ユーザー向け情報

マイライブラリ
マイライブラリ

マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Android.BankBot.TgToxic.53

Added to the Dr.Web virus database: 2023-11-16

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.BankBot.TgToxic.1
Network activity:
Connects to:
  • UDP(DNS) <Google DNS>
  • TCP(HTTP/1.1) connect####.gst####.com:80
  • TCP(TLS/1.0) rr18---####.g####.com:443
  • TCP(TLS/1.0) p####.google####.com:443
  • TCP(TLS/1.0) connect####.gst####.com:443
  • TCP(TLS/1.0) rr9---s####.g####.com:443
  • TCP(TLS/1.0) sqs.ap-nort####.amazo####.com:443
  • TCP(TLS/1.0) www.google####.com:443
  • TCP(TLS/1.0) rr2---s####.g####.com:443
  • TCP(TLS/1.0) 64.2####.164.101:443
  • TCP(TLS/1.2) www.go####.com:443
  • TCP(TLS/1.2) p####.google####.com:443
  • TCP(TLS/1.2) 74.1####.131.139:443
  • TCP(TLS/1.2) connect####.gst####.com:443
  • TCP(TLS/1.2) www.google####.com:443
  • UDP www.google####.com:443
DNS requests:
  • connect####.gst####.com
  • m####.go####.com
  • p####.google####.com
  • rr18---####.g####.com
  • rr2---s####.g####.com
  • rr9---s####.g####.com
  • sqs.ap-nort####.amazo####.com
  • www.go####.com
  • www.google####.com
File system changes:
Creates the following files:
  • /data/com.zilkvp.rsjuvkel/####/1WUJJKZPZ8PTKOU5RVCS8EBD8FEGER64.dex
  • /data/data/####/.com_zilkvp_rsjuvkel.meta
  • /data/data/####/07RAFB1UPMVEY0VLKN58TJRXUORJ8ZS5.dex
  • /data/data/####/0XRSCLXK95F8VR4VGIMMUY37B7V252D7.dex
  • /data/data/####/14GROOQFA3C7JTG6P02LQCOY3X841WH6.dex
  • /data/data/####/150035
  • /data/data/####/19
  • /data/data/####/1WUJJKZPZ8PTKOU5RVCS8EBD8FEGER64.dex
  • /data/data/####/2023-11-16PM015357.rt
  • /data/data/####/2023-11-16PM015357.str
  • /data/data/####/2023-11-16PM015405.so.rt
  • /data/data/####/2023-11-16PM015412.so.rt
  • /data/data/####/2023-11-16PM015418.so.rt
  • /data/data/####/2023-11-16PM015425.so.rt
  • /data/data/####/2023-11-16PM015432.so.rt
  • /data/data/####/2023-11-16PM015439.so.rt
  • /data/data/####/2023-11-16PM015446.so.rt
  • /data/data/####/2023-11-16PM015453.so.rt
  • /data/data/####/2023-11-16PM015500.so.rt
  • /data/data/####/2023-11-16PM015507.so.rt
  • /data/data/####/2023-11-16PM015514.so.rt
  • /data/data/####/250035
  • /data/data/####/29
  • /data/data/####/2RHIY7RARFPEHPE5YG4GW8PD55HGZ8F1.dex
  • /data/data/####/3LV6XBYR39D0KDR7GMLEJQ6IVE39O24.dex (deleted)
  • /data/data/####/3LV6XBYR39D0KDR7GMLEJQ6IVE39O24.dex.flock (deleted)
  • /data/data/####/3LV6XBYR39D0KDR7GMLEJQ6IVE39O24.zip
  • /data/data/####/3Y6HAAKLSDMDP7607Y4V8MAKXVUYV2J0.dex
  • /data/data/####/4I5GJ6UF36LE8PIJA8S6KC3MS0619WXP.dex
  • /data/data/####/56IA8STKULNDRDTRRIGQXJTFA3Y62FI.dex (deleted)
  • /data/data/####/56IA8STKULNDRDTRRIGQXJTFA3Y62FI.dex.flock (deleted)
  • /data/data/####/56IA8STKULNDRDTRRIGQXJTFA3Y62FI.zip
  • /data/data/####/5SWNWWYBANWJB5GAPWMPAWGQ7TGCPOLA.dex
  • /data/data/####/68IHFYUXAONG4JWL5CBIGGWYE7161WGO.dex
  • /data/data/####/7X36GVRAV10DD89EYX0RXDTR3GIF25XT.dex
  • /data/data/####/7X36GVRAV10DD89EYX0RXDTR3GIF25XT.dex.flock (deleted)
  • /data/data/####/7c1e86ebcefb4392b3b50866f09e6b90ts99nb.vecg
  • /data/data/####/7c1e86ebcefb4392b3b50866f09e6b90ts99nb.vecg (deleted)
  • /data/data/####/89HXZ7CZ54U4YCOEQ9FT8USYP219961.dex (deleted)
  • /data/data/####/89HXZ7CZ54U4YCOEQ9FT8USYP219961.dex.flock (deleted)
  • /data/data/####/89HXZ7CZ54U4YCOEQ9FT8USYP219961.zip
  • /data/data/####/8Q83LKGNOEP2ADA3B290AQI48DJ07EQ2.dex
  • /data/data/####/A26V24L7LHBYS842L2IK09JFMPGRLLCD.dex
  • /data/data/####/EW290I9MMKCRBCMMZDSPYXDD29I8BTZ.dex (deleted)
  • /data/data/####/EW290I9MMKCRBCMMZDSPYXDD29I8BTZ.dex.flock (deleted)
  • /data/data/####/EW290I9MMKCRBCMMZDSPYXDD29I8BTZ.zip
  • /data/data/####/GKWX0IVHJ7D0MAA8NS4MUJ5XONQXNRMF.dex
  • /data/data/####/GKWX0IVHJ7D0MAA8NS4MUJ5XONQXNRMF.dex.flock (deleted)
  • /data/data/####/HD1U57KEC425JVBHKXDV7WUU9KRIS0F8.dex
  • /data/data/####/I2MJ64H7XHFM8KOADI24O97NYT8RD9WT.dex
  • /data/data/####/JKEVNWCFSS2BEQJAFHLT5LEAQ661SD4E.dex
  • /data/data/####/JKEVNWCFSS2BEQJAFHLT5LEAQ661SD4E.dex.flock (deleted)
  • /data/data/####/JKOK2ENUOZ9VPVJD90M4NLZ9WX08CXC.dex (deleted)
  • /data/data/####/JKOK2ENUOZ9VPVJD90M4NLZ9WX08CXC.dex.flock (deleted)
  • /data/data/####/JKOK2ENUOZ9VPVJD90M4NLZ9WX08CXC.zip
  • /data/data/####/K610REY3R2HY01MRU8CIK83EGG6T5K9T.dex
  • /data/data/####/KILOZMAJ7Y9YO5EJQCGQW4FIS0U1TGTX.dex
  • /data/data/####/KR3UZZ5ATQZAM8BLOZL8HZZ1IWJJO78T.dex
  • /data/data/####/LY4L9I6LQ2CHKOTKXFN3NB0WK4SV6JQ8.dex
  • /data/data/####/LY4L9I6LQ2CHKOTKXFN3NB0WK4SV6JQ8.dex.flock (deleted)
  • /data/data/####/M8VUHOCPXK7GQFO10AMOIIHC2I0JRENJ.dex
  • /data/data/####/M8VUHOCPXK7GQFO10AMOIIHC2I0JRENJ.dex.flock (deleted)
  • /data/data/####/MLTKLLZGR09GS6LVQXNIJ9LNCU5X2DAN.dex
  • /data/data/####/MLTKLLZGR09GS6LVQXNIJ9LNCU5X2DAN.dex.flock (deleted)
  • /data/data/####/MNN79TQPZIGMWAY08RLNYWYSBWNBJOV.dex (deleted)
  • /data/data/####/MNN79TQPZIGMWAY08RLNYWYSBWNBJOV.dex.flock (deleted)
  • /data/data/####/MNN79TQPZIGMWAY08RLNYWYSBWNBJOV.zip
  • /data/data/####/OZJA77DM9QJMEKVP8V5C1JR9MSRRWJWH.dex
  • /data/data/####/P79W3PKHPVRIMVHLI4FKDO0OPKH7EKA.dex (deleted)
  • /data/data/####/P79W3PKHPVRIMVHLI4FKDO0OPKH7EKA.dex.flock (deleted)
  • /data/data/####/P79W3PKHPVRIMVHLI4FKDO0OPKH7EKA.zip
  • /data/data/####/PV9SM1X0TR2ZJ23G47YP73VHXMG9SN77.dex
  • /data/data/####/PZD0Q95KHBER7YVC87I93371TA0LWN3V.dex
  • /data/data/####/PZD0Q95KHBER7YVC87I93371TA0LWN3V.dex.flock (deleted)
  • /data/data/####/QT7SG98EG122THVEKOL1TV8MLO7P7KF5.dex
  • /data/data/####/QT7SG98EG122THVEKOL1TV8MLO7P7KF5.dex.flock (deleted)
  • /data/data/####/RT3M936RV15G4XRJ0MT6NMUU3AV542W.dex (deleted)
  • /data/data/####/RT3M936RV15G4XRJ0MT6NMUU3AV542W.dex.flock (deleted)
  • /data/data/####/RT3M936RV15G4XRJ0MT6NMUU3AV542W.zip
  • /data/data/####/SA8JA4NW0EY99UW8HVE3OZJ7OJ4ALBT.dex (deleted)
  • /data/data/####/SA8JA4NW0EY99UW8HVE3OZJ7OJ4ALBT.dex.flock (deleted)
  • /data/data/####/SA8JA4NW0EY99UW8HVE3OZJ7OJ4ALBT.zip
  • /data/data/####/SJHYIRQ46N0KBRPWUMRJF9AGV6D75I9B.dex
  • /data/data/####/SJHYIRQ46N0KBRPWUMRJF9AGV6D75I9B.dex.flock (deleted)
  • /data/data/####/TVY9GV34KZI7XIJSN11ZPTGFP9FA25QQ.dex
  • /data/data/####/UVVN5LIPRA8M0UYSSRTF2SM43SZ7FON.dex (deleted)
  • /data/data/####/UVVN5LIPRA8M0UYSSRTF2SM43SZ7FON.dex.flock (deleted)
  • /data/data/####/UVVN5LIPRA8M0UYSSRTF2SM43SZ7FON.zip
  • /data/data/####/V58VIXLUQ5WPZCDAXZ7XRNI9FRLS0N0W.dex
  • /data/data/####/XQUEW4XKQHBT315FRA0IL71ZEJEYI76.dex (deleted)
  • /data/data/####/XQUEW4XKQHBT315FRA0IL71ZEJEYI76.dex.flock (deleted)
  • /data/data/####/XQUEW4XKQHBT315FRA0IL71ZEJEYI76.zip
  • /data/data/####/YMQRUC9RLHBUG0W6XI6OK9J7E1SNH9S1.dex
  • /data/data/####/YUUC01K2TFD7TTFRI8IDN53IRMAMFQW.dex (deleted)
  • /data/data/####/YUUC01K2TFD7TTFRI8IDN53IRMAMFQW.dex.flock (deleted)
  • /data/data/####/YUUC01K2TFD7TTFRI8IDN53IRMAMFQW.zip
  • /data/data/####/ZBRGVT64QU4BPPPZQNBD1MGK3Q9CII9M.dex
  • /data/data/####/ZFVOZ1EOEU0JDLHFUNFXDMS4ZYT8MI5U.dex
  • /data/data/####/empty_classes.dex
  • /data/data/####/empty_classes.zip
  • /data/data/####/proc_auxv
  • /data/data/####/sealeh.bdc
  • /data/data/####/spUtils.xml
  • /data/data/####/working
Miscellaneous:
Executes the following shell scripts:
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/3LV6XBYR39D0KDR7GMLEJQ6IVE39O24.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/JKOK2ENUOZ9VPVJD90M4NLZ9WX08CXC.zip
  • cp /data/user/0/<Package>/app_payload_lib/empty_classes.zip /data/user/0/<Package>/app_payload_lib/<Package>_empty_classes/P79W3PKHPVRIMVHLI4FKDO0OPKH7EKA.zip
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/07RAFB1UPMVEY0VLKN58TJRXUORJ8ZS5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/07RAFB1UPMVEY0VLKN58TJRXUORJ8ZS5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0XRSCLXK95F8VR4VGIMMUY37B7V252D7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0XRSCLXK95F8VR4VGIMMUY37B7V252D7.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/14GROOQFA3C7JTG6P02LQCOY3X841WH6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/14GROOQFA3C7JTG6P02LQCOY3X841WH6.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1WUJJKZPZ8PTKOU5RVCS8EBD8FEGER64.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1WUJJKZPZ8PTKOU5RVCS8EBD8FEGER64.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/2RHIY7RARFPEHPE5YG4GW8PD55HGZ8F1.dex --oat-file=/data/user/0/<Package>/cache/<Package>/2RHIY7RARFPEHPE5YG4GW8PD55HGZ8F1.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/3Y6HAAKLSDMDP7607Y4V8MAKXVUYV2J0.dex --oat-file=/data/user/0/<Package>/cache/<Package>/3Y6HAAKLSDMDP7607Y4V8MAKXVUYV2J0.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4I5GJ6UF36LE8PIJA8S6KC3MS0619WXP.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4I5GJ6UF36LE8PIJA8S6KC3MS0619WXP.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5SWNWWYBANWJB5GAPWMPAWGQ7TGCPOLA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5SWNWWYBANWJB5GAPWMPAWGQ7TGCPOLA.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/68IHFYUXAONG4JWL5CBIGGWYE7161WGO.dex --oat-file=/data/user/0/<Package>/cache/<Package>/68IHFYUXAONG4JWL5CBIGGWYE7161WGO.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7X36GVRAV10DD89EYX0RXDTR3GIF25XT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7X36GVRAV10DD89EYX0RXDTR3GIF25XT.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8Q83LKGNOEP2ADA3B290AQI48DJ07EQ2.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8Q83LKGNOEP2ADA3B290AQI48DJ07EQ2.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/A26V24L7LHBYS842L2IK09JFMPGRLLCD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/A26V24L7LHBYS842L2IK09JFMPGRLLCD.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GKWX0IVHJ7D0MAA8NS4MUJ5XONQXNRMF.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GKWX0IVHJ7D0MAA8NS4MUJ5XONQXNRMF.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HD1U57KEC425JVBHKXDV7WUU9KRIS0F8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HD1U57KEC425JVBHKXDV7WUU9KRIS0F8.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/I2MJ64H7XHFM8KOADI24O97NYT8RD9WT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/I2MJ64H7XHFM8KOADI24O97NYT8RD9WT.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JKEVNWCFSS2BEQJAFHLT5LEAQ661SD4E.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JKEVNWCFSS2BEQJAFHLT5LEAQ661SD4E.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/K610REY3R2HY01MRU8CIK83EGG6T5K9T.dex --oat-file=/data/user/0/<Package>/cache/<Package>/K610REY3R2HY01MRU8CIK83EGG6T5K9T.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KILOZMAJ7Y9YO5EJQCGQW4FIS0U1TGTX.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KILOZMAJ7Y9YO5EJQCGQW4FIS0U1TGTX.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KR3UZZ5ATQZAM8BLOZL8HZZ1IWJJO78T.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KR3UZZ5ATQZAM8BLOZL8HZZ1IWJJO78T.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LY4L9I6LQ2CHKOTKXFN3NB0WK4SV6JQ8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LY4L9I6LQ2CHKOTKXFN3NB0WK4SV6JQ8.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/M8VUHOCPXK7GQFO10AMOIIHC2I0JRENJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/M8VUHOCPXK7GQFO10AMOIIHC2I0JRENJ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/MLTKLLZGR09GS6LVQXNIJ9LNCU5X2DAN.dex --oat-file=/data/user/0/<Package>/cache/<Package>/MLTKLLZGR09GS6LVQXNIJ9LNCU5X2DAN.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/OZJA77DM9QJMEKVP8V5C1JR9MSRRWJWH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/OZJA77DM9QJMEKVP8V5C1JR9MSRRWJWH.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/PV9SM1X0TR2ZJ23G47YP73VHXMG9SN77.dex --oat-file=/data/user/0/<Package>/cache/<Package>/PV9SM1X0TR2ZJ23G47YP73VHXMG9SN77.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/PZD0Q95KHBER7YVC87I93371TA0LWN3V.dex --oat-file=/data/user/0/<Package>/cache/<Package>/PZD0Q95KHBER7YVC87I93371TA0LWN3V.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/QT7SG98EG122THVEKOL1TV8MLO7P7KF5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/QT7SG98EG122THVEKOL1TV8MLO7P7KF5.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/SJHYIRQ46N0KBRPWUMRJF9AGV6D75I9B.dex --oat-file=/data/user/0/<Package>/cache/<Package>/SJHYIRQ46N0KBRPWUMRJF9AGV6D75I9B.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TVY9GV34KZI7XIJSN11ZPTGFP9FA25QQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TVY9GV34KZI7XIJSN11ZPTGFP9FA25QQ.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/V58VIXLUQ5WPZCDAXZ7XRNI9FRLS0N0W.dex --oat-file=/data/user/0/<Package>/cache/<Package>/V58VIXLUQ5WPZCDAXZ7XRNI9FRLS0N0W.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/YMQRUC9RLHBUG0W6XI6OK9J7E1SNH9S1.dex --oat-file=/data/user/0/<Package>/cache/<Package>/YMQRUC9RLHBUG0W6XI6OK9J7E1SNH9S1.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZBRGVT64QU4BPPPZQNBD1MGK3Q9CII9M.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZBRGVT64QU4BPPPZQNBD1MGK3Q9CII9M.dex --compiler-filter=verify-none --instruction-set=x86
  • dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZFVOZ1EOEU0JDLHFUNFXDMS4ZYT8MI5U.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZFVOZ1EOEU0JDLHFUNFXDMS4ZYT8MI5U.dex --compiler-filter=verify-none --instruction-set=x86
  • getprop ro.dalvik.vm.isa.arm
  • getprop ro.dalvik.vm.isa.arm64
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/07RAFB1UPMVEY0VLKN58TJRXUORJ8ZS5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/07RAFB1UPMVEY0VLKN58TJRXUORJ8ZS5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/0XRSCLXK95F8VR4VGIMMUY37B7V252D7.dex --oat-file=/data/user/0/<Package>/cache/<Package>/0XRSCLXK95F8VR4VGIMMUY37B7V252D7.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/14GROOQFA3C7JTG6P02LQCOY3X841WH6.dex --oat-file=/data/user/0/<Package>/cache/<Package>/14GROOQFA3C7JTG6P02LQCOY3X841WH6.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/1WUJJKZPZ8PTKOU5RVCS8EBD8FEGER64.dex --oat-file=/data/user/0/<Package>/cache/<Package>/1WUJJKZPZ8PTKOU5RVCS8EBD8FEGER64.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/2RHIY7RARFPEHPE5YG4GW8PD55HGZ8F1.dex --oat-file=/data/user/0/<Package>/cache/<Package>/2RHIY7RARFPEHPE5YG4GW8PD55HGZ8F1.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/3Y6HAAKLSDMDP7607Y4V8MAKXVUYV2J0.dex --oat-file=/data/user/0/<Package>/cache/<Package>/3Y6HAAKLSDMDP7607Y4V8MAKXVUYV2J0.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/4I5GJ6UF36LE8PIJA8S6KC3MS0619WXP.dex --oat-file=/data/user/0/<Package>/cache/<Package>/4I5GJ6UF36LE8PIJA8S6KC3MS0619WXP.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/5SWNWWYBANWJB5GAPWMPAWGQ7TGCPOLA.dex --oat-file=/data/user/0/<Package>/cache/<Package>/5SWNWWYBANWJB5GAPWMPAWGQ7TGCPOLA.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/68IHFYUXAONG4JWL5CBIGGWYE7161WGO.dex --oat-file=/data/user/0/<Package>/cache/<Package>/68IHFYUXAONG4JWL5CBIGGWYE7161WGO.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/7X36GVRAV10DD89EYX0RXDTR3GIF25XT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/7X36GVRAV10DD89EYX0RXDTR3GIF25XT.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/8Q83LKGNOEP2ADA3B290AQI48DJ07EQ2.dex --oat-file=/data/user/0/<Package>/cache/<Package>/8Q83LKGNOEP2ADA3B290AQI48DJ07EQ2.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/A26V24L7LHBYS842L2IK09JFMPGRLLCD.dex --oat-file=/data/user/0/<Package>/cache/<Package>/A26V24L7LHBYS842L2IK09JFMPGRLLCD.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/GKWX0IVHJ7D0MAA8NS4MUJ5XONQXNRMF.dex --oat-file=/data/user/0/<Package>/cache/<Package>/GKWX0IVHJ7D0MAA8NS4MUJ5XONQXNRMF.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/HD1U57KEC425JVBHKXDV7WUU9KRIS0F8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/HD1U57KEC425JVBHKXDV7WUU9KRIS0F8.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/I2MJ64H7XHFM8KOADI24O97NYT8RD9WT.dex --oat-file=/data/user/0/<Package>/cache/<Package>/I2MJ64H7XHFM8KOADI24O97NYT8RD9WT.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/JKEVNWCFSS2BEQJAFHLT5LEAQ661SD4E.dex --oat-file=/data/user/0/<Package>/cache/<Package>/JKEVNWCFSS2BEQJAFHLT5LEAQ661SD4E.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/K610REY3R2HY01MRU8CIK83EGG6T5K9T.dex --oat-file=/data/user/0/<Package>/cache/<Package>/K610REY3R2HY01MRU8CIK83EGG6T5K9T.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KILOZMAJ7Y9YO5EJQCGQW4FIS0U1TGTX.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KILOZMAJ7Y9YO5EJQCGQW4FIS0U1TGTX.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/KR3UZZ5ATQZAM8BLOZL8HZZ1IWJJO78T.dex --oat-file=/data/user/0/<Package>/cache/<Package>/KR3UZZ5ATQZAM8BLOZL8HZZ1IWJJO78T.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/LY4L9I6LQ2CHKOTKXFN3NB0WK4SV6JQ8.dex --oat-file=/data/user/0/<Package>/cache/<Package>/LY4L9I6LQ2CHKOTKXFN3NB0WK4SV6JQ8.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/M8VUHOCPXK7GQFO10AMOIIHC2I0JRENJ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/M8VUHOCPXK7GQFO10AMOIIHC2I0JRENJ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/MLTKLLZGR09GS6LVQXNIJ9LNCU5X2DAN.dex --oat-file=/data/user/0/<Package>/cache/<Package>/MLTKLLZGR09GS6LVQXNIJ9LNCU5X2DAN.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/OZJA77DM9QJMEKVP8V5C1JR9MSRRWJWH.dex --oat-file=/data/user/0/<Package>/cache/<Package>/OZJA77DM9QJMEKVP8V5C1JR9MSRRWJWH.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/PV9SM1X0TR2ZJ23G47YP73VHXMG9SN77.dex --oat-file=/data/user/0/<Package>/cache/<Package>/PV9SM1X0TR2ZJ23G47YP73VHXMG9SN77.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/PZD0Q95KHBER7YVC87I93371TA0LWN3V.dex --oat-file=/data/user/0/<Package>/cache/<Package>/PZD0Q95KHBER7YVC87I93371TA0LWN3V.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/QT7SG98EG122THVEKOL1TV8MLO7P7KF5.dex --oat-file=/data/user/0/<Package>/cache/<Package>/QT7SG98EG122THVEKOL1TV8MLO7P7KF5.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/SJHYIRQ46N0KBRPWUMRJF9AGV6D75I9B.dex --oat-file=/data/user/0/<Package>/cache/<Package>/SJHYIRQ46N0KBRPWUMRJF9AGV6D75I9B.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/TVY9GV34KZI7XIJSN11ZPTGFP9FA25QQ.dex --oat-file=/data/user/0/<Package>/cache/<Package>/TVY9GV34KZI7XIJSN11ZPTGFP9FA25QQ.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/V58VIXLUQ5WPZCDAXZ7XRNI9FRLS0N0W.dex --oat-file=/data/user/0/<Package>/cache/<Package>/V58VIXLUQ5WPZCDAXZ7XRNI9FRLS0N0W.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/YMQRUC9RLHBUG0W6XI6OK9J7E1SNH9S1.dex --oat-file=/data/user/0/<Package>/cache/<Package>/YMQRUC9RLHBUG0W6XI6OK9J7E1SNH9S1.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZBRGVT64QU4BPPPZQNBD1MGK3Q9CII9M.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZBRGVT64QU4BPPPZQNBD1MGK3Q9CII9M.dex --compiler-filter=verify-none --instruction-set=x86
  • sh -c dex2oat --dex-file=/data/user/0/<Package>/app_payload_lib/<Package>/ZFVOZ1EOEU0JDLHFUNFXDMS4ZYT8MI5U.dex --oat-file=/data/user/0/<Package>/cache/<Package>/ZFVOZ1EOEU0JDLHFUNFXDMS4ZYT8MI5U.dex --compiler-filter=verify-none --instruction-set=x86
Loads the following dynamic libraries:
  • libcovault-appsec
Uses special library to hide executable bytecode.
Gets information about network.
Gets information about installed apps.
Intercepts notifications.
Requests the system alert window permission.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play