マイライブラリ
マイライブラリ

+ マイライブラリに追加

電話

お問い合わせ履歴

電話(英語)

+7 (495) 789-45-86

Profile

Android.DownLoader.1851

Added to the Dr.Web virus database: 2017-02-02

Virus description added:

Technical information

Malicious functions:
Downloads the following detected threats from the Web:
  • Android.Xiny.20
Network activity:
Connecting to:
  • s####.####.com
  • h####.####.com
  • i####.####.com
  • c####.####.net
  • 7j####.####.com
  • c-h####.####.com
  • d####.####.com
  • a####.####.cn
  • dce####.####.com
  • a####.####.com
HTTP GET requests:
  • i####.####.com/uploads/icons/d/2/d2c15a6ceef38f87db4340d80b74e332.png
  • i####.####.com/uploads/icons/9/0/9034610a403b2d5ba0dbdd5559ff4c97.png
  • i####.####.com/uploads/icons/5/a/5a4f8ff0ceda89e350ca8bcea1897619.PNG
  • dce####.####.com/api/start
  • i####.####.com/uploads/icons/0/d/0d5c68d9dc40a376b301fad5c9f8e2ea.png
  • i####.####.com/uploads/icons/c/a/caad6200cec69bb86e7ca1c0da16f911.png
  • i####.####.com/uploads/icons/8/a/8a52bdbc9fdc994d8f8de42c59e4b860.png
  • i####.####.com/uploads/screenshoots/b/a/ba853da0a4f4b98936bfc293f98d0e22.jpg
  • i####.####.com/uploads/carousels/3/c/3c1714cce39d6f5524e5b767d816c637.jpg
  • i####.####.com/uploads/icons/c/1/c111451f611ab5c59c23af7a525a3228.png
  • s####.####.com/config/hz-hzv3.conf
  • i####.####.com/uploads/icons/c/6/c63e386c84c9e9ef0cde98717418a9e7.png
  • i####.####.com/uploads/carousels/e/1/e13e9eae12d61fac0a9e308d3c53b5b4.jpg
  • i####.####.com/uploads/icons/c/1/c1f575973047a7c529e7f88638059b49.png
  • i####.####.com/uploads/icons/5/f/5f14c63a4731ee15edf8d320255f5797.png
  • i####.####.com/uploads/screenshoots/9/9/99eeedb7ade7b48407538ae27f4432ee.jpg
  • dce####.####.com/api/games/210084
  • i####.####.com/uploads/icons/2/4/24b0e74d124b3c3ea5d68c2f71689ce0.png
  • i####.####.com/uploads/icons/e/5/e554e853c2f74edce34b08d9f319b1f7.png
  • i####.####.com/uploads/icons/e/5/e54bf1ce42b8197f042de34dee4e371e.png
  • i####.####.com/uploads/icons/1/9/19798926d797738ab1918bd46a3fd80b.png
  • i####.####.com/uploads/carousels/a/4/a4b4fefe6aea1f74072c39e0a9e9d4e0.jpg
  • i####.####.com/uploads/screenshoots/8/0/80dc2e7f13309e47f434670eb039847f.jpg
  • i####.####.com/uploads/icons/4/1/41f46eb8c45222cae2ac54e577b95820.png
  • i####.####.com/uploads/screenshoots/e/1/e1325a85095a1405cab190aaba2869ef.jpg
  • i####.####.com/uploads/icons/d/f/dfb78ac7c09ddbf0971981ee231361a7.png
  • i####.####.com/icons/1/8/18e3ac300ae6b3deecf0b00758bc02cf.png
  • i####.####.com/uploads/icons/b/6/b6610a9c38f9bfa966b6b6d702894afc.png
  • dce####.####.com/api/games/84655/comments?page=####
  • i####.####.com/uploads/icons/7/3/73f37877ebb4f98a028fb2026d9bf94b.png
  • i####.####.com/uploads/icons/4/5/45524096357c9bc8c1fbd43d1eb32b7f.png
  • 7j####.####.com/tdata_Oxl942
  • dce####.####.com/api/ranking?type=####&page=####
  • i####.####.com/uploads/icons/3/7/3711b4182ac4634e289d1cad935b0e0d.png
  • i####.####.com/uploads/screenshoots/8/6/86a1754af28ced3510171c45bddaff7d.jpg
  • i####.####.com/uploads/icons/f/4/f4dde850ddb5a1156d3034deda9781cc.png
  • dce####.####.com/api/games/210084/comments?page=####
  • i####.####.com/uploads/icons/b/9/b9570f8d0d016084f983fa5435850a1a.jpg
  • i####.####.com/uploads/icons/d/3/d39e2967828d238b508019b7bcfd345b.png
  • 7j####.####.com/tdata_Hhd935
  • i####.####.com/uploads/icons/8/5/854cf7f74803680c2eb92638fae5104c.png
  • dce####.####.com/api/clients/releases/latest
  • i####.####.com/uploads/icons/c/b/cb4a18690466416086918cf7e31568b0.png
  • i####.####.com/uploads/icons/9/d/9d51044982bc8982ff7dcac4a298eae3.png
  • i####.####.com/uploads/icons/f/e/feee6e80dedf2680570cc12cd2271f79.png
  • i####.####.com/gcenter.json
  • dce####.####.com/api/games/84655
  • i####.####.com/uploads/icons/b/9/b99e11b8ba95a7aaa8e0282a05883113.png
  • i####.####.com/uploads/screenshoots/6/4/64b7f1d3feb5c2e4797bcc9e78cb1a10.jpg
  • i####.####.com/uploads/screenshoots/5/8/58afc632d8391523e2f0affedc4634a8.jpg
  • a####.####.cn/jarFile/SDKAutoUpdate/newmon.jar
  • i####.####.com/icons/6/b/6bdfe0d7ff92579721360b11faae5df3.png
  • i####.####.com/uploads/icons/9/c/9c8a25e4bf9e8485a2fbfc4304125939.png
  • i####.####.com/uploads/icons/7/4/74d0865c6f38e6acc5c3e6ae15ff9b0b.png
  • dce####.####.com/api/index
  • i####.####.com/uploads/icons/f/7/f703a473d25b98facd5bebe49e548d65.png
  • dce####.####.com/api/tags/2620?page=####
  • i####.####.com/uploads/screenshoots/2/6/26c2b8a4e7f521977cb0c3f7a9c1fd79.jpg
  • a####.####.com/store/static/kvt/2365bcae32a8a92cffb1c1072ce16ebb.png
  • dce####.####.com/api/v2/group/search/by_game_id/210084
  • i####.####.com/icons/4/1/41f1083f87c0ee0649820f518e0463b8.png
  • i####.####.com/uploads/icons/5/2/5246550db3b3b7a2941cc34d551231cb.png
  • i####.####.com/uploads/icons/3/9/39edd6246f8940375c51c24dec982139.png
  • i####.####.com/icons/d/1/d1d2e49b8d140aced1500ce492ddbe67.png
  • i####.####.com/uploads/carousels/1/c/1c3a716c9cdca0d7a2524bea6e76da21.jpg
  • i####.####.com/uploads/icons/2/b/2baafa13aaa153e7528008ba3572e5f8.png
  • i####.####.com/uploads/icons/a/7/a7d8d4f4cad563ad8938c93c26f1de8d.png
  • i####.####.com/uploads/icons/3/6/3665f7cb00921dad6956f63184df2a12.png
  • i####.####.com/uploads/icons/f/9/f9fb853c9b82868c44c6af0e9c3fea0b.png
  • i####.####.com/uploads/icons/4/a/4a1231259c3e69ae449a83818616a214.png
  • i####.####.com/uploads/icons/8/c/8c406de522b447cf1838b024b4e21e67.png
  • i####.####.com/uploads/icons/b/1/b19722c07f4e1a34b93999e2e6095392.png
  • i####.####.com/uploads/icons/6/3/63dcf855aa7592802fcc896c52ef9d02.png
  • i####.####.com/launch/5/e/5e9311333f7e80b5174ae8ea91e8651a.jpg
  • i####.####.com/uploads/icons/e/4/e44bf0cbcd216ecd3c45fd458db24b92.png
  • i####.####.com/uploads/screenshoots/7/a/7a46d98fa3fb2b2784805f420a85af8e.jpg
  • i####.####.com/uploads/icons/1/0/10cdedbd8078caa8df86fecd1f09dcfc.png
  • dce####.####.com/api/v2/group/search/by_game_id/84655
  • d####.####.com/api/game/getrescnt?package=####&app_id=####&channel_id=####&cuid=####&svr=####&ovr=####&device=####&app_id=####&channel_id=####&sdk=###...
  • i####.####.com/uploads/icons/8/5/8547fd614823be545df56e3b6e6abc90.png
  • i####.####.com/uploads/screenshoots/a/e/ae1269b3bbe1de50497fec0d574eec14.jpg
  • i####.####.com/uploads/icons/c/1/c130b87146074cb00b0e6840ecbb0a66.png
  • i####.####.com/icons/6/1/61b8835230b3799615859ac605dcaccb.png
  • dce####.####.com/avatars/default.png
  • i####.####.com/uploads/icons/b/8/b8521a9f95ec26a492d78a8c44db7b1e.png
  • i####.####.com/uploads/icons/b/b/bbe324c6f2c88cf4a6033f9e5195e447.png
  • i####.####.com/uploads/icons/5/e/5e01f857d9258f05d8d8a9ce88f1eccc.png
  • i####.####.com/uploads/icons/f/c/fc644ef6b0654cb6fb5abbdf536409cc.png
  • dce####.####.com/api/game/manage?data=####
  • i####.####.com/uploads/icons/b/5/b5096eba1a0c0ecc11ca6f20e04dcd1c.png
HTTP POST requests:
  • c####.####.net/config/update
  • s####.####.com/cw/interface!u2.action?protocol=####&version=####
  • h####.####.com/app.gif
  • c####.####.net/async/dc/appstore
  • s####.####.com/api.php?format=####&t=####
  • s####.####.com/cw/cp.action?requestId=####&g=####
  • d####.####.com/api/sdk/reportactive?cuid=####&svr=####&ovr=####&device=####&app_id=####&channel_id=####&sdk=####
  • a####.####.com/app_logs
  • d####.####.com/api/sdk/activate?cuid=####&svr=####&ovr=####&device=####&app_id=####&channel_id=####&sdk=####
  • c-h####.####.com/api.php?format=####&t=####
  • dce####.####.com/
Modified file system:
Creates the following files:
  • /sdcard/Android/data/####/cache/-697688050.tmp
  • /data/data/####/files/init.pid
  • /data/data/####/databases/download.db
  • /sdcard/Android/data/####/cache/1956012488.tmp
  • /sdcard/Android/data/####/cache/117451587.tmp
  • /data/data/####/shared_prefs/dc.current.preferences.xml.bak
  • /sdcard/Android/data/####/cache/417872601.tmp
  • /sdcard/Android/data/####/cache/-1056087414.tmp
  • /sdcard/Android/data/####/cache/-1544077055.tmp
  • /sdcard/Android/data/####/cache/1083705202.tmp
  • /sdcard/backups/system/.timestamp
  • /data/data/####/databases/pushsdk.db-journal
  • /sdcard/Android/data/####/cache/-511159524.tmp
  • /data/data/####/shared_prefs/umeng_general_config.xml
  • /sdcard/Android/data/####/cache/-789286832.tmp
  • /data/data/####/databases/Staistics-journal
  • /data/data/####/databases/pushg.db-journal
  • /data/data/####/files/tdata_Oxl942
  • /sdcard/Android/data/####/cache/-421781491.tmp
  • /sdcard/libs/####.db
  • /data/data/####/shared_prefs/loadingImg.xml
  • /sdcard/Android/data/####/cache/-2128032918.tmp
  • /data/data/####/files/__local_stat_cache.json
  • /data/data/####/files/__local_ap_info_cache.json
  • /data/data/####/databases/hjdata.db
  • /data/data/####/files/tdata_Hhd935
  • /sdcard/.SystemService/appids.dat
  • /data/data/####/databases/increment.db-journal
  • /data/data/####/shared_prefs/mobclick_agent_online_setting_####.xml
  • /sdcard/libs/com.igexin.sdk.deviceId.db
  • /sdcard/system/tmp/local/tdata_Hhd935
  • /data/data/####/databases/downloadswc
  • /sdcard/Android/data/####/cache/2135809577.tmp
  • /data/data/####/shared_prefs/hj_datasdk_settings.xml
  • /sdcard/Android/data/####/cache/-500127.tmp
  • /sdcard/backups/system/.confd
  • /sdcard/Android/data/####/cache/-567453952.tmp
  • /data/data/####/files/libcuid.so
  • /data/data/####/files/run.pid
  • /data/data/####/shared_prefs/setting.xml
  • /sdcard/Android/data/####/cache/-1104418711.tmp
  • /data/data/####/shared_prefs/hj_datasdk_settings.xml.bak
  • /data/data/####/databases/Staistics
  • /sdcard/Android/data/####/cache/diskCache/journal
  • /data/data/####/shared_prefs/dc.current.preferences.xml
  • /data/data/####/files/__send_data_1485418824104
  • /data/data/####/shared_prefs/version.xml
  • /sdcard/Android/data/####/cache/-995798330.tmp
  • /data/data/####/shared_prefs/cwdata.xml
  • /data/data/####/files/tdata_Hhd935.jar
  • /sdcard/Android/data/####/cache/-976549718.tmp
  • /sdcard/Android/data/####/cache/-601505322.tmp
  • /sdcard/Android/data/####/cache/-2016982093.tmp
  • /sdcard/Android/data/####/cache/-1156726712.tmp
  • /data/data/####/files/init_c.pid
  • /sdcard/Android/data/####/cache/-643375376
  • /data/data/####/shared_prefs/requisite.xml
  • /sdcard/Android/data/####/cache/876811385.tmp
  • /sdcard/Android/data/####/cache/1545041562.tmp
  • /sdcard/Android/data/####/cache/936161128.tmp
  • /sdcard/Android/data/####/cache/-536870200.tmp
  • /sdcard/Android/data/####/cache/1424768658.tmp
  • /sdcard/Android/data/####/cache/-1899661544.tmp
  • /sdcard/Android/data/####/cache/1841824859.tmp
  • /sdcard/huanju/data/config.properties
  • /sdcard/TiantianGame/cachePic/5ce3dd5ff3c894982824812a3ddd0de0
  • /sdcard/Android/data/####/cache/141611867.tmp
  • /data/data/####/files/umeng_it.cache
  • /sdcard/Android/data/####/cache/1494546789.tmp
  • /sdcard/Android/data/####/cache/.nomedia
  • /sdcard/Android/data/####/cache/-2000356590
  • /sdcard/Android/data/####/cache/-1188482223
  • /sdcard/Android/data/####/cache/1324000105.tmp
  • /sdcard/Android/data/####/cache/-1099992623.tmp
  • /data/data/####/databases/hjdata.db-journal
  • /sdcard/Android/data/####/cache/-840919414.tmp
  • /data/data/####/files/push.pid
  • /sdcard/Android/data/####/cache/diskCache/3514e7cb671ee7a06b1ed6bc22c14dac.0
  • /sdcard/Android/data/####/cache/1884581667.tmp
  • /sdcard/Android/data/####/cache/310024738.tmp
  • /sdcard/Android/data/####/cache/-702244466.tmp
  • /sdcard/Android/data/####/cache/693078594.tmp
  • /sdcard/backups/.SystemConfig/.cuid2
  • /sdcard/Android/data/####/cache/diskCache/journal.tmp
  • /data/data/####/files/gdaemon_20161017
  • /sdcard/Android/data/####/cache/-1497345197.tmp
  • /data/data/####/databases/downloadswc-journal
  • /sdcard/Android/data/####/cache/-688445012.tmp
  • /sdcard/Android/data/####/cache/1347827693.tmp
  • /sdcard/Android/data/####/cache/-1782348024.tmp
  • /sdcard/Android/data/####/cache/-1310514252
  • /data/data/####/shared_prefs/packverson.xml
  • /data/data/####/shared_prefs/versionUpdate.xml
  • /data/data/####/databases/favorite
  • /data/data/####/databases/download.db-journal
  • /data/data/####/shared_prefs/loadingImg.xml.bak
  • /sdcard/Android/data/####/cache/-813902004.tmp
  • /data/data/####/shared_prefs/st.xml
  • /sdcard/Android/data/####/cache/1400000524.tmp
  • /sdcard/Android/data/####/cache/-207433125.tmp
  • /data/data/####/files/__local_last_session.json
  • /sdcard/Android/data/####/cache/-51797197.tmp
  • /data/data/####/shared_prefs/LTBL_Game.xml
  • /sdcard/Android/data/####/cache/105500570.tmp
  • /sdcard/Android/data/####/cache/1743144276.tmp
  • /data/data/####/files/tdata_Oxl942.jar
  • /sdcard/Android/data/####/cache/-2063815759.tmp
  • /sdcard/Android/data/####/cache/-658335727
  • /sdcard/Android/data/####/cache/-863752989.tmp
  • /sdcard/huanju/.cuid
  • /sdcard/Android/data/####/cache/-1784434543.tmp
  • /sdcard/Android/data/####/cache/1253405344.tmp
  • /sdcard/Android/data/####/cache/883168189.tmp
  • /data/data/####/shared_prefs/dc.C530161078E360C0E85CBFE1C87C8B42D.preferences.xml.bak
  • /data/data/####/shared_prefs/requisite.xml.bak
  • /sdcard/libs/com.getui.sdk.deviceId.db
  • /data/data/####/shared_prefs/####_preferences.xml
  • /sdcard/Android/data/####/cache/-2093699317.tmp
  • /data/data/####/databases/favorite-journal
  • /data/data/####/databases/dataeye_database_C530161078E360C0E85CBFE1C87C8B42D.db
  • /sdcard/Android/data/####/cache/-1078654212
  • /sdcard/cw/assetstime.dat
  • /data/data/####/databases/pushext.db-journal
  • /sdcard/.SystemService/C530161078E360C0E85CBFE1C87C8B42D/uid
  • /data/data/####/shared_prefs/configs.xml
  • /data/data/####/shared_prefs/dc.C530161078E360C0E85CBFE1C87C8B42D.preferences.xml
  • /sdcard/Android/data/####/cache/-1096727763
  • /data/data/####/databases/dataeye_database_C530161078E360C0E85CBFE1C87C8B42D.db-journal
  • /sdcard/Android/data/####/cache/-1876808212
  • /sdcard/Android/data/####/cache/1502362391.tmp
  • /data/data/####/files/.imprint
  • /sdcard/backups/system/.confd-journal
  • /sdcard/Android/data/####/cache/650044906
  • /sdcard/system/tmp/local/tdata_Oxl942
  • /data/data/####/shared_prefs/W_Key.xml
  • /sdcard/Android/data/####/cache/76065155.tmp
  • /sdcard/libs/app.db
  • /data/data/####/shared_prefs/__Baidu_Stat_SDK_SendRem.xml
  • /sdcard/Android/data/####/cache/1971932020.tmp
  • /sdcard/Android/data/####/cache/582702228
  • /sdcard/Android/data/####/cache/-1573428033.tmp
  • /sdcard/Download/ndo/3.7_newmon.jar.tmp
  • /sdcard/Android/data/####/cache/-18445901.tmp
  • /sdcard/Android/data/####/cache/1104964914.tmp
  • /sdcard/Android/data/####/cache/-760844612.tmp
  • /sdcard/backups/.SystemConfig/.cuid
  • /sdcard/Android/data/####/cache/-1979789449.tmp
  • /sdcard/Android/data/####/cache/diskCache/913131af4b69784214eeadb760297e24.0
  • /sdcard/Android/data/####/cache/-532823255.tmp
Sets the 'executable' attribute to the following files:
  • /data/data/####/files/gdaemon_20161017
Miscellaneous:
Executes next shell scripts:
  • chmod 777 /data/data/####/cache/apk
  • chmod 700 /data/data/####/files/gdaemon_20161017
  • chmod 777 /data/data/####/cache
  • getprop ro.miui.ui.version.name
  • /data/data/####/files/gdaemon_20161017 0 ####/com.igexin.sdk.PushService 24341 300 0
Contains functionality to send SMS messages automatically.

Curing recommendations


Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android