Android.Siggen.Susp.24543

Добавлен в вирусную базу Dr.Web: 2024-12-14

Описание добавлено: 2024-12-14

Technical information

Malicious functions:

Executes code of the following detected threats:

Android.Siggen.Susp.24536

Network activity:

Connects to:

UDP(DNS) <Google DNS>
TCP(TLS/1.0) and####.google####.com:443
TCP(TLS/1.0) 1####.250.190.99:443
TCP(TLS/1.0) 2####.239.34.223:443
TCP(TLS/1.0) rr2---s####.g####.com:443
TCP(TLS/1.0) pla####.google####.com:443
TCP(TLS/1.2) 2####.58.210.170:443
TCP(TLS/1.2) 64.2####.164.102:443
TCP(TLS/1.2) 64.2####.164.95:443
TCP(TLS/1.2) pla####.google####.com:443
TCP(TLS/1.2) 1####.250.190.99:443
TCP(TLS/1.2) 1####.177.14.99:443
TCP 2####.58.210.170:443

DNS requests:

and####.google####.com
pla####.google####.com
rr2---s####.g####.com

File system changes:

Creates the following files:

/data/anr/traces.txt
/data/com.jibaimtcr.huawei/####/base.apk.classes2.dex
/data/com.jibaimtcr.huawei/####/base.apk.classes2.dex.flock (deleted)
/data/data/####/5.xml
/data/data/####/MultiDex.lock
/data/data/####/base.apk.classes1.dex
/data/data/####/base.apk.classes1.dex.flock (deleted)
/data/data/####/base.apk.classes1.zip
/data/data/####/base.apk.classes2.dex
/data/data/####/base.apk.classes2.dex.flock (deleted)
/data/data/####/base.apk.classes2.zip
/data/data/####/classes.dex
/data/data/####/classes2.dex
/data/data/####/classes3.dex
/data/data/####/classes4.dex
/data/data/####/classes5.dex
/data/data/####/code_info
/data/data/####/multidex.version.xml
/data/data/####/proc_auxv
/data/data/####/temp
/data/data/####/temp (deleted)
/data/data/####/tmp-base.apk.classes1002638942.zip
/data/data/####/tmp-base.apk.classes1009446208.zip
/data/data/####/tmp-base.apk.classes1017228752.zip
/data/data/####/tmp-base.apk.classes1017308107.zip
/data/data/####/tmp-base.apk.classes10346437.zip
/data/data/####/tmp-base.apk.classes1069343943.zip
/data/data/####/tmp-base.apk.classes1093757421.zip
/data/data/####/tmp-base.apk.classes1157654363.zip
/data/data/####/tmp-base.apk.classes1201336296.zip
/data/data/####/tmp-base.apk.classes1312285307.zip
/data/data/####/tmp-base.apk.classes1325428413.zip
/data/data/####/tmp-base.apk.classes1418605214.zip
/data/data/####/tmp-base.apk.classes1448626948.zip
/data/data/####/tmp-base.apk.classes151729673.zip
/data/data/####/tmp-base.apk.classes1541353062.zip
/data/data/####/tmp-base.apk.classes1547876840.zip
/data/data/####/tmp-base.apk.classes1556051298.zip
/data/data/####/tmp-base.apk.classes1575687866.zip
/data/data/####/tmp-base.apk.classes1604465577.zip
/data/data/####/tmp-base.apk.classes1614374369.zip
/data/data/####/tmp-base.apk.classes1639290660.zip
/data/data/####/tmp-base.apk.classes1648727025.zip
/data/data/####/tmp-base.apk.classes1653988182.zip
/data/data/####/tmp-base.apk.classes1729758640.zip
/data/data/####/tmp-base.apk.classes1734385378.zip
/data/data/####/tmp-base.apk.classes1795010276.zip
/data/data/####/tmp-base.apk.classes180312393.zip
/data/data/####/tmp-base.apk.classes188771320.zip
/data/data/####/tmp-base.apk.classes1919174853.zip
/data/data/####/tmp-base.apk.classes2000418168.zip
/data/data/####/tmp-base.apk.classes2042169174.zip
/data/data/####/tmp-base.apk.classes2050961480.zip
/data/data/####/tmp-base.apk.classes2070786441.zip
/data/data/####/tmp-base.apk.classes2080971812.zip
/data/data/####/tmp-base.apk.classes2081474858.zip
/data/data/####/tmp-base.apk.classes2113118947.zip
/data/data/####/tmp-base.apk.classes211783176.zip
/data/data/####/tmp-base.apk.classes2133496328.zip
/data/data/####/tmp-base.apk.classes2143529435.zip
/data/data/####/tmp-base.apk.classes230663806.zip
/data/data/####/tmp-base.apk.classes25761485.zip
/data/data/####/tmp-base.apk.classes341689039.zip
/data/data/####/tmp-base.apk.classes411328590.zip
/data/data/####/tmp-base.apk.classes493013571.zip
/data/data/####/tmp-base.apk.classes50464770.zip
/data/data/####/tmp-base.apk.classes529751896.zip
/data/data/####/tmp-base.apk.classes534222516.zip
/data/data/####/tmp-base.apk.classes536772055.zip
/data/data/####/tmp-base.apk.classes544097608.zip
/data/data/####/tmp-base.apk.classes564409945.zip
/data/data/####/tmp-base.apk.classes596932403.zip
/data/data/####/tmp-base.apk.classes617489969.zip
/data/data/####/tmp-base.apk.classes663017578.zip
/data/data/####/tmp-base.apk.classes707984983.zip
/data/data/####/tmp-base.apk.classes714031295.zip
/data/data/####/tmp-base.apk.classes777343008.zip
/data/data/####/tmp-base.apk.classes801012945.zip
/data/data/####/tmp-base.apk.classes848033915.zip
/data/data/####/tmp-base.apk.classes910392228.zip
/data/data/####/tmp-base.apk.classes918916174.zip
/data/data/####/tmp-base.apk.classes975692771.zip
/data/data/####/tmp-base.apk.classes980361407.zip
/data/data/####/tmp-base.apk.classes982704841.zip
/drw/dvm_dumps/10065.4715.base.apk.classes2.zip.8ca9085acc1750f...ck.txt
/drw/dvm_dumps/10065.4715.base.apk.classes2.zip.8ca9085acc1750f...le.jar

Miscellaneous:

Loads the following dynamic libraries:

libjiagu_sdk_SDKProtected
libnative-lib

Displays its own windows over windows of other apps.

Requests the system alert window permission.

Технологии

Термины

Обучение и просвещение

Мифы

Technical information

Рекомендации по лечению

Демо бесплатно на 14 дней