Защити созданное

Другие наши ресурсы

  • free.drweb.uz — бесплатные утилиты, плагины, информеры
  • av-desk.com — интернет-сервис для поставщиков услуг Dr.Web AV-Desk
  • curenet.drweb.uz — сетевая лечащая утилита Dr.Web CureNet!
  • www.drweb.uz/web-iq — ВебIQметр
Закрыть

Библиотека
Моя библиотека

Чтобы добавить ресурс в библиотеку, войдите в аккаунт.

+ Добавить в библиотеку

Ресурсов: -

Последний: -

Моя библиотека

Поиск

Поиск

Поддержка
Круглосуточная поддержка | Правила обращения

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -
Создать новый запрос Частые вопросы

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

UZ

RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть
Сервисы
Сканеры
Dr.Web vxCube
Демо
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Android.SmsSend.20570

Добавлен в вирусную базу Dr.Web: 2017-07-11

Описание добавлено:

Technical information

Malicious functions:
Sends SMS messages:
  • 1065888016: F
  • 10665106: 606
Network activity:
Connecting to:
  • 1####.####.147
  • 1####.####.147:8080
  • 1####.####.91
  • 1####.####.91:8080
  • a####.####.com
  • p####.####.com
  • p####.####.com:8080
HTTP GET requests:
  • 1####.####.147/xmld/HttpService!service?paramMap=####
  • 1####.####.91/mm/HttpService!service?paramMap=####
  • 1####.####.91:8080/xad/resService!service?paramMap=####
  • p####.####.com/res/novel/app/content/10.txt
  • p####.####.com:8080/sdk/spaycoredex_so_1990.jar
HTTP POST requests:
  • 1####.####.147:8080/xmld/HttpService
  • a####.####.com/app_logs
Modified file system:
Creates the following files:
  • <Package Folder>/app_payload_odex/<Package>.jar
  • <Package Folder>/app_process_lock/1122141166914.62
  • <Package Folder>/app_process_lock/1122141166914.62 (deleted)
  • <Package Folder>/app_process_lock/1122141167224.21
  • <Package Folder>/app_process_lock/1122141167224.21 (deleted)
  • <Package Folder>/app_process_lock/1122141167559.73
  • <Package Folder>/app_process_lock/1122141167559.73 (deleted)
  • <Package Folder>/app_process_lock/1122141167571.92
  • <Package Folder>/app_process_lock/1122141167571.92 (deleted)
  • <Package Folder>/app_process_lock/1122141167615.11
  • <Package Folder>/app_process_lock/1122141167615.11 (deleted)
  • <Package Folder>/app_process_lock/1122141167717.36
  • <Package Folder>/app_process_lock/1122141167717.36 (deleted)
  • <Package Folder>/app_process_lock/1122141167790.29
  • <Package Folder>/app_process_lock/1122141167790.29 (deleted)
  • <Package Folder>/app_process_lock/1122141168077.19
  • <Package Folder>/app_process_lock/1122141168077.19 (deleted)
  • <Package Folder>/app_process_lock/1122141168245.84
  • <Package Folder>/app_process_lock/1122141168245.84 (deleted)
  • <Package Folder>/app_process_lock/1132.30089999093
  • <Package Folder>/app_process_lock/1132.30089999093 (deleted)
  • <Package Folder>/app_process_lock/1132.34542065845
  • <Package Folder>/app_process_lock/1132.34542065845 (deleted)
  • <Package Folder>/app_process_lock/1132.38994132597
  • <Package Folder>/app_process_lock/1132.38994132597 (deleted)
  • <Package Folder>/app_process_lock/1132.43446199348
  • <Package Folder>/app_process_lock/1132.43446199348 (deleted)
  • <Package Folder>/app_process_lock/1132.478982661
  • <Package Folder>/app_process_lock/1132.478982661 (deleted)
  • <Package Folder>/app_process_lock/1132.52350332852
  • <Package Folder>/app_process_lock/1132.52350332852 (deleted)
  • <Package Folder>/app_process_lock/1132.56802399603
  • <Package Folder>/app_process_lock/1132.56802399603 (deleted)
  • <Package Folder>/app_process_lock/161.918512514603
  • <Package Folder>/app_process_lock/161.918512514603 (deleted)
  • <Package Folder>/app_process_lock/2325830417787.38
  • <Package Folder>/app_process_lock/2325830417787.38 (deleted)
  • <Package Folder>/app_process_lock/2325830418672.35
  • <Package Folder>/app_process_lock/2325830418672.35 (deleted)
  • <Package Folder>/app_process_lock/2325830419153.85
  • <Package Folder>/app_process_lock/2325830419153.85 (deleted)
  • <Package Folder>/app_process_lock/2325830419672.46
  • <Package Folder>/app_process_lock/2325830419672.46 (deleted)
  • <Package Folder>/app_process_lock/2325830419848.61
  • <Package Folder>/app_process_lock/2325830419848.61 (deleted)
  • <Package Folder>/app_process_lock/2325830420278.83
  • <Package Folder>/app_process_lock/2325830420278.83 (deleted)
  • <Package Folder>/app_process_lock/2325830424398.54
  • <Package Folder>/app_process_lock/2325830424398.54 (deleted)
  • <Package Folder>/app_process_lock/2325830425558.65
  • <Package Folder>/app_process_lock/2325830425558.65 (deleted)
  • <Package Folder>/app_process_lock/2325830425948.08
  • <Package Folder>/app_process_lock/2325830425948.08 (deleted)
  • <Package Folder>/app_process_lock/261207945378.465
  • <Package Folder>/app_process_lock/261207945378.465 (deleted)
  • <Package Folder>/app_process_lock/261207945477.854
  • <Package Folder>/app_process_lock/261207945477.854 (deleted)
  • <Package Folder>/app_process_lock/261207945531.931
  • <Package Folder>/app_process_lock/261207945531.931 (deleted)
  • <Package Folder>/app_process_lock/261207945590.175
  • <Package Folder>/app_process_lock/261207945590.175 (deleted)
  • <Package Folder>/app_process_lock/261207945609.958
  • <Package Folder>/app_process_lock/261207945609.958 (deleted)
  • <Package Folder>/app_process_lock/261207945658.275
  • <Package Folder>/app_process_lock/261207945658.275 (deleted)
  • <Package Folder>/app_process_lock/261207946120.948
  • <Package Folder>/app_process_lock/261207946120.948 (deleted)
  • <Package Folder>/app_process_lock/261207946251.237
  • <Package Folder>/app_process_lock/261207946251.237 (deleted)
  • <Package Folder>/app_process_lock/261207946294.973
  • <Package Folder>/app_process_lock/261207946294.973 (deleted)
  • <Package Folder>/app_process_lock/2965433806468.27
  • <Package Folder>/app_process_lock/2965433806468.27 (deleted)
  • <Package Folder>/app_process_lock/2965433807286.41
  • <Package Folder>/app_process_lock/2965433807286.41 (deleted)
  • <Package Folder>/app_process_lock/2965433808173.09
  • <Package Folder>/app_process_lock/2965433808173.09 (deleted)
  • <Package Folder>/app_process_lock/2965433808205.29
  • <Package Folder>/app_process_lock/2965433808205.29 (deleted)
  • <Package Folder>/app_process_lock/2965433808319.44
  • <Package Folder>/app_process_lock/2965433808319.44 (deleted)
  • <Package Folder>/app_process_lock/2965433808589.64
  • <Package Folder>/app_process_lock/2965433808589.64 (deleted)
  • <Package Folder>/app_process_lock/2965433808782.39
  • <Package Folder>/app_process_lock/2965433808782.39 (deleted)
  • <Package Folder>/app_process_lock/2965433809540.54
  • <Package Folder>/app_process_lock/2965433809540.54 (deleted)
  • <Package Folder>/app_process_lock/2965433809986.23
  • <Package Folder>/app_process_lock/2965433809986.23 (deleted)
  • <Package Folder>/app_process_lock/690282911441.088
  • <Package Folder>/app_process_lock/690282911441.088 (deleted)
  • <Package Folder>/app_process_lock/690282911703.74
  • <Package Folder>/app_process_lock/690282911703.74 (deleted)
  • <Package Folder>/app_process_lock/690282911846.644
  • <Package Folder>/app_process_lock/690282911846.644 (deleted)
  • <Package Folder>/app_process_lock/690282912000.563
  • <Package Folder>/app_process_lock/690282912000.563 (deleted)
  • <Package Folder>/app_process_lock/690282912052.844
  • <Package Folder>/app_process_lock/690282912052.844 (deleted)
  • <Package Folder>/app_process_lock/690282912180.528
  • <Package Folder>/app_process_lock/690282912180.528 (deleted)
  • <Package Folder>/app_process_lock/690282913403.214
  • <Package Folder>/app_process_lock/690282913403.214 (deleted)
  • <Package Folder>/app_process_lock/690282913747.524
  • <Package Folder>/app_process_lock/690282913747.524 (deleted)
  • <Package Folder>/app_process_lock/690282913863.103
  • <Package Folder>/app_process_lock/690282913863.103 (deleted)
  • <Package Folder>/app_process_lock/889.37042982576
  • <Package Folder>/app_process_lock/889.37042982576 (deleted)
  • <Package Folder>/app_process_lock/889.414950493276
  • <Package Folder>/app_process_lock/889.414950493276 (deleted)
  • <Package Folder>/app_process_lock/889.459471160793
  • <Package Folder>/app_process_lock/889.459471160793 (deleted)
  • <Package Folder>/app_process_lock/889.503991828309
  • <Package Folder>/app_process_lock/889.503991828309 (deleted)
  • <Package Folder>/app_process_lock/889.548512495826
  • <Package Folder>/app_process_lock/889.548512495826 (deleted)
  • <Package Folder>/app_process_lock/889.593033163343
  • <Package Folder>/app_process_lock/889.593033163343 (deleted)
  • <Package Folder>/app_process_lock/889.637553830859
  • <Package Folder>/app_process_lock/889.637553830859 (deleted)
  • <Package Folder>/app_process_lock/889.682074498376
  • <Package Folder>/app_process_lock/889.682074498376 (deleted)
  • <Package Folder>/app_process_lock/889.726595165892
  • <Package Folder>/app_process_lock/889.726595165892 (deleted)
  • <Package Folder>/databases/cc.db
  • <Package Folder>/databases/cc.db-journal
  • <Package Folder>/databases/ua.db
  • <Package Folder>/databases/ua.db-journal
  • <Package Folder>/databases/webview.db-journal
  • <Package Folder>/databases/xUtils_http_cache.db
  • <Package Folder>/databases/xUtils_http_cache.db-journal
  • <Package Folder>/databases/xUtils_http_cache.db-journal (deleted)
  • <Package Folder>/databases/xUtils_http_cookie.db
  • <Package Folder>/databases/xUtils_http_cookie.db-journal
  • <Package Folder>/databases/xUtils_http_cookie.db-journal (deleted)
  • <Package Folder>/files/####/exchangeIdentity.json
  • <Package Folder>/files/.imprint
  • <Package Folder>/files/exid.dat
  • <Package Folder>/files/umeng_it.cache
  • <Package Folder>/shared_prefs/pay.xml
  • <Package Folder>/shared_prefs/umeng_general_config.xml
  • <Package Folder>/shared_prefs/umeng_general_config.xml.bak
  • <SD-Card>/Android/####/031f04ef44c86d37888b9206208ab7ff
  • <SD-Card>/Android/####/110b6dcd7a403d3581b21c2d9d50f95c
  • <SD-Card>/Android/####/1d373ddab38f1b9c1206085d1b8cccdf
  • <SD-Card>/Android/####/2aeb2f7d7f2fb2bba306f2fbeaecd756
  • <SD-Card>/Android/####/300f50dfb16e035d7ba2ebd4753b36b8
  • <SD-Card>/Android/####/3b86d08fb49c8dbf0533e6157783c600
  • <SD-Card>/Android/####/3f5e5eab1c6e35700d74830cef8dc7f4
  • <SD-Card>/Android/####/614b01e4628d6b78f36743a3105948fe
  • <SD-Card>/Android/####/6307bc3f973096c1aef01363750438d7
  • <SD-Card>/Android/####/641396e85bf54468fe7cee3296fab1be
  • <SD-Card>/Android/####/85552207021ff551b9bddb13563ac5a8
  • <SD-Card>/Android/####/897f47697ee1e6f740a2bff65a9d1b9e
  • <SD-Card>/Android/####/8acf08558ad9a62966ddb70b9a7b29a0
  • <SD-Card>/Android/####/9d8d53c9f0a7d3dea667c99774cc11cc
  • <SD-Card>/Android/####/a100a1bda7253e6fe0eabbd5e9fec0f4
  • <SD-Card>/Android/####/b0eca90e9c75b6dbad8e47bb58bd539e
  • <SD-Card>/Android/####/d93bb7fbc83863740ed1875fb7381e25
  • <SD-Card>/Android/####/ecd9729def7fdfaea2cecb006977fb61
  • <SD-Card>/Android/1.txt.tmp
  • <SD-Card>/Android/10.txt.tmp
  • <SD-Card>/Android/11.txt.tmp
  • <SD-Card>/Android/12.txt.tmp
  • <SD-Card>/Android/13.txt.tmp
  • <SD-Card>/Android/14.txt.tmp
  • <SD-Card>/Android/15.txt.tmp
  • <SD-Card>/Android/16.txt.tmp
  • <SD-Card>/Android/2.txt.tmp
  • <SD-Card>/Android/3.txt.tmp
  • <SD-Card>/Android/4.txt.tmp
  • <SD-Card>/Android/5.txt.tmp
  • <SD-Card>/Android/6.txt.tmp
  • <SD-Card>/Android/7.txt.tmp
  • <SD-Card>/Android/8.txt.tmp
  • <SD-Card>/Android/9.txt.tmp
  • <SD-Card>/dp.jar.tmp
  • <SD-Card>/updateApkDemo/FrameCore.jar
Miscellaneous:
Executes next shell scripts:
  • <dexopt>
  • <su-internal:request>
  • <su-internal:result>
  • su
Uses elevated priveleges.

Рекомендации по лечению

Android

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play