Technical information
Malicious functions:
Sends SMS messages:
- 1069099903306: ####
Sends data on received text messages to remote host.
Network activity:
Connecting to:
- sdku####.####.com
- mo####.####.com
- omujr####.####.com
- i####.####.com
- yys####.####.com
- mmy####.####.com
- a####.####.com
- priceru####.####.com
HTTP GET requests:
- i####.####.com/02d5f360203b4b9a91dab26b811a1f29
- i####.####.com/ca9aab0c74bf4745b9ef85ddc666eb2e.png
- i####.####.com/af28746dd8ce4525b929e0d167f6da30
- i####.####.com/b0f17a73e0b24f61a29890207440b8f6
- mmy####.####.com/mmys-cps/rdContent.service?deviceId=####&uuid=####&imei...
- mmy####.####.com/mmys-cps/appUpgrade.service?deviceId=####&uuid=####&ime...
- i####.####.com/7f3926110391408b84f4958e37d92507.jpg
- yys####.####.com/yysd-cps/upList.service?deviceId=####&uuid=####&imei=##...
- i####.####.com/f915386dd45f40e7b02ead81d2fcae05.png
- i####.####.com/34b80e1d180044d28dc681dc047a00d6.jpg
- i####.####.com/dae1bd5b6a074a0b8c3004b38a5cfaff.jpg
- i####.####.com/55d3167939c44457b23128a276cc0887.jpg
- priceru####.####.com/price-rule-cmp/rule/matchRule?version=####&deviceId...
- mmy####.####.com/mmys-cps/runConfig.service?deviceId=####&uuid=####&imei...
- i####.####.com/d262906cbd7348f4b9acf9fa8559ed22
- omujr####.####.com/parkedmmys?deviceId=####&uuid=####&imei=####&imsi=###...
- i####.####.com/268689e1380549fd8c972197edb5f809.png
- i####.####.com/07c69231ed0f41c48bc611f48fa12a8a
- i####.####.com/b3b00a4e0ecf4b23ada3e55616be2238
- i####.####.com/1b9e0364faf6490b83e90dd4a1d6c733.jpg
- yys####.####.com/yysd-cps/plugSwitch.service?&deviceId=####&uuid=####&im...
- a####.####.com/029400f9982c4d2bb3fb8d7d05e31d35.apk
HTTP POST requests:
- yys####.####.com/dynamicpay//getSyFormalChannels.json?
- mmy####.####.com/mmys-cps/userActivation.service?deviceId=####&uuid=####...
- sdku####.####.com/sdk-update/sdkUpdateCdnUpload.json
- mo####.####.com/mobile-service/getImsiMobilePhone.json
Modified file system:
Creates the following files:
- /data/data/####/cache/picasso-cache/03d6d5cd1533124ed984fabd6abab94b.0.tmp
- /data/data/####/shared_prefs/ds_configer.xml
- /data/data/####/shared_prefs/common.xml
- /data/data/####/databases/p_db
- /data/data/####/shared_prefs/uuid_reg.xml
- /data/data/####/cache/picasso-cache/a30d692991dfacc55c05aad88fb40e61.0.tmp
- /sdcard/SAdAssetsAX/game.properties
- /data/data/####/cache/picasso-cache/41d8dd6ff2721ae2086a4530ab75320e.1.tmp
- /data/data/####/cache/picasso-cache/6468c4da18bab9d0f19be734bedb7e83.1.tmp
- /data/data/####/cache/picasso-cache/f7d5d0ca02a055fa53135d18c7d1ed7e.0.tmp
- /data/data/####/cache/picasso-cache/9c77cd483fcd1a813d9aabf05c0e5fb7.1.tmp
- /data/data/####/shared_prefs/domain.xml
- /data/data/####/cache/picasso-cache/7ae335b120437bb57eb9669759237283.1.tmp
- /data/data/####/shared_prefs/recommend.xml
- /data/data/####/databases/sy_pay_record-journal
- /data/data/####/cache/picasso-cache/ac51ed24de6be964c301b29059da5144.0.tmp
- /data/data/####/cache/picasso-cache/e6428c4456b35d919e635e743e2fee4c.0.tmp
- /data/data/####/cache/picasso-cache/fb18d38d5292790327f9a985256fed59.1.tmp
- /data/data/####/cache/picasso-cache/7ae335b120437bb57eb9669759237283.0.tmp
- /data/data/####/cache/picasso-cache/a30d692991dfacc55c05aad88fb40e61.1.tmp
- /data/data/####/cache/picasso-cache/41d8dd6ff2721ae2086a4530ab75320e.0.tmp
- /data/data/####/cache/picasso-cache/5a50a58a4c8e3d3591299675a5a9b1f0.1.tmp
- /data/data/####/databases/p_db-journal
- /sdcard/SAdAssetsAX/game20150817.apk
- /data/data/####/cache/picasso-cache/9c77cd483fcd1a813d9aabf05c0e5fb7.0.tmp
- /data/data/####/cache/picasso-cache/28d8ea2c9caed3ccc37a30cdf221ac3e.0.tmp
- /data/data/####/cache/picasso-cache/d00006e4891ff6726b36456cff5b158c.0.tmp
- /data/data/####/databases/upgrade_app-journal
- /data/data/####/cache/picasso-cache/e6428c4456b35d919e635e743e2fee4c.1.tmp
- /data/data/####/cache/picasso-cache/6468c4da18bab9d0f19be734bedb7e83.0.tmp
- /data/data/####/shared_prefs/domain.xml.bak
- /data/data/####/cache/picasso-cache/fb18d38d5292790327f9a985256fed59.0.tmp
- /sdcard/SYPAYFILENAME/CACHE/SMSCACHE/ISDELSMS
- /data/data/####/databases/recommend_app-journal
- /data/data/####/shared_prefs/p_config.xml
- /data/data/####/shared_prefs/config_switch.xml
- /data/data/####/shared_prefs/config_ad.xml
- /data/data/####/cache/picasso-cache/944e49371a0826ff726461d0fc116dc7.1.tmp
- /data/data/####/databases/webview.db-journal
- /data/data/####/files/gaClientId
- /data/data/####/databases/sy_video_data_cache-journal
- /data/data/####/cache/picasso-cache/journal.tmp
- /data/data/####/cache/picasso-cache/5a50a58a4c8e3d3591299675a5a9b1f0.0.tmp
- /data/data/####/cache/picasso-cache/03d6d5cd1533124ed984fabd6abab94b.1.tmp
- /data/data/####/cache/picasso-cache/28d8ea2c9caed3ccc37a30cdf221ac3e.1.tmp
- /data/data/####/databases/google_analytics_v2.db-journal
- /data/data/####/cache/picasso-cache/f7d5d0ca02a055fa53135d18c7d1ed7e.1.tmp
- /data/data/####/databases/statistics_db
- /data/data/####/cache/picasso-cache/d00006e4891ff6726b36456cff5b158c.1.tmp
- /data/data/####/cache/picasso-cache/ac51ed24de6be964c301b29059da5144.1.tmp
- /data/data/####/databases/statistics_db-journal
- /data/data/####/cache/picasso-cache/944e49371a0826ff726461d0fc116dc7.0.tmp
Miscellaneous:
Contains functionality to send SMS messages automatically.
