Executes the following shell scripts:
- <Package Folder>/lib/libxguardian.so <Package>,2100307961;<Package>,2100307961; 55258 203.205.128.130 [{"idx":0,"ts":%d,"et":2000,"si":0,"ui":"<IMEI>","ky":"Axg%lu","mid":"e23a961fb90fcab2d52a751e8bc5967498eddc68","ev":{"ov":"18","sr":"600*752","md":"<System Property>","lg":"en","sv":"3.26","mf":"unknown","apn":"%s"}}] 0 18
- <Package Folder>/lib/libxguardian.so <Package>,2100307961;<Package>,2100307961; 55595 203.205.128.130 [{"idx":0,"ts":%d,"et":2000,"si":0,"ui":"<IMEI>","ky":"Axg%lu","mid":"e23a961fb90fcab2d52a751e8bc5967498eddc68","ev":{"ov":"18","sr":"600*752","md":"<System Property>","lg":"en","sv":"3.26","mf":"unknown","apn":"%s"}}] 0 18
- cat /sys/class/net/wlan0/address
- date
- df
- getprop ro.product.cpu.abi
- id
- ls /dev/socket
- ls /system/fonts
- mkdir -p <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/
- ps
- service call iphonesubinfo 1
- sh
- sh -c cat
- sh -c cat /proc/meminfo
- sh -c cat /proc/sys/kernel/osrelease
- sh -c cat /proc/sys/kernel/random/boot_id
- sh -c cat /proc/sys/kernel/random/uuid
- sh -c cat /proc/uptime
- sh -c cat /sys/block/mmcblk0/device/cid
- sh -c cat /sys/class/net/eth0/address
- sh -c cat /sys/class/net/eth1/address
- sh -c cat /sys/class/net/eth2/address
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/..ccdid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/..ccvid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/._android.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/._driver.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/._system.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/.acc.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/.aio.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/.ccdid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/.ccvid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_android.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_driver.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_system.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/acc.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/aio.dat
- sh -c cd /proc/;cat cpuinfo
- sh -c cd /proc/net/ && cat arp
- sh -c cd /proc/self/;cat status
- sh -c cd /sys/class/net/eth0/ && cat address
- sh -c cd /sys/class/net/wlan0/ && cat address
- sh -c echo MjRDNjhCRjJGRTcwRDZBMjdBMzM2RjUwMjIwRjNFRTRjOGZ2NXhDVjUrMllMaEtrSGRjWjQ2NGp3aGlwbGFNMTV4R3gydjFBVUIxUXMzVUNHMGN5OC9qNFJUK3E5N0xkbGYxdkF6WE5udSsxTDV0MnF6dSt5QnphWHRvODdJUmNxTjAvenE2bDBMeWpza3Zva0Z1UnFxMTdOMW9iWWFSZlArVkZJOE5oS0MvUmcvaWVtYkFyVG1jQlRJZWlJSGlJb3NNaDhZNFNRdFlVUGhBM2pFb3V4TEpJeHozSDdPN25wdEhrRTNqYXVMS1NndFlWY3Y4NXljSzE4YU5IaS9zSHBvWnF4S2FEMWgxVXRjd01wSmlFWlZRaHcvcnM5bmp4SUQvNEpCekE2SHJPS0syK2ljQXBpejJwUWc5Y09Pd3ovWWk2YXFoY3Q4NnJwb0g3Tk4vbTZqYjQzcTZvZ3pzK1lPQ2JRY1ZQRkd4NG1EdGZTKzJVbDYwTzRURl
- sh -c echo MzRBRTE3REY5NDRDNTIxNEVGNjQ5REFGRkQ5NTc2Q0IxNTcyOTI2NTkw > <SD-Card>/../../../../../..<SD-Card>/.aio.dat
- sh -c echo MzRBRTE3REY5NDRDNTIxNEVGNjQ5REFGRkQ5NTc2Q0IxNTcyOTI2NTkw > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/aio.dat
- sh -c echo NDJBRTk4RUE5M0JGQkQwQ0Y3RkM0MzgwNDY3MjFGQTRGNjVENEE6M0UzNjBDOkY0QTAxNA== > <SD-Card>/../../../../../..<SD-Card>/._driver.dat
- sh -c echo NDJBRTk4RUE5M0JGQkQwQ0Y3RkM0MzgwNDY3MjFGQTRGNjVENEE6M0UzNjBDOkY0QTAxNA== > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_driver.dat
- sh -c echo NjgyNDA3NjIwQTNBRjgwOUQwRkJGMjdFOEVBNjIxQzkxNTcyOTI2NTk2 > <SD-Card>/../../../../../..<SD-Card>/.acc.dat
- sh -c echo NjgyNDA3NjIwQTNBRjgwOUQwRkJGMjdFOEVBNjIxQzkxNTcyOTI2NTk2 > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/acc.dat
- sh -c echo NkRGMTFDMTFGMTFBODA1M0MwMjQ1QTZCQTVDNkU4MzIyMDE4MDIwOTAwMDM= > <SD-Card>/../../../../../..<SD-Card>/..ccvid
- sh -c echo NkRGMTFDMTFGMTFBODA1M0MwMjQ1QTZCQTVDNkU4MzIyMDE4MDIwOTAwMDM= > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/.ccvid
- sh -c echo QjU4NUVFQTBCMEQ3MkI1Mzg5QjM5ODQ1MzQ1NUNFMDMzQzdBQjU6ODg2Qzc4OjI3RERDMw== > <SD-Card>/../../../../../..<SD-Card>/._system.dat
- sh -c echo QjU4NUVFQTBCMEQ3MkI1Mzg5QjM5ODQ1MzQ1NUNFMDMzQzdBQjU6ODg2Qzc4OjI3RERDMw== > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_system.dat
- sh -c echo QzlDODU0MTRDMkY2NkVDNjNENkEyOTIyOEI3ODI3OUJGNTVBQUY6OEZDNTVBOjAwNTgwOA== > <SD-Card>/../../../../../..<SD-Card>/._android.dat
- sh -c echo QzlDODU0MTRDMkY2NkVDNjNENkEyOTIyOEI3ODI3OUJGNTVBQUY6OEZDNTVBOjAwNTgwOA== > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_android.dat
- sh <Package Folder>/lib/libxguardian.so <Package>,2100307961;<Package>,2100307961; 55258 203.205.128.130 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : e23a961fb90fcab2d52a751e8bc5967498eddc68 , ev :{ ov : 18 , sr : 600*752 , md : <System Property> , lg : en , sv : 3.26 , mf : unknown , apn : %s }}] 0 18
Loads the following dynamic libraries:
- Bugly
- du
- libimagepipeline
- libjiagu-733565256
- neh
- tpnsSecurity
Uses the following algorithms to encrypt data:
- AES-CBC-PKCS7Padding
- AES-CFB8-NoPadding
- AES-ECB-PKCS7Padding
- RSA
- RSA-ECB-NoPadding
- RSA-ECB-PKCS1PADDING
Uses the following algorithms to decrypt data:
- AES-CBC-PKCS7Padding
- AES-CFB8-NoPadding
- AES-ECB-NoPadding
- DES-ECB-PKCS5Padding
- desede-CBC-NoPadding
Accesses the ITelephony private interface.
Uses special library to hide executable bytecode.
Gets information about location.
Gets information about network.
Gets information about phone status (number, IMEI, etc.).
Gets information about APN settings.
Gets information about installed apps.
Adds tasks to the system scheduler.
Displays its own windows over windows of other apps.