Техническая информация
Вредоносные функции:
Выполняет код следующих детектируемых угроз:
- Android.DownLoader.860.origin
- Android.Triada.440.origin
Сетевая активность:
Подключается к:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) v2.g####.qq.com:80
- TCP(HTTP/1.1) a####.b####.qq.com:8011
- TCP(HTTP/1.1) s####.tc.qq.com:80
- TCP(HTTP/1.1) a####.b####.qq.com:8012
- TCP(HTTP/1.1) up####.sdk.jig####.cn:80
- TCP(HTTP/1.1) dc.l####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) s####.e.qq.com:80
- TCP(HTTP/1.1) qzones####.g####.cn.####.com:80
- TCP(HTTP/1.1) src.r####.com.####.com:80
- TCP(HTTP/1.1) f####.mom####.cn:80
- TCP(HTTP/1.1) sf1-ttc####.ps####.com:80
- TCP(HTTP/1.1) mi.g####.qq.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) sdk.c####.com:80
- TCP(HTTP/1.1) to####.sn####.com:80
- TCP(TLS/1.0) an####.l####.com:443
- TCP(TLS/1.0) analy####.map.qq.com:443
- TCP(TLS/1.0) res.k####.com.####.com:443
- TCP(TLS/1.0) to####.sn####.com:443
- TCP(TLS/1.0) s####.e.qq.com:443
- TCP(TLS/1.0) tj.a####.cn:443
- TCP(TLS/1.0) o####.k####.com:443
- TCP(TLS/1.0) sdkc####.e.360.cn:443
- TCP(TLS/1.0) s####.j####.cn:443
- TCP(TLS/1.0) log.k####.com:443
- UDP s.j####.cn:19000
- TCP 43.2####.88.67:7005
Запросы DNS:
- a####.b####.qq.com
- a####.u####.com
- aexcep####.b####.qq.com
- an####.l####.com
- analy####.map.qq.com
- and####.b####.qq.com
- dc.l####.com
- ex####.sn####.com
- f####.mom####.cn
- icha####.sn####.com
- is.sn####.com
- log.k####.com
- mi.g####.qq.com
- o####.k####.com
- p####.ugd####.com
- qzones####.g####.cn
- res.k####.com
- s####.e.qq.com
- s####.j####.cn
- s.j####.cn
- sdk.c####.com
- sdkc####.e.360.cn
- sf1-ttc####.ps####.com
- sf3-ttc####.ps####.com
- src.r####.com
- tj.a####.cn
- to####.sn####.com
- up####.sdk.jig####.cn
- v2.g####.qq.com
Запросы HTTP GET:
- f####.mom####.cn/upload/tmp/2019-03/aaeb1a5bf83c17ebb68e3e35d93ac9df.png
- f####.mom####.cn/upload/tmp/2019-04/56defbf4ffc54225abcf314f479e90a4.jpg
- f####.mom####.cn/upload/tmp/2019-04/64261a631628376eb6f15865199c93d3.jpg
- f####.mom####.cn/upload/tmp/2019-04/8be7f9bc1ae8299d91cc2d28adc1d305.jpg
- f####.mom####.cn/upload/tmp/2019-04/922e2c1cf73c3d6fe89a821b8a5139e2.jpg
- f####.mom####.cn/upload/tmp/2019-04/bb8c19f5f82ffcc6a2b6da7e0b492076.jpg
- f####.mom####.cn/upload/tmp/2019-04/cc649d57bf24f9b117d0f1becd4febcb.gif
- f####.mom####.cn/upload/tmp/2019-04/f6d4ea221e497783fb87d93dd0c8bc89.jpg
- mi.g####.qq.com/gdt_mview.fcg?actual_width=####&count=####&r=####&templa...
- mi.g####.qq.com/gdt_mview.fcg?posw=####&posh=####&count=####&r=####&data...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/banner.a...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/banner.h...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/a...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/b...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/c...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/d...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/g...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/i...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/s...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/t...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/js-relea...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/js/lib/r...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android03/js-relea...
- s####.tc.qq.com/gdt/0/DAAK5gkAUAALQABGBcnxrfClXILP8A.jpg/0?ck=####
- s####.tc.qq.com/gdt/0/DAAK5gkAUAALQABVBcnyGtCgwloFxe.jpg/0?ck=####
- s####.tc.qq.com/gdt/0/DAAK5gkAUAALQABaBcnx0DCTuYEjoy.jpg/0?ck=####
- s####.tc.qq.com/gdt/0/DAAK5gkAUAALQABhBcnld4BLowcB2v.jpg/0?ck=####
- s####.tc.qq.com/gdt/0/DAAK5gkAUAALQABiBcnwT2CTLCCE3B.jpg/0?ck=####
- s####.tc.qq.com/gdt/0/EAAGTJ3ABIABIAAAAopBcIfrXCQDtTRqL.jpg/0?ck=####
- sf1-ttc####.ps####.com/img/mosaic-legacy/1225d0004ab099a79487d~cs_690x38...
- src.r####.com.####.com/kubo/dex/luomi_9.1.24.dex
- to####.sn####.com/obj/web.business.image/201904025d0d3fd9790449a449bcaef7
- to####.sn####.com/service/2/app_alert_check/?build_serial=####&timezone=...
- v2.g####.qq.com/gdt_stats.fcg?viewid=####&i=####&os=####&xp=####
Запросы HTTP POST:
- a####.b####.qq.com:8011/rqd/async
- a####.b####.qq.com:8012/rqd/async
- a####.u####.com/app_logs
- and####.b####.qq.com/rqd/async
- dc.l####.com/adLogs/adLog
- dc.l####.com/startLog/startLog
- dc.l####.com/wLog/wLog
- s####.e.qq.com/activate
- sdk.c####.com/versiontapi.php?v=####&type=####
- to####.sn####.com/service/2/ab_test_config/?tt_data=####
- to####.sn####.com/service/2/device_register/?tt_data=####
- to####.sn####.com/service/2/log_settings/?tt_data=####
- up####.sdk.jig####.cn/v1/push/sdk/postlist
Изменения в файловой системе:
Создает следующие файлы:
- /data/data/####/.imprint
- /data/data/####/0d53df6d-6013-4c35-86a2-5ea01ab4263b
- /data/data/####/1btt5tvjqhmfyv6bf9qkmdlpd
- /data/data/####/1btt5tvjqhmfyv6bf9qkmdlpd.tmp
- /data/data/####/2309.yaqcookie
- /data/data/####/6ebb8ef2-5a33-420b-a6a8-6dfc25dff91b
- /data/data/####/AKTorchDownload.db-journal
- /data/data/####/ApplicationCache.db-journal
- /data/data/####/BuglySdkInfos.xml
- /data/data/####/GDTSDK.db
- /data/data/####/GDTSDK.db-journal
- /data/data/####/JPushSA_Config.xml
- /data/data/####/MultiDex.lock
- /data/data/####/a3813caa-d3e0-482a-aca9-6e9d8dfef7d7
- /data/data/####/appPackageNames_v2
- /data/data/####/app_crash_copy.xml
- /data/data/####/app_log_encrypt_switch_count.xml
- /data/data/####/applog_stats.xml
- /data/data/####/ax_c.xml
- /data/data/####/b51c7481-6e69-4ce0-8453-1e04422e80d8
- /data/data/####/bugly_db_legu-journal
- /data/data/####/c0207dd2-a4a4-4e7e-a314-7653c682753d
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/charge_config.xml
- /data/data/####/cloud_switch_cache
- /data/data/####/cn.jpush.android.user.profile.xml
- /data/data/####/cn.jpush.preferences.v2.rid.xml
- /data/data/####/cn.jpush.preferences.v2.xml
- /data/data/####/config.xml
- /data/data/####/core_update
- /data/data/####/core_update_locker
- /data/data/####/custom_channels.xml
- /data/data/####/d9149b54-2f98-4ccf-b7e2-c47079c7eb9f
- /data/data/####/d97f9980-a170-4dde-b50c-69ef94f55b91
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/de2fac49-2b1e-4c14-8674-99f6c3fafb18
- /data/data/####/devCloudSetting.cfg
- /data/data/####/devCloudSetting.sig
- /data/data/####/device_collector
- /data/data/####/device_collector_locker
- /data/data/####/dexMethod.48462615.dat
- /data/data/####/downloader.db-journal
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/finalcore.jar
- /data/data/####/gdt_config.cfg
- /data/data/####/gdt_plugin.jar
- /data/data/####/gdt_plugin.jar.sig
- /data/data/####/gdt_stat.db
- /data/data/####/gdt_stat.db-journal
- /data/data/####/gdt_suid
- /data/data/####/gg.dex
- /data/data/####/header_custom.xml
- /data/data/####/index
- /data/data/####/jpush_device_info.xml
- /data/data/####/jpush_local_notification.db
- /data/data/####/jpush_local_notification.db-journal
- /data/data/####/jpush_local_notification.db-wal
- /data/data/####/jpush_stat_cache.json
- /data/data/####/jpush_stat_cache_history.json
- /data/data/####/jpush_statistics.db
- /data/data/####/jpush_statistics.db-journal
- /data/data/####/jpush_statistics.db-shm (deleted)
- /data/data/####/jpush_statistics.db-wal
- /data/data/####/last_sp_session.xml
- /data/data/####/launch_config.xml
- /data/data/####/libshella-2.9.1.2.so
- /data/data/####/libufix.so
- /data/data/####/libyaqbasic.48462615.so
- /data/data/####/libyaqpro.48462615.so
- /data/data/####/local_crash_lock
- /data/data/####/locker
- /data/data/####/log_reupload_task
- /data/data/####/log_reupload_task_locker
- /data/data/####/mc177.dex
- /data/data/####/mc_cache.xml
- /data/data/####/mix.dex
- /data/data/####/msg_queue
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/profile_task
- /data/data/####/profile_task_locker
- /data/data/####/sdkCloudSetting.cfg
- /data/data/####/sdkCloudSetting.sig
- /data/data/####/security_info
- /data/data/####/snssdk_openudid.xml
- /data/data/####/ss_app_log.db-journal
- /data/data/####/torch_sdk_config.xml
- /data/data/####/tt_sdk_settings.xml
- /data/data/####/ttopenadsdk.xml
- /data/data/####/ttopensdk.db-journal
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/uninstall_apk
- /data/data/####/uninstall_apk_locker
- /data/data/####/update_lc
- /data/data/####/version_config_.xml
- /data/data/####/waitingDown
- /data/data/####/waitingDown_locker
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/yaqsdkcookie
- /data/media/####/.nomedia
- /data/media/####/.push_deviceid
- /data/media/####/.sfp
- /data/media/####/.testf
- /data/media/####/0154553732ff4cf4ad883be3312013e14c09b75804c200....0.tmp
- /data/media/####/03c319bc099c4aff1dd893c2c3b9ba87642ddcd93b1566....0.tmp
- /data/media/####/05d4a38fe59e22cae8be51ac71695571c940a3662d78c3....0.tmp
- /data/media/####/05fd744863cc4c657b0b9ea74b112eedc044ce033fdd7f....0.tmp
- /data/media/####/07121f81d4c20f6e191ce23ba24202b15f5080b08285d5....0.tmp
- /data/media/####/074546d35f76986dd378fc4810ff38779a873ed813baa5....0.tmp
- /data/media/####/09951a98d33c8de29f1337aa4806c6c4c0fad33fbfdb54....0.tmp
- /data/media/####/0b81aa91f980d6a452ff599ca6c76a002fc96e24508bdd....0.tmp
- /data/media/####/1481b2ed7867a97f3f86ab5098b35ffda32b828b7adc9e....0.tmp
- /data/media/####/169bd583d224870be2e80a3330fb33571727ab2969d0d8....0.tmp
- /data/media/####/17b38917557eaa9cba68360fd3d018f31948f5b04dc404....0.tmp
- /data/media/####/18dac74f51521fb96ccd237a4f7002c228d2222c92a04a....0.tmp
- /data/media/####/19054c603acd3e58864f8d0b58413d88db49f428a07cd6....0.tmp
- /data/media/####/1c00ea4e2d2b2ca37950f32c4c4758f75fcb1bb1662b82....0.tmp
- /data/media/####/1e279b384df8f5ca0bfecde3e8fe1e0918b53ced3f7c19....0.tmp
- /data/media/####/221758bc5c4ac1de79dbe54504794df8913b3ffc254342....0.tmp
- /data/media/####/235728320694bde9b97bf427508623ff2d2c8370a8c25c....0.tmp
- /data/media/####/248e8196e1fdb77be85d73089214bb9145da670d5c0a71....0.tmp
- /data/media/####/24a1362458781f86cc5a8141e345592ca939d39744c6b6....0.tmp
- /data/media/####/252c5256996f6628471c9751807ce8beccf6deae37a299....0.tmp
- /data/media/####/2864d0eb1ba9c310a3f9ab9fd90d164d2d1f096de7e7e9....0.tmp
- /data/media/####/28da64bf1519ec6e6de277c382700f1213890dd473e58b....0.tmp
- /data/media/####/2b74ff0909a80c2617f579379dac858ec257cbc9fd9666....0.tmp
- /data/media/####/2f3aa97715f840bba2f101a72f4ea0f0ae2952a2288dde....0.tmp
- /data/media/####/2fcfcbb4f70e8b13595cee746891913b3917b5f74e8bcf....0.tmp
- /data/media/####/312a18b44b6ddf6d9a2b06db05b23ffb.0
- /data/media/####/34668d5b41750304c401f4c0081ffa4a74a9690bbf6635....0.tmp
- /data/media/####/347d3db9798a4a6a9e9f29362906261095c7392586b45a....0.tmp
- /data/media/####/3c844c82fd64a3c6d66a5d1f2f66eaaa130f3c1071cd9f....0.tmp
- /data/media/####/3d0d87e40b21b585eb9811ee1d862e725d140057891865....0.tmp
- /data/media/####/3d4e4eda117bb8f1f533ab1575e9ab7db662decba93564....0.tmp
- /data/media/####/3e01cb5270df84392f8516f7ad364d7350f68aba86d31c....0.tmp
- /data/media/####/3eb3bc6b44ea459ef95b084d714eb8e2854016fe456f8e....0.tmp
- /data/media/####/43051866da19caf5fd5f28c81366a5094b6635c6407b95....0.tmp
- /data/media/####/441fd56635e3c626419d5a15008631046c9549c9b40bb9....0.tmp
- /data/media/####/48580df2b4e7b2ba3a78ce575b6ae9a5dc424bf50d3165....0.tmp
- /data/media/####/4cc0b60207fe3435be9922b82dd31479e172534cdfcef1....0.tmp
- /data/media/####/54377cfb435d2cf0b2d5b83d18ddcda54e48bd42583da8....0.tmp
- /data/media/####/55459c4de06bc24e1b7652cc4e728b197969cc85c05149....0.tmp
- /data/media/####/57b841ead02577c051f0b9cf1c8ecd2b2a900ce9aaeb1f....0.tmp
- /data/media/####/589347fced71299e081b65cafb36b6828c62ea6c9ef9d8....0.tmp
- /data/media/####/5a5f99cac18c22acdcd7d376227a5ad33e1375e0253eaf....0.tmp
- /data/media/####/5b700f10da327d3c81b1179dc879feb99f959fbd69392b....0.tmp
- /data/media/####/5f0b4a8e6545d7e14ab421612e8ca84bdeae340ba10f11....0.tmp
- /data/media/####/60673bb41e88523796e7d90b60d83275f96efd3278011f....0.tmp
- /data/media/####/6087fde4f922acf3686d6d8fa5d55c3cf01b77147399e1....0.tmp
- /data/media/####/615596f033e4882d09905f3adce318167faf932d71b4c7....0.tmp
- /data/media/####/62e9f2ddce8cf002767331595676a56a1b2b90489c330e....0.tmp
- /data/media/####/64ed60cc82d396b73a470928eb812e9b0184c5a8cc4f01....0.tmp
- /data/media/####/668de078237dc56f28653eaab4bc58024d10c6e32c55be....0.tmp
- /data/media/####/695d4980fe7a37fbd146b4e45e3cc0da5b957c0a280add....0.tmp
- /data/media/####/6edaf5135bff9bc789ed5d2627a682619b657c9470fbf7....0.tmp
- /data/media/####/6f35da22bc7b859a50108c139c22715837ddf49f1f2dd2....0.tmp
- /data/media/####/70ac589d61a64c33593d5756404011d24e9cc7746d75a8....0.tmp
- /data/media/####/71f32f35ae08e14cedeb6a96dd5c377baad1e55e9f796f....0.tmp
- /data/media/####/7940ac6d82b8a209566eeaa09daa86cabf4438d45f6a3a....0.tmp
- /data/media/####/7a56590851aff355286dfaa0ae2ee8f05ac35da6ab48b3....0.tmp
- /data/media/####/7b6d4a37f23203857b30596b841d329ce7e66cd6fc4141....0.tmp
- /data/media/####/7cd371699dd3c2984cb9dd4392029ea919397717b02096....0.tmp
- /data/media/####/7ebd8c5d612cbac460a18a24a0a449821a2327e2cf8301....0.tmp
- /data/media/####/81d79b6cc08a47f1aebc902036f3aef174421b4e2a7a97....0.tmp
- /data/media/####/8991b7ebfbf458e12128a00aca6fbef7161a694d22206c....0.tmp
- /data/media/####/8a0c543edb60252b0b85ef2742ec8d863d5ff869c48aac....0.tmp
- /data/media/####/915b50861b12526b4e75f3501904fab48cfc077cdb6e72....0.tmp
- /data/media/####/98ec443f4cc25c891f6f8037b4b218b7f4fefc8a5f5ce5....0.tmp
- /data/media/####/9913ab4aeb3ceb902a174f1940fa7fe4f9fafd265b77ad....0.tmp
- /data/media/####/99b7b52f2a8338a2e51f952054f3b2633ce8cf13e66d18....0.tmp
- /data/media/####/9c0a33f365c63870359b65b45b6d6aa2900f04d2ea1888....0.tmp
- /data/media/####/a1ddb2aa56512b3751797e331de1a63fe67017d0ba0a58....0.tmp
- /data/media/####/a9a3263d63cbbfeb6a8ef0995112d102ba7e63b735b1da....0.tmp
- /data/media/####/aa350fe174d1a44efbe9a2ef17c6a1817acce95e1b6445....0.tmp
- /data/media/####/ad81b2ef0545000eb8fc6caa65ca6427c8c3245a1ebc09....0.tmp
- /data/media/####/ae0a4b33483966f517206f82621a2e2d2ade4c24c771a9....0.tmp
- /data/media/####/b28af67f9ba57ea2fb00b1dd55bd3a8ebc932fb6cc38a7....0.tmp
- /data/media/####/b378c068fde0b54c0938b945bb5bf6f1c2ede9beee44fd....0.tmp
- /data/media/####/bb6316c23a474f1d0b90995eeaf394099f9a918f5306ca....0.tmp
- /data/media/####/bbbb1c31250d124086a4e5b389b53f056151fdf23abd4e....0.tmp
- /data/media/####/c0245e15f520c52abe39d7ceb2f7c30724efbc52388024....0.tmp
- /data/media/####/c50a461f531105240fb06e0fe7f45a9c5a3635c6832f92....0.tmp
- /data/media/####/c5c3124b5da19f502851d09c557373b3c9c54306838ddc....0.tmp
- /data/media/####/c985f0c02267dd52f49a4533da58a49aa61d1fd4097650....0.tmp
- /data/media/####/clientudid.dat
- /data/media/####/d60daaa9ab771a138695990d5dd17a190bb6195a276dec....0.tmp
- /data/media/####/d92c58d7a6c406922cea29f3616a77070d03f95c804268....0.tmp
- /data/media/####/db84545123d104348fb95540a444a882a5cc1a32c80705....0.tmp
- /data/media/####/dd60423d2b4f19a711427ad6f40f03771be9773fc42051....0.tmp
- /data/media/####/f28fcab52d512de0bad0a61795f8a83bb23006bdeb619f....0.tmp
- /data/media/####/f37a3ceb26a2a0f3161f19675f6e2e16eb7e95169849f0....0.tmp
- /data/media/####/f6a2be4e0ab416307547b711ef3c4b636e8bb432e55ab8....0.tmp
- /data/media/####/ff47e5e15eeceaa89c4c8808de1f23a5.0
- /data/media/####/journal.tmp
- /data/media/####/uninstall_apk_list
Другие:
Запускает следующие shell-скрипты:
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.1.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.letv.release.version
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.smartisan.version
- getprop ro.vivo.os.build.display.id
- getprop ro.vivo.os.version
- getprop ro.yunos.version
- logcat -d -v threadtime
Загружает динамические библиотеки:
- Bugly
- c++_shared
- jcore120
- libnfix
- libshella-2.9.1.2
- libufix
- libyaqbasic.48462615
- libyaqpro.48462615
- mmkv
- nfix
- pl_droidsonroids_gif
- ttEncrypt
- ufix
Использует следующие алгоритмы для шифрования данных:
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
Использует следующие алгоритмы для расшифровки данных:
- AES-CBC-PKCS7Padding
- AES-ECB-NoPadding
- AES-ECB-PKCS5Padding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
Осуществляет доступ к приватному интерфейсу ITelephony.
Использует специальную библиотеку для скрытия исполняемого байт-кода.
Получает информацию о местоположении.
Получает информацию о сети.
Получает информацию о телефоне (номер, IMEI и т. д.).
Получает информацию об установленных приложениях.
Получает информацию о запущенных приложениях.
Получает информацию о привязанных к устройству аккаунтах (Google, Facebook и т. д.).
Добавляет задания в системный планировщик.
Отрисовывает собственные окна поверх других приложений.
