Защити созданное

Другие наши ресурсы

  • free.drweb.kz — бесплатные утилиты, плагины, информеры
  • av-desk.com — интернет-сервис для поставщиков услуг Dr.Web AV-Desk
  • curenet.drweb.kz — сетевая лечащая утилита Dr.Web CureNet!

Библиотека
Моя библиотека

Чтобы добавить ресурс в библиотеку, войдите в аккаунт.

Добавить в библиотеку

Ресурсов: -

Последний: -

Моя библиотека

Поиск
Поиск

Поиск

Поддержка
Круглосуточная поддержка | Правила обращения

Напишите

Запрос через форму

Позвоните

Глобальная поддержка:
+7 (495) 789-45-86

ЧаВо | Форум

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -
Создать новый запрос Частые вопросы

Позвоните

Глобальная поддержка:
+7 (495) 789-45-86

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

KZ

RU CN DE EN ES FR IT JP KZ UZ PL BY
Сервисы
Сканеры
Dr.Web vxCube
Демо
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Android.BankBot.TgToxic.50

Добавлен в вирусную базу Dr.Web: 2023-11-11

Описание добавлено:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.BankBot.TgToxic.1
Network activity:
Connects to:
  • UDP(DNS) 8####.8.4.4:53
  • TCP(TLS/1.0) gmscomp####.google####.com:443
  • TCP(TLS/1.0) 1####.194.163.27:443
  • TCP(TLS/1.0) 1####.194.221.95:443
  • TCP(TLS/1.2) gmscomp####.google####.com:443
  • TCP(TLS/1.2) 1####.194.73.94:443
  • TCP(TLS/1.2) 1####.177.14.102:443
  • TCP(TLS/1.2) 1####.194.221.95:443
DNS requests:
  • gmscomp####.google####.com
File system changes:
Creates the following files:
  • /data/data/####/.com_wqdyti_kqsafovb.meta
  • /data/data/####/0EWBU4B8K6YPPMGSTZ6R4VRJON0EHBH.dex (deleted)
  • /data/data/####/0EWBU4B8K6YPPMGSTZ6R4VRJON0EHBH.dex.flock (deleted)
  • /data/data/####/0EWBU4B8K6YPPMGSTZ6R4VRJON0EHBH.zip
  • /data/data/####/0R3ENB1M5EBEU4FTSNHGD3JDAKRF4NKD.dex
  • /data/data/####/150035
  • /data/data/####/19
  • /data/data/####/1LLQ5F8QG0I1RFFX4HLFVK2A9WJASGVG.dex
  • /data/data/####/1Y45HA2HMQ4LS0DC13JVJFKSCSGB2Z28.dex
  • /data/data/####/1Y45HA2HMQ4LS0DC13JVJFKSCSGB2Z28.dex.flock (deleted)
  • /data/data/####/2023-11-11AM095102.rt
  • /data/data/####/2023-11-11AM095102.str
  • /data/data/####/2023-11-11AM095108.so.rt
  • /data/data/####/2023-11-11AM095115.so.rt
  • /data/data/####/2023-11-11AM095123.so.rt
  • /data/data/####/2023-11-11AM095130.so.rt
  • /data/data/####/2023-11-11AM095137.so.rt
  • /data/data/####/2023-11-11AM095144.so.rt
  • /data/data/####/2023-11-11AM095150.so.rt
  • /data/data/####/2023-11-11AM095157.so.rt
  • /data/data/####/2023-11-11AM095204.so.rt
  • /data/data/####/2023-11-11AM095211.so.rt
  • /data/data/####/2023-11-11AM095218.so.rt
  • /data/data/####/207U1WW1D4JCY74PWQE0QU9CMMCNRUN7.dex
  • /data/data/####/207U1WW1D4JCY74PWQE0QU9CMMCNRUN7.dex.flock (deleted)
  • /data/data/####/20QHKIHYQSC7ROQQBHKXETLPITEC7TN.dex (deleted)
  • /data/data/####/20QHKIHYQSC7ROQQBHKXETLPITEC7TN.dex.flock (deleted)
  • /data/data/####/20QHKIHYQSC7ROQQBHKXETLPITEC7TN.zip
  • /data/data/####/250035
  • /data/data/####/25T4TDVCN4LK02PNALZAVDPZ4IDTY967.dex
  • /data/data/####/25T4TDVCN4LK02PNALZAVDPZ4IDTY967.dex.flock (deleted)
  • /data/data/####/29
  • /data/data/####/4ZPIABYKUJ80VVP8Q2JN7H2O369J1MLJ.dex
  • /data/data/####/52I2G09WM1FDN5DJ3M06TJTZIBIE2FE.dex (deleted)
  • /data/data/####/52I2G09WM1FDN5DJ3M06TJTZIBIE2FE.dex.flock (deleted)
  • /data/data/####/52I2G09WM1FDN5DJ3M06TJTZIBIE2FE.zip
  • /data/data/####/6LJC01SQG1YIL9R2G4TDLRGMPS39NGFT.dex
  • /data/data/####/6LJC01SQG1YIL9R2G4TDLRGMPS39NGFT.dex.flock (deleted)
  • /data/data/####/6YAJ2CL79X76CC8AX2IS8HBZM5CRTDOX.dex
  • /data/data/####/77F071A42AWB9XTZA7R1LU0C72DCYMH6.dex
  • /data/data/####/7NBS3TI0EAK3L1L3Q77HPUOSBUT0UM5I.dex
  • /data/data/####/7OCSMEV6S79V5NNXL4ES3HNLW1WC8X0.dex
  • /data/data/####/7OCSMEV6S79V5NNXL4ES3HNLW1WC8X0.dex (deleted)
  • /data/data/####/7OCSMEV6S79V5NNXL4ES3HNLW1WC8X0.dex.flock (deleted)
  • /data/data/####/7OCSMEV6S79V5NNXL4ES3HNLW1WC8X0.zip
  • /data/data/####/8BTI2JUGM7C03JLKQ2ZV7L2GFAPR5Y9F.dex
  • /data/data/####/8BTI2JUGM7C03JLKQ2ZV7L2GFAPR5Y9F.dex.flock (deleted)
  • /data/data/####/8WGP8I7X7N9SIMMS3SGQ27DPWRULZVYB.dex
  • /data/data/####/8WGP8I7X7N9SIMMS3SGQ27DPWRULZVYB.dex.flock (deleted)
  • /data/data/####/97XWQHDG57UNZIFSCBQ9RBFH9MSDC3Z3.dex
  • /data/data/####/9NU90NNGKJU3PAFGZHTRH58F9DBEILQU.dex
  • /data/data/####/BH3IHFI3B5TWGT7RCILM76U67A71GU8.dex
  • /data/data/####/BH3IHFI3B5TWGT7RCILM76U67A71GU8.dex.flock (deleted)
  • /data/data/####/BH3IHFI3B5TWGT7RCILM76U67A71GU8.zip
  • /data/data/####/BX4F2PP6QPSL749Y9FZ9JJA9ZVXW0JK0.dex
  • /data/data/####/BX4NPSTTNRY2NLPU878TK80PODBUKYX.dex (deleted)
  • /data/data/####/BX4NPSTTNRY2NLPU878TK80PODBUKYX.dex.flock (deleted)
  • /data/data/####/BX4NPSTTNRY2NLPU878TK80PODBUKYX.zip
  • /data/data/####/G5P9JBWBDKA0UC4YM5ZHWAGMLIP1HI5.dex (deleted)
  • /data/data/####/G5P9JBWBDKA0UC4YM5ZHWAGMLIP1HI5.dex.flock (deleted)
  • /data/data/####/G5P9JBWBDKA0UC4YM5ZHWAGMLIP1HI5.zip
  • /data/data/####/GD5PJ7KRPWU4E48Y2D7HOQ0AP6XD56P.dex (deleted)
  • /data/data/####/GD5PJ7KRPWU4E48Y2D7HOQ0AP6XD56P.dex.flock (deleted)
  • /data/data/####/GD5PJ7KRPWU4E48Y2D7HOQ0AP6XD56P.zip
  • /data/data/####/GISVTKC3CULUQPM7BM54YEQWGH34JIMY.dex
  • /data/data/####/GXRC0DTG5T7C3N8306YEQIN3NV3I1YPR.dex
  • /data/data/####/HOQ33S31ZS19CGQTNBKK0A3DSJA0U76S.dex
  • /data/data/####/IECPkgStoreInfo
  • /data/data/####/IRH26ZNMN3HI9LIXI40OSS9PXTPCV4RL.dex
  • /data/data/####/IZJFPL61BI8MG6IW4VL3IOUG3CVBVOB.dex (deleted)
  • /data/data/####/IZJFPL61BI8MG6IW4VL3IOUG3CVBVOB.dex.flock (deleted)
  • /data/data/####/IZJFPL61BI8MG6IW4VL3IOUG3CVBVOB.zip
  • /data/data/####/JYQHI2GHO1YHX3A8RM0N4QUGPJ2ERYV0.dex
  • /data/data/####/K578SLHCLDROVZSR022IA2VBRRRQPADF.dex
  • /data/data/####/K578SLHCLDROVZSR022IA2VBRRRQPADF.dex.flock (deleted)
  • /data/data/####/KAH03YYRJQHUGHY76OKICOB6W4I5PSXD.dex
  • /data/data/####/LSW74OANMR8N3HK2TKIXMG02JH4854XU.dex
  • /data/data/####/OMK7QW38CY6PT6G4TZEJOBFVWJSAXB9.dex (deleted)
  • /data/data/####/OMK7QW38CY6PT6G4TZEJOBFVWJSAXB9.dex.flock (deleted)
  • /data/data/####/OMK7QW38CY6PT6G4TZEJOBFVWJSAXB9.zip
  • /data/data/####/P3EHB63NHDG05BRSQD2ZMEUVIFD42SN.dex (deleted)
  • /data/data/####/P3EHB63NHDG05BRSQD2ZMEUVIFD42SN.dex.flock (deleted)
  • /data/data/####/P3EHB63NHDG05BRSQD2ZMEUVIFD42SN.zip
  • /data/data/####/PPLMD7WAGKYHF7710X9JFK2218V644B4.dex
  • /data/data/####/URBZTTY13QGMCMIKKVDVES64B0JFFO3.dex (deleted)
  • /data/data/####/URBZTTY13QGMCMIKKVDVES64B0JFFO3.dex.flock (deleted)
  • /data/data/####/URBZTTY13QGMCMIKKVDVES64B0JFFO3.zip
  • /data/data/####/X8MRZSJ530P9SWMT3F84S2FPSJI0ER2G.dex
  • /data/data/####/X8MRZSJ530P9SWMT3F84S2FPSJI0ER2G.dex.flock (deleted)
  • /data/data/####/XBXCI9H05RUJNA7WOREDBBZ91E4PORZR.dex
  • /data/data/####/XBXCI9H05RUJNA7WOREDBBZ91E4PORZR.dex.flock (deleted)
  • /data/data/####/Y0Y1ZQYTQ4N0WZ09HC3MSOCMQNLY90GW.dex
  • /data/data/####/Y0Y1ZQYTQ4N0WZ09HC3MSOCMQNLY90GW.dex.flock (deleted)
  • /data/data/####/YK29NY6DE4J8KVS5LWNMOOO66B5AD0SK.dex
  • /data/data/####/Z4EFBO8B4GUF6MNIZ5H1H5Y6IUEXOT0Y.dex
  • /data/data/####/Z4EFBO8B4GUF6MNIZ5H1H5Y6IUEXOT0Y.dex.flock (deleted)
  • /data/data/####/Z9NYOVNQJHW5TKLYEHCVL11ZVK2JE995.dex
  • /data/data/####/Z9NYOVNQJHW5TKLYEHCVL11ZVK2JE995.dex.flock (deleted)
  • /data/data/####/ZK2VR04VKCQZYEN2VD11TPQ2U2MX8LKA.dex
  • /data/data/####/com.android.launcher3.prefs.xml
  • /data/data/####/empty_classes.dex
  • /data/data/####/empty_classes.zip
  • /data/data/####/feca180f359cbf1a65fc8862d2e8a00cts99nb.hbkp
  • /data/data/####/feca180f359cbf1a65fc8862d2e8a00cts99nb.hbkp (deleted)
  • /data/data/####/proc_auxv
  • /data/data/####/sealeh.bdc
  • /data/data/####/spUtils.xml
  • /data/data/####/working
Miscellaneous:
Executes the following shell scripts:
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/7OCSMEV6S79V5NNXL4ES3HNLW1WC8X0.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/BX4NPSTTNRY2NLPU878TK80PODBUKYX.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/OMK7QW38CY6PT6G4TZEJOBFVWJSAXB9.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/P3EHB63NHDG05BRSQD2ZMEUVIFD42SN.zip
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0R3ENB1M5EBEU4FTSNHGD3JDAKRF4NKD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0R3ENB1M5EBEU4FTSNHGD3JDAKRF4NKD.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1LLQ5F8QG0I1RFFX4HLFVK2A9WJASGVG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1LLQ5F8QG0I1RFFX4HLFVK2A9WJASGVG.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1Y45HA2HMQ4LS0DC13JVJFKSCSGB2Z28.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1Y45HA2HMQ4LS0DC13JVJFKSCSGB2Z28.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/207U1WW1D4JCY74PWQE0QU9CMMCNRUN7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/207U1WW1D4JCY74PWQE0QU9CMMCNRUN7.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/25T4TDVCN4LK02PNALZAVDPZ4IDTY967.dex --oat-file=/data/user/0/<Package>/cache/<Package>/25T4TDVCN4LK02PNALZAVDPZ4IDTY967.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4ZPIABYKUJ80VVP8Q2JN7H2O369J1MLJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4ZPIABYKUJ80VVP8Q2JN7H2O369J1MLJ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6LJC01SQG1YIL9R2G4TDLRGMPS39NGFT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6LJC01SQG1YIL9R2G4TDLRGMPS39NGFT.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6YAJ2CL79X76CC8AX2IS8HBZM5CRTDOX.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6YAJ2CL79X76CC8AX2IS8HBZM5CRTDOX.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/77F071A42AWB9XTZA7R1LU0C72DCYMH6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/77F071A42AWB9XTZA7R1LU0C72DCYMH6.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7NBS3TI0EAK3L1L3Q77HPUOSBUT0UM5I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7NBS3TI0EAK3L1L3Q77HPUOSBUT0UM5I.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8BTI2JUGM7C03JLKQ2ZV7L2GFAPR5Y9F.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8BTI2JUGM7C03JLKQ2ZV7L2GFAPR5Y9F.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8WGP8I7X7N9SIMMS3SGQ27DPWRULZVYB.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8WGP8I7X7N9SIMMS3SGQ27DPWRULZVYB.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/97XWQHDG57UNZIFSCBQ9RBFH9MSDC3Z3.dex --oat-file=/data/user/0/<Package>/cache/<Package>/97XWQHDG57UNZIFSCBQ9RBFH9MSDC3Z3.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/9NU90NNGKJU3PAFGZHTRH58F9DBEILQU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/9NU90NNGKJU3PAFGZHTRH58F9DBEILQU.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BX4F2PP6QPSL749Y9FZ9JJA9ZVXW0JK0.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BX4F2PP6QPSL749Y9FZ9JJA9ZVXW0JK0.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GISVTKC3CULUQPM7BM54YEQWGH34JIMY.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GISVTKC3CULUQPM7BM54YEQWGH34JIMY.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GXRC0DTG5T7C3N8306YEQIN3NV3I1YPR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GXRC0DTG5T7C3N8306YEQIN3NV3I1YPR.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOQ33S31ZS19CGQTNBKK0A3DSJA0U76S.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOQ33S31ZS19CGQTNBKK0A3DSJA0U76S.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/IRH26ZNMN3HI9LIXI40OSS9PXTPCV4RL.dex --oat-file=/data/user/0/<Package>/cache/<Package>/IRH26ZNMN3HI9LIXI40OSS9PXTPCV4RL.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JYQHI2GHO1YHX3A8RM0N4QUGPJ2ERYV0.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JYQHI2GHO1YHX3A8RM0N4QUGPJ2ERYV0.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/K578SLHCLDROVZSR022IA2VBRRRQPADF.dex --oat-file=/data/user/0/<Package>/cache/<Package>/K578SLHCLDROVZSR022IA2VBRRRQPADF.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KAH03YYRJQHUGHY76OKICOB6W4I5PSXD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KAH03YYRJQHUGHY76OKICOB6W4I5PSXD.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LSW74OANMR8N3HK2TKIXMG02JH4854XU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LSW74OANMR8N3HK2TKIXMG02JH4854XU.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/PPLMD7WAGKYHF7710X9JFK2218V644B4.dex --oat-file=/data/user/0/<Package>/cache/<Package>/PPLMD7WAGKYHF7710X9JFK2218V644B4.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/X8MRZSJ530P9SWMT3F84S2FPSJI0ER2G.dex --oat-file=/data/user/0/<Package>/cache/<Package>/X8MRZSJ530P9SWMT3F84S2FPSJI0ER2G.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/XBXCI9H05RUJNA7WOREDBBZ91E4PORZR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/XBXCI9H05RUJNA7WOREDBBZ91E4PORZR.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Y0Y1ZQYTQ4N0WZ09HC3MSOCMQNLY90GW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Y0Y1ZQYTQ4N0WZ09HC3MSOCMQNLY90GW.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/YK29NY6DE4J8KVS5LWNMOOO66B5AD0SK.dex --oat-file=/data/user/0/<Package>/cache/<Package>/YK29NY6DE4J8KVS5LWNMOOO66B5AD0SK.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Z4EFBO8B4GUF6MNIZ5H1H5Y6IUEXOT0Y.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Z4EFBO8B4GUF6MNIZ5H1H5Y6IUEXOT0Y.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Z9NYOVNQJHW5TKLYEHCVL11ZVK2JE995.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Z9NYOVNQJHW5TKLYEHCVL11ZVK2JE995.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZK2VR04VKCQZYEN2VD11TPQ2U2MX8LKA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZK2VR04VKCQZYEN2VD11TPQ2U2MX8LKA.dex --compiler-filter=verify-none --instruction-set=x86
  • getprop ro.dalvik.vm.isa.arm
  • getprop ro.dalvik.vm.isa.arm64
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0R3ENB1M5EBEU4FTSNHGD3JDAKRF4NKD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0R3ENB1M5EBEU4FTSNHGD3JDAKRF4NKD.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1LLQ5F8QG0I1RFFX4HLFVK2A9WJASGVG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1LLQ5F8QG0I1RFFX4HLFVK2A9WJASGVG.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1Y45HA2HMQ4LS0DC13JVJFKSCSGB2Z28.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1Y45HA2HMQ4LS0DC13JVJFKSCSGB2Z28.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/207U1WW1D4JCY74PWQE0QU9CMMCNRUN7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/207U1WW1D4JCY74PWQE0QU9CMMCNRUN7.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/25T4TDVCN4LK02PNALZAVDPZ4IDTY967.dex --oat-file=/data/user/0/<Package>/cache/<Package>/25T4TDVCN4LK02PNALZAVDPZ4IDTY967.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4ZPIABYKUJ80VVP8Q2JN7H2O369J1MLJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4ZPIABYKUJ80VVP8Q2JN7H2O369J1MLJ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6LJC01SQG1YIL9R2G4TDLRGMPS39NGFT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6LJC01SQG1YIL9R2G4TDLRGMPS39NGFT.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6YAJ2CL79X76CC8AX2IS8HBZM5CRTDOX.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6YAJ2CL79X76CC8AX2IS8HBZM5CRTDOX.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/77F071A42AWB9XTZA7R1LU0C72DCYMH6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/77F071A42AWB9XTZA7R1LU0C72DCYMH6.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7NBS3TI0EAK3L1L3Q77HPUOSBUT0UM5I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7NBS3TI0EAK3L1L3Q77HPUOSBUT0UM5I.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8BTI2JUGM7C03JLKQ2ZV7L2GFAPR5Y9F.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8BTI2JUGM7C03JLKQ2ZV7L2GFAPR5Y9F.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8WGP8I7X7N9SIMMS3SGQ27DPWRULZVYB.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8WGP8I7X7N9SIMMS3SGQ27DPWRULZVYB.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/97XWQHDG57UNZIFSCBQ9RBFH9MSDC3Z3.dex --oat-file=/data/user/0/<Package>/cache/<Package>/97XWQHDG57UNZIFSCBQ9RBFH9MSDC3Z3.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/9NU90NNGKJU3PAFGZHTRH58F9DBEILQU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/9NU90NNGKJU3PAFGZHTRH58F9DBEILQU.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BX4F2PP6QPSL749Y9FZ9JJA9ZVXW0JK0.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BX4F2PP6QPSL749Y9FZ9JJA9ZVXW0JK0.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GISVTKC3CULUQPM7BM54YEQWGH34JIMY.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GISVTKC3CULUQPM7BM54YEQWGH34JIMY.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GXRC0DTG5T7C3N8306YEQIN3NV3I1YPR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GXRC0DTG5T7C3N8306YEQIN3NV3I1YPR.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOQ33S31ZS19CGQTNBKK0A3DSJA0U76S.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOQ33S31ZS19CGQTNBKK0A3DSJA0U76S.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/IRH26ZNMN3HI9LIXI40OSS9PXTPCV4RL.dex --oat-file=/data/user/0/<Package>/cache/<Package>/IRH26ZNMN3HI9LIXI40OSS9PXTPCV4RL.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JYQHI2GHO1YHX3A8RM0N4QUGPJ2ERYV0.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JYQHI2GHO1YHX3A8RM0N4QUGPJ2ERYV0.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/K578SLHCLDROVZSR022IA2VBRRRQPADF.dex --oat-file=/data/user/0/<Package>/cache/<Package>/K578SLHCLDROVZSR022IA2VBRRRQPADF.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KAH03YYRJQHUGHY76OKICOB6W4I5PSXD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KAH03YYRJQHUGHY76OKICOB6W4I5PSXD.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LSW74OANMR8N3HK2TKIXMG02JH4854XU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LSW74OANMR8N3HK2TKIXMG02JH4854XU.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/PPLMD7WAGKYHF7710X9JFK2218V644B4.dex --oat-file=/data/user/0/<Package>/cache/<Package>/PPLMD7WAGKYHF7710X9JFK2218V644B4.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/X8MRZSJ530P9SWMT3F84S2FPSJI0ER2G.dex --oat-file=/data/user/0/<Package>/cache/<Package>/X8MRZSJ530P9SWMT3F84S2FPSJI0ER2G.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/XBXCI9H05RUJNA7WOREDBBZ91E4PORZR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/XBXCI9H05RUJNA7WOREDBBZ91E4PORZR.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Y0Y1ZQYTQ4N0WZ09HC3MSOCMQNLY90GW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Y0Y1ZQYTQ4N0WZ09HC3MSOCMQNLY90GW.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/YK29NY6DE4J8KVS5LWNMOOO66B5AD0SK.dex --oat-file=/data/user/0/<Package>/cache/<Package>/YK29NY6DE4J8KVS5LWNMOOO66B5AD0SK.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Z4EFBO8B4GUF6MNIZ5H1H5Y6IUEXOT0Y.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Z4EFBO8B4GUF6MNIZ5H1H5Y6IUEXOT0Y.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Z9NYOVNQJHW5TKLYEHCVL11ZVK2JE995.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Z9NYOVNQJHW5TKLYEHCVL11ZVK2JE995.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZK2VR04VKCQZYEN2VD11TPQ2U2MX8LKA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZK2VR04VKCQZYEN2VD11TPQ2U2MX8LKA.dex --compiler-filter=verify-none --instruction-set=x86
Loads the following dynamic libraries:
  • libcovault-appsec
Uses special library to hide executable bytecode.
Gets information about network.
Gets information about installed apps.
Intercepts notifications.
Requests the system alert window permission.

Рекомендации по лечению

Android

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play