ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話

03-6550-8770

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話

03-6550-8770

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Android.BankBot.TgToxic.52

Added to the Dr.Web virus database: 2023-11-13

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.BankBot.TgToxic.1
Network activity:
Connects to:
  • UDP(DNS) <Google DNS>
  • UDP(DNS) 8####.8.4.4:53
  • TCP(HTTP/1.1) 1####.194.73.94:80
  • TCP(TLS/1.0) 1####.177.14.101:443
  • TCP(TLS/1.0) 1####.194.73.94:443
  • TCP(TLS/1.0) gmscomp####.google####.com:443
  • TCP(TLS/1.0) rr9---s####.g####.com:443
  • TCP(TLS/1.2) www.go####.com:443
  • TCP(TLS/1.2) 1####.177.14.101:443
  • TCP(TLS/1.2) gmscomp####.google####.com:443
  • TCP(TLS/1.2) 1####.194.73.94:443
DNS requests:
  • gmscomp####.google####.com
  • m####.go####.com
  • rr9---s####.g####.com
  • sqs.ap-nort####.amazo####.com
  • www.go####.com
File system changes:
Creates the following files:
  • /data/data/####/.com_jnagwi_thblmqzx.meta
  • /data/data/####/150035
  • /data/data/####/19
  • /data/data/####/1NTG31C11JB6YB15IGF4PSK01CDRIOU.dex (deleted)
  • /data/data/####/1NTG31C11JB6YB15IGF4PSK01CDRIOU.dex.flock (deleted)
  • /data/data/####/1NTG31C11JB6YB15IGF4PSK01CDRIOU.zip
  • /data/data/####/2023-11-13PM024023.rt
  • /data/data/####/2023-11-13PM024023.str
  • /data/data/####/2023-11-13PM024031.so.rt
  • /data/data/####/2023-11-13PM024038.so.rt
  • /data/data/####/2023-11-13PM024045.so.rt
  • /data/data/####/2023-11-13PM024052.so.rt
  • /data/data/####/2023-11-13PM024059.so.rt
  • /data/data/####/2023-11-13PM024107.so.rt
  • /data/data/####/2023-11-13PM024113.so.rt
  • /data/data/####/2023-11-13PM024120.so.rt
  • /data/data/####/2023-11-13PM024126.so.rt
  • /data/data/####/2023-11-13PM024132.so.rt
  • /data/data/####/2023-11-13PM024139.so.rt
  • /data/data/####/250035
  • /data/data/####/29
  • /data/data/####/441a8765a6ac2cd3ef74cd63bf7e568cts99nb.qvws
  • /data/data/####/441a8765a6ac2cd3ef74cd63bf7e568cts99nb.qvws (deleted)
  • /data/data/####/4QSV5SWJ8MPA61QRBAT8MYM8G5JCJEEE.dex
  • /data/data/####/4QSV5SWJ8MPA61QRBAT8MYM8G5JCJEEE.dex.flock (deleted)
  • /data/data/####/5JXCAH1G1JEZ36B0OV2HFVB5120XONR7.dex
  • /data/data/####/5JXCAH1G1JEZ36B0OV2HFVB5120XONR7.dex.flock (deleted)
  • /data/data/####/5MQQK8H4QDJLRPXNB2G2PZLRYFEY6BE.dex (deleted)
  • /data/data/####/5MQQK8H4QDJLRPXNB2G2PZLRYFEY6BE.dex.flock (deleted)
  • /data/data/####/5MQQK8H4QDJLRPXNB2G2PZLRYFEY6BE.zip
  • /data/data/####/5W47WKUZMB833XK2TGET2GKYF9GG5OLM.dex
  • /data/data/####/5W47WKUZMB833XK2TGET2GKYF9GG5OLM.dex.flock (deleted)
  • /data/data/####/6PNOGLGE09AU19ZY0S15XRGELW3TZSVD.dex
  • /data/data/####/6PNOGLGE09AU19ZY0S15XRGELW3TZSVD.dex.flock (deleted)
  • /data/data/####/7QUXI6O54LI99BUWBEGNK66K972UZANG.dex
  • /data/data/####/7QUXI6O54LI99BUWBEGNK66K972UZANG.dex.flock (deleted)
  • /data/data/####/7WIVV8GZKKY7YU763XH1H5AA2YEDW5SU.dex
  • /data/data/####/7WIVV8GZKKY7YU763XH1H5AA2YEDW5SU.dex.flock (deleted)
  • /data/data/####/8B1IQVUK6R0CRNL8QABVB1UC7YDZLM93.dex
  • /data/data/####/8B1IQVUK6R0CRNL8QABVB1UC7YDZLM93.dex.flock (deleted)
  • /data/data/####/9FHWZ9K1TB3M2VHH2GNWT8SC9OPNE8M.dex (deleted)
  • /data/data/####/9FHWZ9K1TB3M2VHH2GNWT8SC9OPNE8M.dex.flock (deleted)
  • /data/data/####/9FHWZ9K1TB3M2VHH2GNWT8SC9OPNE8M.zip
  • /data/data/####/A5R0K5GAW1MU1TNIKOD5LZKILWVTF8Z5.dex
  • /data/data/####/A5R0K5GAW1MU1TNIKOD5LZKILWVTF8Z5.dex.flock (deleted)
  • /data/data/####/B9BI53UBRT18O9FVK69IVM6MB2BXSEC.dex
  • /data/data/####/B9BI53UBRT18O9FVK69IVM6MB2BXSEC.dex.flock (deleted)
  • /data/data/####/B9BI53UBRT18O9FVK69IVM6MB2BXSEC.zip
  • /data/data/####/BCMBNS8JC4IRU27IN9HDD5M2AIQDKT42.dex
  • /data/data/####/BDSFQH5QQ9WHV89M97R97FMLR3L4GRKO.dex
  • /data/data/####/BDSFQH5QQ9WHV89M97R97FMLR3L4GRKO.dex.flock (deleted)
  • /data/data/####/CA0NQSZW826T52841JEFC377KZ4EHR5.dex (deleted)
  • /data/data/####/CA0NQSZW826T52841JEFC377KZ4EHR5.dex.flock (deleted)
  • /data/data/####/CA0NQSZW826T52841JEFC377KZ4EHR5.zip
  • /data/data/####/D3MLSZ7GGVUFDI3OJ5XR9TOF1LRMEPUU.dex
  • /data/data/####/D3MLSZ7GGVUFDI3OJ5XR9TOF1LRMEPUU.dex.flock (deleted)
  • /data/data/####/DD5MPFGQWS2DV3RL0LXNJ4YYHWRE4030.dex
  • /data/data/####/DD5MPFGQWS2DV3RL0LXNJ4YYHWRE4030.dex.flock (deleted)
  • /data/data/####/DR2XKBB00ZIFPUBC31DJXXCB513EADAQ.dex
  • /data/data/####/DR2XKBB00ZIFPUBC31DJXXCB513EADAQ.dex.flock (deleted)
  • /data/data/####/E6AJEK5NPPR2SOCUXQ6WW1NBMTSZ99GT.dex
  • /data/data/####/E6AJEK5NPPR2SOCUXQ6WW1NBMTSZ99GT.dex.flock (deleted)
  • /data/data/####/FH7AW3B6N9WX9K5AMPGFLL9NZ4QR2HH5.dex
  • /data/data/####/FH7AW3B6N9WX9K5AMPGFLL9NZ4QR2HH5.dex.flock (deleted)
  • /data/data/####/FY4XP21FTQR3IAGZTLQMICTFUPCQCDCA.dex
  • /data/data/####/FY4XP21FTQR3IAGZTLQMICTFUPCQCDCA.dex.flock (deleted)
  • /data/data/####/GXBOODLGX5JGRNC7SYIUA2RBNNF6L2X7.dex
  • /data/data/####/GXXT7FSZT8YC28CMAT3DKQS25QTXT2P.dex (deleted)
  • /data/data/####/GXXT7FSZT8YC28CMAT3DKQS25QTXT2P.dex.flock (deleted)
  • /data/data/####/GXXT7FSZT8YC28CMAT3DKQS25QTXT2P.zip
  • /data/data/####/HA05XAA12M0TCWXSXBFN7VOCGWCREZM8.dex
  • /data/data/####/HA05XAA12M0TCWXSXBFN7VOCGWCREZM8.dex.flock (deleted)
  • /data/data/####/HOC7KOI7274VNDKY5SE9UG4MN50OH4HA.dex
  • /data/data/####/HOC7KOI7274VNDKY5SE9UG4MN50OH4HA.dex.flock (deleted)
  • /data/data/####/HOE3R435ZCPL0KQ13JW446VPKRY8UV6G.dex
  • /data/data/####/HOE3R435ZCPL0KQ13JW446VPKRY8UV6G.dex.flock (deleted)
  • /data/data/####/HZLKA55WDZQ7ZMFWS3U93VZH124187N3.dex
  • /data/data/####/IECPkgStoreInfo
  • /data/data/####/KI58A56U4GZF8AUJXGTATTHYXAWV5NI.dex (deleted)
  • /data/data/####/KI58A56U4GZF8AUJXGTATTHYXAWV5NI.dex.flock (deleted)
  • /data/data/####/KI58A56U4GZF8AUJXGTATTHYXAWV5NI.zip
  • /data/data/####/KQP0RQYV3UL64LYVMWCI04NI4C6DP0XH.dex
  • /data/data/####/KQP0RQYV3UL64LYVMWCI04NI4C6DP0XH.dex.flock (deleted)
  • /data/data/####/LIGLPYIXI6K548XWX7ZRRFWKKSKZ2RQC.dex
  • /data/data/####/LIGLPYIXI6K548XWX7ZRRFWKKSKZ2RQC.dex.flock (deleted)
  • /data/data/####/MS29Z6QTUW340RCPL0VQS802MZ1ITW40.dex
  • /data/data/####/MS29Z6QTUW340RCPL0VQS802MZ1ITW40.dex.flock (deleted)
  • /data/data/####/NFJSFPYKM2W39XDBIFFLLE80BM10MUP6.dex
  • /data/data/####/NFJSFPYKM2W39XDBIFFLLE80BM10MUP6.dex.flock (deleted)
  • /data/data/####/O37A7V9ULYV66CZHCFX0T3VHU8RVSZC9.dex
  • /data/data/####/O37A7V9ULYV66CZHCFX0T3VHU8RVSZC9.dex.flock (deleted)
  • /data/data/####/O8OPKENXFZLS6IEKFKOUERXXGJI5RN2F.dex
  • /data/data/####/OPF8KH14LXB4VFSRKYYE6IF7NZ3YPUH7.dex
  • /data/data/####/OPF8KH14LXB4VFSRKYYE6IF7NZ3YPUH7.dex.flock (deleted)
  • /data/data/####/OR96I7QSYB8C375WE67RNL6SNQLVP2HZ.dex
  • /data/data/####/Q35Y6JVU37LA1T2L2WGO8SLTHXPS30JH.dex
  • /data/data/####/Q35Y6JVU37LA1T2L2WGO8SLTHXPS30JH.dex.flock (deleted)
  • /data/data/####/Q8653UQ9IWJKW3KDXON2K8C2I3XM54KC.dex
  • /data/data/####/UBJ3H169724U062OSB9RASEWRKFZ3K3.dex (deleted)
  • /data/data/####/UBJ3H169724U062OSB9RASEWRKFZ3K3.dex.flock (deleted)
  • /data/data/####/UBJ3H169724U062OSB9RASEWRKFZ3K3.zip
  • /data/data/####/V08426ZU0NDJLB3X9CMOJPJLO5WSGLG.dex (deleted)
  • /data/data/####/V08426ZU0NDJLB3X9CMOJPJLO5WSGLG.dex.flock (deleted)
  • /data/data/####/V08426ZU0NDJLB3X9CMOJPJLO5WSGLG.zip
  • /data/data/####/VFFGJ9UKY20R9TXJAVZ5PEW87QTKEITM.dex
  • /data/data/####/VFFGJ9UKY20R9TXJAVZ5PEW87QTKEITM.dex.flock (deleted)
  • /data/data/####/VLBI0BJQB985H0DQQPKFHLL7VSA36HDT.dex
  • /data/data/####/VLBI0BJQB985H0DQQPKFHLL7VSA36HDT.dex.flock (deleted)
  • /data/data/####/VVR5DA93YSACUYCS3TZEG6GV0VRJCR1.dex (deleted)
  • /data/data/####/VVR5DA93YSACUYCS3TZEG6GV0VRJCR1.dex.flock (deleted)
  • /data/data/####/VVR5DA93YSACUYCS3TZEG6GV0VRJCR1.zip
  • /data/data/####/X0QFROVDRS9LK82X7ZC8S6JTC3UC27YW.dex
  • /data/data/####/Y4FIWJWOI2HDQ0G1F270VZB47WY5N1S.dex (deleted)
  • /data/data/####/Y4FIWJWOI2HDQ0G1F270VZB47WY5N1S.dex.flock (deleted)
  • /data/data/####/Y4FIWJWOI2HDQ0G1F270VZB47WY5N1S.zip
  • /data/data/####/YHP49D3WJKHSKEP36TVMJT9J86P9AT6N.dex
  • /data/data/####/Z5ZEHBEB79T0SPZ7K2LIVYM2VAJP0A4.dex (deleted)
  • /data/data/####/Z5ZEHBEB79T0SPZ7K2LIVYM2VAJP0A4.dex.flock (deleted)
  • /data/data/####/Z5ZEHBEB79T0SPZ7K2LIVYM2VAJP0A4.zip
  • /data/data/####/com.android.launcher3.prefs.xml
  • /data/data/####/empty_classes.dex
  • /data/data/####/empty_classes.zip
  • /data/data/####/proc_auxv
  • /data/data/####/sealeh.bdc
  • /data/data/####/spUtils.xml
  • /data/data/####/working
Miscellaneous:
Executes the following shell scripts:
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/1NTG31C11JB6YB15IGF4PSK01CDRIOU.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/5MQQK8H4QDJLRPXNB2G2PZLRYFEY6BE.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/9FHWZ9K1TB3M2VHH2GNWT8SC9OPNE8M.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/B9BI53UBRT18O9FVK69IVM6MB2BXSEC.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/GXXT7FSZT8YC28CMAT3DKQS25QTXT2P.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/KI58A56U4GZF8AUJXGTATTHYXAWV5NI.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/UBJ3H169724U062OSB9RASEWRKFZ3K3.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/Y4FIWJWOI2HDQ0G1F270VZB47WY5N1S.zip
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4QSV5SWJ8MPA61QRBAT8MYM8G5JCJEEE.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4QSV5SWJ8MPA61QRBAT8MYM8G5JCJEEE.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5JXCAH1G1JEZ36B0OV2HFVB5120XONR7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5JXCAH1G1JEZ36B0OV2HFVB5120XONR7.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5W47WKUZMB833XK2TGET2GKYF9GG5OLM.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5W47WKUZMB833XK2TGET2GKYF9GG5OLM.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6PNOGLGE09AU19ZY0S15XRGELW3TZSVD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6PNOGLGE09AU19ZY0S15XRGELW3TZSVD.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7QUXI6O54LI99BUWBEGNK66K972UZANG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7QUXI6O54LI99BUWBEGNK66K972UZANG.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7WIVV8GZKKY7YU763XH1H5AA2YEDW5SU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7WIVV8GZKKY7YU763XH1H5AA2YEDW5SU.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8B1IQVUK6R0CRNL8QABVB1UC7YDZLM93.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8B1IQVUK6R0CRNL8QABVB1UC7YDZLM93.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/A5R0K5GAW1MU1TNIKOD5LZKILWVTF8Z5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/A5R0K5GAW1MU1TNIKOD5LZKILWVTF8Z5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BCMBNS8JC4IRU27IN9HDD5M2AIQDKT42.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BCMBNS8JC4IRU27IN9HDD5M2AIQDKT42.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BDSFQH5QQ9WHV89M97R97FMLR3L4GRKO.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BDSFQH5QQ9WHV89M97R97FMLR3L4GRKO.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/D3MLSZ7GGVUFDI3OJ5XR9TOF1LRMEPUU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/D3MLSZ7GGVUFDI3OJ5XR9TOF1LRMEPUU.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DD5MPFGQWS2DV3RL0LXNJ4YYHWRE4030.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DD5MPFGQWS2DV3RL0LXNJ4YYHWRE4030.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DR2XKBB00ZIFPUBC31DJXXCB513EADAQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DR2XKBB00ZIFPUBC31DJXXCB513EADAQ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/E6AJEK5NPPR2SOCUXQ6WW1NBMTSZ99GT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/E6AJEK5NPPR2SOCUXQ6WW1NBMTSZ99GT.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/FH7AW3B6N9WX9K5AMPGFLL9NZ4QR2HH5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/FH7AW3B6N9WX9K5AMPGFLL9NZ4QR2HH5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/FY4XP21FTQR3IAGZTLQMICTFUPCQCDCA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/FY4XP21FTQR3IAGZTLQMICTFUPCQCDCA.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GXBOODLGX5JGRNC7SYIUA2RBNNF6L2X7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GXBOODLGX5JGRNC7SYIUA2RBNNF6L2X7.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HA05XAA12M0TCWXSXBFN7VOCGWCREZM8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HA05XAA12M0TCWXSXBFN7VOCGWCREZM8.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOC7KOI7274VNDKY5SE9UG4MN50OH4HA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOC7KOI7274VNDKY5SE9UG4MN50OH4HA.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOE3R435ZCPL0KQ13JW446VPKRY8UV6G.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOE3R435ZCPL0KQ13JW446VPKRY8UV6G.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HZLKA55WDZQ7ZMFWS3U93VZH124187N3.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HZLKA55WDZQ7ZMFWS3U93VZH124187N3.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KQP0RQYV3UL64LYVMWCI04NI4C6DP0XH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KQP0RQYV3UL64LYVMWCI04NI4C6DP0XH.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LIGLPYIXI6K548XWX7ZRRFWKKSKZ2RQC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LIGLPYIXI6K548XWX7ZRRFWKKSKZ2RQC.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/MS29Z6QTUW340RCPL0VQS802MZ1ITW40.dex --oat-file=/data/user/0/<Package>/cache/<Package>/MS29Z6QTUW340RCPL0VQS802MZ1ITW40.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NFJSFPYKM2W39XDBIFFLLE80BM10MUP6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NFJSFPYKM2W39XDBIFFLLE80BM10MUP6.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/O37A7V9ULYV66CZHCFX0T3VHU8RVSZC9.dex --oat-file=/data/user/0/<Package>/cache/<Package>/O37A7V9ULYV66CZHCFX0T3VHU8RVSZC9.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/O8OPKENXFZLS6IEKFKOUERXXGJI5RN2F.dex --oat-file=/data/user/0/<Package>/cache/<Package>/O8OPKENXFZLS6IEKFKOUERXXGJI5RN2F.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/OPF8KH14LXB4VFSRKYYE6IF7NZ3YPUH7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/OPF8KH14LXB4VFSRKYYE6IF7NZ3YPUH7.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/OR96I7QSYB8C375WE67RNL6SNQLVP2HZ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/OR96I7QSYB8C375WE67RNL6SNQLVP2HZ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Q35Y6JVU37LA1T2L2WGO8SLTHXPS30JH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Q35Y6JVU37LA1T2L2WGO8SLTHXPS30JH.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Q8653UQ9IWJKW3KDXON2K8C2I3XM54KC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Q8653UQ9IWJKW3KDXON2K8C2I3XM54KC.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/VFFGJ9UKY20R9TXJAVZ5PEW87QTKEITM.dex --oat-file=/data/user/0/<Package>/cache/<Package>/VFFGJ9UKY20R9TXJAVZ5PEW87QTKEITM.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/VLBI0BJQB985H0DQQPKFHLL7VSA36HDT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/VLBI0BJQB985H0DQQPKFHLL7VSA36HDT.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/X0QFROVDRS9LK82X7ZC8S6JTC3UC27YW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/X0QFROVDRS9LK82X7ZC8S6JTC3UC27YW.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/YHP49D3WJKHSKEP36TVMJT9J86P9AT6N.dex --oat-file=/data/user/0/<Package>/cache/<Package>/YHP49D3WJKHSKEP36TVMJT9J86P9AT6N.dex --compiler-filter=verify-none --instruction-set=x86
  • getprop ro.dalvik.vm.isa.arm
  • getprop ro.dalvik.vm.isa.arm64
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4QSV5SWJ8MPA61QRBAT8MYM8G5JCJEEE.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4QSV5SWJ8MPA61QRBAT8MYM8G5JCJEEE.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5JXCAH1G1JEZ36B0OV2HFVB5120XONR7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5JXCAH1G1JEZ36B0OV2HFVB5120XONR7.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5W47WKUZMB833XK2TGET2GKYF9GG5OLM.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5W47WKUZMB833XK2TGET2GKYF9GG5OLM.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/6PNOGLGE09AU19ZY0S15XRGELW3TZSVD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/6PNOGLGE09AU19ZY0S15XRGELW3TZSVD.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7QUXI6O54LI99BUWBEGNK66K972UZANG.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7QUXI6O54LI99BUWBEGNK66K972UZANG.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7WIVV8GZKKY7YU763XH1H5AA2YEDW5SU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7WIVV8GZKKY7YU763XH1H5AA2YEDW5SU.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8B1IQVUK6R0CRNL8QABVB1UC7YDZLM93.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8B1IQVUK6R0CRNL8QABVB1UC7YDZLM93.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/A5R0K5GAW1MU1TNIKOD5LZKILWVTF8Z5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/A5R0K5GAW1MU1TNIKOD5LZKILWVTF8Z5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BCMBNS8JC4IRU27IN9HDD5M2AIQDKT42.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BCMBNS8JC4IRU27IN9HDD5M2AIQDKT42.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/BDSFQH5QQ9WHV89M97R97FMLR3L4GRKO.dex --oat-file=/data/user/0/<Package>/cache/<Package>/BDSFQH5QQ9WHV89M97R97FMLR3L4GRKO.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/D3MLSZ7GGVUFDI3OJ5XR9TOF1LRMEPUU.dex --oat-file=/data/user/0/<Package>/cache/<Package>/D3MLSZ7GGVUFDI3OJ5XR9TOF1LRMEPUU.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DD5MPFGQWS2DV3RL0LXNJ4YYHWRE4030.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DD5MPFGQWS2DV3RL0LXNJ4YYHWRE4030.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/DR2XKBB00ZIFPUBC31DJXXCB513EADAQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/DR2XKBB00ZIFPUBC31DJXXCB513EADAQ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/E6AJEK5NPPR2SOCUXQ6WW1NBMTSZ99GT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/E6AJEK5NPPR2SOCUXQ6WW1NBMTSZ99GT.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/FH7AW3B6N9WX9K5AMPGFLL9NZ4QR2HH5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/FH7AW3B6N9WX9K5AMPGFLL9NZ4QR2HH5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/FY4XP21FTQR3IAGZTLQMICTFUPCQCDCA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/FY4XP21FTQR3IAGZTLQMICTFUPCQCDCA.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GXBOODLGX5JGRNC7SYIUA2RBNNF6L2X7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GXBOODLGX5JGRNC7SYIUA2RBNNF6L2X7.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HA05XAA12M0TCWXSXBFN7VOCGWCREZM8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HA05XAA12M0TCWXSXBFN7VOCGWCREZM8.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOC7KOI7274VNDKY5SE9UG4MN50OH4HA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOC7KOI7274VNDKY5SE9UG4MN50OH4HA.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HOE3R435ZCPL0KQ13JW446VPKRY8UV6G.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HOE3R435ZCPL0KQ13JW446VPKRY8UV6G.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HZLKA55WDZQ7ZMFWS3U93VZH124187N3.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HZLKA55WDZQ7ZMFWS3U93VZH124187N3.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KQP0RQYV3UL64LYVMWCI04NI4C6DP0XH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KQP0RQYV3UL64LYVMWCI04NI4C6DP0XH.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LIGLPYIXI6K548XWX7ZRRFWKKSKZ2RQC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LIGLPYIXI6K548XWX7ZRRFWKKSKZ2RQC.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/MS29Z6QTUW340RCPL0VQS802MZ1ITW40.dex --oat-file=/data/user/0/<Package>/cache/<Package>/MS29Z6QTUW340RCPL0VQS802MZ1ITW40.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/NFJSFPYKM2W39XDBIFFLLE80BM10MUP6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/NFJSFPYKM2W39XDBIFFLLE80BM10MUP6.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/O37A7V9ULYV66CZHCFX0T3VHU8RVSZC9.dex --oat-file=/data/user/0/<Package>/cache/<Package>/O37A7V9ULYV66CZHCFX0T3VHU8RVSZC9.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/O8OPKENXFZLS6IEKFKOUERXXGJI5RN2F.dex --oat-file=/data/user/0/<Package>/cache/<Package>/O8OPKENXFZLS6IEKFKOUERXXGJI5RN2F.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/OPF8KH14LXB4VFSRKYYE6IF7NZ3YPUH7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/OPF8KH14LXB4VFSRKYYE6IF7NZ3YPUH7.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/OR96I7QSYB8C375WE67RNL6SNQLVP2HZ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/OR96I7QSYB8C375WE67RNL6SNQLVP2HZ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Q35Y6JVU37LA1T2L2WGO8SLTHXPS30JH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Q35Y6JVU37LA1T2L2WGO8SLTHXPS30JH.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/Q8653UQ9IWJKW3KDXON2K8C2I3XM54KC.dex --oat-file=/data/user/0/<Package>/cache/<Package>/Q8653UQ9IWJKW3KDXON2K8C2I3XM54KC.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/VFFGJ9UKY20R9TXJAVZ5PEW87QTKEITM.dex --oat-file=/data/user/0/<Package>/cache/<Package>/VFFGJ9UKY20R9TXJAVZ5PEW87QTKEITM.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/VLBI0BJQB985H0DQQPKFHLL7VSA36HDT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/VLBI0BJQB985H0DQQPKFHLL7VSA36HDT.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/X0QFROVDRS9LK82X7ZC8S6JTC3UC27YW.dex --oat-file=/data/user/0/<Package>/cache/<Package>/X0QFROVDRS9LK82X7ZC8S6JTC3UC27YW.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/YHP49D3WJKHSKEP36TVMJT9J86P9AT6N.dex --oat-file=/data/user/0/<Package>/cache/<Package>/YHP49D3WJKHSKEP36TVMJT9J86P9AT6N.dex --compiler-filter=verify-none --instruction-set=x86
Loads the following dynamic libraries:
  • libcovault-appsec
Uses special library to hide executable bytecode.
Gets information about network.
Gets information about installed apps.
Intercepts notifications.
Requests the system alert window permission.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play