Android.Packed.20115

Добавлен в вирусную базу Dr.Web: 2017-03-29

Описание добавлено: 2017-03-29

Technical information

Malicious functions:

Executes code of the following detected threats:

Android.MobiDash.1.origin

Network activity:

Connecting to:

m####.####.com
mo####.us
g####.####.com

HTTP GET requests:

mo####.us/uploads/files/photos/2017_03/thumb_addons-for-the-trailers-cargo-packs-v4-7-1-from-jazzycat-4-7-1_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_russian-map-rusmap-v1-7-1-fix-1-27-x-upd25-03-17-1-27_1.png
mo####.us/uploads/files/photos/2017_03/thumb_eaa-bus-map-v4-2-07_2.jpg
mo####.us/uploads/files/photos/2017_03/thumb_volvo-fh-2013-v22-00s-1-27_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_eaa-normal-v4-2-06-1-27_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_scania-trailer_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_62-heavy-cargo-pack-8-0_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_9684-new-route-advisor-v-1-0-1-0_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_liftable-axle-for-default-trailers_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_great-poland-map-v-1-1-7-1-1-7_3.png
mo####.us/uploads/files/photos/2017_03/thumb_9907-volvo-fh16-2012-v2-9-reworked_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_volvo-fh-2013-v22-00s-1-27_3.jpg
mo####.us/uploads/files/photos/2017_03/thumb_volvo-fhfh16-2012-reworked-updated-28-03-2017_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_trailer-d-tec-1-27_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_kamaz-5360-53602-5480-6460-73_2.jpg
mo####.us/uploads/files/photos/2017_03/thumb_american-truck-pack-promods-edition-v1-27_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_volvo-fh-2013-v22-00s-1-27_2.jpg
mo####.us/uploads/files/photos/2017_03/thumb_mod-for-steering-wheel-of-180-270-degrees-1-27-xx_1.jpg
m####.####.com/sdk-core-v40.js
mo####.us/uploads/files/photos/2017_03/thumb_railway-cargo-pack-by-jazzycat-v1-8-1_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_goldhofer-flatbed-v4-0_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_3340-map-legiunnaire-v2-7_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_mario-map-v12-2-1-27_5.jpg
mo####.us/uploads/files/photos/2017_03/thumb_kraz-255-update-1-0_2.jpg
mo####.us/uploads/files/photos/2017_03/thumb_zorzi-platform-trailer-1-27x_1.jpg
g####.####.com/feeds/api/videos/m6-84uU0ni8
mo####.us/uploads/files/photos/2017_03/thumb_military-cargo-pack-by-jazzycat-v2-2-1_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_eaa-map-bus-version-v4-2-06-1-27_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_roc-prc-names-mods-v0-11-0-11_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_radar-detector-v-1-3-for-rusmap_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_signs-for-trucks-1-0_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_eaa-bus-map-v4-2-07_10.jpg
mo####.us/uploads/files/photos/2017_03/thumb_trailers-and-cargo-pack-by-jazzycat-v4-7-1_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_2503-man-520-hn-1-27-x-1-0_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_eaa-bus-map-v4-2-07_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_dirty-road-map-1-27-1-0_2.jpg
mo####.us/uploads/files/photos/2017_03/thumb_mild-winter-weather-mod-v2-6_1.jpg
mo####.us/uploads/files/photos/2017_03/thumb_eaa-bus-map-v-4-2-07-1-27-x_1.jpg

HTTP POST requests:

mo####.us/back/gain_json/getNewDetails/A5s237EEEabcd258KAKADU/eaa-bus-map-v4-2-07
mo####.us/back/gain_json/getSubCatsByCats/A5s237EEEabcd258KAKADU
mo####.us/back/gain_json/getNewDetails/A5s237EEEabcd258KAKADU/62-heavy-cargo-pack-8-0
mo####.us/back/gain_json/getNews/A5s237EEEabcd258KAKADU/10/0/inserted_date/DESC/euro-truck-simulator-2-mods/FALSE/2
mo####.us/back/gain_json/getTopDownloads/A5s237EEEabcd258KAKADU/top/euro-truck-simulator-2-mods
mo####.us/back/gain_json/getNewDetails/A5s237EEEabcd258KAKADU/volvo-fh-2013-v22-00s-1-27
mo####.us/back/gain_json/getNews/A5s237EEEabcd258KAKADU/10/0/inserted_date/DESC/euro-truck-simulator-2-mods/maps/2
mo####.us/back/gain_json/getNews/A5s237EEEabcd258KAKADU/10/0/inserted_date/DESC/euro-truck-simulator-2-mods/trailers/2

Modified file system:

Creates the following files:

/data/data/####/databases/webviewCookiesChromium.db-journal
/data/data/####/shared_prefs/####_preferences.xml.bak
/data/data/####/files/gaClientId
/data/data/####/cache/webviewCacheChromium/data_0
/sdcard/Android/data/####/cache/.nomedia
/data/data/####/files/wtf
/data/data/####/code_cache/secondary-dexes/MultiDex.lock
/data/data/####/shared_prefs/####_preferences.xml
/data/data/####/databases/google_analytics_v2.db-journal
/data/data/####/databases/webview.db-journal
/data/data/####/cache/webviewCacheChromium/f_000001
/data/data/####/cache/ads-1646915357.jar
/data/data/####/code_cache/secondary-dexes/tmp-####-1.apk.classes-19070512.zip
/data/data/####/cache/webviewCacheChromium/data_3
/data/data/####/cache/webviewCacheChromium/data_2
/data/data/####/cache/webviewCacheChromium/data_1
/data/data/####/app_app_apk/ets2m.dat.jar
/data/data/####/cache/webviewCacheChromium/index
/data/data/####/shared_prefs/multidex.version.xml

Miscellaneous:

Contains functionality to send SMS messages automatically.

Технології

Терміни

Навчання

Міфи

Technical information

Рекомендации по лечению

Демо бесплатно на 14 дней