Technical information
Malicious functions:
Removes app icon from the screen.
Network activity:
Connects to:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) adc-ad-####.ad####.com:80
- TCP(HTTP/1.1) ne####.ad####.com:80
- TCP(TLS/1.0) wd.adco####.xyz:443
- TCP(TLS/1.0) events####.adco####.com:443
- TCP(TLS/1.0) adc3-la####.adco####.com:443
- TCP(TLS/1.0) adc-ad-####.ad####.com:443
- TCP(TLS/1.0) www.you####.com:443
- TCP(TLS/1.0) a####.adco####.com:443
- TCP(TLS/1.0) adt####.ap####.net:443
- TCP(TLS/1.0) adc3-as####.adco####.com:443
- TCP(TLS/1.0) eve####.adco####.com:443
- TCP(TLS/1.0) c4d####.adco####.com:443
DNS requests:
- a####.adco####.com
- adc-ad-####.ad####.com
- adc3-as####.adco####.com
- adc3-la####.adco####.com
- adt####.ap####.net
- c4d####.adco####.com
- eve####.adco####.com
- events####.adco####.com
- ne####.ad####.com
- s.y####.com
- wd.adco####.com
- www.you####.com
HTTP GET requests:
- adc-ad-####.ad####.com/output/ive_images/png/ive_image_141231.png
- adc-ad-####.ad####.com/output/videos/vertical_hd_141231.m4v
- adc-ad-####.ad####.com/output_static/ui/in-video-action-clear.png
- adc-ad-####.ad####.com/output_static/ui/in-video-action-down-x2.png
- adc-ad-####.ad####.com/output_static/ui/in-video-action-normal-x2.png
- ne####.ad####.com/fonts/roboto/roboto-black-webfont.ttf
- ne####.ad####.com/fonts/roboto/roboto-bold-webfont.ttf
- ne####.ad####.com/fonts/roboto/roboto-light-webfont.ttf
- ne####.ad####.com/fonts/roboto/roboto-medium-webfont.ttf
- ne####.ad####.com/fonts/roboto/roboto-regular-webfont.ttf
- ne####.ad####.com/fonts/roboto/roboto-thin-webfont.ttf
- ne####.ad####.com/production/builds/2018-06/63831/5f05c25d-f066-4e52-aa6...
File system changes:
Creates the following files:
- /data/data/####/026ae9c9824b3e483fa6c71fa88f57ae27816141
- /data/data/####/1fa41718cb95e24a5539fe5b361b491b.js
- /data/data/####/39798936-ab5f-4a67-a41f-40f2fa7f31cc
- /data/data/####/422de421e0f4e019426b9abfd780746bc40740eb
- /data/data/####/5020c71a-3668-4fed-885a-98e0714623d1
- /data/data/####/5817fd58060fd50e62987eda9387cbaf.js
- /data/data/####/656b844f4d3a50a0f47d6e742a1aa9cb.js
- /data/data/####/73f3c5dc-10b0-4ce2-9a9a-07fd0742a388
- /data/data/####/745bd15a7e12702a855dcc752f8c7da8.js
- /data/data/####/7bf3a1e7bbd31e612eda3310c2cdb8075c43c6b5
- /data/data/####/7c293310-105c-4d7b-bdd5-60d2b295afba
- /data/data/####/7e6fedf5-a6b5-422f-a2ea-7a97760b83dd
- /data/data/####/88f6b572-b78b-4835-afb6-488fd3147242
- /data/data/####/8bbf719b-1d6f-4458-a863-24b714262851
- /data/data/####/98104ca2-7f4f-4ffd-b975-4b2598e39a21
- /data/data/####/AppInfo
- /data/data/####/AppVersion
- /data/data/####/INSTALLATION
- /data/data/####/a028892c-29d0-4228-a995-646a939c513f
- /data/data/####/a06ba429-392d-44a8-b98c-0d3c9ccd0775.m4v
- /data/data/####/a1bf98cf-87e8-4951-b6dc-134a482917c2.m4v
- /data/data/####/a27544a2-86fa-443a-bfbe-6a61e5e171e5
- /data/data/####/a5f785a627f6d2a395f351dc01c413dc.png
- /data/data/####/ad_cache_report.txt
- /data/data/####/ae987b1d-9dd6-419a-a0c2-5f19706be175
- /data/data/####/b8ac9ed8-22b6-4592-988b-9f5769d7e2d6
- /data/data/####/c7bcb933-3bf3-4e1d-8248-ade17eeeaf4c
- /data/data/####/cdcdf4e0-d6f7-42bc-a137-bea6ebee7357
- /data/data/####/cec4febf-5a16-485d-be43-d4990287899f
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dfa81852-ae5f-40ab-9a44-059086e7b6fd
- /data/data/####/f242d67c-c8ea-40ae-ad80-b692fda524e1
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/index
- /data/data/####/media
- /data/data/####/network_requests
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
Miscellaneous:
Loads the following dynamic libraries:
- adcolony
- js
Gets information about network.
Displays its own windows over windows of other apps.
