Technical information
Malicious functions:
Sends SMS:
- +243822128357: YOU HAVE BEEN HACKED BY Mr_Hackux 5315901752 I'm gonna be home soon and i don't want to talk about this stuff anymore tonight, k? I've cried enough today.
- +243822128357: YOU HAVE BEEN HACKED BY Mr_Hackux <Contact Phone> I've been searching for the right words to thank you for this breather. I promise i wont take your help for granted and will fulfil my promise. You have been wonderful and a blessing at all times.
- +243822128357: YOU HAVE BEEN HACKED BY Mr_Hackux <Contact Phone> Tomarrow final hearing on my laptop case so i cant.
Threat detection based on machine learning.
Network activity:
Connects to:
- UDP(DNS) 8####.8.4.4:53
- UDP(NTP) 2.and####.p####.####.org:123
- TCP(TLS/1.0) rr1---s####.g####.com:443
- TCP(TLS/1.0) gmscomp####.google####.com:443
- TCP(TLS/1.2) 1####.177.14.138:443
- TCP(TLS/1.2) gmscomp####.google####.com:443
- TCP(TLS/1.2) 64.2####.164.94:443
- TCP(TLS/1.2) 64.2####.165.100:443
- UDP 85.1####.117.141:443
- UDP gmscomp####.google####.com:443
- UDP rr1---s####.g####.com:443
DNS requests:
- 2.and####.p####.####.org
- gmscomp####.google####.com
- rr1---s####.g####.com
Miscellaneous:
Contains functionality for automatic SMS sending.
Displays its own windows over windows of other apps.
Gets information about sent/received SMS.