ユーザー向け情報

マイライブラリ
マイライブラリ

マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Android.BankBot.TgToxic.44

Added to the Dr.Web virus database: 2023-10-28

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.BankBot.TgToxic.1
Network activity:
Connects to:
  • UDP(DNS) 8####.8.4.4:53
  • UDP(DNS) <Google DNS>
  • TCP(HTTP/1.1) 64.2####.161.94:80
  • TCP(TLS/1.0) 64.2####.162.94:443
  • TCP(TLS/1.0) rr9---s####.g####.com:443
  • TCP(TLS/1.0) rr2---s####.g####.com:443
  • TCP(TLS/1.0) rr18---####.g####.com:443
  • TCP(TLS/1.0) p####.google####.com:443
  • TCP(TLS/1.2) 64.2####.161.94:443
  • TCP(TLS/1.2) p####.google####.com:443
  • TCP(TLS/1.2) 74.1####.205.101:443
  • TCP(TLS/1.2) www.go####.com:443
  • UDP p####.google####.com:443
DNS requests:
  • m####.go####.com
  • p####.google####.com
  • rr18---####.g####.com
  • rr2---s####.g####.com
  • rr9---s####.g####.com
  • sqs.ap-nort####.amazo####.com
  • www.go####.com
File system changes:
Creates the following files:
  • /data/data/####/.com_jysfcw_cuyogmer.meta
  • /data/data/####/135GN9W91F76I3DHM4RGD88K1SPFAWA.dex (deleted)
  • /data/data/####/135GN9W91F76I3DHM4RGD88K1SPFAWA.dex.flock (deleted)
  • /data/data/####/135GN9W91F76I3DHM4RGD88K1SPFAWA.zip
  • /data/data/####/150035
  • /data/data/####/19
  • /data/data/####/1BLC3PK9DRRA2VH12SZW5OSOPGX7Y4U.dex (deleted)
  • /data/data/####/1BLC3PK9DRRA2VH12SZW5OSOPGX7Y4U.dex.flock (deleted)
  • /data/data/####/1BLC3PK9DRRA2VH12SZW5OSOPGX7Y4U.zip
  • /data/data/####/1U4X1MY92UKHW850P7NZJBGG40SZ63IS.dex
  • /data/data/####/1ZPKQ118PFUFREJWKRATRRFTLMKTSBFR.dex
  • /data/data/####/2023-10-28AM110842.str
  • /data/data/####/2023-10-28AM110843.rt
  • /data/data/####/2023-10-28AM110850.so.rt
  • /data/data/####/2023-10-28AM110857.so.rt
  • /data/data/####/2023-10-28AM110904.so.rt
  • /data/data/####/2023-10-28AM110911.so.rt
  • /data/data/####/2023-10-28AM110917.so.rt
  • /data/data/####/2023-10-28AM110922.so.rt
  • /data/data/####/2023-10-28AM110929.so.rt
  • /data/data/####/2023-10-28AM110936.so.rt
  • /data/data/####/2023-10-28AM110942.so.rt
  • /data/data/####/2023-10-28AM110952.so.rt
  • /data/data/####/2023-10-28AM110958.so.rt
  • /data/data/####/250035
  • /data/data/####/27DEAZNUNB1AHHQLA0KSG4DHX99KZ07T.dex
  • /data/data/####/29
  • /data/data/####/3AGPHYDJ92ZF6U47TDUMQ4TBAPCECHGY.dex
  • /data/data/####/3AGPHYDJ92ZF6U47TDUMQ4TBAPCECHGY.dex.flock (deleted)
  • /data/data/####/3IK1DELV5U3F224R5122EWH3ITOUOPK6.dex
  • /data/data/####/3IK1DELV5U3F224R5122EWH3ITOUOPK6.dex.flock (deleted)
  • /data/data/####/464JP0SRKI1M65MBZQTWQE2GC9FCJA2A.dex
  • /data/data/####/464JP0SRKI1M65MBZQTWQE2GC9FCJA2A.dex.flock (deleted)
  • /data/data/####/5060812cdbbf38e02363f9f312138979ts99nb.swzj
  • /data/data/####/5060812cdbbf38e02363f9f312138979ts99nb.swzj (deleted)
  • /data/data/####/5F9GUPHODFAB3A7KWV25JRRTX6GXOJF3.dex
  • /data/data/####/5WAJROR5VKPXW86HZF4SOER9WRM4YBU8.dex
  • /data/data/####/5WAJROR5VKPXW86HZF4SOER9WRM4YBU8.dex.flock (deleted)
  • /data/data/####/6VTU27V6NBLM9TAPUWOW0OL915HS7SBH.dex
  • /data/data/####/6VTU27V6NBLM9TAPUWOW0OL915HS7SBH.dex.flock (deleted)
  • /data/data/####/B86R34SB0WMJQQVMJ1LLT1UIIYQDODC6.dex
  • /data/data/####/BDNE5R2JN1HCS9VR4ITABYEUZ6FD8US.dex (deleted)
  • /data/data/####/BDNE5R2JN1HCS9VR4ITABYEUZ6FD8US.dex.flock (deleted)
  • /data/data/####/BDNE5R2JN1HCS9VR4ITABYEUZ6FD8US.zip
  • /data/data/####/BGY7JS8N8C2B6EVEZ55DH1QIYUMLO14M.dex
  • /data/data/####/BGY7JS8N8C2B6EVEZ55DH1QIYUMLO14M.dex.flock (deleted)
  • /data/data/####/BH3U57EJBP14SPZRKEX27Y6ERIR906C.dex (deleted)
  • /data/data/####/BH3U57EJBP14SPZRKEX27Y6ERIR906C.dex.flock (deleted)
  • /data/data/####/BH3U57EJBP14SPZRKEX27Y6ERIR906C.zip
  • /data/data/####/CR1AMV6GYB4OJ3LSYURZJHU4R6XR1U13.dex
  • /data/data/####/CR1AMV6GYB4OJ3LSYURZJHU4R6XR1U13.dex.flock (deleted)
  • /data/data/####/ELRSG5C6O1Q6D9NIC8T99F4A54VLVGB5.dex
  • /data/data/####/ELRSG5C6O1Q6D9NIC8T99F4A54VLVGB5.dex.flock (deleted)
  • /data/data/####/G5P573C7TKYSQOWYUHRXC2SU5Q99LUP.dex (deleted)
  • /data/data/####/G5P573C7TKYSQOWYUHRXC2SU5Q99LUP.dex.flock (deleted)
  • /data/data/####/G5P573C7TKYSQOWYUHRXC2SU5Q99LUP.zip
  • /data/data/####/GMLC65EEKO3Z8AE39SDMTDTE52GFLBQ.dex (deleted)
  • /data/data/####/GMLC65EEKO3Z8AE39SDMTDTE52GFLBQ.dex.flock (deleted)
  • /data/data/####/GMLC65EEKO3Z8AE39SDMTDTE52GFLBQ.zip
  • /data/data/####/GTB44PP8LXN8NB0BOAMIAEJBF3F65M5B.dex
  • /data/data/####/GTB44PP8LXN8NB0BOAMIAEJBF3F65M5B.dex.flock (deleted)
  • /data/data/####/HRQ9KFR8472BL6383D1B5LCZ9XNU65QI.dex
  • /data/data/####/HRQ9KFR8472BL6383D1B5LCZ9XNU65QI.dex.flock (deleted)
  • /data/data/####/IECPkgStoreInfo
  • /data/data/####/J0ABZO8ZOOE7EIV6B1L5P12EIAY5C5W6.dex
  • /data/data/####/JE2DMMGPOPY9PZIWJIKRS2Y8PJM2VAR8.dex
  • /data/data/####/JE2DMMGPOPY9PZIWJIKRS2Y8PJM2VAR8.dex.flock (deleted)
  • /data/data/####/JXCFITPMY5K9ZK5E5JF5R7YXF79OOJWW.dex
  • /data/data/####/JXCFITPMY5K9ZK5E5JF5R7YXF79OOJWW.dex.flock (deleted)
  • /data/data/####/JXFQWNNYN5W1D8XYQH8BL1HJVSINIT95.dex
  • /data/data/####/JXFQWNNYN5W1D8XYQH8BL1HJVSINIT95.dex.flock (deleted)
  • /data/data/####/KMGFXKKR8I9IMXQRJ2X0IEUCKHZWJ2QQ.dex
  • /data/data/####/KMGFXKKR8I9IMXQRJ2X0IEUCKHZWJ2QQ.dex.flock (deleted)
  • /data/data/####/KQKNLCCBW2LQUTY7NMHKEEQWGPJ8N2MY.dex
  • /data/data/####/KTDXZNW7T0UWYCOAUXZ50UKY5Y199QL.dex
  • /data/data/####/KTDXZNW7T0UWYCOAUXZ50UKY5Y199QL.dex.flock (deleted)
  • /data/data/####/KTDXZNW7T0UWYCOAUXZ50UKY5Y199QL.zip
  • /data/data/####/LE01LAMP6YODKGL0TZ3Z7ROKC8KZ6BYG.dex
  • /data/data/####/LE01LAMP6YODKGL0TZ3Z7ROKC8KZ6BYG.dex.flock (deleted)
  • /data/data/####/LG4J8CANUFORR1SY1KMTICGAFD4O945I.dex
  • /data/data/####/LG4J8CANUFORR1SY1KMTICGAFD4O945I.dex.flock (deleted)
  • /data/data/####/MSAH8EPEU0GV3OUQ354D25T9YDQ8NXN.dex (deleted)
  • /data/data/####/MSAH8EPEU0GV3OUQ354D25T9YDQ8NXN.dex.flock (deleted)
  • /data/data/####/MSAH8EPEU0GV3OUQ354D25T9YDQ8NXN.zip
  • /data/data/####/NU81PMHRXIRFAAKJ51IQE0HVUX4I8182.dex
  • /data/data/####/NU81PMHRXIRFAAKJ51IQE0HVUX4I8182.dex.flock (deleted)
  • /data/data/####/OM43EOZOCYEXP284LVQZOJRJ0RCIHNT.dex
  • /data/data/####/OM43EOZOCYEXP284LVQZOJRJ0RCIHNT.dex.flock (deleted)
  • /data/data/####/OM43EOZOCYEXP284LVQZOJRJ0RCIHNT.zip
  • /data/data/####/QF5EMVZMRF52X1QPY84WOOTTPDPSN0R5.dex
  • /data/data/####/QF5EMVZMRF52X1QPY84WOOTTPDPSN0R5.dex.flock (deleted)
  • /data/data/####/QGYP0I9EAGCJBWM231SLQX5DILI8BDJ.dex (deleted)
  • /data/data/####/QGYP0I9EAGCJBWM231SLQX5DILI8BDJ.dex.flock (deleted)
  • /data/data/####/QGYP0I9EAGCJBWM231SLQX5DILI8BDJ.zip
  • /data/data/####/SQGBPC8B82PEAPIFFI142EE4CTB8FQ6E.dex
  • /data/data/####/SQGBPC8B82PEAPIFFI142EE4CTB8FQ6E.dex.flock (deleted)
  • /data/data/####/TDDU5FWIK8ITJVZ1CX5ZVK2M1WRA8OBK.dex
  • /data/data/####/TDDU5FWIK8ITJVZ1CX5ZVK2M1WRA8OBK.dex.flock (deleted)
  • /data/data/####/TV10QT54DF2VJEB88NQDJRRX1ISHGZNJ.dex
  • /data/data/####/TV10QT54DF2VJEB88NQDJRRX1ISHGZNJ.dex.flock (deleted)
  • /data/data/####/U93COXGUCD26L17QC8DL9B4290FDR4N9.dex
  • /data/data/####/UF9UEFR6ZJ9MTPQ12048KO5LXX1SV8ND.dex
  • /data/data/####/UF9UEFR6ZJ9MTPQ12048KO5LXX1SV8ND.dex.flock (deleted)
  • /data/data/####/UOULNE21IS3O0RS1LWFIK44EE7PILGCC.dex
  • /data/data/####/UOULNE21IS3O0RS1LWFIK44EE7PILGCC.dex.flock (deleted)
  • /data/data/####/V2YTQ2K10HQL172CBI47W2ACPNEURIRS.dex
  • /data/data/####/V2YTQ2K10HQL172CBI47W2ACPNEURIRS.dex.flock (deleted)
  • /data/data/####/V7NPL6HRIOMGYU8C3PJECMK7S3BNW7P.dex (deleted)
  • /data/data/####/V7NPL6HRIOMGYU8C3PJECMK7S3BNW7P.dex.flock (deleted)
  • /data/data/####/V7NPL6HRIOMGYU8C3PJECMK7S3BNW7P.zip
  • /data/data/####/VDVAOVZEN5G59GLUE14711HR3G6RM5TH.dex
  • /data/data/####/WNTAI7M423OOF79G6MFVJTU8NYDNLQDB.dex
  • /data/data/####/XTHA9NCI88Y9F77P8LXBNKEMX0NU4WRG.dex
  • /data/data/####/XTHA9NCI88Y9F77P8LXBNKEMX0NU4WRG.dex.flock (deleted)
  • /data/data/####/Y8M5WAHE28KJVGME3L0DUDTPQHA4RDR.dex (deleted)
  • /data/data/####/Y8M5WAHE28KJVGME3L0DUDTPQHA4RDR.dex.flock (deleted)
  • /data/data/####/Y8M5WAHE28KJVGME3L0DUDTPQHA4RDR.zip
  • /data/data/####/Z5RMXBYJRLXS0DR3KA5ABQYIBAJ98MO.dex
  • /data/data/####/Z5RMXBYJRLXS0DR3KA5ABQYIBAJ98MO.dex.flock (deleted)
  • /data/data/####/Z5RMXBYJRLXS0DR3KA5ABQYIBAJ98MO.zip
  • /data/data/####/Z94RIDHU6L4TJ8HU9ZF9F7M1RJL8GVOC.dex
  • /data/data/####/Z94RIDHU6L4TJ8HU9ZF9F7M1RJL8GVOC.dex.flock (deleted)
  • /data/data/####/ZBBK7PQ8YYCZ59HREFR55U4GZELOQMDE.dex
  • /data/data/####/ZBBK7PQ8YYCZ59HREFR55U4GZELOQMDE.dex.flock (deleted)
  • /data/data/####/com.android.launcher3.prefs.xml
  • /data/data/####/empty_classes.dex
  • /data/data/####/empty_classes.zip
  • /data/data/####/proc_auxv
  • /data/data/####/sealeh.bdc
  • /data/data/####/spUtils.xml
  • /data/data/####/working
Miscellaneous:
Executes the following shell scripts:
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/1BLC3PK9DRRA2VH12SZW5OSOPGX7Y4U.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/GMLC65EEKO3Z8AE39SDMTDTE52GFLBQ.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/KTDXZNW7T0UWYCOAUXZ50UKY5Y199QL.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/MSAH8EPEU0GV3OUQ354D25T9YDQ8NXN.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/OM43EOZOCYEXP284LVQZOJRJ0RCIHNT.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/V7NPL6HRIOMGYU8C3PJECMK7S3BNW7P.zip
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1U4X1MY92UKHW850P7NZJBGG40SZ63IS.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1U4X1MY92UKHW850P7NZJBGG40SZ63IS.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1ZPKQ118PFUFREJWKRATRRFTLMKTSBFR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1ZPKQ118PFUFREJWKRATRRFTLMKTSBFR.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/27DEAZNUNB1AHHQLA0KSG4DHX99KZ07T.dex --oat-file=/data/user/0/<Package>/cache/<Package>/27DEAZNUNB1AHHQLA0KSG4DHX99KZ07T.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/3AGPHYDJ92ZF6U47TDUMQ4TBAPCECHGY.dex --oat-file=/data/user/0/<Package>/cache/<Package>/3AGPHYDJ92ZF6U47TDUMQ4TBAPCECHGY.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/3IK1DELV5U3F224R5122EWH3ITOUOPK6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/3IK1DELV5U3F224R5122EWH3ITOUOPK6.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/464JP0SRKI1M65MBZQTWQE2GC9FCJA2A.dex --oat-file=/data/user/0/<Package>/cache/<Package>/464JP0SRKI1M65MBZQTWQE2GC9FCJA2A.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5F9GUPHODFAB3A7KWV25JRRTX6GXOJF3.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5F9GUPHODFAB3A7KWV25JRRTX6GXOJF3.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5WAJROR5VKPXW86HZF4SOER9WRM4YBU8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5WAJROR5VKPXW86HZF4SOER9WRM4YBU8.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6VTU27V6NBLM9TAPUWOW0OL915HS7SBH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6VTU27V6NBLM9TAPUWOW0OL915HS7SBH.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/B86R34SB0WMJQQVMJ1LLT1UIIYQDODC6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/B86R34SB0WMJQQVMJ1LLT1UIIYQDODC6.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BGY7JS8N8C2B6EVEZ55DH1QIYUMLO14M.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BGY7JS8N8C2B6EVEZ55DH1QIYUMLO14M.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/CR1AMV6GYB4OJ3LSYURZJHU4R6XR1U13.dex --oat-file=/data/user/0/<Package>/cache/<Package>/CR1AMV6GYB4OJ3LSYURZJHU4R6XR1U13.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ELRSG5C6O1Q6D9NIC8T99F4A54VLVGB5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ELRSG5C6O1Q6D9NIC8T99F4A54VLVGB5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GTB44PP8LXN8NB0BOAMIAEJBF3F65M5B.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GTB44PP8LXN8NB0BOAMIAEJBF3F65M5B.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HRQ9KFR8472BL6383D1B5LCZ9XNU65QI.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HRQ9KFR8472BL6383D1B5LCZ9XNU65QI.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/J0ABZO8ZOOE7EIV6B1L5P12EIAY5C5W6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/J0ABZO8ZOOE7EIV6B1L5P12EIAY5C5W6.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JE2DMMGPOPY9PZIWJIKRS2Y8PJM2VAR8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JE2DMMGPOPY9PZIWJIKRS2Y8PJM2VAR8.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JXCFITPMY5K9ZK5E5JF5R7YXF79OOJWW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JXCFITPMY5K9ZK5E5JF5R7YXF79OOJWW.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JXFQWNNYN5W1D8XYQH8BL1HJVSINIT95.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JXFQWNNYN5W1D8XYQH8BL1HJVSINIT95.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KMGFXKKR8I9IMXQRJ2X0IEUCKHZWJ2QQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KMGFXKKR8I9IMXQRJ2X0IEUCKHZWJ2QQ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KQKNLCCBW2LQUTY7NMHKEEQWGPJ8N2MY.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KQKNLCCBW2LQUTY7NMHKEEQWGPJ8N2MY.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LE01LAMP6YODKGL0TZ3Z7ROKC8KZ6BYG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LE01LAMP6YODKGL0TZ3Z7ROKC8KZ6BYG.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LG4J8CANUFORR1SY1KMTICGAFD4O945I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LG4J8CANUFORR1SY1KMTICGAFD4O945I.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NU81PMHRXIRFAAKJ51IQE0HVUX4I8182.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NU81PMHRXIRFAAKJ51IQE0HVUX4I8182.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/QF5EMVZMRF52X1QPY84WOOTTPDPSN0R5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/QF5EMVZMRF52X1QPY84WOOTTPDPSN0R5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/SQGBPC8B82PEAPIFFI142EE4CTB8FQ6E.dex --oat-file=/data/user/0/<Package>/cache/<Package>/SQGBPC8B82PEAPIFFI142EE4CTB8FQ6E.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TDDU5FWIK8ITJVZ1CX5ZVK2M1WRA8OBK.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TDDU5FWIK8ITJVZ1CX5ZVK2M1WRA8OBK.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TV10QT54DF2VJEB88NQDJRRX1ISHGZNJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TV10QT54DF2VJEB88NQDJRRX1ISHGZNJ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/U93COXGUCD26L17QC8DL9B4290FDR4N9.dex --oat-file=/data/user/0/<Package>/cache/<Package>/U93COXGUCD26L17QC8DL9B4290FDR4N9.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/UF9UEFR6ZJ9MTPQ12048KO5LXX1SV8ND.dex --oat-file=/data/user/0/<Package>/cache/<Package>/UF9UEFR6ZJ9MTPQ12048KO5LXX1SV8ND.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/UOULNE21IS3O0RS1LWFIK44EE7PILGCC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/UOULNE21IS3O0RS1LWFIK44EE7PILGCC.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/V2YTQ2K10HQL172CBI47W2ACPNEURIRS.dex --oat-file=/data/user/0/<Package>/cache/<Package>/V2YTQ2K10HQL172CBI47W2ACPNEURIRS.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/VDVAOVZEN5G59GLUE14711HR3G6RM5TH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/VDVAOVZEN5G59GLUE14711HR3G6RM5TH.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/WNTAI7M423OOF79G6MFVJTU8NYDNLQDB.dex --oat-file=/data/user/0/<Package>/cache/<Package>/WNTAI7M423OOF79G6MFVJTU8NYDNLQDB.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/XTHA9NCI88Y9F77P8LXBNKEMX0NU4WRG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/XTHA9NCI88Y9F77P8LXBNKEMX0NU4WRG.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Z94RIDHU6L4TJ8HU9ZF9F7M1RJL8GVOC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Z94RIDHU6L4TJ8HU9ZF9F7M1RJL8GVOC.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZBBK7PQ8YYCZ59HREFR55U4GZELOQMDE.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZBBK7PQ8YYCZ59HREFR55U4GZELOQMDE.dex --compiler-filter=verify-none --instruction-set=x86
  • getprop ro.dalvik.vm.isa.arm
  • getprop ro.dalvik.vm.isa.arm64
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1U4X1MY92UKHW850P7NZJBGG40SZ63IS.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1U4X1MY92UKHW850P7NZJBGG40SZ63IS.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1ZPKQ118PFUFREJWKRATRRFTLMKTSBFR.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1ZPKQ118PFUFREJWKRATRRFTLMKTSBFR.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/27DEAZNUNB1AHHQLA0KSG4DHX99KZ07T.dex --oat-file=/data/user/0/<Package>/cache/<Package>/27DEAZNUNB1AHHQLA0KSG4DHX99KZ07T.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/3AGPHYDJ92ZF6U47TDUMQ4TBAPCECHGY.dex --oat-file=/data/user/0/<Package>/cache/<Package>/3AGPHYDJ92ZF6U47TDUMQ4TBAPCECHGY.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/3IK1DELV5U3F224R5122EWH3ITOUOPK6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/3IK1DELV5U3F224R5122EWH3ITOUOPK6.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/464JP0SRKI1M65MBZQTWQE2GC9FCJA2A.dex --oat-file=/data/user/0/<Package>/cache/<Package>/464JP0SRKI1M65MBZQTWQE2GC9FCJA2A.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5F9GUPHODFAB3A7KWV25JRRTX6GXOJF3.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5F9GUPHODFAB3A7KWV25JRRTX6GXOJF3.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5WAJROR5VKPXW86HZF4SOER9WRM4YBU8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5WAJROR5VKPXW86HZF4SOER9WRM4YBU8.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6VTU27V6NBLM9TAPUWOW0OL915HS7SBH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6VTU27V6NBLM9TAPUWOW0OL915HS7SBH.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/B86R34SB0WMJQQVMJ1LLT1UIIYQDODC6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/B86R34SB0WMJQQVMJ1LLT1UIIYQDODC6.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BGY7JS8N8C2B6EVEZ55DH1QIYUMLO14M.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BGY7JS8N8C2B6EVEZ55DH1QIYUMLO14M.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/CR1AMV6GYB4OJ3LSYURZJHU4R6XR1U13.dex --oat-file=/data/user/0/<Package>/cache/<Package>/CR1AMV6GYB4OJ3LSYURZJHU4R6XR1U13.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ELRSG5C6O1Q6D9NIC8T99F4A54VLVGB5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ELRSG5C6O1Q6D9NIC8T99F4A54VLVGB5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GTB44PP8LXN8NB0BOAMIAEJBF3F65M5B.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GTB44PP8LXN8NB0BOAMIAEJBF3F65M5B.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HRQ9KFR8472BL6383D1B5LCZ9XNU65QI.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HRQ9KFR8472BL6383D1B5LCZ9XNU65QI.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/J0ABZO8ZOOE7EIV6B1L5P12EIAY5C5W6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/J0ABZO8ZOOE7EIV6B1L5P12EIAY5C5W6.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JE2DMMGPOPY9PZIWJIKRS2Y8PJM2VAR8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JE2DMMGPOPY9PZIWJIKRS2Y8PJM2VAR8.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JXCFITPMY5K9ZK5E5JF5R7YXF79OOJWW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JXCFITPMY5K9ZK5E5JF5R7YXF79OOJWW.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JXFQWNNYN5W1D8XYQH8BL1HJVSINIT95.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JXFQWNNYN5W1D8XYQH8BL1HJVSINIT95.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KMGFXKKR8I9IMXQRJ2X0IEUCKHZWJ2QQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KMGFXKKR8I9IMXQRJ2X0IEUCKHZWJ2QQ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KQKNLCCBW2LQUTY7NMHKEEQWGPJ8N2MY.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KQKNLCCBW2LQUTY7NMHKEEQWGPJ8N2MY.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LE01LAMP6YODKGL0TZ3Z7ROKC8KZ6BYG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LE01LAMP6YODKGL0TZ3Z7ROKC8KZ6BYG.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LG4J8CANUFORR1SY1KMTICGAFD4O945I.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LG4J8CANUFORR1SY1KMTICGAFD4O945I.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NU81PMHRXIRFAAKJ51IQE0HVUX4I8182.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NU81PMHRXIRFAAKJ51IQE0HVUX4I8182.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/QF5EMVZMRF52X1QPY84WOOTTPDPSN0R5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/QF5EMVZMRF52X1QPY84WOOTTPDPSN0R5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/SQGBPC8B82PEAPIFFI142EE4CTB8FQ6E.dex --oat-file=/data/user/0/<Package>/cache/<Package>/SQGBPC8B82PEAPIFFI142EE4CTB8FQ6E.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TDDU5FWIK8ITJVZ1CX5ZVK2M1WRA8OBK.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TDDU5FWIK8ITJVZ1CX5ZVK2M1WRA8OBK.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TV10QT54DF2VJEB88NQDJRRX1ISHGZNJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TV10QT54DF2VJEB88NQDJRRX1ISHGZNJ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/U93COXGUCD26L17QC8DL9B4290FDR4N9.dex --oat-file=/data/user/0/<Package>/cache/<Package>/U93COXGUCD26L17QC8DL9B4290FDR4N9.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/UF9UEFR6ZJ9MTPQ12048KO5LXX1SV8ND.dex --oat-file=/data/user/0/<Package>/cache/<Package>/UF9UEFR6ZJ9MTPQ12048KO5LXX1SV8ND.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/UOULNE21IS3O0RS1LWFIK44EE7PILGCC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/UOULNE21IS3O0RS1LWFIK44EE7PILGCC.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/V2YTQ2K10HQL172CBI47W2ACPNEURIRS.dex --oat-file=/data/user/0/<Package>/cache/<Package>/V2YTQ2K10HQL172CBI47W2ACPNEURIRS.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/VDVAOVZEN5G59GLUE14711HR3G6RM5TH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/VDVAOVZEN5G59GLUE14711HR3G6RM5TH.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/WNTAI7M423OOF79G6MFVJTU8NYDNLQDB.dex --oat-file=/data/user/0/<Package>/cache/<Package>/WNTAI7M423OOF79G6MFVJTU8NYDNLQDB.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/XTHA9NCI88Y9F77P8LXBNKEMX0NU4WRG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/XTHA9NCI88Y9F77P8LXBNKEMX0NU4WRG.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Z94RIDHU6L4TJ8HU9ZF9F7M1RJL8GVOC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Z94RIDHU6L4TJ8HU9ZF9F7M1RJL8GVOC.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZBBK7PQ8YYCZ59HREFR55U4GZELOQMDE.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZBBK7PQ8YYCZ59HREFR55U4GZELOQMDE.dex --compiler-filter=verify-none --instruction-set=x86
Loads the following dynamic libraries:
  • libcovault-appsec
Uses special library to hide executable bytecode.
Gets information about network.
Gets information about installed apps.
Intercepts notifications.
Requests the system alert window permission.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play