Technical information
Malicious functions:
Executes code of the following detected threats:
- Android.RemoteCode.127.origin
Network activity:
Connecting to:
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) www.s####.com:80
- TCP(HTTP/1.1) i####.hu####.com:80
- TCP(HTTP/1.1) hm.b####.com:80
- TCP(HTTP/1.1) msg.umengc####.com:80
- TCP(HTTP/1.1) m.hu####.com:80
- TCP(HTTP/1.1) api.m.ta####.com:80
- TCP(HTTP/1.1) api.hu####.com:80
- TCP(HTTP/1.1) img.hu####.com:80
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(TLS/1.0) api.s####.com:443
- TCP 1####.205.203.81:80
DNS requests:
- a####.m.ta####.com
- a####.u####.com
- ag####.m.ta####.com
- api.hu####.com
- api.m.ta####.com
- api.s####.com
- hm.b####.com
- i####.hu####.com
- img.hu####.com
- l####.tbs.qq.com
- m.hu####.com
- msg.umengc####.com
- www.s####.com
HTTP GET requests:
- api.hu####.com/getPriceName?idfa=####&mobilemodel=####&density=####&osve...
- api.hu####.com/new_index_data?idfa=####&mobilemodel=####&density=####&os...
- api.hu####.com/productCate?idfa=####&mobilemodel=####&density=####&osver...
- api.hu####.com/upgradetips/android/2.0.1?idfa=####&mobilemodel=####&dens...
- api.m.ta####.com/rest/api3.do?t=####&deviceId=####&imei=####&appKey=####...
- api.m.ta####.com/rest/api3.do?ttid=####&t=####&deviceId=####&imei=####&a...
- api.m.ta####.com/rest/api3.do?ttid=####&t=####&imei=####&appKey=####&v=#...
- api.m.ta####.com/spdyip/?appkey=####&ttid=####&deviceId=####&imei=####&n...
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&ep=####&et=#...
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&et=####&ja=#...
- hm.b####.com/hm.js?b917676####
- i####.hu####.com/images/seller/18/1501531480517960.jpg
- i####.hu####.com/images/seller/18/41001531480527102.jpg
- i####.hu####.com/images/seller/18/45881531480522862.jpg
- i####.hu####.com/images/seller/18/51611531480529274.jpg
- i####.hu####.com/images/seller/18/54741531480537114.jpg
- i####.hu####.com/images/seller/18/58521531480520289.jpg
- i####.hu####.com/images/seller/18/59971531480525201.jpg
- i####.hu####.com/images/seller/18/61641531480534952.jpg
- i####.hu####.com/images/seller/18/7991531480539471.jpg
- i####.hu####.com/images/seller/18/95041531480532946.jpg
- i####.hu####.com/images/seller/18/98341531480531027.jpg
- img.hu####.com//images/brand/19b9f533-6464-43a4-a648-96c1395adc87.png
- img.hu####.com//images/brand/2d570f9d-53ab-4b81-bc6d-ab03d75d58fd.png
- img.hu####.com//images/brand/3f36b7b1-d4ba-4f0a-a1c7-d5b94194318b.png
- img.hu####.com//images/brand/5f4b7419-1afc-4c51-b808-b82feab19b3e.png
- img.hu####.com//images/brand/70fa4ffc-9cb0-4445-96c9-c389f00cc037.png
- img.hu####.com//images/brand/7513dcbd-eec7-422a-b9b3-3b82861340c4.png
- img.hu####.com//images/brand/8bec2b8a-c03f-4e08-a5f3-c6b954516963.png
- img.hu####.com//images/brand/e0f45de5-f28f-4c9a-8e7f-0aa8bafef32c.png
- img.hu####.com//images/brand/fe666d25-b610-4f8e-88e0-81d4cd772c86.png
- img.hu####.com/images/brand/086838e8-e7d8-4ab0-93c6-d8626d9a4a89.png_640w
- img.hu####.com/images/brand/11200ff0-6f04-4b7d-ba39-7ff3c803687e.jpg_640w
- img.hu####.com/images/brand/64b0a417-141c-4f71-a7f8-13fa25dc8466.png
- img.hu####.com/images/brand/87b07d46-4ad2-4db6-9bce-1949768817bb.png_640w
- img.hu####.com/images/brand/8a149708-84dd-4403-8fad-f1e78dcb0e52.jpg_640w
- img.hu####.com/images/brand/8d6b6b86-1876-4cc6-bd28-bca899013f59.jpg_640w
- img.hu####.com/images/brand/94f76058-e36f-4a9e-b65d-90c86120e4ac.png_640w
- img.hu####.com/images/brand/afe7fafc-0f84-46d0-bade-4b3ab155be22.jpg_640w
- img.hu####.com/images/brand/c26414dc-fbe7-45a6-883c-ee574b86b731.png
- img.hu####.com/images/brand/dbef3e4b-58e5-452c-a632-59785339462e.png_640w
- img.hu####.com/images/hd/67a213fb-2509-4cf0-b23e-cfb50b595644.jpg_800w
- img.hu####.com/images/seller/1/3349c2e7-5cd4-406b-8731-d781fd1fce44.jpg_...
- img.hu####.com/images/seller/1/8be0414d-5b1b-4da4-90a3-0681b58926cc.jpg_...
- img.hu####.com/images/seller/1/ada14b6c-5baf-425f-b81b-1fe778c0bfd4.jpg_...
- img.hu####.com/images/seller/1/cf0e719a-ee99-43ef-834f-8f45eafaff85.jpg_...
- img.hu####.com/images/seller/1/ebd01c6a-3134-4a5d-a57a-61ad2137b399.jpg_...
- img.hu####.com/images/seller/10/1caa5ac3-abb8-4b27-8f89-d9fc77e070e6.jpg...
- img.hu####.com/images/seller/10/3e3ec6e6-228f-42e1-bf59-fc8648bc5c85.jpg...
- img.hu####.com/images/seller/10/97a7eeea-b6ab-4529-a155-88c9e466756f.jpg...
- img.hu####.com/images/seller/10/a953211d-7905-4174-983b-4c0bb88e341a.jpg...
- img.hu####.com/images/seller/10/dbee8158-e36e-41bf-9b0e-2712c43acf24.jpg...
- img.hu####.com/images/seller/15/d5fecf0d-b8c2-4805-bd00-9bc9b262769a.jpg...
- img.hu####.com/images/seller/16/4db5457d-7903-443a-8955-cd54e28db4af.jpg...
- img.hu####.com/images/seller/18/3302b78b-3646-41a0-9ffe-9f905972f9bb.jpg...
- img.hu####.com/images/seller/18/369b842a-f502-425e-8235-87e5f8e7f52b.jpg...
- img.hu####.com/images/seller/18/37d52c8c-577e-4b6e-8f7f-6ff3b1219413.jpg...
- img.hu####.com/images/seller/18/3c784695-c705-435c-88bb-1ef40eb9e521.jpg...
- img.hu####.com/images/seller/18/4b6cb62e-b428-47ae-98ae-7d7a35c29e02.jpg...
- img.hu####.com/images/seller/18/62532fb2-48f2-4c6b-9fa0-991d0ada19d9.jpg...
- img.hu####.com/images/seller/18/69aae74e-6df6-4edd-9de0-3441fd180991.jpg...
- img.hu####.com/images/seller/18/88cd81ed-140f-4256-89ae-84dbf6ba1917.jpg...
- img.hu####.com/images/seller/18/a849dfd3-4ffc-4274-90eb-cee26724a517.jpg...
- img.hu####.com/images/seller/18/addb688a-c126-4504-8f74-8c2dcde256eb.jpg...
- img.hu####.com/images/seller/18/bcf66d7f-cbc6-4ee5-8d06-9788a03b7391.jpg...
- img.hu####.com/images/seller/18/c05f68db-e6c8-4da0-9d65-22edce8340ee.jpg...
- img.hu####.com/images/seller/18/d4159c24-659c-4c5c-b15f-0c0624e10b44.jpg...
- img.hu####.com/images/seller/18/fa00bee8-b391-4005-8744-24b372b9ce07.jpg...
- img.hu####.com/images/seller/18/fc4ffaa6-3513-4120-806c-0bbc888adf8d.jpg...
- img.hu####.com/images/seller/19/223b15c3-b09e-4a6b-bd1a-b3c9fe6300a4.jpg...
- img.hu####.com/images/seller/19/ed82c5e6-e3c7-4b92-9271-fa62dda0b9a7.jpg...
- img.hu####.com/images/seller/21/95602420-2729-4152-bc04-ee44a1e62383.jpg...
- img.hu####.com/images/seller/23/c9c873e9-1e56-41fa-b694-d870dab22b63.jpg...
- img.hu####.com/images/seller/25/edeed8d4-1f76-4994-bec8-6b449ff1f472.png...
- img.hu####.com/images/seller/29/20725e31-1495-4661-843d-ca6a8ffde2cf.jpg...
- img.hu####.com/images/seller/29/623bc804-c319-47bf-a4e7-cd5529ebc4f1.jpg...
- img.hu####.com/images/seller/33/1658bc9d-e630-4c0d-b1d7-8e27969b3aac.jpg...
- img.hu####.com/images/seller/35/80ae3bd3-c727-4719-8b31-38733f244917.jpg...
- img.hu####.com/images/seller/36/dfc33aaa-9a6e-4c84-aeeb-c062205312b9.jpg...
- img.hu####.com/images/seller/38/e53e2173-c56d-49a1-913b-5477ad51c90c.jpg...
- img.hu####.com/images/seller/47/441e6cab-663a-4751-9d03-d2c80e9764b8.jpg...
- img.hu####.com/images/seller/48/966f06ff-36f1-4dd3-80b5-bb62e603fffa.jpg...
- img.hu####.com/images/seller/49/5adc7ecf-b28a-4c2a-92a5-ed3311f72f03.jpg...
- img.hu####.com/images/seller/53/f8c8afa6-23af-4ce2-ac89-2697d67b0fcb.jpg...
- img.hu####.com/images/seller/56/3d7432aa-8e75-4eec-89a5-cc4945f0a2a7.jpg...
- img.hu####.com/images/seller/56/fedf9e58-780d-41d7-9137-3a72de4b7092.jpg...
- img.hu####.com/images/seller/57/da90031e-faf4-4511-bdba-84253acf9a2d.jpg...
- img.hu####.com/images/seller/58/3f66391f-a12c-4ae2-91a5-9e1c9cdd9576.jpg...
- img.hu####.com/images/seller/58/50fffd75-cd53-4c1f-bb58-e5c3b9dfcccd.jpg...
- img.hu####.com/images/seller/58/68ec16ac-8c0e-45bf-b031-3b2a250cbeac.jpg...
- img.hu####.com/images/seller/58/6b8b8137-74a5-4128-b9d7-21d67172c4be.jpg...
- img.hu####.com/images/seller/58/714e036a-2200-464f-affd-d6fae32736d8.jpg...
- img.hu####.com/images/seller/58/9e40ae10-d548-4c38-8323-19b0a5b3c20b.jpg...
- img.hu####.com/images/seller/58/c07edc02-de7b-4aa5-9029-01281b1abe01.jpg...
- img.hu####.com/images/seller/58/cac011db-33d2-4c76-9f62-c18703479c30.jpg...
- img.hu####.com/images/seller/66/6170c80a-4dfa-42ca-9261-76e1fc286b30.jpg...
- img.hu####.com/images/seller/66/620f9c77-1b71-4732-bf73-aa5d0bd19168.jpg...
- img.hu####.com/images/seller/66/7639e970-65a7-4a05-9554-f2572f86a1ba.jpg...
- img.hu####.com/images/seller/66/c53fd47b-b20f-4083-b84f-d91708cb7c82.jpg...
- img.hu####.com/images/seller/70/ab333b92-f08a-4808-9155-47ba5aea5336.jpg...
- img.hu####.com/images/seller/71/fcd32922-3ca3-40dc-a021-a3e73357ceaa.jpg...
- img.hu####.com/images/seller/74/53746f7c-466d-4d76-b587-46727f65ec9f.jpg...
- img.hu####.com/images/seller/74/7dd8d80b-77bf-481a-977b-45ac6aa558fe.jpg...
- img.hu####.com/images/seller/74/86e52776-7912-4ae4-b01c-420c56b529f1.jpg...
- img.hu####.com/images/seller/74/fce28433-ecc4-41ab-bcd3-4ed21a3e66a8.jpg...
- img.hu####.com/images/seller/75/1e6a99dc-9d64-4007-997d-3bedc281a8ac.jpg...
- img.hu####.com/images/seller/76/48ea7d00-54ff-41c2-bb65-6bec994c64bf.jpg...
- img.hu####.com/images/seller/84/40f45454-59ab-4119-9775-c1985acf95cb.jpg...
- img.hu####.com/images/seller/87/7bfadfbd-503f-49b4-98b8-7d16d70201c2.jpg...
- img.hu####.com/images/seller/87/7e6795e3-6293-4180-ae79-4575f3e3bb43.jpg...
- img.hu####.com/images/seller/87/ea66b2ea-aaa1-4d61-8948-90906111bbff.jpg...
- img.hu####.com/images/seller/87/eaeab4f6-987e-47d2-9e73-e162a2b31c3d.jpg...
- m.hu####.com/ajaxcommentsList.html?productId=####&rows=####&page=####
- m.hu####.com/browse_Logs.html?ref=####&hrf=####&memberId=####&browser=##...
- m.hu####.com/list/activity/436.html
- m.hu####.com/list/cate/1602.html
- m.hu####.com/product/3037.html
- m.hu####.com/product/domain+"/product_look_log.html?memberId=####&produc...
- m.hu####.com/resources/h5/css/loading.css?rev=####
- m.hu####.com/resources/h5/cssNew/cart.css?rev=####
- m.hu####.com/resources/h5/cssNew/mui.min.css?rev=####
- m.hu####.com/resources/h5/cssNew/productStyle.css?rev=####
- m.hu####.com/resources/h5/cssNew/style_v1.01.css?rev=####
- m.hu####.com/resources/h5/imgNew/concat@2x.png
- m.hu####.com/resources/h5/imgNew/icon_home.png
- m.hu####.com/resources/h5/imgNew/icon_like@2x.png
- m.hu####.com/resources/h5/imgNew/icon_vip.png
- m.hu####.com/resources/h5/imgNew/shopcart@2x.png
- m.hu####.com/resources/h5/js/bootstrap.min.js?rev=####
- m.hu####.com/resources/h5/js/checkvalue.js?rev=####
- m.hu####.com/resources/h5/js/common.js?rev=####
- m.hu####.com/resources/h5/js/details.js?rev=####
- m.hu####.com/resources/h5/js/func.js?rev=####
- m.hu####.com/resources/h5/js/index.js?rev=####
- m.hu####.com/resources/h5/js/jquery.alerts.js?rev=####
- m.hu####.com/resources/h5/js/jquery.spinner.js?rev=####
- m.hu####.com/resources/h5/js/jquery.validate.min.js?rev=####
- m.hu####.com/resources/h5/js/slider.js?rev=####
- m.hu####.com/resources/h5/jsNew/device_v1.01.js
- m.hu####.com/resources/h5/jsNew/device_v1.01.js?rev=####
- m.hu####.com/resources/h5/jsNew/jquery-1.9.1.js?rev=####
- m.hu####.com/resources/h5/jsNew/jquery.min.js?rev=####
- m.hu####.com/resources/h5/jsNew/jquery.validate.min.js?rev=####
- m.hu####.com/resources/h5/jsNew/mui.min.js?rev=####
- m.hu####.com/resources/h5/jsnow/statistics.js?rev=####
- www.s####.com/chat/frame/imgs/icon.png
- www.s####.com/chat/frame/js/entrance.js?sysNum=####
- www.s####.com/chat/msgOffline/offlineMsgSize.action?uid=####
- www.s####.com/chat/user/load.action?sysNum=####&source=####&callback=####
HTTP POST requests:
- a####.u####.com/app_logs
- l####.tbs.qq.com/ajax?c=####&k=####
- l####.tbs.qq.com/ajax?c=####&v=####&k=####
- msg.umengc####.com/v2/launch
- msg.umengc####.com/v2/register
Modified file system:
Creates the following files:
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/00c1b0411f3f573dd8db812553fc686be536af1f8b28f0e....0.tmp
- /data/data/####/0256b41f9a5bfb49a28c270e5e0298cb5b3e697ca7b6446....0.tmp
- /data/data/####/0af6853a52571f71e55c2afc834075e3ec40e7dc35ce096....0.tmp
- /data/data/####/105ac291938a2e6ab4ebcbfc5a2c3127e70d57566c091d7....0.tmp
- /data/data/####/12d6ace9e86c9c93f21c5083406a4a9ad907210293e5e12....0.tmp
- /data/data/####/17aca77e211d62e5401d04dea9452946ac5c640452ac219....0.tmp
- /data/data/####/185e68d014077c558e4783c9d69298266f88ca1ee24073d....0.tmp
- /data/data/####/1d06cf78ff694ef4443fa19fd89f3c665e377cd680ca088....0.tmp
- /data/data/####/2308b559d3d07050aed62d9eef51631e6509844a889c918....0.tmp
- /data/data/####/3a208b06bc294acd27b41cfa5c256b3d8565a79bdf5c3b9....0.tmp
- /data/data/####/47cbf7a42619c21c9d9d5c10f4f548929be179cdea9b223....0.tmp
- /data/data/####/52cdbb8e1f05215c6b607216f46b7c4bbeff1e816236f0f....0.tmp
- /data/data/####/56e7edea92e0622eed2708994334197f65837a02b5a897a....0.tmp
- /data/data/####/58a71c12a3626ae004247c24d19d4f3e052e5767936ee9c....0.tmp
- /data/data/####/5e19b5f1511f05ddf2ed5e981fc9da594c5078e37f34e50....0.tmp
- /data/data/####/63f6ca9777376cbb0732142afd2bafcf81cbbae6ac422c8....0.tmp
- /data/data/####/689b8dbe498cd4d25489f1d6b70f81d92ae2658bf6d285d....0.tmp
- /data/data/####/79da292fd4c090f7ede4cfc37f0aba39d6cd02c047cb3e8....0.tmp
- /data/data/####/7d4b3bf4ee3289dc73d4eab890bf3ac57b4929bd720e0c2....0.tmp
- /data/data/####/816f696c14b02c7b0f0afdfb11430c072bee192bf58f900....0.tmp
- /data/data/####/87c51f7aff33b1f99c4e65884353576dbad07d31923ddbc....0.tmp
- /data/data/####/8fe13bc2ba1a4e93f1c9d6ab0f3b80ed499b7ef23b29dec....0.tmp
- /data/data/####/98303179221127d750066ac9ff1dc15ac90e8b5a6bfa270....0.tmp
- /data/data/####/9dcf424d60879d42226a318fb851e2eae8aaddb698f090d....0.tmp
- /data/data/####/AGOO_CONNECT.xml
- /data/data/####/AGOO_HOST.xml
- /data/data/####/Alvin2.xml
- /data/data/####/AppStore.xml
- /data/data/####/ContextData.xml
- /data/data/####/DaemonServer
- /data/data/####/MsgLogStore.db-journal
- /data/data/####/MultiDex.lock
- /data/data/####/PhoneUtil.xml
- /data/data/####/UmengLocalNotificationStore.db-journal
- /data/data/####/WebViewSettings.xml
- /data/data/####/a57b582abcbf2813a9315d2ddcda613a21b700b768527fd....0.tmp
- /data/data/####/agoo.pid
- /data/data/####/b330f7721c6f7446a987c809cad1526677b6ac8dffa248e....0.tmp
- /data/data/####/bc6356d646b95249eb5900119304e284d5e0c8ef428125b....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/core_info
- /data/data/####/d25adeb72630147365d3d1dcc20951260fa90ccbee838c5....0.tmp
- /data/data/####/d4b1ba1fe98f2056d1fe593026e37f442cd439e4f2c82de....0.tmp
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/debug.conf
- /data/data/####/devices_file.xml
- /data/data/####/e15a3cecf546b54311575ff3acbaad4f73b467f8bae03a2....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f173107c79faf7ad7d17c5e251b97c57383c7891f233eeb....0.tmp
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/f_00000f
- /data/data/####/f_000010
- /data/data/####/f_000011
- /data/data/####/f_000012
- /data/data/####/f_000013
- /data/data/####/f_000014
- /data/data/####/f_000015
- /data/data/####/f_000016
- /data/data/####/f_000017
- /data/data/####/f_000018
- /data/data/####/f_000019
- /data/data/####/f_00001a
- /data/data/####/f_00001b
- /data/data/####/f_00001c
- /data/data/####/f_00001d
- /data/data/####/f_00001e
- /data/data/####/f_00001f
- /data/data/####/f_000020
- /data/data/####/f_000021
- /data/data/####/f_000022
- /data/data/####/f_000023
- /data/data/####/f_000024
- /data/data/####/f_000025
- /data/data/####/f_000026
- /data/data/####/f_000027
- /data/data/####/f_000028
- /data/data/####/f_000029
- /data/data/####/f_00002a
- /data/data/####/f_00002b
- /data/data/####/f_00002c
- /data/data/####/f_00002d
- /data/data/####/f_00002e
- /data/data/####/f_00002f
- /data/data/####/f_000030
- /data/data/####/f_000031
- /data/data/####/f_000032
- /data/data/####/f_000033
- /data/data/####/f_000034
- /data/data/####/f_000035
- /data/data/####/f_000036
- /data/data/####/f_000037
- /data/data/####/f_000038
- /data/data/####/f_000039
- /data/data/####/f_00003a
- /data/data/####/f_00003b
- /data/data/####/fad5bffcc2851644ff6626b3a5163f4400c1885b05b26a8....0.tmp
- /data/data/####/fb9b521c03395ea582e414e89ff726dc1d04ad4e5e412f3....0.tmp
- /data/data/####/fcca4d8bc7f8e2915e79df71d0c2aa8ed8f44d70e58ffb4....0.tmp
- /data/data/####/fd201e8fe86deebdc52f1694d414f5c1666e63c93e51eae....0.tmp
- /data/data/####/framework.db-journal
- /data/data/####/home_tab_1
- /data/data/####/index
- /data/data/####/journal.tmp
- /data/data/####/libjiagu1111629924.so
- /data/data/####/multidex.version.xml
- /data/data/####/sobot_chat_20180907_log.txt
- /data/data/####/sobot_config.xml
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_general_config.xml.bak
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_message_state.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/media/####/.nomedia
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
Miscellaneous:
Executes next shell scripts:
- <Package Folder>/files/DaemonServer -s <Package Folder>/lib/ -n runServer -p startservice -n <Package>/com.umeng.message.UmengService --es cockroach cockroach-PPreotect --es pack <Package> --user 0 -f <Package Folder> -t 600 -c agoo.pid -P <Package Folder> -K 1009527 -U tb_android_daemon_1.1.0 -L http://agoodm.m.taobao.com/agoo/report -D {"package":"<Package>","appKey":"umeng:57610001e0f55a0b520001b0","utdid":"W5HYRVa5IbgDAGdzx1EwWjJz","sdkVersion":"20160215"} -I agoodm.m.taobao.com -O 80 -T -Z
- chmod 500 <Package Folder>/files/DaemonServer
- chmod 755 <Package Folder>/.jiagu/libjiagu1111629924.so
- getprop ro.product.cpu.abi
- sh
Loads the following dynamic libraries:
- libjiagu1111629924
- tnet-2.1.20
Uses the following algorithms to encrypt data:
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- DESede-ECB-PKCS5Padding
- RSA-ECB-NoPadding
Uses the following algorithms to decrypt data:
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
Uses special library to hide executable bytecode.
Gains access to network information.
Gains access to telephone information (number, imei, etc.).
Gains access to information about APN settings.
Adds tasks to the system scheduler.
Displays its own windows over windows of other applications.