Technical information
Malicious functions:
Executes code of the following detected threats:
- Android.DownLoader.57.origin
Network activity:
Connecting to:
- f####.####.cn
- s####.####.net
- o####.####.com
- a####.####.com
- o####.####.cn
HTTP GET requests:
- s####.####.net/v3/init?s=####
- f####.####.cn/M00/02/8A/wKhkA1OruKuALooUAAFdz34EzSM608.jpg
- f####.####.cn/M00/02/72/wKhkA1OpKEqANMnPAAD3pw7gsR0015.jpg
- f####.####.cn/M00/02/88/wKhkA1OrlZqAH1h0AAIy1LIf1xU532.jpg
- f####.####.cn/M00/02/88/wKhkA1OrlviAZyx9AAEBeqMtl3s318.jpg
- f####.####.cn/M00/03/47/wKhkA1OySriAT_L-AAFjmr3oszw520.jpg
- f####.####.cn/M00/02/89/wKhkA1OrmGiATfwpAAC9xt9Jzh4621.jpg
- s####.####.net/banner/v4/req?s=####
- f####.####.cn/M00/02/72/wKhkA1OpIiyAOh-dAAG2y0dileM628.jpg
- f####.####.cn/M00/03/47/wKhkA1OyTVKAN1yDAADXhsGBF7I120.jpg
- f####.####.cn/M00/03/47/wKhkA1OyTmKAECNFAAEUbiyq238744.jpg
- f####.####.cn/M00/02/8A/wKhkA1OruimANYf9AAE8xdgk0GI734.jpg
- f####.####.cn/M00/02/8A/wKhkA1OrtyaAftPsAAFyT0xuhLE337.jpg
- f####.####.cn/M00/03/47/wKhkA1OySxqAalZgAAFmvLfzPa0491.jpg
HTTP POST requests:
- o####.####.cn/7/find
- a####.####.com/app_logs
- o####.####.com/check_config_update
Modified file system:
Creates the following files:
- /sdcard/Songs_SQY/image/f304fb1c1d1bf0567b17d85456b00b84
- /sdcard/Songs_SQY/image/5458cb818c49b2599b921a0c3614d8f0
- /sdcard/Songs_SQY/image/0d8ff32f62036bc48168e59df916c6d8
- /data/data/####/databases/XKwVoK0huy3R-journal
- /data/data/####/databases/Songs.db-journal
- /sdcard/Songs_SQY/image/28d760b54530e78d876e0c092c9636a6
- /sdcard/Songs_SQY/image/1f67393223615479bb3e4814a29bc53b
- /data/data/####/databases/P15pKIjsm64m-journal
- /sdcard/Songs_SQY/image/e4807d6674f1b6e2edd2536c95d73784
- /data/data/####/files/jni.jar
- /data/data/####/databases/T1oX0rhhuXWt-journal
- /data/data/####/shared_prefs/sp_instance.xml.bak
- /data/data/####/shared_prefs/umeng_general_config.xml
- /data/data/####/shared_prefs/CE94557724F842149D690D0E8CBB1CBD.xml
- /data/data/####/databases/wIU6pTyUBYWX
- /sdcard/Songs_SQY/image/a8acb6be9063acd2721cbf13a11b899e
- /sdcard/Songs_SQY/image/987a33028a8bbf59fea6e1360037b61d
- /data/data/####/databases/wsUL1uCdKvjD-journal
- /data/data/####/files/.imprint
- /data/data/####/databases/jqIqJYOT3JpT-journal
- /sdcard/Songs_SQY/image/731d08d479a8acc95b869ac9daa3c19c
- /sdcard/Songs_SQY/image/0fb4eb9df9ec74fa009cf668ce2425b3
- /data/data/####/databases/P15pKIjsm64m
- /data/data/####/databases/wIU6pTyUBYWX-journal
- /data/data/####/files/umeng_it.cache
- /data/data/####/databases/T1oX0rhhuXWt
- /data/data/####/shared_prefs/sp_instance.xml
- /data/data/####/files/tempjni.jar
- /data/data/####/shared_prefs/mobclick_agent_online_setting_####.xml.bak
- /data/data/####/shared_prefs/sp_image.xml.bak
- /data/data/####/databases/Songs.db
- /data/data/####/cache/BmobKeyValueCache/1485419093759.RequestCommand.find.3.217e46e67ae457be29b7115c85d9f241
- /data/data/####/databases/jqIqJYOT3JpT
- /data/data/####/files/gaClientId
- /data/data/####/shared_prefs/sp_image.xml
- /data/data/####/shared_prefs/umeng_general_config.xml.bak
- /data/data/####/databases/wsUL1uCdKvjD
- /data/data/####/databases/google_analytics_v2.db-journal
- /data/data/####/shared_prefs/mobclick_agent_online_setting_####.xml
- /data/data/####/databases/XKwVoK0huy3R
- /sdcard/Songs_SQY/image/02a531a44e0ec72f974b69ff3fb8ac84
- /data/data/####/shared_prefs/bmob_sp.xml
- /sdcard/Songs_SQY/image/56486ba6b361ecf5956eb40314b499f5
Miscellaneous:
Contains functionality to send SMS messages automatically.
