####.cn/images/2017/07/17/12040797364.gif
- sr4.pp####.cn/lpic/03d/3c7/555/319b537694d90ec9e19bdd79ce4ef82b.png?prod...
- sr4.pp####.cn/lpic/1c9/347/a5f/5e8b55a762683018720355aaa50cb2c0.png?prod...
- sr4.pp####.cn/lpic/2a2/471/b28/f7c3fda294ab97cbf185735ea93fd565.png?prod...
- sr4.pp####.cn/lpic/34e/8d4/055/697d9911c7de6d1d31edcbe4b7f89ae5.png
- sr4.pp####.cn/lpic/34f/c9c/038/bd2c61f50606c9791897ed5f37db41be.png?prod...
- sr4.pp####.cn/lpic/3b0/72d/a26/b9e831e1ecee0a1c40229b1f1e029462.png?prod...
- sr4.pp####.cn/lpic/3fd/d0c/b40/1226c621b1885e1f022c84db043d9a84.png?prod...
- sr4.pp####.cn/lpic/4aa/79e/3c6/0cd1f90527dff999f06e606a10ea43ec.png?prod...
- sr4.pp####.cn/lpic/5e1/f48/410/34306d02295f51159a8eb9a83a8f5bf3.jpg?prod...
- sr4.pp####.cn/lpic/627/a8b/893/025ef89c5b866b3bf9c8a720462c2bda.png?prod...
- sr4.pp####.cn/lpic/665/7c3/26f/212da4d69887801eb643ae08e70f4c85.png?prod...
- sr4.pp####.cn/lpic/6a3/050/974/340d82145c90c38aa24ba1f20504fd04.png?prod...
- sr4.pp####.cn/lpic/711/11c/502/d6c778947ae18f27233fc9acc126139d.png
- sr4.pp####.cn/lpic/767/c55/d3c/ae1cb4320a4a28ed193e51c00745e4b2.jpg?prod...
- sr4.pp####.cn/lpic/856/0d1/b72/0cd674ae40093e6f3469a79d60d7a1c1.jpg?prod...
- sr4.pp####.cn/lpic/8f3/6f9/319/5ac4ba9f78bb97b7b85a69197c2c77af.png?prod...
- sr4.pp####.cn/lpic/93f/993/f1b/dd27bc08d6655280090c5f254ef7dc92.png
- sr4.pp####.cn/lpic/944/84f/643/9bafe0779c4b6b98f4bb43fa89dcebbe.png
- sr4.pp####.cn/lpic/a1b/e75/24a/123fb2cf66cb6dc5689b194229b29b56.png?prod...
- sr4.pp####.cn/lpic/a82/4f0/1ac/d63bdb00eccfaa5ecefa826b48f429bb.jpg?prod...
- sr4.pp####.cn/lpic/bb5/7f2/662/4a5283bfd743f3e9e9c25c82625388d2.png?prod...
- sr4.pp####.cn/lpic/bdc/c29/d05/d8a327ea7275ea9dd6bcd3c77bc6578f.png
- sr4.pp####.cn/lpic/beb/ddd/6e9/acbd2ce6346bae749d76fe1ec0adf4f3.png
- sr4.pp####.cn/lpic/ce3/929/4c3/73c4a0ddb077e5d4a87fb979a56d2224.png?prod...
- sr4.pp####.cn/lpic/eb0/cd3/81e/5783c5e91b063c01e738ac8ae56dfd9c.png?prod...
- sr4.pp####.cn/lpic/ec4/c42/6f2/63862f99377cf076907cb63c4a42a01b.png
- sr4.pp####.cn/lpic/ed3/65d/bca/7ac418e202188ad0a2ff233161b1a35b.jpg?prod...
- sr4.pp####.cn/lpic/f2b/82c/c6e/9cd0be6d82d7d86627dca7d79a808b8f.png
- sr4.pp####.cn/manual_update?platform=####&appplt=####&osv=####&appid=###...
- sr4.pp####.cn/rongtoken/get?userid=####&nickname=####
- sr4.pp####.cn/softlist?device=####&platform=####&sv=####&listid=####&cha...
- sr4.pp####.cn/tab/list?platform=####&appid=####&appver=####&appplt=####
- sr4.pp####.cn/v4/module?lang=####&platform=####&appid=####&appver=####&a...
- t####.p####.com/
- t####.p####.com/getConfig?ZGV2aWNlaWQ9MzU2NTA3MDU5MzUxODk1JmRldmljZXR5cG...
- t####.p####.com/globalConfig?platform=####&appplt=####&osv=####&appid=##...
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- w####.p####.com.####.com/2016/04/25/19083945660_230X306.jpg.webp
- w####.p####.com.####.com/2018/01/22/16062834777_230X306.jpg.webp
- w####.p####.com.####.com/2018/01/22/16081700626_230X306.jpg.webp
- w####.p####.com.####.com/2018/01/23/16342809270_230X306.jpg.webp
- w####.p####.com.####.com/cms/11/82/498e9bc11b86c89e1534848c19f05919.png
- w####.p####.com.####.com/cms/12/29/c7c5c302c5f8d5e85a2acaca2701f72d.png
- w####.p####.com.####.com/cms/14/24/d2b37f1e306938e9e0bf1ade235e24f3.png
- w####.p####.com.####.com/cms/16/43/56738682b13161ae12bd0295d4729016.png
- w####.p####.com.####.com/cms/16/72/d034b09b2226da864b491468624aecc8.png
- w####.p####.com.####.com/cms/16/81/d2325d8b98b35d62169a9b247019c126.png
- w####.p####.com.####.com/cms/18/58/ec1c4e42822e782f3e2dd1e555b82d34.png
- w####.p####.com.####.com/cms/19/13/de5f123f0eea25fd412227ae7e36c196.png
- w####.p####.com.####.com/cms/19/29/561e047817ee645da0a2b6ee8e7a6e7a.png
- w####.p####.com.####.com/cms/19/46/ab512720fe145f793ecbe6b5f0ee2229.png
- w####.p####.com.####.com/cms/20/48/3ca7889db8b07c62dc914a2201694f8e.png
- w####.p####.com.####.com/cms/21/00/20e12ec4f145102a0a306f540d38fc8a.jpg....
- w####.p####.com.####.com/cms/22/45/ab6a88c1f94887994313a7d3b5f4a141.jpg....
- w####.p####.com.####.com/cms/23/79/f40f61bf1df8a962ccb72d5ded38c4da.png
- w####.p####.com.####.com/cms/35/40/8db70647a44111198efddc916dfdce5c.jpg....
- w####.p####.com.####.com/cms/39/35/f5e255e4cbf8c6ace832ba82d318d983.png
- w####.p####.com.####.com/cms/40/08/420462a279acbe7b942cfe917564f7bb.png
- w####.p####.com.####.com/cms/41/80/945ef81c0f11507dc14aff387a033d31.png
- w####.p####.com.####.com/cms/42/44/6275b2cd05b5554c9a8ce81839003de7.png
- w####.p####.com.####.com/sp342/2013/07/16/15253887695.jpg.webp
- w####.p####.com.####.com/sp342/2014/12/12/14492710077.jpg.webp
- w####.p####.com.####.com/sp342/2016/01/05/11071372222.jpg.webp
- w####.p####.com.####.com/sp342/2016/01/22/14385884645.jpg.webp
- w####.p####.com.####.com/sp342/2016/04/14/10153039516.jpg.webp
- w####.p####.com.####.com/sp342/2016/05/31/20525555965.jpg.webp
- w####.p####.com.####.com/sp342/2016/11/30/17321135427.jpg.webp
- w####.p####.com.####.com/sp342/2017/02/27/14062277948.jpg.webp
- w####.p####.com.####.com/sp342/2017/09/24/14100193674.jpg.webp
- w####.p####.com.####.com/sp342/2017/12/28/18284303397.jpg.webp
- w####.p####.com.####.com/sp342/2017/12/29/11400057780.jpg.webp
- w####.p####.com.####.com/sp342/2018/01/24/10120267473.jpg.webp
- w####.p####.com.####.com/sp342/2018/02/12/17372872745.jpg.webp
- w####.p####.com.####.com/sp342/2018/02/13/11373307829.jpg.webp
- w####.p####.com.####.com/sp342/2018/02/24/12455473120.jpg.webp
- w####.p####.com.####.com/sp342/2018/03/12/18193746197.jpg.webp
- w####.p####.com.####.com/sp342/2018/03/13/11275258689.jpg.webp
- w####.p####.com.####.com/sp342/2018/03/15/14471055748.jpg.webp
- w####.p####.com.####.com/sp342/2018/03/20/14350675017.jpg.webp
- w####.p####.com.####.com/sp342/2018/03/21/17372657729.jpg.webp
- way.p####.com/public/ppi?appid=####&appplt=####&cc=####&appver=####&devi...
Запросы HTTP POST:
- a####.u####.com/app_logs
- apilo####.a####.com/v3/log/init
- apm.su####.cn/httpSampling.gif
- d####.g####.p####.com/event/1.html
- m.i####.com/rec/se?_iwt_t=####&sv=####
- nav.cn.ron####.com/navi.xml
- nav.cn.ron####.com/navipush.json
- sdk.o####.p####.####.com/api.php?format=####&t=####
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/COUNTLY_STORE.xml
- /data/data/####/Log2File.xml
- /data/data/####/MATSharedPreferences.xml
- /data/data/####/RongNavigation.xml
- /data/data/####/RongPush.xml
- /data/data/####/Statistics.xml
- /data/data/####/USER_BILLING.xml
- /data/data/####/_ire-journal
- /data/data/####/applog.log
- /data/data/####/cn.com.mma.mobile.tracking.other.xml
- /data/data/####/com.pplive.androidphone_preferences.xml
- /data/data/####/com.suning.statistics.CloudytraceStatisticsProc...ml.bak
- /data/data/####/com.suning.statistics.CloudytraceStatisticsProcessor.xml
- /data/data/####/config.xml
- /data/data/####/configcenter.txt
- /data/data/####/exitadinfo
- /data/data/####/globalConfig.txt
- /data/data/####/init.pid
- /data/data/####/last_know_location.xml
- /data/data/####/libjiagu.so
- /data/data/####/mobclick_agent_cached_com.pplive.androidphone9999999
- /data/data/####/multidex.version.xml
- /data/data/####/pptv.db-journal
- /data/data/####/pptv.xml
- /data/data/####/push.pid
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/static_config
- /data/data/####/storage
- /data/data/####/storage-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/unicom.xml
- /data/data/####/view_from.xml
- /data/data/####/webp.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/-1187218433
- /data/media/####/-1233840979.tmp
- /data/media/####/-1255581841.tmp
- /data/media/####/-1259234546.tmp
- /data/media/####/-1288710204.tmp
- /data/media/####/-1306497338.tmp
- /data/media/####/-1309652336.tmp
- /data/media/####/-1315344453.tmp
- /data/media/####/-1333913724.tmp
- /data/media/####/-1362455474.tmp
- /data/media/####/-1374211436.tmp
- /data/media/####/-1441151610.tmp
- /data/media/####/-1441862793.tmp
- /data/media/####/-1468771345.tmp
- /data/media/####/-147611653
- /data/media/####/-154234153.tmp
- /data/media/####/-1584446550.tmp
- /data/media/####/-1623445290.tmp
- /data/media/####/-1624000149
- /data/media/####/-1638095866
- /data/media/####/-1693854143.tmp
- /data/media/####/-1717685947.tmp
- /data/media/####/-1819595151.tmp
- /data/media/####/-1846508237.tmp
- /data/media/####/-1917343618
- /data/media/####/-1917343619
- /data/media/####/-1920326167.tmp
- /data/media/####/-1922016147
- /data/media/####/-1936410676.tmp
- /data/media/####/-2007277981
- /data/media/####/-2020577616.tmp
- /data/media/####/-203299418.tmp
- /data/media/####/-2046700463.tmp
- /data/media/####/-2065365113.tmp
- /data/media/####/-2089357442.tmp
- /data/media/####/-2106605619.tmp
- /data/media/####/-231211459.tmp
- /data/media/####/-233964098
- /data/media/####/-311146098.tmp
- /data/media/####/-326272346
- /data/media/####/-372115487.tmp
- /data/media/####/-388289668.tmp
- /data/media/####/-431090160
- /data/media/####/-434886813.tmp
- /data/media/####/-465549933.tmp
- /data/media/####/-495776035.tmp
- /data/media/####/-50650037.tmp
- /data/media/####/-551812035.tmp
- /data/media/####/-562143734.tmp
- /data/media/####/-571656177.tmp
- /data/media/####/-575335678.tmp
- /data/media/####/-577683169.tmp
- /data/media/####/-602525327.tmp
- /data/media/####/-605536553
- /data/media/####/-635704441
- /data/media/####/-645134678.tmp
- /data/media/####/-65779591.tmp
- /data/media/####/-694572465.tmp
- /data/media/####/-727939646.tmp
- /data/media/####/-736216026.tmp
- /data/media/####/-746774635.tmp
- /data/media/####/-76205420.tmp
- /data/media/####/-764849759.tmp
- /data/media/####/-774596080.tmp
- /data/media/####/-780476692.tmp
- /data/media/####/-876667881.tmp
- /data/media/####/.nomedia
- /data/media/####/1071670298.tmp
- /data/media/####/1073965773.tmp
- /data/media/####/1094408075.tmp
- /data/media/####/1113759444.tmp
- /data/media/####/1122221299.tmp
- /data/media/####/113251118
- /data/media/####/1160342901
- /data/media/####/1178365620.tmp
- /data/media/####/1189772183.tmp
- /data/media/####/121114558.tmp
- /data/media/####/1228872519.tmp
- /data/media/####/1229611798.tmp
- /data/media/####/123871015.tmp
- /data/media/####/1303387764.tmp
- /data/media/####/1325711385.tmp
- /data/media/####/1399941182.tmp
- /data/media/####/1407075077.tmp
- /data/media/####/1485500666.tmp
- /data/media/####/1488612554
- /data/media/####/1553521954.tmp
- /data/media/####/1563429010.tmp
- /data/media/####/1583631258.tmp
- /data/media/####/1594906143.tmp
- /data/media/####/1644975282.tmp
- /data/media/####/171980557.tmp
- /data/media/####/1725271445
- /data/media/####/1746396458.tmp
- /data/media/####/1749775815.tmp
- /data/media/####/1850360749
- /data/media/####/1850522941
- /data/media/####/1943559261
- /data/media/####/197094101
- /data/media/####/2041154575.tmp
- /data/media/####/21045941.tmp
- /data/media/####/213752273.tmp
- /data/media/####/219944189.tmp
- /data/media/####/224443801.tmp
- /data/media/####/293551572.tmp
- /data/media/####/317327901.tmp
- /data/media/####/318641848.tmp
- /data/media/####/354826905.tmp
- /data/media/####/389662412.tmp
- /data/media/####/460567684.tmp
- /data/media/####/485114242.tmp
- /data/media/####/485476500.tmp
- /data/media/####/495411584
- /data/media/####/54757876
- /data/media/####/54939787.tmp
- /data/media/####/561934565.tmp
- /data/media/####/656727095.tmp
- /data/media/####/704009987.tmp
- /data/media/####/766902523.tmp
- /data/media/####/771733332.tmp
- /data/media/####/827395244
- /data/media/####/848256716.tmp
- /data/media/####/849530936.tmp
- /data/media/####/879797159.tmp
- /data/media/####/891388567.tmp
- /data/media/####/894598840.tmp
- /data/media/####/917906215.tmp
- /data/media/####/942518277.tmp
- /data/media/####/964009232
- /data/media/####/965397903.tmp
- /data/media/####/_livetab1
- /data/media/####/_livetab2
- /data/media/####/_livetabtab
- /data/media/####/app.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.pplive.androidphone.db
- /data/media/####/journal.tmp
Другие:
Запускает следующие shell-скрипты:
- cat /sys/class/net/wlan0/address
- chmod 755 <Package Folder>/files/libjiagu.so
Загружает динамические библиотеки:
- RongIMLib
- audioeffect_jni
- breakpad_util_jni
- libjiagu
- libppbox_jni-android-x86-gcc44-mt-1.1.0
- meet
- mresearch
- ppbox_jni-android-x86-gcc44-mt-1.1
- subtitle-jni
Использует следующие алгоритмы для шифрования данных:
- AES-ECB-PKCS5Padding
- DES-CBC-PKCS5Padding
- DESede-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
Использует следующие алгоритмы для расшифровки данных:
- DES-CBC-PKCS5Padding
- DESede-CBC-PKCS5Padding
Использует специальную библиотеку для скрытия исполняемого байткода.
Осуществляет доступ к информации о геолокации.
Осуществляет доступ к информации о сети.
Осуществляет доступ к информации о телефоне (номер, imei и тд.).
Осуществляет доступ к информации о настроках APN.
Осуществляет доступ к информации об установленных приложениях.
Осуществляет доступ к информации о запущенных приложениях.
Добавляет задания в системный планировщик.
Отрисовывает собственные окна поверх других приложений.
