マイライブラリ
マイライブラリ

+ マイライブラリに追加

電話

お問い合わせ履歴

電話(英語)

+7 (495) 789-45-86

Profile

Android.Locker.16577

Added to the Dr.Web virus database: 2023-04-19

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.Locker.14669
Network activity:
Connects to:
  • UDP(DNS) 8####.8.4.4:53
  • TCP(TLS/1.0) v.dy####.com:443
  • TCP(TLS/1.0) p####.google####.com:443
  • TCP(TLS/1.0) pla####.google####.com:443
  • TCP(TLS/1.0) www.go####.ru:443
  • TCP(TLS/1.0) i.bimbo####.com:443
  • TCP(TLS/1.0) hw-####.a####.com:443
  • TCP(TLS/1.0) ads.traffic####.net:443
  • TCP(TLS/1.0) sto####.google####.com:443
  • TCP(TLS/1.0) www.googlet####.com:443
  • TCP(TLS/1.0) gmscomp####.google####.com:443
  • TCP(TLS/1.0) s####.g.doublec####.net:443
  • TCP(TLS/1.0) www.go####.com:443
  • TCP(TLS/1.0) di.ph####.com:443
  • TCP(TLS/1.0) rr13---####.g####.com:443
  • TCP(TLS/1.0) and####.a####.go####.com:443
  • TCP(TLS/1.0) i.dy####.com:443
  • TCP(TLS/1.0) www.google-####.com:443
  • TCP(TLS/1.0) m####.traffic####.net:443
  • TCP(TLS/1.0) dy####.com:443
  • TCP(TLS/1.0) connect####.gst####.com:443
  • TCP(TLS/1.0) www.por####.com:443
  • TCP(TLS/1.0) cdn1-sm####.ph####.com:443
  • TCP(TLS/1.0) st####.traffic####.com:443
  • TCP(TLS/1.0) h####.por####.com:443
  • TCP(TLS/1.2) gmscomp####.google####.com:443
DNS requests:
  • ads.traffic####.net
  • and####.a####.go####.com
  • and####.google####.com
  • cdn1-sm####.ph####.com
  • connect####.gst####.com
  • di.ph####.com
  • dy####.com
  • ei.ph####.com
  • gmscomp####.google####.com
  • h####.por####.com
  • ht-####.a####.com
  • hw-####.a####.com
  • i.bimbo####.com
  • i.dy####.com
  • m####.traffic####.net
  • p####.google####.com
  • pla####.google####.com
  • rr13---####.g####.com
  • s####.g.doublec####.net
  • st####.traffic####.com
  • sto####.google####.com
  • v.dy####.com
  • www.go####.com
  • www.go####.ru
  • www.google-####.com
  • www.googlet####.com
  • www.por####.com
File system changes:
Creates the following files:
  • /data/data/####/00171b85ed9d07a5_0
  • /data/data/####/0029a619119e5381_0
  • /data/data/####/011296c6de43a971_0
  • /data/data/####/020933333b5251ed_0
  • /data/data/####/03ea8491ae91b96b_0 (deleted)
  • /data/data/####/048782789bb22c9f_0
  • /data/data/####/04e44d98a656d9fd_0
  • /data/data/####/06e0c57c53f0b634_0
  • /data/data/####/0764bbbafdd4be9f_0
  • /data/data/####/086f26772c01bdcc_0
  • /data/data/####/08ce1c349c5e135a_0
  • /data/data/####/09c72afbccefa173_0 (deleted)
  • /data/data/####/0a364fb28e1eff70_0
  • /data/data/####/0a364fb28e1eff70_1
  • /data/data/####/0ab73cf10b274628_0 (deleted)
  • /data/data/####/0b6c3bd569c0aff2_0
  • /data/data/####/0c5ebbe9a68ee5ae_0
  • /data/data/####/0cf64052d0a8561b_0
  • /data/data/####/0dfb700435dcb891_0
  • /data/data/####/0e6021950d99d6c2_0
  • /data/data/####/0f042bebd815b5e8_0 (deleted)
  • /data/data/####/0f81e82dcbca7aad_0
  • /data/data/####/11499813a06ef9b1_0
  • /data/data/####/1251c9deb44f08a1_0
  • /data/data/####/1251c9deb44f08a1_s
  • /data/data/####/12a6ab2820351259_0
  • /data/data/####/13d2472b524bec67_0
  • /data/data/####/13e77088e80af0e8_0
  • /data/data/####/13e77088e80af0e8_1
  • /data/data/####/1820d2f2ee5101cd_0
  • /data/data/####/188bfee55884bef8_0
  • /data/data/####/198d7e744255dee8_0
  • /data/data/####/1a03b3f7851e1578_0
  • /data/data/####/1ac5b96ee8e5db35_0
  • /data/data/####/1b1661b2f59171d0_0
  • /data/data/####/1c7f914aeba0123e_0
  • /data/data/####/1c9d0791f1810a50_0
  • /data/data/####/1d055edf16b65a09_0
  • /data/data/####/1d976be714a6f1a0_0
  • /data/data/####/1de85f2a422b9e1b_0
  • /data/data/####/1e10015fedece3fd_0
  • /data/data/####/21986f86f2b2cca7_0
  • /data/data/####/223cd70cd7c7d975_0
  • /data/data/####/24379507ffbf2a7d_0
  • /data/data/####/24609f18bb6d5155_0
  • /data/data/####/24609f18bb6d5155_1
  • /data/data/####/2497f49c05de0938_0
  • /data/data/####/254433d1e71f246c_0
  • /data/data/####/27333209e4d0c175_0 (deleted)
  • /data/data/####/2940195bd9870d6e_0
  • /data/data/####/2940195bd9870d6e_1
  • /data/data/####/29e88bb3eec77167_0
  • /data/data/####/2a4c711bada50d30_0
  • /data/data/####/2a4c711bada50d30_1
  • /data/data/####/2cc80dabc69f58b6_0
  • /data/data/####/2d8a3a0a7dc028a6_0
  • /data/data/####/2de1d247efff135e_0 (deleted)
  • /data/data/####/2ec77b48ad5b7d96_0
  • /data/data/####/2fb4885fff7bd002_0
  • /data/data/####/304f973ca243aa3d_0
  • /data/data/####/30fee48cd313d337_0
  • /data/data/####/31095393fa1573c9_0
  • /data/data/####/3114e67c9ccd2304_0 (deleted)
  • /data/data/####/32e2ae6847c4d6ce_0
  • /data/data/####/33474d826c1f993c_0
  • /data/data/####/347bfb137425d2cc_0
  • /data/data/####/34fbfcf85fa6a7b4_0
  • /data/data/####/353295b937eb8bb4_0
  • /data/data/####/353295b937eb8bb4_1
  • /data/data/####/36ac7e2d67dec583_0
  • /data/data/####/3825671eddebd7dd_0 (deleted)
  • /data/data/####/38aecc4ab0033fbb_0
  • /data/data/####/38c33b2e286dff30_0
  • /data/data/####/39938bfaae32da61_0
  • /data/data/####/39f686249d7a5209_0
  • /data/data/####/3c1bcb1bc6ef03a9_0
  • /data/data/####/3d2052eb16d7ba8d_0
  • /data/data/####/3e50ec4d052faa51_0
  • /data/data/####/3e832a5c915b1b4d_0
  • /data/data/####/3ea4d78ea985ea67_0
  • /data/data/####/3f45ac12286f84a7_0
  • /data/data/####/3f45ac12286f84a7_s
  • /data/data/####/408d3a802a4a9708_0
  • /data/data/####/40cdbf12d63ff390_0
  • /data/data/####/43add253d3196048_0
  • /data/data/####/44ebfd0291cedcf7_0
  • /data/data/####/468e01c1fcb8bd71_0
  • /data/data/####/47013c9db4c8e037_0
  • /data/data/####/472e58c456998a58_0
  • /data/data/####/473df8567193f808_0
  • /data/data/####/492e1a448555b944_0
  • /data/data/####/4a89fdaf34446b94_0
  • /data/data/####/4b6d77e3d3cffe82_0
  • /data/data/####/4cb013792b196a35_0
  • /data/data/####/4cb013792b196a35_1
  • /data/data/####/4cf1544f36786d1e_0 (deleted)
  • /data/data/####/4e059e79a6804a89_0
  • /data/data/####/4e7acce65f3c5ffc_0
  • /data/data/####/4ed92342b9895a0f_0
  • /data/data/####/4ed92342b9895a0f_1
  • /data/data/####/5005224befa4799d_0
  • /data/data/####/500cdee7bc94f7a7_0
  • /data/data/####/500cdee7bc94f7a7_1
  • /data/data/####/51ee280218e74bb4_0
  • /data/data/####/52120692f7288c2b_0
  • /data/data/####/52f9dc7d17460950_0
  • /data/data/####/530083c80e4d0b1c_0
  • /data/data/####/532d51279142cf71_0
  • /data/data/####/535420f5dc2766ed_0
  • /data/data/####/537f63bdde18696f_0
  • /data/data/####/5614eb79a5b0e38e_0
  • /data/data/####/57dd0aa4d60e9c54_0
  • /data/data/####/59189b3dcd09d279_0 (deleted)
  • /data/data/####/592786465d281037_0
  • /data/data/####/592786465d281037_1
  • /data/data/####/598c549b9739b9fc_0
  • /data/data/####/59e2ef7f83fdfe86_0
  • /data/data/####/5a0f936f62bc34c6_0 (deleted)
  • /data/data/####/5a10956f90e1b6ad_0
  • /data/data/####/5a44e2418a965539_0
  • /data/data/####/5af3296f02d0b85e_0
  • /data/data/####/5af3296f02d0b85e_1
  • /data/data/####/5b78fb281285f6d1_0
  • /data/data/####/5b78fb281285f6d1_1
  • /data/data/####/5ce577687323a903_0
  • /data/data/####/5d5007318c08050b_0
  • /data/data/####/5dd8bec8b93acc7d_0
  • /data/data/####/5dd8bec8b93acc7d_1
  • /data/data/####/5ddeda266d622068_0
  • /data/data/####/5eb5214e96d5b98e_0
  • /data/data/####/5ef6cb363c3bbe2d_0
  • /data/data/####/5f06699ba462cd04_0
  • /data/data/####/607fa6e3f53992d1_0
  • /data/data/####/6086f05f872a4072_0
  • /data/data/####/60cb04e49dfa25d4_0
  • /data/data/####/61505b570b5a0c00_0
  • /data/data/####/628fd421166019ae_0
  • /data/data/####/628fd421166019ae_s
  • /data/data/####/62c7a4b13f61aac3_0
  • /data/data/####/64508fa1cd46b0ab_0
  • /data/data/####/64508fa1cd46b0ab_1
  • /data/data/####/647f54b0bbbfbd0c_0
  • /data/data/####/6525569bba0cb3ba_0
  • /data/data/####/659ce56de1fb2337_0
  • /data/data/####/66b01fc26b49d9fd_0 (deleted)
  • /data/data/####/66e7834481663201_0
  • /data/data/####/66e7834481663201_1
  • /data/data/####/671f17279fb339c3_0
  • /data/data/####/676505795b929320_0
  • /data/data/####/67b0a8f7427c44fd_0
  • /data/data/####/6a73a3d07377d1ee_0
  • /data/data/####/6b441f228e6a5f64_0
  • /data/data/####/6bcffe2a36969236_0
  • /data/data/####/6c98efda04df9170_0
  • /data/data/####/6cf40482e8e69783_0
  • /data/data/####/6e5e39ca07978d79_0
  • /data/data/####/6edc0726e108ad96_0
  • /data/data/####/6f96bcf2e5244c7c_0
  • /data/data/####/6f9d9afd48a20958_0
  • /data/data/####/6fd1cc4e719ee8bc_0
  • /data/data/####/707f65da52c22764_0
  • /data/data/####/70818e3b27f2cb63_0
  • /data/data/####/70cb6fefaca19dcd_0
  • /data/data/####/71c2183068bec3ee_0
  • /data/data/####/72ba661eab1738fc_0
  • /data/data/####/72ba661eab1738fc_1
  • /data/data/####/734151022703a189_0
  • /data/data/####/74bccd61c8f14707_0
  • /data/data/####/74e07663f3fad2ae_0
  • /data/data/####/78478934c4e9e201_0
  • /data/data/####/79b075f4bb0bfc53_0
  • /data/data/####/7c36fcfeed892bef_0
  • /data/data/####/7c36fcfeed892bef_1
  • /data/data/####/7d59e37bad129b65_0 (deleted)
  • /data/data/####/7ec989bc84577fec_0
  • /data/data/####/7ee1fcc6ef46a1d0_0
  • /data/data/####/7f321e70b534c9c1_0
  • /data/data/####/7f9dde3be96e2c3d_0
  • /data/data/####/7f9dde3be96e2c3d_1
  • /data/data/####/8017f26d65cc0098_0
  • /data/data/####/810008438dc66b19_0
  • /data/data/####/84069d03b10090b2_0 (deleted)
  • /data/data/####/85529bd2e8954647_0
  • /data/data/####/86007186cd9d91c5_0 (deleted)
  • /data/data/####/86be1944d91ac2d1_0 (deleted)
  • /data/data/####/86de11722216820b_0
  • /data/data/####/86e3e3ca61214b58_0
  • /data/data/####/86e3e3ca61214b58_1
  • /data/data/####/8888bac454c36fa6_0
  • /data/data/####/8888bac454c36fa6_1
  • /data/data/####/88f0f238928012af_0
  • /data/data/####/88fa35acfc6ca020_0
  • /data/data/####/898f4048f09cc6bd_0
  • /data/data/####/8ab67d5477716a24_0
  • /data/data/####/8bf428ba1b6d6bfd_0
  • /data/data/####/8c0a7fa20c56d774_0
  • /data/data/####/8c0a7fa20c56d774_1
  • /data/data/####/8e6deddd36cdc792_0
  • /data/data/####/8fff7d84ad2842ab_0
  • /data/data/####/9006eede2df6b254_0
  • /data/data/####/90eb6d837373ec61_0
  • /data/data/####/9267340393227fb0_0
  • /data/data/####/927c81f49c686279_0
  • /data/data/####/92f87a7791750684_0
  • /data/data/####/9402ef73a016ffbb_0
  • /data/data/####/9408ae1055318cbb_0
  • /data/data/####/95cae56d052c205b_0
  • /data/data/####/96b40f238de980c1_0
  • /data/data/####/96c602cf011beed1_0
  • /data/data/####/970699dfcfb59ff1_0
  • /data/data/####/97dbaec5980338e0_0
  • /data/data/####/9846f8c613a6387a_0
  • /data/data/####/9883685c06c3972e_0
  • /data/data/####/9889bd74a4f9f15f_0
  • /data/data/####/9932de6b03101c00_0
  • /data/data/####/99d747a57f951de9_0
  • /data/data/####/9ba08bc51351b6a4_0
  • /data/data/####/9bdfca4fd48705f2_0
  • /data/data/####/9d0ec0b1c17328a2_0
  • /data/data/####/9d1b44e2edf843d2_0
  • /data/data/####/9ea4b735086718a2_0
  • /data/data/####/9ea58f8be18344e7_0
  • /data/data/####/9f41c73e8b957dac_0
  • /data/data/####/CURRENT
  • /data/data/####/Cookies-journal
  • /data/data/####/Databases.db-journal
  • /data/data/####/MANIFEST-000001
  • /data/data/####/QuotaManager-journal
  • /data/data/####/WebViewChromiumPrefs.xml
  • /data/data/####/a0e019f438f09216_0 (deleted)
  • /data/data/####/a1764250d7879f4a_0
  • /data/data/####/a1a0eb390b604316_0
  • /data/data/####/a1a0eb390b604316_1
  • /data/data/####/a1b6713df4854971_0
  • /data/data/####/a39a6bba9829a61c_0
  • /data/data/####/a3d6d95b8edb5e2b_0
  • /data/data/####/a5aad13febc6a967_0
  • /data/data/####/a5f779333fbc53d3_0
  • /data/data/####/a6198e49276ff811_0
  • /data/data/####/a73495d8f4eed396_0
  • /data/data/####/a998effc2d5eae1a_0
  • /data/data/####/a9d56e07f351f496_0
  • /data/data/####/ab034802d476ba59_0
  • /data/data/####/acb919fc0d3f9e02_0
  • /data/data/####/acde0a58292ebd2b_0
  • /data/data/####/ad7d089d252122aa_0
  • /data/data/####/adcd3e03de2d36c2_0
  • /data/data/####/aff118769eeabcb7_0
  • /data/data/####/aff118769eeabcb7_1
  • /data/data/####/b133b88ee171509b_0
  • /data/data/####/b3a794b4b82b2ff9_0
  • /data/data/####/b582bbd9fd1cdc13_0
  • /data/data/####/b5e1eb7ae0246e0a_0
  • /data/data/####/b7df4e16066a6be6_0
  • /data/data/####/b905ed819aa2234d_0
  • /data/data/####/b9d59477235265ba_0
  • /data/data/####/ba09b09b85d29b84_0
  • /data/data/####/ba9369e8a270e3d5_0
  • /data/data/####/bc555e09e5ad4231_0
  • /data/data/####/bc555e09e5ad4231_1
  • /data/data/####/bc73f8734c001a33_0
  • /data/data/####/bd49ffa69488246a_0
  • /data/data/####/be0958a7a8a8f129_0
  • /data/data/####/bf882280db4bae07_0
  • /data/data/####/bff4d42301399db9_0
  • /data/data/####/c00c39458d85fcd8_0
  • /data/data/####/c1ef159d2ccf2a40_0
  • /data/data/####/c4420e5520ee7d4b_0
  • /data/data/####/c451cf81c01502b7_0
  • /data/data/####/c482b23112eba54d_0
  • /data/data/####/c482b23112eba54d_1
  • /data/data/####/c4c837d661dca67d_0
  • /data/data/####/c4c837d661dca67d_s
  • /data/data/####/c6a1ff306393fa5d_0
  • /data/data/####/c83e75d9202d2bd2_0
  • /data/data/####/c85d5dd699487874_0
  • /data/data/####/c8e99ad46b9473f5_0 (deleted)
  • /data/data/####/c916b882b374cb0f_0
  • /data/data/####/cb21163042d8660e_0
  • /data/data/####/cb21163042d8660e_s
  • /data/data/####/cb7997b386509414_0
  • /data/data/####/cc04b34d8691a84e_0
  • /data/data/####/ccdc5c52035e7b54_0
  • /data/data/####/cce86d36c5629cfc_0
  • /data/data/####/ce24b48a4c43124d_0
  • /data/data/####/ceb2b7b0149b2bdb_0
  • /data/data/####/ced59743599d65b3_0
  • /data/data/####/cf0d8ce24d3ba7b1_0
  • /data/data/####/cf0d8ce24d3ba7b1_1
  • /data/data/####/cff92c661aa46add_0
  • /data/data/####/com.iibxboon_preferences.xml
  • /data/data/####/d007c91eb5773792_0
  • /data/data/####/d1561d01308ce3a9_0
  • /data/data/####/d17a55b56e238e34_0
  • /data/data/####/d1b24b1e189dd435_0
  • /data/data/####/d4e63e6902feb759_0
  • /data/data/####/d520afc2d5030b6e_0
  • /data/data/####/d6444c7c5d9bb5a5_0
  • /data/data/####/d6c691d4d20ab1db_0
  • /data/data/####/d96fb7fb5d0a675e_0
  • /data/data/####/d9a6a276acb51762_0
  • /data/data/####/d9d214769652ec13_0
  • /data/data/####/d9da6edcf2ec636a_0
  • /data/data/####/d9dc7474aaacde5a_0
  • /data/data/####/dKbJnaBjY.dex
  • /data/data/####/dKbJnaBjY.dex.flock (deleted)
  • /data/data/####/da1a2d40a30f4e47_0
  • /data/data/####/da4af38e3b0901ac_0
  • /data/data/####/dae890330812da81_0
  • /data/data/####/dbd83d54df11c343_0
  • /data/data/####/dceddd6291d32135_0
  • /data/data/####/e002b01b69e9be26_0
  • /data/data/####/e11660f8a7228316_0
  • /data/data/####/e43bb2843a6156d3_0 (deleted)
  • /data/data/####/e568e8bfab3b55ba_0
  • /data/data/####/e5b9038f7f1f2bd8_0
  • /data/data/####/e65aedfb7e40afa9_0
  • /data/data/####/e724810c657381d6_0
  • /data/data/####/e7461e546faf282e_0
  • /data/data/####/e75dc8afbd8e3da8_0
  • /data/data/####/e78a430c455bee19_0
  • /data/data/####/e801e2143055ddc7_0 (deleted)
  • /data/data/####/e808317641af3485_0
  • /data/data/####/e991fbfedba2aab9_0
  • /data/data/####/ea420e2d7e655b78_0
  • /data/data/####/ea9b7e83d6ebc818_0
  • /data/data/####/ec041ab156886eb3_0
  • /data/data/####/effd37cf07a9b470_0 (deleted)
  • /data/data/####/f109e1a0d3df16fd_0
  • /data/data/####/f20f383709205048_0
  • /data/data/####/f23c946c9aed1a2c_0
  • /data/data/####/f240ad85a9dbeaaa_0
  • /data/data/####/f2bd4f343e188b96_0
  • /data/data/####/f2e2e8cb7741f299_0
  • /data/data/####/f2e2e8cb7741f299_1
  • /data/data/####/f3dc98707cd8e79a_0
  • /data/data/####/f675b2949f926bc6_0
  • /data/data/####/f75b3f6afb775623_0
  • /data/data/####/f7bc6439b0d0aa76_0 (deleted)
  • /data/data/####/fXmDxIuuV.dex
  • /data/data/####/fXmDxIuuV.dex.flock (deleted)
  • /data/data/####/fa89d615c9399940_0
  • /data/data/####/fe779149c968efe9_0 (deleted)
  • /data/data/####/fee6ef73fdd6723e_0
  • /data/data/####/ff03f34d351f9813_0
  • /data/data/####/gkpjxYBHo.dex
  • /data/data/####/gkpjxYBHo.dex.flock (deleted)
  • /data/data/####/index
  • /data/data/####/metrics_guid
  • /data/data/####/tCekFUxX.dex
  • /data/data/####/the-real-index
  • /data/misc/####/primary.prof
Miscellaneous:
Gets information about network.
Gets information about phone status (number, IMEI, etc.).
Displays its own windows over windows of other apps.

Curing recommendations


Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android