Android.DownLoader.4962

Техническая информация

Вредоносные функции:

Выполняет код следующих детектируемых угроз:

Android.Click.311.origin
Android.Click.334.origin
Android.Click.367.origin
Android.DownLoader.960.origin
Android.Mobifun.11.origin
Android.Mobifun.29.origin
Android.Mobifun.30.origin
Android.RemoteCode.231.origin
Android.RemoteCode.238.origin
Android.RemoteCode.296.origin
Android.RemoteCode.306.origin
Android.RemoteCode.6122
Android.Triada.4567
Android.Triada.467.origin
Android.Triada.510.origin
Android.Triada.537.origin
Android.Triada.541.origin
Android.Triada.553.origin
Android.Xiny.293.origin
Android.Xiny.5549

Загружает из Интернета следующие детектируемые угрозы:

Android.Click.311.origin
Android.Click.334.origin
Android.Click.367.origin
Android.DownLoader.960.origin
Android.RemoteCode.238.origin
Android.RemoteCode.306.origin
Android.RemoteCode.6122
Android.Triada.510.origin
Android.Triada.541.origin
Android.Triada.553.origin

Сетевая активность:

Подключается к:

UDP(DNS) 8####.8.4.4:53
TCP(HTTP/1.1) 13.2####.16.115:8081
TCP(HTTP/1.1) api.f####.com:80
TCP(HTTP/1.1) c####.s9####.com:10278
TCP(HTTP/1.1) gd.a.s####.com:80
TCP(HTTP/1.1) api.applove####.com:80
TCP(HTTP/1.1) r####.bu####.vip:80
TCP(HTTP/1.1) res.wildpet####.info:80
TCP(HTTP/1.1) 66.1####.218.92:80
TCP(HTTP/1.1) h5mg####.ly####.com:80
TCP(HTTP/1.1) p####.pay####.com:80
TCP(HTTP/1.1) ks####.3q####.com:12038
TCP(HTTP/1.1) jz####.mc####.com:12029
TCP(HTTP/1.1) sdk####.come2c####.com:80
TCP(HTTP/1.1) api.s####.com:8033
TCP(HTTP/1.1) sdk.wildpet####.info:80
TCP(HTTP/1.1) hw1####.new####.com:80
TCP(HTTP/1.1) jz####.mc####.com:11027
TCP(HTTP/1.1) api.s####.com:6262
TCP(HTTP/1.1) hw9####.new####.com:80
TCP(HTTP/1.1) dy.kr.wildpet####.info:80
TCP(HTTP/1.1) api.bi####.com:80
TCP(HTTP/1.1) w####.xiaoshu####.net:80
TCP(HTTP/1.1) d####.dd7####.com:80
TCP(HTTP/1.1) bi####.bi####.com:10248
TCP(HTTP/1.1) bi####.bi####.com:10238
TCP(HTTP/1.1) d0####.98####.com:10091
TCP(HTTP/1.1) log.koapk####.com:80
TCP(HTTP/1.1) lo.bu####.vip:80
TCP(HTTP/1.1) c####.6k####.com:10238
TCP(HTTP/1.1) api.dc.tkcre####.com:80
TCP(HTTP/1.1) jz####.mc####.com:12038
TCP(HTTP/1.1) 5.z####.top:80
TCP(HTTP/1.1) sdk####.appclic####.com:80
TCP(HTTP/1.1) z.c####.com:80
TCP(HTTP/1.1) sdk.appclic####.com:80
TCP(HTTP/1.1) x####.g####.com:8808
TCP(HTTP/1.1) gc4####.9####.com:80
TCP(HTTP/1.1) y####.k8####.com:80
TCP(HTTP/1.1) a.biankan####.com:80
TCP(TLS/1.0) p####.google####.com:443
TCP(TLS/1.0) yh####.zhuifen####.top:443
TCP(TLS/1.0) datasta####.zhuifen####.top:443
TCP(TLS/1.0) tc.airmo####.com:443
TCP(TLS/1.0) pro.qazws####.xyz:443
TCP(TLS/1.0) us####.al####.com.####.net:443
TCP(TLS/1.0) dualsta####.wagbr####.ali####.####.com:443
TCP(TLS/1.0) and####.google####.com:443
TCP(TLS/1.0) 1####.217.168.234:443
TCP(TLS/1.0) lp.cooktra####.com:443
TCP(TLS/1.0) al####.u####.com:443
TCP(TLS/1.0) android####.go####.com:443
TCP(TLS/1.0) instant####.google####.com:443
TCP(TLS/1.0) c####.pay####.com:443
TCP(TLS/1.2) 1####.217.17.46:443
TCP(TLS/1.2) 1####.217.168.234:443
TCP(TLS/1.2) 1####.217.17.67:443
TCP 1####.0.15.254:47828

Запросы DNS:

1e####.23####.com
5.z####.top
7.zhuifen####.top
a####.al####.com
a.biankan####.com
alic####.nbeem####.com
and####.google####.com
android####.go####.com
api.applove####.com
api.bi####.com
api.dc.tkcre####.com
api.f####.com
api.s####.com
bi####.bi####.com
c####.6k####.com
c####.pay####.com
c####.s9####.com
d####.dd7####.com
d0####.98####.com
datasta####.zhuifen####.top
dy.kr.wildpet####.info
gc4####.9####.com
h5mg####.ly####.com
hw1####.new####.com
hw9####.new####.com
instant####.google####.com
jz####.mc####.com
krvlu####.9####.com
ks####.3q####.com
lo.bu####.vip
log.koapk####.com
lp.cooktra####.com
m####.go####.com
ne####.s####.com
new.faceboo####.com
nu####.js####.com
p####.google####.com
p####.pay####.com
plb####.u####.com
pro.qazws####.xyz
pv.s####.com
r####.bu####.vip
r####.bu####.vip
r.faceboo####.com
r1.faceboo####.com
res.wildpet####.info
sdk####.appclic####.com
sdk####.come2c####.com
sdk.appclic####.com
sdk.wildpet####.info
smartse####.me
smartse####.me.8.####.8
tc.airmo####.com
u####.u####.com
w####.xiaoshu####.net
w0####.iw####.com
x####.g####.com
x####.g####.com
x####.me####.com
y####.k8####.com
yh####.zhuifen####.top
z12.c####.com
z2.c####.com
z3.c####.com
z5.c####.com
z6.c####.com
z9.c####.com

Запросы HTTP GET:

5.z####.top/it7.data
5.z####.top/thirdsdk/flowcashpack/11/m06151734.jar
5.z####.top/thirdsdk/flowcashpack/18/news-100-202011241528d.jar
5.z####.top/thirdsdk/flowcashpack/20/al-100-202009231448d.jar
5.z####.top/thirdsdk/flowcashpack/3/offer-134-202009161648d.jar
5.z####.top/thirdsdk/flowcashpack/67/webshop-112-202010261508d.jar
api.applove####.com/api/v3/cache/get?osv=####&srnc=####&token=####&ds=##...
api.applove####.com/api/v3/search/get?osv=####&token=####&pm=####&os=###...
api.applove####.com/api/v3/template/get?slot_id=####&update_time=####&us...
api.f####.com/co?u=####&androidId=####&s=####&at=####&imei=####&imsi=###...
api.s####.com:6262/sdk-logs/sdk-logs-control/logs/control?appId=####&off...
api.s####.com:8033/ana/get-ana-status?app_id=####&task_id=####&imsi_id=#...
d####.dd7####.com/upload/hw/D10049dex20190529.jar
d####.dd7####.com/upload/hw/c1005dex20190527.jar
d####.dd7####.com/upload/hw/h5dj202003243.jar
d####.dd7####.com/upload/hw/h5rq20191022.jar
d####.dd7####.com/upload/hw/lsdk20200506.jar
d####.dd7####.com/upload/hw/nsdk20200428.jar
d####.dd7####.com/upload/hw/qcdex20200316.jar
d####.dd7####.com/upload/hw1/CJAR20190515.jar
d####.dd7####.com/upload/plog/bing20201119.jar
d####.dd7####.com/upload/plog/kk20201106.jar
d####.dd7####.com/upload/plog/mobdex20201017.jar
d####.dd7####.com/upload/plog/ps20201204_.jar
gc4####.9####.com/zsyunsxda
gc4####.9####.com/zsyunsxda/
gd.a.s####.com/cityjson?ie=####
h5mg####.ly####.com/favicon.ico
h5mg####.ly####.com/pipe-mania/?channelid=####
lo.bu####.vip/v1/log/track?key=####&mtype=####&device_####&pkg=####&subi...
p####.pay####.com/s-r/292/5ee718ce1512e
r####.bu####.vip/assets/bdtj/ws12.html?hmsr=####&hmpl=####
res.wildpet####.info/modules/SmartSearch.zip
res.wildpet####.info/modules/hfumobi28.zip
res.wildpet####.info/modules/proxy-gl-13-n-u-d.zip
res.wildpet####.info/modules/q201030.zip
sdk.appclic####.com/check?channel=####
w####.xiaoshu####.net/dtbx/aiyouxin/it10.zip
w####.xiaoshu####.net/dtbx/liangzong/core-app_jj03-release.zip
w####.xiaoshu####.net/dtbx/panshi/app-release_0928.zip
w####.xiaoshu####.net/plugins/app102.zip
w####.xiaoshu####.net/plugins/dp2.zip
x####.g####.com:8808/a/e?a=####
y####.k8####.com/hwyw/deahexwot.zip
y####.k8####.com/hwyw/styaoduyar.zip
y####.k8####.com/zhuti/TwyosdjwjXzt1016.zip
y####.k8####.com/zhuti/YDosdmwee910.zip
z.c####.com/stat.htm?id=####&cnzz_eid=####

Запросы HTTP POST:

a.biankan####.com/api/v2/task?ts=####&r=####&sign=####&cmd=####
api.bi####.com/un
api.dc.tkcre####.com/v1/sdklog
bi####.bi####.com:10238/fogggnpefw/
bi####.bi####.com:10238/kltwjlwpqu/
bi####.bi####.com:10248/iysyxb/
bi####.bi####.com:10248/ng1fxo/
bi####.bi####.com:10248/pauumd/
c####.6k####.com:10238/2ejolc/
c####.6k####.com:10238/dts57h/
c####.6k####.com:10238/z2s8gh/
c####.s9####.com:10278/42elke/
c####.s9####.com:10278/jn9zpb/
d0####.98####.com:10091/wisdom/marking
dy.kr.wildpet####.info/dykr/sync?appid=####&aid=####
dy.kr.wildpet####.info/dykr/update?appid=####&aid=####
hw1####.new####.com/api/activite
hw1####.new####.com/api/small
hw1####.new####.com/api/tbdynamic
hw1####.new####.com/index.php?r=####
hw9####.new####.com/api/activite
hw9####.new####.com/api/small
hw9####.new####.com/api/tbdynamic
jz####.mc####.com:11027/kd92kx/
jz####.mc####.com:11027/mskeww/
jz####.mc####.com:12029/hfdlls/
jz####.mc####.com:12029/i3v8nb/
jz####.mc####.com:12029/lfkdnr/
jz####.mc####.com:12038/iowncjk/
ks####.3q####.com:12038/neisdop/
ks####.3q####.com:12038/pwjdaae/
log.koapk####.com/pgm/sr/gm/gy
sdk####.appclic####.com/log
sdk####.come2c####.com/v1/project/h5ad
sdk####.come2c####.com/v1/project/sdk
sdk.wildpet####.info/SmartSearch/get
x####.g####.com:8808/a/f

Изменения в файловой системе:

Создает следующие файлы:

/data/data/####/.imprint
/data/data/####/.mf
/data/data/####/.t
/data/data/####/0437750A541C5BE283568783752E76EF.xml
/data/data/####/0a665ab10f4a46cb9a65c9f1ed15ab0e
/data/data/####/1.dex
/data/data/####/1.dex (deleted)
/data/data/####/1.dex.flock (deleted)
/data/data/####/1.jar
/data/data/####/1D2ECA4D2366CF6371FF735881567A01
/data/data/####/242CB7B15C8571D4EA3D3E825CCE2CC5.dex
/data/data/####/242CB7B15C8571D4EA3D3E825CCE2CC5.dex.flock (deleted)
/data/data/####/2D7A36961E40EF39519F07AA1FA38A5D.dex
/data/data/####/2D7A36961E40EF39519F07AA1FA38A5D.dex.flock (deleted)
/data/data/####/46222a03c1420e16_0 (deleted)
/data/data/####/51EE358EA53C1BFF66921EDA8188AF49.dex
/data/data/####/51EE358EA53C1BFF66921EDA8188AF49.dex.flock (deleted)
/data/data/####/5F4500CC7C9A7A353666BF5FDAEB1E86.xml
/data/data/####/5F4500CC7C9A7A353666BF5FDAEB1E86.xml.bak
/data/data/####/6342d0610af80df61be9346badebbf04.d
/data/data/####/6616f972f9884e301cd740268cfdf343
/data/data/####/6639551CCBBAA2B99D9786C03BC2C69F.xml
/data/data/####/6B59C67F4E3E07A0E22570B1D54BDC87.xml
/data/data/####/6d0f3fa3007411eb9799506b4b12c76007de31e5c0f9f59...10.dex
/data/data/####/6d0f3fa3007411eb9799506b4b12c76007de31e5c0f9f59...10.jar
/data/data/####/6d0f3fa3007411eb9799506b4b12c76007de31e5c0f9f59...leted)
/data/data/####/6d0f3fa3007411eb9799506b4b12c76007de31e5c0f9f59...rcache
/data/data/####/6d0f3fa3007411eb9799506b4b12c760a481e950172de8d...fe.dex
/data/data/####/6d0f3fa3007411eb9799506b4b12c760a481e950172de8d...leted)
/data/data/####/6d0f3fa3007411eb9799506b4b12c760a481e950172de8d...rcache
/data/data/####/6d0f3fa3007411eb9799506b4b12c760afb3893166466d2...62.dex
/data/data/####/6d0f3fa3007411eb9799506b4b12c760afb3893166466d2...62.jar
/data/data/####/6d0f3fa3007411eb9799506b4b12c760afb3893166466d2...leted)
/data/data/####/6d0f3fa3007411eb9799506b4b12c760afb3893166466d2...rcache
/data/data/####/6d0f3fa3007411eb9799506b4b12c760b90b04be5561ceb...48.dex
/data/data/####/6d0f3fa3007411eb9799506b4b12c760b90b04be5561ceb...48.jar
/data/data/####/6d0f3fa3007411eb9799506b4b12c760b90b04be5561ceb...leted)
/data/data/####/6d0f3fa3007411eb9799506b4b12c760b90b04be5561ceb...rcache
/data/data/####/6d0f3fa3007411eb9799506b4b12c760cb7e81d3f48b4ff...ec.dex
/data/data/####/6d0f3fa3007411eb9799506b4b12c760cb7e81d3f48b4ff...ec.jar
/data/data/####/6d0f3fa3007411eb9799506b4b12c760cb7e81d3f48b4ff...leted)
/data/data/####/7cfba443c7065e4f87058f05b248403d.d
/data/data/####/8083FF58735015297E7624C9CFAC3D8C.xml
/data/data/####/8868e3b0215cba35ff1c9f4ff5c9df77
/data/data/####/8C8F552939218D4D55F5ACC7505AE2C6.xml
/data/data/####/901a9c8baf0e5f21_0 (deleted)
/data/data/####/90C7C318D2144D053B7F0CB7163D0422.dex
/data/data/####/90C7C318D2144D053B7F0CB7163D0422.dex.flock (deleted)
/data/data/####/9145E4178974FEAFB084264767F30932.xml
/data/data/####/98FDECB17B837318717C64311D2C05D8.dex
/data/data/####/98FDECB17B837318717C64311D2C05D8.dex.flock (deleted)
/data/data/####/9B29C2F5242C6A564DFEF1DF4F020D57.dex
/data/data/####/9B29C2F5242C6A564DFEF1DF4F020D57.dex.flock (deleted)
/data/data/####/9e876e14f49dacd6067994dabd62ddae.xml
/data/data/####/CJAR20190515.dex
/data/data/####/CJAR20190515.dex.flock (deleted)
/data/data/####/CommonConfig.xml
/data/data/####/Cookies-journal
/data/data/####/D10049dex20190529.dex
/data/data/####/D10049dex20190529.dex.flock (deleted)
/data/data/####/D6F7CA81D64A7473D92C2C1626D0D16A.xml
/data/data/####/D7A439CE8D75DD3A8FB29A3458DA0346.dex
/data/data/####/D7A439CE8D75DD3A8FB29A3458DA0346.dex.flock (deleted)
/data/data/####/DeviceConfig.xml
/data/data/####/E6F69FEF5EAFB75D8FC23DDBEB91E784.dex
/data/data/####/E6F69FEF5EAFB75D8FC23DDBEB91E784.dex.flock (deleted)
/data/data/####/E796DC7A583043BFD4849DB0067F31E4.xml
/data/data/####/F0D5102820BF14B12186E1B978E9B3FF.dex
/data/data/####/F0D5102820BF14B12186E1B978E9B3FF.dex.flock (deleted)
/data/data/####/MobikokCommonConfig.xml
/data/data/####/MobikokDeviceConfig.xml
/data/data/####/NDIOSJD.xml
/data/data/####/PROXYDATA.xml
/data/data/####/PROXYDATA.xml.bak
/data/data/####/SmartSearch.dex
/data/data/####/SmartSearch.dex.flock (deleted)
/data/data/####/SmartSearch.zip
/data/data/####/UM_PROBE_DATA.xml
/data/data/####/WebViewChromiumPrefs.xml
/data/data/####/_p.xml
/data/data/####/_sh.xml
/data/data/####/aXQ3LmRhdGE=
/data/data/####/aXQ3LmRhdGE=.dex
/data/data/####/aXQ3LmRhdGE=.dex.flock (deleted)
/data/data/####/aXQ3LmRhdGE=.tmp
/data/data/####/alcccu
/data/data/####/b67c4ab81cd79325_0 (deleted)
/data/data/####/bEj.dex
/data/data/####/bEj.dex.flock (deleted)
/data/data/####/bEj.jar
/data/data/####/base.apk
/data/data/####/base.dex
/data/data/####/base.dex.flock (deleted)
/data/data/####/bing20201119.dex
/data/data/####/bing20201119.dex.flock (deleted)
/data/data/####/c1005dex20190527.dex
/data/data/####/c1005dex20190527.dex.flock (deleted)
/data/data/####/c14d2ea416cc4f8ae8e1dc95eaa2afe7.xml
/data/data/####/classes.dex
/data/data/####/classes.dex (deleted)
/data/data/####/classes.dex.flock (deleted)
/data/data/####/com.display.wq_ct_default.xml
/data/data/####/com.display.wq_preferences.xml
/data/data/####/com.display.wq_preferences.xml.bak
/data/data/####/com.display.wqye_after_install_pkg.xml
/data/data/####/comdptiksavlat.xml
/data/data/####/comdptiksavlat.xml.bak
/data/data/####/d41d8cd98f00b204e9800998ecf8427e.xml
/data/data/####/dW1weF9pbnRlcm5hbF8xNjA3MjYyODEwOTkz;
/data/data/####/da9a26a87ed290aa_0 (deleted)
/data/data/####/data.dex
/data/data/####/data.dex.flock (deleted)
/data/data/####/data.jar
/data/data/####/data.m
/data/data/####/dder4dsw.xml
/data/data/####/dder4dsw.xml.bak
/data/data/####/dder4dsw.xml.bak (deleted)
/data/data/####/dojrya
/data/data/####/dwd4rsd.xml
/data/data/####/dwd4rsd.xml.bak
/data/data/####/dy_live.xml
/data/data/####/dy_live.xml.bak
/data/data/####/e843703351c246eda0370011ba743bcf
/data/data/####/exchangeIdentity.json
/data/data/####/exid.dat
/data/data/####/fasdaaf.data-journal
/data/data/####/fde4sr.data-journal
/data/data/####/fdfaasssdf.data-journal
/data/data/####/fdwr4s5d.data-journal
/data/data/####/gameid
/data/data/####/gameid.zip
/data/data/####/h5dj202003243.dex
/data/data/####/h5dj202003243.dex.flock (deleted)
/data/data/####/h5rq20191022.dex
/data/data/####/h5rq20191022.dex.flock (deleted)
/data/data/####/hfumobi28.zip
/data/data/####/hv.xml
/data/data/####/hv.xml.bak
/data/data/####/hvaa.xml
/data/data/####/i==1.2.0&&1.1_1607262811053_envelope.log
/data/data/####/iavi.txt.xml
/data/data/####/iavi.txt.xml.bak
/data/data/####/index
/data/data/####/info.xml
/data/data/####/irhctr.dex (deleted)
/data/data/####/irhctr.dex.flock (deleted)
/data/data/####/irhctr.jar
/data/data/####/jhvqtjun.dex
/data/data/####/jhvqtjun.dex.flock (deleted)
/data/data/####/jhvqtjun.jar
/data/data/####/kdid
/data/data/####/kk20201106.dex
/data/data/####/kk20201106.dex.flock (deleted)
/data/data/####/lani.png
/data/data/####/libnav-6mdw2z.so
/data/data/####/libujcn.so
/data/data/####/libujcn.so-32
/data/data/####/libujcn.so-64
/data/data/####/libzvje.so
/data/data/####/libzvje.so-32
/data/data/####/libzvje.so-64
/data/data/####/life_record_config.xml
/data/data/####/lob.xml
/data/data/####/lob.xml.bak
/data/data/####/lsdk20200506.dex
/data/data/####/lsdk20200506.dex.flock (deleted)
/data/data/####/m2020120211.apk
/data/data/####/m2020120211.dex
/data/data/####/m2020120211.dex.flock (deleted)
/data/data/####/mdgq.xml
/data/data/####/mel.xml
/data/data/####/metrics_guid
/data/data/####/mobdex20201017.dex
/data/data/####/mobdex20201017.dex.flock (deleted)
/data/data/####/mwkjrq
/data/data/####/nsdk20200428.dex
/data/data/####/nsdk20200428.dex.flock (deleted)
/data/data/####/nsooauvm.dex
/data/data/####/nsooauvm.dex.flock (deleted)
/data/data/####/nsooauvm.jar
/data/data/####/oniow
/data/data/####/pl_config.xml
/data/data/####/proc_auxv
/data/data/####/proxy-gl-13-n-u-d.dex
/data/data/####/proxy-gl-13-n-u-d.dex.flock (deleted)
/data/data/####/proxy-gl-13-n-u-d.zip
/data/data/####/ps20201204_.dex
/data/data/####/ps20201204_.dex.flock (deleted)
/data/data/####/q201030.zip
/data/data/####/qcdex20200316.dex
/data/data/####/qcdex20200316.dex.flock (deleted)
/data/data/####/qxgi.png
/data/data/####/s2020120211.apk
/data/data/####/s2020120211.dex
/data/data/####/s2020120211.dex.flock (deleted)
/data/data/####/sdkinit.xml
/data/data/####/sdkinit.xml.bak
/data/data/####/simple-main-msg.dat
/data/data/####/simple-main-req.dat
/data/data/####/smart_config.xml
/data/data/####/spUtils.xml
/data/data/####/sp_dojz.xml
/data/data/####/sp_dojz.xml.bak
/data/data/####/sp_pnmh.xml
/data/data/####/sp_qyejw.xml
/data/data/####/t==8.0.0&&1.1_1607262811545_envelope.log
/data/data/####/temp.zip (deleted)
/data/data/####/the-real-index
/data/data/####/tqo.xml
/data/data/####/ua.db
/data/data/####/ua.db-journal
/data/data/####/ulanda.xml
/data/data/####/um_pri.xml
/data/data/####/umdat.xml
/data/data/####/umeng_common_config.xml
/data/data/####/umeng_common_location.xml
/data/data/####/umeng_general_config.xml
/data/data/####/umeng_general_config.xml.bak
/data/data/####/umeng_it.cache
/data/data/####/uuid_data.xml
/data/data/####/wdc_data.xml
/data/data/####/wedwqas.data-journal
/data/data/####/wfvwsew.xml
/data/data/####/wfvwsew.xml.bak
/data/data/####/wfvwsew.xml.bak (deleted)
/data/data/####/wpd.db
/data/data/####/wpd.db-journal
/data/data/####/wwswserwds.data-journal
/data/data/####/wwwsdeew.xml
/data/data/####/wwwsdeew.xml.bak
/data/data/####/yd_config_c.xml
/data/media/####/.a.dat
/data/media/####/.adfwe.dat
/data/media/####/.cca.dat
/data/media/####/.gjuwpnpjlgwszw
/data/media/####/.id
/data/media/####/.jb
/data/media/####/.mrq
/data/media/####/.pe
/data/media/####/.udusid
/data/media/####/.umm.dat
/data/media/####/.vck
/data/media/####/010A49A6E8E3C69CFE25DABA89EDAB8E
/data/media/####/017DAD90B7E05813A2664C6F0C13F26E
/data/media/####/1D302D3E6464EA39840D761291936A8C
/data/media/####/242CB7B15C8571D4EA3D3E825CCE2CC5
/data/media/####/242CB7B15C8571D4EA3D3E825CCE2CC5.temp
/data/media/####/242CB7B15C8571D4EA3D3E825CCE2CC5.zip
/data/media/####/2582715C_1C5EB55F.txt
/data/media/####/2D7A36961E40EF39519F07AA1FA38A5D
/data/media/####/2D7A36961E40EF39519F07AA1FA38A5D.temp
/data/media/####/2D7A36961E40EF39519F07AA1FA38A5D.zip
/data/media/####/47AB7209AD7ACF4EB1EA636A3039D803
/data/media/####/51EE358EA53C1BFF66921EDA8188AF49
/data/media/####/51EE358EA53C1BFF66921EDA8188AF49.jar
/data/media/####/51EE358EA53C1BFF66921EDA8188AF49.temp
/data/media/####/6090BE2E33D5757B7EB95E2806E1BE5C
/data/media/####/90C7C318D2144D053B7F0CB7163D0422.temp
/data/media/####/90C7C318D2144D053B7F0CB7163D0422.zip
/data/media/####/98FDECB17B837318717C64311D2C05D8
/data/media/####/98FDECB17B837318717C64311D2C05D8.jar
/data/media/####/98FDECB17B837318717C64311D2C05D8.temp
/data/media/####/9B29C2F5242C6A564DFEF1DF4F020D57
/data/media/####/9B29C2F5242C6A564DFEF1DF4F020D57.jar
/data/media/####/9B29C2F5242C6A564DFEF1DF4F020D57.temp
/data/media/####/A63A63605D0CD58D9F1EFFF4084012C5
/data/media/####/C778B3C611955B3F85B5083B51791FB5
/data/media/####/CJAR20190515.jar
/data/media/####/Config.txt
/data/media/####/D10049dex20190529.jar
/data/media/####/D7A439CE8D75DD3A8FB29A3458DA0346
/data/media/####/D7A439CE8D75DD3A8FB29A3458DA0346.temp
/data/media/####/D7A439CE8D75DD3A8FB29A3458DA0346.zip
/data/media/####/DD4E3A68DC645102AB7BD8A84A81D554
/data/media/####/E6F69FEF5EAFB75D8FC23DDBEB91E784 (deleted)
/data/media/####/E6F69FEF5EAFB75D8FC23DDBEB91E784.jar
/data/media/####/E6F69FEF5EAFB75D8FC23DDBEB91E784.temp
/data/media/####/F0D5102820BF14B12186E1B978E9B3FF
/data/media/####/F0D5102820BF14B12186E1B978E9B3FF.temp
/data/media/####/F0D5102820BF14B12186E1B978E9B3FF.zip
/data/media/####/F796F85C2055B41F852E763D93DFD91C
/data/media/####/_pn
/data/media/####/_shn
/data/media/####/bing20201119.jar
/data/media/####/c1005dex20190527.jar
/data/media/####/ef
/data/media/####/h5dj202003243.jar
/data/media/####/h5rq20191022.jar
/data/media/####/kk20201106.jar
/data/media/####/lsdk20200506.jar
/data/media/####/mobdex20201017.jar
/data/media/####/nsdk20200428.jar
/data/media/####/ps20201204_.jar
/data/media/####/qcdex20200316.jar
/data/media/####/wbqb
/data/misc/####/primary.prof

Другие:

Запускает следующие shell-скрипты:

/system/bin/cat /proc/cpuinfo
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/.siubc/nsooauvm.jar --oat-fd=144 --oat-location=/data/user/0/<Package>/.siubc/nsooauvm.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/.ybhbn/jhvqtjun.jar --oat-fd=62 --oat-location=/data/user/0/<Package>/.ybhbn/jhvqtjun.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/cache/1557903273-1946341169-1798494701/1.jar --oat-fd=136 --oat-location=/data/user/0/<Package>/cache/1557903273-1946341169-1798494701/1.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/cache/159220316063481586-1798494701/1.jar --oat-fd=141 --oat-location=/data/user/0/<Package>/cache/159220316063481586-1798494701/1.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/6d0f3fa3007411eb9799506b4b12c76007de31e5c0f9f5960ec5277cb2551e10.jar --oat-fd=144 --oat-location=/data/user/0/<Package>/app_shellObj/6d0f3fa3007411eb9799506b4b12c76007de31e5c0f9f5960ec5277cb2551e10.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/6d0f3fa3007411eb9799506b4b12c760a481e950172de8dc7a4b968fc9c9eefe.jar --oat-fd=189 --oat-location=/data/user/0/<Package>/app_shellObj/6d0f3fa3007411eb9799506b4b12c760a481e950172de8dc7a4b968fc9c9eefe.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/6d0f3fa3007411eb9799506b4b12c760afb3893166466d260fd2065ba6660662.jar --oat-fd=138 --oat-location=/data/user/0/<Package>/app_shellObj/6d0f3fa3007411eb9799506b4b12c760afb3893166466d260fd2065ba6660662.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/6d0f3fa3007411eb9799506b4b12c760b90b04be5561cebe4056f9d38caa3948.jar --oat-fd=143 --oat-location=/data/user/0/<Package>/app_shellObj/6d0f3fa3007411eb9799506b4b12c760b90b04be5561cebe4056f9d38caa3948.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/6d0f3fa3007411eb9799506b4b12c760cb7e81d3f48b4ff2930c8a42a254a9ec.jar --oat-fd=146 --oat-location=/data/user/0/<Package>/app_shellObj/6d0f3fa3007411eb9799506b4b12c760cb7e81d3f48b4ff2930c8a42a254a9ec.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>-simple-main/SmartSearch/SmartSearch.dex --oat-fd=64 --oat-location=/data/user/0/<Package>/files/<Package>-simple-main/SmartSearch/ota/SmartSearch.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>-simple-main/hfumobi28/classes.dex --oat-fd=104 --oat-location=/data/user/0/<Package>/files/<Package>-simple-main/hfumobi28/ota/classes.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>-simple-main/proxy-gl-13-n-u-d/proxy-gl-13-n-u-d.dex --oat-fd=106 --oat-location=/data/user/0/<Package>/files/<Package>-simple-main/proxy-gl-13-n-u-d/ota/proxy-gl-13-n-u-d.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>-simple-main/q201030/classes.dex --oat-fd=60 --oat-location=/data/user/0/<Package>/files/<Package>-simple-main/q201030/ota/classes.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/data.jar --oat-fd=146 --oat-location=/data/user/0/<Package>/files/data.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/data.jar --oat-fd=156 --oat-location=/data/user/0/<Package>/files/data.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/dd/aXQ3LmRhdGE= --oat-fd=163 --oat-location=/data/user/0/<Package>/app_dee/aXQ3LmRhdGE=.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/jkeegalc90B43128633ACEC448E7A8FD8DB4FEED/mwkjrqD/irhctr.jar --oat-fd=162 --oat-location=/data/user/0/<Package>/files/jkeegalc90B43128633ACEC448E7A8FD8DB4FEED/mwkjrqD/irhctr.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/m2020120211.apk --oat-fd=138 --oat-location=/data/user/0/<Package>/app_dex/m2020120211.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/s2020120211.apk --oat-fd=146 --oat-location=/data/user/0/<Package>/app_dex/s2020120211.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/oat/arm/3477/base.apk --oat-fd=143 --oat-location=/data/user/0/<Package>/oat/arm/3477/base.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/oat/arm/3477/base.apk --oat-fd=178 --oat-location=/data/user/0/<Package>/oat/arm/3477/base.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/CJAR20190515.jar --oat-fd=137 --oat-location=/data/user/0/<Package>/CJAR20190515.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/D10049dex20190529.jar --oat-fd=54 --oat-location=/data/user/0/<Package>/D10049dex20190529.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/bing20201119.jar --oat-fd=142 --oat-location=/data/user/0/<Package>/bing20201119.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/c1005dex20190527.jar --oat-fd=105 --oat-location=/data/user/0/<Package>/c1005dex20190527.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/h5dj202003243.jar --oat-fd=112 --oat-location=/data/user/0/<Package>/h5dj202003243.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/h5rq20191022.jar --oat-fd=151 --oat-location=/data/user/0/<Package>/h5rq20191022.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/kk20201106.jar --oat-fd=149 --oat-location=/data/user/0/<Package>/kk20201106.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/lsdk20200506.jar --oat-fd=126 --oat-location=/data/user/0/<Package>/lsdk20200506.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/mobdex20201017.jar --oat-fd=147 --oat-location=/data/user/0/<Package>/mobdex20201017.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/nsdk20200428.jar --oat-fd=106 --oat-location=/data/user/0/<Package>/nsdk20200428.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/ps20201204_.jar --oat-fd=153 --oat-location=/data/user/0/<Package>/ps20201204_.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/Tencent/ys/Loader/qcdex20200316.jar --oat-fd=138 --oat-location=/data/user/0/<Package>/qcdex20200316.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/kufq/<Package>/xxtub/98FDECB17B837318717C64311D2C05D8.jar --oat-fd=58 --oat-location=/data/user/0/<Package>/files/98FDECB17B837318717C64311D2C05D8.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/kufq/<Package>/xxtub/9B29C2F5242C6A564DFEF1DF4F020D57.jar --oat-fd=61 --oat-location=/data/user/0/<Package>/files/9B29C2F5242C6A564DFEF1DF4F020D57.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/lt/<Package>/ct/51EE358EA53C1BFF66921EDA8188AF49.jar --oat-fd=138 --oat-location=/data/user/0/<Package>/files/51EE358EA53C1BFF66921EDA8188AF49.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/lt/<Package>/ct/E6F69FEF5EAFB75D8FC23DDBEB91E784.jar --oat-fd=138 --oat-location=/data/user/0/<Package>/files/E6F69FEF5EAFB75D8FC23DDBEB91E784.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/qfxtr/<Package>/jsau/90C7C318D2144D053B7F0CB7163D0422.zip --oat-fd=174 --oat-location=/data/user/0/<Package>/files/90C7C318D2144D053B7F0CB7163D0422.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/qfxtr/<Package>/jsau/D7A439CE8D75DD3A8FB29A3458DA0346.zip --oat-fd=142 --oat-location=/data/user/0/<Package>/files/D7A439CE8D75DD3A8FB29A3458DA0346.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/qfxtr/<Package>/jsau/F0D5102820BF14B12186E1B978E9B3FF.zip --oat-fd=141 --oat-location=/data/user/0/<Package>/files/F0D5102820BF14B12186E1B978E9B3FF.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/qtoag/<Package>/naac/242CB7B15C8571D4EA3D3E825CCE2CC5.zip --oat-fd=66 --oat-location=/data/user/0/<Package>/files/242CB7B15C8571D4EA3D3E825CCE2CC5.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/storage/emulated/0/qtoag/<Package>/naac/2D7A36961E40EF39519F07AA1FA38A5D.zip --oat-fd=89 --oat-location=/data/user/0/<Package>/files/2D7A36961E40EF39519F07AA1FA38A5D.dex --compiler-filter=speed
/system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=<Package Folder>/extfiles/bEj.jar --oat-fd=45 --oat-location=<Package Folder>/extfiles/bEj.dex --compiler-filter=speed
app_process /system/bin com.android.commands.pm.Pm list package -3
cat /proc/version
cat /sys/class/net/wlan0/address
getprop
getprop ro.board.platform
getprop ro.bootimage.build.date.utc
getprop ro.build.description
getprop ro.build.fingerprint
getprop ro.build.product
getprop ro.build.version.all_codenames
getprop ro.product.cpu.abi
getprop ro.sf.lcd_density
getprop ro.yunos.build.version
ls /
ls /sys/class/thermal
ps
sh

Загружает динамические библиотеки:

alcccu
oniow

Использует следующие алгоритмы для шифрования данных:

AES
AES-CBC-PKCS5Padding
AES-CBC-PKCS7Padding
AES-ECB-PKCS5Padding
DES
DES-CBC-PKCS5Padding
RSA-None-PKCS1Padding

Использует следующие алгоритмы для расшифровки данных:

AES
AES-CBC-PKCS5Padding
AES-CBC-PKCS7Padding
AES-CFB-NoPadding
AES-ECB-PKCS5Padding
DES
DES-CBC-PKCS5Padding
RSA-None-PKCS1Padding

Осуществляет доступ к приватному интерфейсу ITelephony.

Получает информацию о местоположении.

Получает информацию о сети.

Получает информацию о телефоне (номер, IMEI и т. д.).

Получает информацию об установленных приложениях.

Добавляет задания в системный планировщик.

Отрисовывает собственные окна поверх других приложений.

Получает информацию об отправленых/принятых SMS.

Управляет Wi-Fi-подключением.

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней