ユーザー向け情報

マイライブラリ
マイライブラリ

マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Android.BankBot.TgToxic.40

Added to the Dr.Web virus database: 2023-10-08

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.BankBot.TgToxic.1
Network activity:
Connects to:
  • UDP(DNS) <Google DNS>
  • UDP(DNS) 8####.8.4.4:53
  • TCP(HTTP/1.1) 64.2####.164.94:80
  • TCP(TLS/1.0) rr18---####.g####.com:443
  • TCP(TLS/1.0) 64.2####.164.94:443
  • TCP(TLS/1.0) 74.1####.131.102:443
  • TCP(TLS/1.0) rr2---s####.g####.com:443
  • TCP(TLS/1.0) gmscomp####.google####.com:443
  • TCP(TLS/1.0) and####.a####.go####.com:443
  • TCP(TLS/1.2) gmscomp####.google####.com:443
  • TCP(TLS/1.2) 64.2####.164.103:443
  • UDP gmscomp####.google####.com:443
  • UDP rr2---s####.g####.com:443
DNS requests:
  • and####.a####.go####.com
  • and####.google####.com
  • gmscomp####.google####.com
  • m####.go####.com
  • p####.google####.com
  • rr18---####.g####.com
  • rr2---s####.g####.com
  • www.google####.com
File system changes:
Creates the following files:
  • /data/data/####/0BNU7ZDU1YJY2KV5SFHCPV7XYCFZSFS5.dex
  • /data/data/####/0BP62JIK6NSSNF9SEYN3ZLECFQLR1ATR.dex
  • /data/data/####/150035
  • /data/data/####/19
  • /data/data/####/2023-10-08PM052900.rt
  • /data/data/####/2023-10-08PM052900.str
  • /data/data/####/2023-10-08PM052903.so.rt
  • /data/data/####/2023-10-08PM052910.so.rt
  • /data/data/####/2023-10-08PM052917.so.rt
  • /data/data/####/2023-10-08PM052924.so.rt
  • /data/data/####/2023-10-08PM052932.so.rt
  • /data/data/####/2023-10-08PM052939.so.rt
  • /data/data/####/2023-10-08PM052946.so.rt
  • /data/data/####/2023-10-08PM052953.so.rt
  • /data/data/####/2023-10-08PM053000.so.rt
  • /data/data/####/2023-10-08PM053008.so.rt
  • /data/data/####/250035
  • /data/data/####/29
  • /data/data/####/2PFOWD4AWDEAXLB2SS9D9J42TO31VWJT.dex
  • /data/data/####/39KBADP6Q10XZ4PYDF7P7FY9VVH4KR4G.dex
  • /data/data/####/4HH1NF8J5G2GMKSUI1FT4I4256T1DA9.dex (deleted)
  • /data/data/####/4HH1NF8J5G2GMKSUI1FT4I4256T1DA9.dex.flock (deleted)
  • /data/data/####/4HH1NF8J5G2GMKSUI1FT4I4256T1DA9.zip
  • /data/data/####/4UGBD8O74E56E1MZ3Y1KYEE4W57SRAUQ.dex
  • /data/data/####/51DUTBCYWKYLN7NLKTLV7K2ML87UKSFW.dex
  • /data/data/####/5AMI80DOM5VXRLTJZEWI9FHBEN6AINM.zip
  • /data/data/####/5NA947VGGRMF9QR8R9TZXDOF9TZEEDEI.dex
  • /data/data/####/5RQLGZZ00VAFLMJGBPPRLHCBD9B6QHUE.dex
  • /data/data/####/63DYI3B2JBDUXLYDQ40OC4DLDPT4R03P.dex
  • /data/data/####/7Q2XU64XK9ATL3QOZM038IYS5F6MNA74.dex
  • /data/data/####/92GPXEY1YMOL84TGDBFJ3708K00BEF2K.dex
  • /data/data/####/CUCZ1SK7GE9UEX67VUL42E2C89ZCJYYQ.dex
  • /data/data/####/DHTIHB8Y8KITN37TC95FVKQAXCZUCWJW.dex
  • /data/data/####/DNPKYDH4LRA7VANG8NQ93RFTLYGD4F3J.dex
  • /data/data/####/EWUH3261UOZWSV8P5SJIGO4QQVHY9OGC.dex
  • /data/data/####/F3R0JLU86USB11PB2N3T9USOFYXGMM1I.dex
  • /data/data/####/GHVSKL54HXFWB3OFKYYAMURNR3RIPAXJ.dex
  • /data/data/####/HOKRWOYZIBWVZLGATGYPYSWUJD40541I.dex
  • /data/data/####/IB3BH1MTZAOYK2IWGJL7UKAWR0V3NS3.dex (deleted)
  • /data/data/####/IB3BH1MTZAOYK2IWGJL7UKAWR0V3NS3.dex.flock (deleted)
  • /data/data/####/IB3BH1MTZAOYK2IWGJL7UKAWR0V3NS3.zip
  • /data/data/####/JIAHIAS50L615JQKBEGZGIIGDBQEZA3S.dex
  • /data/data/####/M0E1WMXQE4O7BCIQRLO9MT5XAHUWJTB.dex (deleted)
  • /data/data/####/M0E1WMXQE4O7BCIQRLO9MT5XAHUWJTB.dex.flock (deleted)
  • /data/data/####/M0E1WMXQE4O7BCIQRLO9MT5XAHUWJTB.zip
  • /data/data/####/MAIRIG1BPXNAKS8UXYE4KXRZ65OFP1SP.dex
  • /data/data/####/NJ78N5Q8IUCZ1X9JU3NDXUGWR2P0UA5I.dex
  • /data/data/####/NP3Q47FEB14D9496AH8751PVFOQJ69PP.dex
  • /data/data/####/NXGN25DAA5OXRGH6HBNHVJM5ZBTWWVKC.dex
  • /data/data/####/OYO3IWJ00Q61H20OPNE3K7VB4NC2PV1.dex (deleted)
  • /data/data/####/OYO3IWJ00Q61H20OPNE3K7VB4NC2PV1.dex.flock (deleted)
  • /data/data/####/OYO3IWJ00Q61H20OPNE3K7VB4NC2PV1.zip
  • /data/data/####/P7TO3HSLDBFQI7HD68R0T4G01SDF2WE.dex (deleted)
  • /data/data/####/P7TO3HSLDBFQI7HD68R0T4G01SDF2WE.dex.flock (deleted)
  • /data/data/####/P7TO3HSLDBFQI7HD68R0T4G01SDF2WE.zip
  • /data/data/####/R6WXH6XB9U7JAAONDXAAUO17ALWY490M.dex
  • /data/data/####/RUC99YLVTYVJ26WBXT62IS5JE18QGDG2.dex
  • /data/data/####/SX5DJ34J9KE0AGW6I9F10EC21QD9XI1.dex (deleted)
  • /data/data/####/SX5DJ34J9KE0AGW6I9F10EC21QD9XI1.dex.flock (deleted)
  • /data/data/####/SX5DJ34J9KE0AGW6I9F10EC21QD9XI1.zip
  • /data/data/####/TMAEK8XO25NPVLXVZASI9BXRYVU2AJE.dex (deleted)
  • /data/data/####/TMAEK8XO25NPVLXVZASI9BXRYVU2AJE.dex.flock (deleted)
  • /data/data/####/TMAEK8XO25NPVLXVZASI9BXRYVU2AJE.zip
  • /data/data/####/TO2R3SR5J8H1WCYLB78CSAF9SZ60AZ64.dex
  • /data/data/####/TWSRKS67Y78NJ1G65SYLQ8WIR9OSXKX6.dex
  • /data/data/####/UB5YUFNU3Z1MDLYXUC08K4TDPT9WF07H.dex
  • /data/data/####/UVFF5DQTV6WEG6EKGB5FY82GVGVF3KR.dex (deleted)
  • /data/data/####/UVFF5DQTV6WEG6EKGB5FY82GVGVF3KR.dex.flock (deleted)
  • /data/data/####/UVFF5DQTV6WEG6EKGB5FY82GVGVF3KR.zip
  • /data/data/####/WAD83YMVN6X60DMZUK8Q4ONIWKE554H5.dex
  • /data/data/####/YKQPKY1QA0C3NGEE7D8HQHXXEXA8ZLZ.dex (deleted)
  • /data/data/####/YKQPKY1QA0C3NGEE7D8HQHXXEXA8ZLZ.dex.flock (deleted)
  • /data/data/####/YKQPKY1QA0C3NGEE7D8HQHXXEXA8ZLZ.zip
  • /data/data/####/Z9VQL3UV31LS8LV38YLEZEIMBIB1CMC.dex (deleted)
  • /data/data/####/Z9VQL3UV31LS8LV38YLEZEIMBIB1CMC.dex.flock (deleted)
  • /data/data/####/Z9VQL3UV31LS8LV38YLEZEIMBIB1CMC.zip
  • /data/data/####/ZOYVVWKZ0K2ZE23UJXHXDH26622XWL8Q.dex
  • /data/data/####/empty_classes.dex
  • /data/data/####/empty_classes.zip
  • /data/data/####/proc_auxv
Miscellaneous:
Executes the following shell scripts:
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0BNU7ZDU1YJY2KV5SFHCPV7XYCFZSFS5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0BNU7ZDU1YJY2KV5SFHCPV7XYCFZSFS5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0BP62JIK6NSSNF9SEYN3ZLECFQLR1ATR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0BP62JIK6NSSNF9SEYN3ZLECFQLR1ATR.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/2PFOWD4AWDEAXLB2SS9D9J42TO31VWJT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/2PFOWD4AWDEAXLB2SS9D9J42TO31VWJT.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/39KBADP6Q10XZ4PYDF7P7FY9VVH4KR4G.dex --oat-file=/data/user/0/<Package>/cache/<Package>/39KBADP6Q10XZ4PYDF7P7FY9VVH4KR4G.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4UGBD8O74E56E1MZ3Y1KYEE4W57SRAUQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4UGBD8O74E56E1MZ3Y1KYEE4W57SRAUQ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/51DUTBCYWKYLN7NLKTLV7K2ML87UKSFW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/51DUTBCYWKYLN7NLKTLV7K2ML87UKSFW.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5NA947VGGRMF9QR8R9TZXDOF9TZEEDEI.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5NA947VGGRMF9QR8R9TZXDOF9TZEEDEI.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5RQLGZZ00VAFLMJGBPPRLHCBD9B6QHUE.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5RQLGZZ00VAFLMJGBPPRLHCBD9B6QHUE.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/63DYI3B2JBDUXLYDQ40OC4DLDPT4R03P.dex --oat-file=/data/user/0/<Package>/cache/<Package>/63DYI3B2JBDUXLYDQ40OC4DLDPT4R03P.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7Q2XU64XK9ATL3QOZM038IYS5F6MNA74.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7Q2XU64XK9ATL3QOZM038IYS5F6MNA74.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/92GPXEY1YMOL84TGDBFJ3708K00BEF2K.dex --oat-file=/data/user/0/<Package>/cache/<Package>/92GPXEY1YMOL84TGDBFJ3708K00BEF2K.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/CUCZ1SK7GE9UEX67VUL42E2C89ZCJYYQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/CUCZ1SK7GE9UEX67VUL42E2C89ZCJYYQ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DHTIHB8Y8KITN37TC95FVKQAXCZUCWJW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DHTIHB8Y8KITN37TC95FVKQAXCZUCWJW.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DNPKYDH4LRA7VANG8NQ93RFTLYGD4F3J.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DNPKYDH4LRA7VANG8NQ93RFTLYGD4F3J.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/EWUH3261UOZWSV8P5SJIGO4QQVHY9OGC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/EWUH3261UOZWSV8P5SJIGO4QQVHY9OGC.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/F3R0JLU86USB11PB2N3T9USOFYXGMM1I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/F3R0JLU86USB11PB2N3T9USOFYXGMM1I.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GHVSKL54HXFWB3OFKYYAMURNR3RIPAXJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GHVSKL54HXFWB3OFKYYAMURNR3RIPAXJ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOKRWOYZIBWVZLGATGYPYSWUJD40541I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOKRWOYZIBWVZLGATGYPYSWUJD40541I.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JIAHIAS50L615JQKBEGZGIIGDBQEZA3S.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JIAHIAS50L615JQKBEGZGIIGDBQEZA3S.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/MAIRIG1BPXNAKS8UXYE4KXRZ65OFP1SP.dex --oat-file=/data/user/0/<Package>/cache/<Package>/MAIRIG1BPXNAKS8UXYE4KXRZ65OFP1SP.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NJ78N5Q8IUCZ1X9JU3NDXUGWR2P0UA5I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NJ78N5Q8IUCZ1X9JU3NDXUGWR2P0UA5I.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NP3Q47FEB14D9496AH8751PVFOQJ69PP.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NP3Q47FEB14D9496AH8751PVFOQJ69PP.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NXGN25DAA5OXRGH6HBNHVJM5ZBTWWVKC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NXGN25DAA5OXRGH6HBNHVJM5ZBTWWVKC.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/R6WXH6XB9U7JAAONDXAAUO17ALWY490M.dex --oat-file=/data/user/0/<Package>/cache/<Package>/R6WXH6XB9U7JAAONDXAAUO17ALWY490M.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/RUC99YLVTYVJ26WBXT62IS5JE18QGDG2.dex --oat-file=/data/user/0/<Package>/cache/<Package>/RUC99YLVTYVJ26WBXT62IS5JE18QGDG2.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TO2R3SR5J8H1WCYLB78CSAF9SZ60AZ64.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TO2R3SR5J8H1WCYLB78CSAF9SZ60AZ64.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TWSRKS67Y78NJ1G65SYLQ8WIR9OSXKX6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TWSRKS67Y78NJ1G65SYLQ8WIR9OSXKX6.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/UB5YUFNU3Z1MDLYXUC08K4TDPT9WF07H.dex --oat-file=/data/user/0/<Package>/cache/<Package>/UB5YUFNU3Z1MDLYXUC08K4TDPT9WF07H.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/WAD83YMVN6X60DMZUK8Q4ONIWKE554H5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/WAD83YMVN6X60DMZUK8Q4ONIWKE554H5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZOYVVWKZ0K2ZE23UJXHXDH26622XWL8Q.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZOYVVWKZ0K2ZE23UJXHXDH26622XWL8Q.dex --compiler-filter=verify-none --instruction-set=x86
  • getprop ro.dalvik.vm.isa.arm
  • getprop ro.dalvik.vm.isa.arm64
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0BNU7ZDU1YJY2KV5SFHCPV7XYCFZSFS5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0BNU7ZDU1YJY2KV5SFHCPV7XYCFZSFS5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0BP62JIK6NSSNF9SEYN3ZLECFQLR1ATR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0BP62JIK6NSSNF9SEYN3ZLECFQLR1ATR.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/2PFOWD4AWDEAXLB2SS9D9J42TO31VWJT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/2PFOWD4AWDEAXLB2SS9D9J42TO31VWJT.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/39KBADP6Q10XZ4PYDF7P7FY9VVH4KR4G.dex --oat-file=/data/user/0/<Package>/cache/<Package>/39KBADP6Q10XZ4PYDF7P7FY9VVH4KR4G.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4UGBD8O74E56E1MZ3Y1KYEE4W57SRAUQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4UGBD8O74E56E1MZ3Y1KYEE4W57SRAUQ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/51DUTBCYWKYLN7NLKTLV7K2ML87UKSFW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/51DUTBCYWKYLN7NLKTLV7K2ML87UKSFW.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5NA947VGGRMF9QR8R9TZXDOF9TZEEDEI.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5NA947VGGRMF9QR8R9TZXDOF9TZEEDEI.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5RQLGZZ00VAFLMJGBPPRLHCBD9B6QHUE.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5RQLGZZ00VAFLMJGBPPRLHCBD9B6QHUE.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/63DYI3B2JBDUXLYDQ40OC4DLDPT4R03P.dex --oat-file=/data/user/0/<Package>/cache/<Package>/63DYI3B2JBDUXLYDQ40OC4DLDPT4R03P.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7Q2XU64XK9ATL3QOZM038IYS5F6MNA74.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7Q2XU64XK9ATL3QOZM038IYS5F6MNA74.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/92GPXEY1YMOL84TGDBFJ3708K00BEF2K.dex --oat-file=/data/user/0/<Package>/cache/<Package>/92GPXEY1YMOL84TGDBFJ3708K00BEF2K.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/CUCZ1SK7GE9UEX67VUL42E2C89ZCJYYQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/CUCZ1SK7GE9UEX67VUL42E2C89ZCJYYQ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DHTIHB8Y8KITN37TC95FVKQAXCZUCWJW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DHTIHB8Y8KITN37TC95FVKQAXCZUCWJW.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DNPKYDH4LRA7VANG8NQ93RFTLYGD4F3J.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DNPKYDH4LRA7VANG8NQ93RFTLYGD4F3J.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/EWUH3261UOZWSV8P5SJIGO4QQVHY9OGC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/EWUH3261UOZWSV8P5SJIGO4QQVHY9OGC.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/F3R0JLU86USB11PB2N3T9USOFYXGMM1I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/F3R0JLU86USB11PB2N3T9USOFYXGMM1I.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GHVSKL54HXFWB3OFKYYAMURNR3RIPAXJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GHVSKL54HXFWB3OFKYYAMURNR3RIPAXJ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOKRWOYZIBWVZLGATGYPYSWUJD40541I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOKRWOYZIBWVZLGATGYPYSWUJD40541I.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JIAHIAS50L615JQKBEGZGIIGDBQEZA3S.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JIAHIAS50L615JQKBEGZGIIGDBQEZA3S.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/MAIRIG1BPXNAKS8UXYE4KXRZ65OFP1SP.dex --oat-file=/data/user/0/<Package>/cache/<Package>/MAIRIG1BPXNAKS8UXYE4KXRZ65OFP1SP.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NJ78N5Q8IUCZ1X9JU3NDXUGWR2P0UA5I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NJ78N5Q8IUCZ1X9JU3NDXUGWR2P0UA5I.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NP3Q47FEB14D9496AH8751PVFOQJ69PP.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NP3Q47FEB14D9496AH8751PVFOQJ69PP.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NXGN25DAA5OXRGH6HBNHVJM5ZBTWWVKC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NXGN25DAA5OXRGH6HBNHVJM5ZBTWWVKC.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/R6WXH6XB9U7JAAONDXAAUO17ALWY490M.dex --oat-file=/data/user/0/<Package>/cache/<Package>/R6WXH6XB9U7JAAONDXAAUO17ALWY490M.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/RUC99YLVTYVJ26WBXT62IS5JE18QGDG2.dex --oat-file=/data/user/0/<Package>/cache/<Package>/RUC99YLVTYVJ26WBXT62IS5JE18QGDG2.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TO2R3SR5J8H1WCYLB78CSAF9SZ60AZ64.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TO2R3SR5J8H1WCYLB78CSAF9SZ60AZ64.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TWSRKS67Y78NJ1G65SYLQ8WIR9OSXKX6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TWSRKS67Y78NJ1G65SYLQ8WIR9OSXKX6.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/UB5YUFNU3Z1MDLYXUC08K4TDPT9WF07H.dex --oat-file=/data/user/0/<Package>/cache/<Package>/UB5YUFNU3Z1MDLYXUC08K4TDPT9WF07H.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/WAD83YMVN6X60DMZUK8Q4ONIWKE554H5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/WAD83YMVN6X60DMZUK8Q4ONIWKE554H5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZOYVVWKZ0K2ZE23UJXHXDH26622XWL8Q.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZOYVVWKZ0K2ZE23UJXHXDH26622XWL8Q.dex --compiler-filter=verify-none --instruction-set=x86
Loads the following dynamic libraries:
  • libcovault-appsec
Uses special library to hide executable bytecode.
Gets information about network.
Gets information about installed apps.
Intercepts notifications.
Requests the system alert window permission.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play