Android.Hidden.7123

Technical information

Malicious functions:

Removes app icon from the screen.

Network activity:

Connects to:

UDP(DNS) <Google DNS>
TCP(HTTP/1.1) at.al####.com:80
TCP(HTTP/1.1) cdn.tab####.com:80
TCP(HTTP/1.1) new.ic####.xyz:80
TCP(HTTP/1.1) b.scoreca####.com.####.net:80
TCP(TLS/1.0) www.google-####.com:443
TCP(TLS/1.0) f####.gst####.com:443
TCP(TLS/1.0) adser####.go####.nl:443
TCP(TLS/1.0) jsde####.a7####.flexbal####.net:443
TCP(TLS/1.0) mc.ya####.ru:443
TCP(TLS/1.0) www.googlet####.com:443
TCP(TLS/1.0) im####.google####.com:443
TCP(TLS/1.0) of####.ofc####.com:443
TCP(TLS/1.0) adser####.go####.com:443
TCP(TLS/1.0) googl####.g.doublec####.net:443
TCP(TLS/1.0) pag####.googles####.com:443
TCP(TLS/1.0) tpc.googles####.com:443

DNS requests:

adser####.go####.com
adser####.go####.nl
at.al####.com
b.scoreca####.com
bal####.ofc####.com
cdn.jsde####.net
cdn.tab####.com
f####.google####.com
f####.gst####.com
googl####.g.doublec####.net
im####.google####.com
j####.ofc####.com
mc.ya####.ru
new.ic####.xyz
o####.ofc####.com
of####.ofc####.com
pag####.googles####.com
tpc.googles####.com
www.google-####.com
www.googlet####.com

HTTP GET requests:

at.al####.com/t/font_633469_4uw4om2lfzr.css
at.al####.com/t/font_633469_4uw4om2lfzr.ttf?t=####
b.scoreca####.com.####.net/b2?c1=####&c2=####&c3=####&ns__t=####&ns_c=##...
b.scoreca####.com.####.net/b?c1=####&c2=####&c3=####&ns__t=####&ns_c=###...
b.scoreca####.com.####.net/beacon.js
cdn.tab####.com/libtrc/cashbox-network/loader.js
cdn.tab####.com/libtrc/impl.355-445-RELEASE.es5.js
new.ic####.xyz/
new.ic####.xyz/images/2018102409434778511.png
new.ic####.xyz/images/2018102409441931445.png
new.ic####.xyz/images/2018102409450593015.jpeg
new.ic####.xyz/images/2018102410021090440.jpg
new.ic####.xyz/images/2018102410022254657.jpg
new.ic####.xyz/images/2018102410024419700.jpg
new.ic####.xyz/images/2018102410025440783.png
new.ic####.xyz/images/2018102410032762048.jpg
new.ic####.xyz/images/2018102410075431719.png
new.ic####.xyz/images/2018102410082738662.png
new.ic####.xyz/images/2018102410083819284.png
new.ic####.xyz/images/2018102410090360574.jpg
new.ic####.xyz/images/201810241009271544.jpg
new.ic####.xyz/images/2018102410102427420.png
new.ic####.xyz/images/2018102410104036117.jpg
new.ic####.xyz/images/2018102410105298682.jpg
new.ic####.xyz/images/2018102410110370129.jpg
new.ic####.xyz/images/2018102410114199867.png
new.ic####.xyz/images/2018102410121975528.jpg
new.ic####.xyz/images/2018102410385383322.jpg
new.ic####.xyz/images/201810241050364490.jpg
new.ic####.xyz/images/2018102410515060573.jpg
new.ic####.xyz/images/2018102410520358460.jpg
new.ic####.xyz/images/2018102410544626218.jpg
new.ic####.xyz/images/2018102410545752188.jpg
new.ic####.xyz/images/2018102410564399227.png
new.ic####.xyz/images/2018102410580441106.jpg
new.ic####.xyz/images/2018102410582037185.jpg
new.ic####.xyz/images/2018102410583218314.jpg
new.ic####.xyz/images/2018102410594786532.jpeg
new.ic####.xyz/images/2018102411004851364.png
new.ic####.xyz/images/2018102411011352395.jpg
new.ic####.xyz/images/2018102411013013078.png
new.ic####.xyz/images/2018102411014681063.jpg
new.ic####.xyz/images/2018102411035417635.jpg
new.ic####.xyz/images/2018102411052911428.jpg
new.ic####.xyz/images/2018102411054530856.jpeg
new.ic####.xyz/images/2018102411061381602.jpeg
new.ic####.xyz/images/2018102411064269300.jpeg
new.ic####.xyz/images/201810241107236453.jpg
new.ic####.xyz/images/2018102411073353332.jpg
new.ic####.xyz/images/2018102411074626458.jpg
new.ic####.xyz/images/2018102411080913416.jpg
new.ic####.xyz/images/2018102411083444633.jpg
new.ic####.xyz/images/2018102411084696601.png
new.ic####.xyz/images/2018102411085930405.png
new.ic####.xyz/images/2018102411091342155.jpg
new.ic####.xyz/images/2018102411092424191.jpg
new.ic####.xyz/images/2018102411104393781.jpeg
new.ic####.xyz/images/2018102411105461089.jpg
new.ic####.xyz/images/2018102411110567574.jpg
new.ic####.xyz/images/2018102411112954923.png
new.ic####.xyz/images/2018102411114173183.jpg
new.ic####.xyz/images/2018102411123017181.jpg
new.ic####.xyz/images/2018102411124387464.jpg
new.ic####.xyz/images/2018102411125478135.jpg
new.ic####.xyz/images/2018102411132135763.png
new.ic####.xyz/images/201810241113354947.png
new.ic####.xyz/images/2018102411143123804.png
new.ic####.xyz/images/2018102411145190425.png
new.ic####.xyz/images/2018102411150431143.png
new.ic####.xyz/images/2018102411151969814.png
new.ic####.xyz/images/2018102411153012892.png
new.ic####.xyz/images/2018102411154216080.jpeg
new.ic####.xyz/images/2018102411155340325.png
new.ic####.xyz/images/2018102411181967783.jpg
new.ic####.xyz/images/2018102411191647348.png
new.ic####.xyz/images/2018102411200623842.png
new.ic####.xyz/images/2018102411201798821.jpg
new.ic####.xyz/images/2018102411232197186.png
new.ic####.xyz/images/201810241124304882.jpg
new.ic####.xyz/images/2018102411245312603.jpg
new.ic####.xyz/images/2018102411250637722.png
new.ic####.xyz/images/201810241126019006.png
new.ic####.xyz/images/201810241126239565.png
new.ic####.xyz/images/201810241126485942.jpg
new.ic####.xyz/images/2018102411270434086.png
new.ic####.xyz/images/2018102411293681283.png
new.ic####.xyz/images/2018102411294823581.jpg
new.ic####.xyz/images/2018102411304090374.png
new.ic####.xyz/images/2018102411310438341.png
new.ic####.xyz/images/2018102411353145521.jpg
new.ic####.xyz/images/201810241137145358.png
new.ic####.xyz/images/2018102411373769114.png
new.ic####.xyz/images/2018102411401312071.png
new.ic####.xyz/images/2018102411413032002.png
new.ic####.xyz/images/2018102411420428784.jpg
new.ic####.xyz/images/2018102411421531281.jpg
new.ic####.xyz/images/2018102411424998422.jpg
new.ic####.xyz/images/2018102411434012421.jpg
new.ic####.xyz/images/2018102411470367467.jpg
new.ic####.xyz/images/2018102411473677474.png
new.ic####.xyz/images/2018102411484686143.png
new.ic####.xyz/images/2018102411491074570.jpg
new.ic####.xyz/images/2018102411492255788.jpg
new.ic####.xyz/images/2018102411505368671.png
new.ic####.xyz/images/2018102411512017594.png
new.ic####.xyz/images/2018102411513237298.jpg
new.ic####.xyz/images/2018102411520916824.png
new.ic####.xyz/images/2018102411522072930.jpg
new.ic####.xyz/images/2018110809553468531.png
new.ic####.xyz/images/2018110809563244330.png
new.ic####.xyz/images/2018111605584553118.jpg
new.ic####.xyz/images/2018111606013076293.jpg
new.ic####.xyz/images/2018112110595937487.jpg
new.ic####.xyz/images/2018112713063642305.jpg
new.ic####.xyz/images/2018112713152619032.png
new.ic####.xyz/images/2018112713262581053.jpg
new.ic####.xyz/images/2018112713282253362.jpeg
new.ic####.xyz/images/201811271355063519.jpg
new.ic####.xyz/images/2018112713575278925.jpg
new.ic####.xyz/images/2018112714012462749.jpg
new.ic####.xyz/images/2018112714053546708.jpg
new.ic####.xyz/images/2018122108440857903.jpg
new.ic####.xyz/images/2018122108464190540.jpg
new.ic####.xyz/images/2019011812361131436.jpg
new.ic####.xyz/images/2019012809481675375.jpeg
new.ic####.xyz/images/2019013003530616929.png
new.ic####.xyz/images/2019022007182253415.jpg
new.ic####.xyz/images/2019022109470210216.png
new.ic####.xyz/images/2019022110194344140.jpg
new.ic####.xyz/images/2019022110253189389.jpg
new.ic####.xyz/images/2019030513595757222.jpeg
new.ic####.xyz/images/2019030514001635952.jpeg
new.ic####.xyz/images/2019030514003912405.png
new.ic####.xyz/images/201903060154321564.jpg
new.ic####.xyz/images/201903060154523854.jpg
new.ic####.xyz/images/2019030601551110741.png
new.ic####.xyz/images/2019030601552992379.png
new.ic####.xyz/images/2019030601555119046.png
new.ic####.xyz/images/2019030601561065856.png
new.ic####.xyz/images/2019030601563088340.png
new.ic####.xyz/images/2019030612391971884.jpg
new.ic####.xyz/images/2019030612533196034.png
new.ic####.xyz/images/2019030801541189316.jpg
new.ic####.xyz/images/2019030802143317971.png
new.ic####.xyz/images/2019030802163722449.jpg
new.ic####.xyz/images/2019030802324935973.png
new.ic####.xyz/images/2019030803041219969.png
new.ic####.xyz/images/2019030803213811332.png
new.ic####.xyz/images/2019030803291289437.png
new.ic####.xyz/images/2019030803342212674.jpg
new.ic####.xyz/images/2019030803375427210.png
new.ic####.xyz/images/2019030803475372598.jpg
new.ic####.xyz/images/2019030803504691021.jpg
new.ic####.xyz/images/2019030803544037754.jpg
new.ic####.xyz/images/2019030806554720188.png
new.ic####.xyz/images/2019030806595052229.png
new.ic####.xyz/images/2019031306005877839.jpg
new.ic####.xyz/images/2019031306031658076.jpg
new.ic####.xyz/images/2019031306065690364.jpg
new.ic####.xyz/images/2019033006510863333.jpeg
new.ic####.xyz/images/2019051007560495045.jpeg
new.ic####.xyz/images/assets/lazyload.png
new.ic####.xyz/policy/flex.js
new.ic####.xyz/static/dist/css/basis.min.css
new.ic####.xyz/static/dist/css/stream.min.css
new.ic####.xyz/static/dist/js/quick.min.js
new.ic####.xyz/static/dist/js/router.min.js

File system changes:

Creates the following files:

/data/data/####/data_0
/data/data/####/data_1
/data/data/####/data_2
/data/data/####/data_3
/data/data/####/f_000001
/data/data/####/f_000002
/data/data/####/f_000003
/data/data/####/f_000004
/data/data/####/f_000005
/data/data/####/f_000006
/data/data/####/f_000007
/data/data/####/f_000008
/data/data/####/f_000009
/data/data/####/f_00000a
/data/data/####/f_00000b
/data/data/####/f_00000c
/data/data/####/f_00000d
/data/data/####/f_00000e
/data/data/####/f_00000f
/data/data/####/f_000010
/data/data/####/f_000011
/data/data/####/f_000012
/data/data/####/f_000013
/data/data/####/f_000014
/data/data/####/f_000015
/data/data/####/f_000016
/data/data/####/f_000017
/data/data/####/f_000018
/data/data/####/f_000019
/data/data/####/f_00001a
/data/data/####/f_00001b
/data/data/####/f_00001c
/data/data/####/f_00001d
/data/data/####/f_00001e
/data/data/####/f_00001f
/data/data/####/f_000020
/data/data/####/f_000021
/data/data/####/f_000022
/data/data/####/f_000023
/data/data/####/index
/data/data/####/quick_shared_prefs.xml
/data/data/####/webview.db-journal
/data/data/####/webviewCookiesChromium.db-journal

Miscellaneous:

Loads the following dynamic libraries:

os-lib

Displays its own windows over windows of other apps.

Технологии

Термины

Обучение и просвещение

Мифы

Technical information

Рекомендации по лечению

Демо бесплатно на 14 дней