Technical information
Malicious functions:
Executes code of the following detected threats:
- Android.Spy.996.origin
Network activity:
Connects to:
- UDP(DNS) 8####.8.4.4:53
- TCP(TLS/1.0) www.google####.com:443
- TCP(TLS/1.0) and####.b####.qq.com:443
- TCP(TLS/1.0) and####.google####.com:443
- TCP(TLS/1.0) and####.a####.go####.com:443
- TCP(TLS/1.0) rr2---s####.g####.com:443
- TCP(TLS/1.2) 64.2####.164.94:443
- TCP(TLS/1.2) www.google####.com:443
- TCP(TLS/1.2) 64.2####.164.100:443
- TCP(TLS/1.2) 64.2####.162.139:443
- UDP and####.google####.com:443
- UDP rr2---s####.g####.com:443
- UDP www.google####.com:443
- UDP rr1---s####.g####.com:443
DNS requests:
- and####.a####.go####.com
- and####.b####.qq.com
- and####.google####.com
- gmscomp####.google####.com
- p####.google####.com
- rr1---s####.g####.com
- rr2---s####.g####.com
- www.google####.com
HTTP POST requests:
- and####.b####.qq.com:443/rqd/async?aid=####
File system changes:
Creates the following files:
- /data/data/####/1.mp3
- /data/data/####/1004
- /data/data/####/2.mp3
- /data/data/####/3.mp3
- /data/data/####/4.mp3
- /data/data/####/7API.RSA
- /data/data/####/7API.SF
- /data/data/####/AndroidManifest.xml
- /data/data/####/Annotations.gwt.xml
- /data/data/####/Google_internal.gwt.xml
- /data/data/####/Jsr305_annotations.gwt.xml
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/abc_ab_share_pack_mtrl_alpha.9.png
- /data/data/####/abc_action_bar_item_background_material.xml
- /data/data/####/abc_action_bar_title_item.xml
- /data/data/####/abc_action_bar_up_container.xml
- /data/data/####/abc_action_menu_item_layout.xml
- /data/data/####/abc_action_menu_layout.xml
- /data/data/####/abc_action_mode_bar.xml
- /data/data/####/abc_action_mode_close_item_material.xml
- /data/data/####/abc_activity_chooser_view.xml
- /data/data/####/abc_activity_chooser_view_list_item.xml
- /data/data/####/abc_alert_dialog_button_bar_material.xml
- /data/data/####/abc_alert_dialog_material.xml
- /data/data/####/abc_alert_dialog_title_material.xml
- /data/data/####/abc_background_cache_hint_selector_material_dark.xml
- /data/data/####/abc_background_cache_hint_selector_material_light.xml
- /data/data/####/abc_btn_borderless_material.xml
- /data/data/####/abc_btn_check_material.xml
- /data/data/####/abc_btn_check_to_on_mtrl_000.png
- /data/data/####/abc_btn_check_to_on_mtrl_015.png
- /data/data/####/abc_btn_colored_borderless_text_material.xml
- /data/data/####/abc_btn_colored_material.xml
- /data/data/####/abc_btn_colored_text_material.xml
- /data/data/####/abc_btn_default_mtrl_shape.xml
- /data/data/####/abc_btn_radio_material.xml
- /data/data/####/abc_btn_radio_to_on_mtrl_000.png
- /data/data/####/abc_btn_radio_to_on_mtrl_015.png
- /data/data/####/abc_btn_switch_to_on_mtrl_00001.9.png
- /data/data/####/abc_btn_switch_to_on_mtrl_00012.9.png
- /data/data/####/abc_cab_background_internal_bg.xml
- /data/data/####/abc_cab_background_top_material.xml
- /data/data/####/abc_cab_background_top_mtrl_alpha.9.png
- /data/data/####/abc_cascading_menu_item_layout.xml
- /data/data/####/abc_color_highlight_material.xml
- /data/data/####/abc_control_background_material.xml
- /data/data/####/abc_dialog_material_background.xml
- /data/data/####/abc_dialog_title_material.xml
- /data/data/####/abc_edit_text_material.xml
- /data/data/####/abc_expanded_menu_layout.xml
- /data/data/####/abc_fade_in.xml
- /data/data/####/abc_fade_out.xml
- /data/data/####/abc_grow_fade_in_from_bottom.xml
- /data/data/####/abc_hint_foreground_material_dark.xml
- /data/data/####/abc_hint_foreground_material_light.xml
- /data/data/####/abc_ic_ab_back_material.xml
- /data/data/####/abc_ic_arrow_drop_right_black_24dp.xml
- /data/data/####/abc_ic_clear_material.xml
- /data/data/####/abc_ic_commit_search_api_mtrl_alpha.png
- /data/data/####/abc_ic_go_search_api_material.xml
- /data/data/####/abc_ic_menu_copy_mtrl_am_alpha.png
- /data/data/####/abc_ic_menu_cut_mtrl_alpha.png
- /data/data/####/abc_ic_menu_overflow_material.xml
- /data/data/####/abc_ic_menu_paste_mtrl_am_alpha.png
- /data/data/####/abc_ic_menu_selectall_mtrl_alpha.png
- /data/data/####/abc_ic_menu_share_mtrl_alpha.png
- /data/data/####/abc_ic_search_api_material.xml
- /data/data/####/abc_ic_star_black_16dp.png
- /data/data/####/abc_ic_star_black_36dp.png
- /data/data/####/abc_ic_star_black_48dp.png
- /data/data/####/abc_ic_star_half_black_16dp.png
- /data/data/####/abc_ic_star_half_black_36dp.png
- /data/data/####/abc_ic_star_half_black_48dp.png
- /data/data/####/abc_ic_voice_search_api_material.xml
- /data/data/####/abc_item_background_holo_dark.xml
- /data/data/####/abc_item_background_holo_light.xml
- /data/data/####/abc_list_divider_material.xml
- /data/data/####/abc_list_divider_mtrl_alpha.9.png
- /data/data/####/abc_list_focused_holo.9.png
- /data/data/####/abc_list_longpressed_holo.9.png
- /data/data/####/abc_list_menu_item_checkbox.xml
- /data/data/####/abc_list_menu_item_icon.xml
- /data/data/####/abc_list_menu_item_layout.xml
- /data/data/####/abc_list_menu_item_radio.xml
- /data/data/####/abc_list_pressed_holo_dark.9.png
- /data/data/####/abc_list_pressed_holo_light.9.png
- /data/data/####/abc_list_selector_background_transition_holo_dark.xml
- /data/data/####/abc_list_selector_background_transition_holo_light.xml
- /data/data/####/abc_list_selector_disabled_holo_dark.9.png
- /data/data/####/abc_list_selector_disabled_holo_light.9.png
- /data/data/####/abc_list_selector_holo_dark.xml
- /data/data/####/abc_list_selector_holo_light.xml
- /data/data/####/abc_menu_hardkey_panel_mtrl_mult.9.png
- /data/data/####/abc_popup_background_mtrl_mult.9.png
- /data/data/####/abc_popup_enter.xml
- /data/data/####/abc_popup_exit.xml
- /data/data/####/abc_popup_menu_header_item_layout.xml
- /data/data/####/abc_popup_menu_item_layout.xml
- /data/data/####/abc_primary_text_disable_only_material_dark.xml
- /data/data/####/abc_primary_text_disable_only_material_light.xml
- /data/data/####/abc_primary_text_material_dark.xml
- /data/data/####/abc_primary_text_material_light.xml
- /data/data/####/abc_ratingbar_indicator_material.xml
- /data/data/####/abc_ratingbar_material.xml
- /data/data/####/abc_ratingbar_small_material.xml
- /data/data/####/abc_screen_content_include.xml
- /data/data/####/abc_screen_simple.xml
- /data/data/####/abc_screen_simple_overlay_action_mode.xml
- /data/data/####/abc_screen_toolbar.xml
- /data/data/####/abc_scrubber_control_off_mtrl_alpha.png
- /data/data/####/abc_scrubber_control_to_pressed_mtrl_000.png
- /data/data/####/abc_scrubber_control_to_pressed_mtrl_005.png
- /data/data/####/abc_scrubber_primary_mtrl_alpha.9.png
- /data/data/####/abc_scrubber_track_mtrl_alpha.9.png
- /data/data/####/abc_search_dropdown_item_icons_2line.xml
- /data/data/####/abc_search_url_text.xml
- /data/data/####/abc_search_view.xml
- /data/data/####/abc_secondary_text_material_dark.xml
- /data/data/####/abc_secondary_text_material_light.xml
- /data/data/####/abc_seekbar_thumb_material.xml
- /data/data/####/abc_seekbar_tick_mark_material.xml
- /data/data/####/abc_seekbar_track_material.xml
- /data/data/####/abc_select_dialog_material.xml
- /data/data/####/abc_shrink_fade_out_from_bottom.xml
- /data/data/####/abc_slide_in_bottom.xml
- /data/data/####/abc_slide_in_top.xml
- /data/data/####/abc_slide_out_bottom.xml
- /data/data/####/abc_slide_out_top.xml
- /data/data/####/abc_spinner_mtrl_am_alpha.9.png
- /data/data/####/abc_spinner_textfield_background_material.xml
- /data/data/####/abc_switch_thumb_material.xml
- /data/data/####/abc_switch_track_mtrl_alpha.9.png
- /data/data/####/abc_tab_indicator_material.xml
- /data/data/####/abc_tab_indicator_mtrl_alpha.9.png
- /data/data/####/abc_text_cursor_material.xml
- /data/data/####/abc_text_select_handle_left_mtrl_dark.png
- /data/data/####/abc_text_select_handle_left_mtrl_light.png
- /data/data/####/abc_text_select_handle_middle_mtrl_dark.png
- /data/data/####/abc_text_select_handle_middle_mtrl_light.png
- /data/data/####/abc_text_select_handle_right_mtrl_dark.png
- /data/data/####/abc_text_select_handle_right_mtrl_light.png
- /data/data/####/abc_textfield_activated_mtrl_alpha.9.png
- /data/data/####/abc_textfield_default_mtrl_alpha.9.png
- /data/data/####/abc_textfield_search_activated_mtrl_alpha.9.png
- /data/data/####/abc_textfield_search_default_mtrl_alpha.9.png
- /data/data/####/abc_textfield_search_material.xml
- /data/data/####/abc_tint_btn_checkable.xml
- /data/data/####/abc_tint_default.xml
- /data/data/####/abc_tint_edittext.xml
- /data/data/####/abc_tint_seek_thumb.xml
- /data/data/####/abc_tint_spinner.xml
- /data/data/####/abc_tint_switch_track.xml
- /data/data/####/abc_tooltip.xml
- /data/data/####/abc_tooltip_enter.xml
- /data/data/####/abc_tooltip_exit.xml
- /data/data/####/abc_vector_test.xml
- /data/data/####/android.arch.core_runtime.version
- /data/data/####/android.arch.lifecycle_livedata-core.version
- /data/data/####/android.arch.lifecycle_livedata.version
- /data/data/####/android.arch.lifecycle_runtime.version
- /data/data/####/android.arch.lifecycle_viewmodel.version
- /data/data/####/androidx.appcompat_appcompat.version
- /data/data/####/androidx.coordinatorlayout_coordinatorlayout.version
- /data/data/####/androidx.core_core.version
- /data/data/####/androidx.customview_customview.version
- /data/data/####/androidx.documentfile_documentfile.version
- /data/data/####/androidx.fragment_fragment.version
- /data/data/####/androidx.interpolator_interpolator.version
- /data/data/####/androidx.legacy_legacy-support-core-ui.version
- /data/data/####/androidx.print_print.version
- /data/data/####/androidx.slidingpanelayout_slidingpanelayout.version
- /data/data/####/androidx.vectordrawable_vectordrawable-animated.version
- /data/data/####/androidx.vectordrawable_vectordrawable.version
- /data/data/####/androidx.versionedparcelable_versionedparcelable.version
- /data/data/####/app.html
- /data/data/####/app1.html
- /data/data/####/app2.html
- /data/data/####/app3.html
- /data/data/####/app3_top_bg.png
- /data/data/####/btn1.png
- /data/data/####/btn11.png
- /data/data/####/btn2.png
- /data/data/####/btn3.png
- /data/data/####/btn4.png
- /data/data/####/btn5.png
- /data/data/####/bugly_db_-journal
- /data/data/####/classes.dex
- /data/data/####/com.asyfmp.uVrTDl_preferences.xml
- /data/data/####/common_dialog_content.xml
- /data/data/####/crashrecord.xml
- /data/data/####/dMlzJp.apk
- /data/data/####/exo_player_control_view.xml
- /data/data/####/file_details_fragment.xml
- /data/data/####/file_paths.xml
- /data/data/####/gid
- /data/data/####/ic_launcher.png
- /data/data/####/index
- /data/data/####/kFSfnH.sz
- /data/data/####/libBugly.so
- /data/data/####/libdn_ssl.so
- /data/data/####/loading.xml
- /data/data/####/local_crash_lock
- /data/data/####/logo.png
- /data/data/####/menu1.png
- /data/data/####/menu2.png
- /data/data/####/menu3.png
- /data/data/####/menu4.png
- /data/data/####/menu5.png
- /data/data/####/menu_bg.png
- /data/data/####/metrics_guid
- /data/data/####/native_record_lock
- /data/data/####/notification_action.xml
- /data/data/####/notification_action_background.xml
- /data/data/####/notification_action_tombstone.xml
- /data/data/####/notification_bg.xml
- /data/data/####/notification_bg_low.xml
- /data/data/####/notification_bg_low_normal.9.png
- /data/data/####/notification_bg_low_pressed.9.png
- /data/data/####/notification_bg_normal.9.png
- /data/data/####/notification_bg_normal_pressed.9.png
- /data/data/####/notification_icon_background.xml
- /data/data/####/notification_media_action.xml
- /data/data/####/notification_media_cancel_action.xml
- /data/data/####/notification_template_big_media.xml
- /data/data/####/notification_template_big_media_custom.xml
- /data/data/####/notification_template_big_media_narrow.xml
- /data/data/####/notification_template_big_media_narrow_custom.xml
- /data/data/####/notification_template_custom_big.xml
- /data/data/####/notification_template_icon_group.xml
- /data/data/####/notification_template_lines_media.xml
- /data/data/####/notification_template_media.xml
- /data/data/####/notification_template_media_custom.xml
- /data/data/####/notification_template_part_chronometer.xml
- /data/data/####/notification_template_part_time.xml
- /data/data/####/notification_tile_bg.xml
- /data/data/####/notify_panel_notification_icon_bg.png
- /data/data/####/ok.html
- /data/data/####/one_phone_2.png
- /data/data/####/page2_bottom2_bg.png
- /data/data/####/page2_divid_bg.png
- /data/data/####/page2_top2_bg.png
- /data/data/####/page4_top2_bg.png
- /data/data/####/pg1.png
- /data/data/####/pg123.png
- /data/data/####/pg2.png
- /data/data/####/pg3.png
- /data/data/####/pg4.png
- /data/data/####/proc_auxv
- /data/data/####/resources.arsc
- /data/data/####/secret-classes.dex
- /data/data/####/secret-classes.dex.flock (deleted)
- /data/data/####/select_dialog_item_material.xml
- /data/data/####/select_dialog_multichoice_material.xml
- /data/data/####/select_dialog_singlechoice_material.xml
- /data/data/####/subutils.js
- /data/data/####/support_simple_spinner_dropdown_item.xml
- /data/data/####/switch_thumb_material_dark.xml
- /data/data/####/switch_thumb_material_light.xml
- /data/data/####/the-real-index
- /data/data/####/tooltip_frame_dark.xml
- /data/data/####/tooltip_frame_light.xml
- /data/data/####/top.png
- /data/misc/####/primary.prof
Miscellaneous:
Executes the following shell scripts:
- getprop
Loads the following dynamic libraries:
- libBugly
- libdn_ssl
Gets information about network.
Displays its own windows over windows of other apps.
