Technical information
Malicious functions:
Executes code of the following detected threats:
- Android.DownLoader.1051.origin
Network activity:
Connects to:
- UDP(DNS) 8####.8.4.4:53
- TCP(TLS/1.0) pla####.google####.com:443
- TCP(TLS/1.0) r.m####.net:443
- TCP(TLS/1.0) f####.gst####.com:443
- TCP(TLS/1.0) 64.2####.164.94:443
- TCP(TLS/1.0) aa.birdg####.com:443
- TCP(TLS/1.0) in####.appsf####.com:443
- TCP(TLS/1.0) c####.between####.com:443
- TCP(TLS/1.0) www.tns-cou####.ru:443
- TCP(TLS/1.0) d2zi34f####.cloudf####.net:443
- TCP(TLS/1.0) api.appsfly####.com.####.net:443
- TCP(TLS/1.0) tk.topon####.com:443
- TCP(TLS/1.0) crea####.ruta####.ru:443
- TCP(TLS/1.0) js.ad-s####.com:443
- TCP(TLS/1.0) adx.ads.vu####.com:443
- TCP(TLS/1.0) sh####.zhuifen####.top:443
- TCP(TLS/1.0) p####.birdg####.com:443
- TCP(TLS/1.0) api.air####.com:443
- TCP(TLS/1.0) and####.a####.go####.com:443
- TCP(TLS/1.0) unit####.edges####.net:443
- TCP(TLS/1.0) sf16-st####.i18n-pg####.com.####.net:443
- TCP(TLS/1.0) api.topon####.com:443
- TCP(TLS/1.0) pangol####.isn####.com.####.net:443
- TCP(TLS/1.0) ad####.ray####.com:443
- TCP(TLS/1.0) configv####.unit####.uni####.com:443
- TCP(TLS/1.0) new.ads.vu####.com:443
- TCP(TLS/1.0) gdl.i9####.ru.####.com:443
- TCP(TLS/1.0) ads.between####.com:443
- TCP(TLS/1.0) raw.githubu####.com:443
- TCP(TLS/1.0) tnc16-a####.isn####.com.####.net:443
- TCP(TLS/1.0) g####.face####.com:443
- TCP(TLS/1.0) laun####.appsf####.com:443
- TCP(TLS/1.0) img-s-m####.akama####.net:443
- TCP(TLS/1.0) gc####.appsf####.com:443
- TCP(TLS/1.0) opr.adx.o####.com:443
- TCP(TLS/1.0) da.topon####.com:443
- TCP(TLS/1.0) adx-vg####.topon####.com:443
- TCP(TLS/1.0) co####.ads.vu####.com:443
- TCP(TLS/1.0) us01####.ray####.com:443
- TCP(TLS/1.0) firebas####.google####.com:443
- TCP(TLS/1.0) www.googlet####.com:443
- TCP(TLS/1.0) t.rtb####.com:443
- TCP(TLS/1.0) api16-a####.pa####.io.####.net:443
- TCP(TLS/1.0) rr9---s####.g####.com:443
- TCP(TLS/1.0) api.imo####.tech:443
- TCP(TLS/1.0) ad####.topon####.com:443
- TCP(TLS/1.0) rtbtrac####.rt####.net:443
- TCP(TLS/1.0) web.next####.me:443
- TCP(TLS/1.0) and####.google####.com:443
- TCP(TLS/1.0) vg-ne####.ray####.com:443
- TCP(TLS/1.0) im####.tab####.com:443
- TCP(TLS/1.0) vg-aws-####.ray####.com:443
- TCP(TLS/1.2) firebas####.google####.com:443
- TCP(TLS/1.2) 64.2####.164.94:443
- TCP(TLS/1.2) p####.google####.com:443
- TCP d####.topon####.com:9377
- TCP gdl.news####.s####.####.com:443
DNS requests:
- aa.birdg####.com
- ad####.ray####.com
- ad####.topon####.com
- ads.between####.com
- adx-vg####.topon####.com
- adx.ads.vu####.com
- and####.a####.go####.com
- and####.b####.qq.com
- and####.google####.com
- api.air####.com
- api.tab####.com
- api.topon####.com
- api.you####.t####.####.8
- api.you####.tech
- api16-a####.pa####.io
- c####.between####.com
- cd####.vu####.com
- cdn-set####.appsfly####.com
- co####.ads.vu####.com
- co####.unit####.uni####.com
- conf####.unit####.uni####.com
- convers####.appsf####.com
- crea####.ruta####.ru
- d####.topon####.com
- d2zi34f####.cloudf####.net
- da.topon####.com
- f####.gst####.com
- firebas####.google####.com
- g####.face####.com
- gc####.appsf####.com
- gdl.i9####.ru
- gdl.news####.site
- i####.opr.adx.####.com
- im####.tab####.com
- img-s-m####.akama####.net
- in####.appsf####.com
- js.ad-s####.com
- laun####.appsf####.com
- m####.go####.com
- new.ads.vu####.com
- opr.adx.o####.com
- p####.birdg####.com
- p####.google####.com
- pangol####.isn####.com
- pla####.google####.com
- r.m####.net
- raw.githubu####.com
- rr9---s####.g####.com
- rtbtrac####.rt####.net
- sf16-st####.i18n-pg####.com
- sh####.zhuifen####.top
- t####.q1####.ru
- t.rtb####.com
- tk.topon####.com
- tnc16-a####.isn####.com
- us01####.ray####.com
- vg-aws-####.ray####.com
- vg-ne####.ray####.com
- web.next####.me
- www.googlet####.com
- www.tns-cou####.ru
HTTP GET requests:
- ad####.ray####.com:443/impression?opri=Nj####&rid=####&impid=####&cid=##...
- api.appsfly####.com.####.net:443/android/v1/5c0b04b26d739ca97d3c9edfde0f...
- d2zi34f####.cloudf####.net:443/i/22/12/20/10/04/u-QbXa0Bq9Kq.jpg
- d2zi34f####.cloudf####.net:443/i/22/12/20/10/04/u-yeXKLJeM4q.jpg
- d2zi34f####.cloudf####.net:443/i/23/01/24/00/14/u-XdMgajlrxW.jpg
- gc####.appsf####.com:443/install_data/v4.0/<Package>?devkey=####&device_...
- gdl.i9####.ru.####.com:443/as/web-source/4hd/0J3np7.mp4
- img-s-m####.akama####.net:443/template-rtb/programmaticBanner-v6.zip
- img-s-m####.akama####.net:443/vm/1.4.1/6bd1fe6.zip
- new.ads.vu####.com:443/api/v5/new?ifa=####&app_id=####
- r.m####.net:443/img/87/998897.mp4
- raw.githubu####.com:443/StevenBlack/hosts/master/hosts
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-sg/renderer/1aff...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-sg/renderer/pack...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-va/renderer/1aff...
- sf16-st####.i18n-pg####.com.####.net:443/obj/ad-pattern-va/renderer/pack...
- tnc16-a####.isn####.com.####.net:443/get_domains/v4/?version_code=####&d...
- unit####.edges####.net:443/webview/4.0.0/2e120e727f29b090f70d089b35f4620...
- us01####.ray####.com:443/impression?k=####&z=MTI4M####&q=a_i09####&x=###...
- us01####.ray####.com:443/onlyImpression?k=####&p=MjI5N####&csp=####&c=##...
- vg-aws-####.ray####.com:443/loss?token=####&win_price=####&auction_curre...
- vg-ne####.ray####.com:443/loss?token=####&win_price=####&auction_currenc...
- vg-ne####.ray####.com:443/win?token=####
HTTP POST requests:
- aa.birdg####.com:443/v1/d_api
- ad####.topon####.com:443/bid
- adx-vg####.topon####.com:443/request
- adx.ads.vu####.com:443/api/v5/ads
- api.topon####.com:443/v2/open/app
- api.topon####.com:443/v2/open/placement
- api16-a####.pa####.io.####.net:443/api/ad/union/sdk/stats/batch/
- co####.ads.vu####.com:443/api/v5/config
- configv####.unit####.uni####.com:443/webview/4.4.1/release/config.json
- da.topon####.com:443/v1/open/da?1004631=####&1004632=####&1004634=####
- firebas####.google####.com:443/v1/projects/lite-browser-21dbd/installati...
- in####.appsf####.com:443/api/v6.9/androidevent?app_id=####&buildnumber=#...
- laun####.appsf####.com:443/api/v6.9/androidevent?app_id=####&buildnumber...
- p####.birdg####.com:443/v1/ptk
- pangol####.isn####.com.####.net:443/api/ad/union/mediation/settings/
- pangol####.isn####.com.####.net:443/api/ad/union/sdk/stats/batch/
- sh####.zhuifen####.top:443/v1/init?id=####
- sh####.zhuifen####.top:443/v1/mr?id=####
- tk.topon####.com:443/v1/open/tk
File system changes:
Creates the following files:
- /data/data/####/.
- /data/data/####/. .flock (deleted)
- /data/data/####/.
- /data/data/####/.
- /data/data/####/.
- /data/data/####/. .flock (deleted)
- /data/data/####/0004c46436e77871_0
- /data/data/####/011134986548f3458aa3e7e2a7fceb8d
- /data/data/####/01c10568964a6c9d_0
- /data/data/####/01e7801563fb2171_0
- /data/data/####/025c3bc5d285826e_0
- /data/data/####/056a7511831e0381_0
- /data/data/####/05d192f959e89a24_0
- /data/data/####/092965c0915cd1e9_0
- /data/data/####/0c7e670584b12527_0
- /data/data/####/1004
- /data/data/####/114380peq
- /data/data/####/114380peq.dex
- /data/data/####/114380peq.dex.flock (deleted)
- /data/data/####/114553peq
- /data/data/####/114553peq.dex
- /data/data/####/114553peq.dex (deleted)
- /data/data/####/114553peq.dex.flock (deleted)
- /data/data/####/118fc9235216528a_0
- /data/data/####/11d3437a93c8285a_0
- /data/data/####/12e6912b8fc9625d_0
- /data/data/####/139a295838822223_0
- /data/data/####/141960ec93124f2b65ebc7d94cfc9607
- /data/data/####/154347af651aa155_0
- /data/data/####/1664557424545.dex
- /data/data/####/1664557424545.dex.flock (deleted)
- /data/data/####/1664557424545.jar
- /data/data/####/1664557424545.tmp
- /data/data/####/1687837457816
- /data/data/####/1687837473267
- /data/data/####/1687837473274
- /data/data/####/1687837475310
- /data/data/####/1687837477579
- /data/data/####/1687837480218
- /data/data/####/1687837482174
- /data/data/####/1687837484236
- /data/data/####/1687837485443
- /data/data/####/1687837486532
- /data/data/####/1687837486723
- /data/data/####/1687837486775
- /data/data/####/1687837486873
- /data/data/####/1687837486885
- /data/data/####/1687837486898
- /data/data/####/1687837488544
- /data/data/####/1687837490286
- /data/data/####/1687837490291
- /data/data/####/1687837492805
- /data/data/####/1687837492921
- /data/data/####/1687837492959
- /data/data/####/1687837493000
- /data/data/####/1687837497843
- /data/data/####/1687837498011
- /data/data/####/18aeff8fda45064d_0
- /data/data/####/1900b8d76057d460_0
- /data/data/####/1919a2fd7bc6c816_0
- /data/data/####/1d77748d7cd7be10_0
- /data/data/####/21e7ec07032d83b3_0
- /data/data/####/225c1299b16761b8_0
- /data/data/####/2859cd33aba3d737_0
- /data/data/####/28713d10e63bad03_0
- /data/data/####/2a2029c8907e8e60_0
- /data/data/####/2e1af62f910428eb_0
- /data/data/####/2e1d99e0d4097fb9_0
- /data/data/####/2fc33e13d80e16f6_0
- /data/data/####/3158ae9a19333efa_0
- /data/data/####/3158ae9a19333efa_1
- /data/data/####/31d3a2293fc14f98_0
- /data/data/####/35476c4332a294d2_0
- /data/data/####/3acf5414b7f30d06_0
- /data/data/####/3c323bde2085dc19ff6630567ca66d47
- /data/data/####/42fd224aafaf7a60_0
- /data/data/####/43652c20dd46b6da_0
- /data/data/####/4751b0abe56b9d6f_0
- /data/data/####/48594a2c05081b24_0
- /data/data/####/4867d9ac5b29ad71_0
- /data/data/####/500e129e4850c035_0
- /data/data/####/505c494edb0900df_0 (deleted)
- /data/data/####/51d15031755ca4e3_0
- /data/data/####/54186f84981cfe8f_0
- /data/data/####/558b1ce93a0005e4_0
- /data/data/####/56dc2cb2f134971f_0
- /data/data/####/575552443b854961_0
- /data/data/####/58d641ede9419d12_0
- /data/data/####/58f9a2f8903bc427_0
- /data/data/####/5bc42061d3184529_0
- /data/data/####/5c90b63332089ce96249bba50cd01780
- /data/data/####/5d1eec50bbd5fb5e_0
- /data/data/####/5d56699eace58474_0
- /data/data/####/5d6434aca0c5a53e_0
- /data/data/####/6088682f123c4c54_0
- /data/data/####/6177918fa14cdda5_0
- /data/data/####/624f369741260783_0
- /data/data/####/63b64ff7fac66319_0
- /data/data/####/64009618c0771f41_0
- /data/data/####/6b6ba628608c0c71_0
- /data/data/####/6cf3457df655e088_0
- /data/data/####/6cf3457df655e088_1
- /data/data/####/6dcbdd08d84e0b70_0
- /data/data/####/6efbb03d52658935_0 (deleted)
- /data/data/####/723d23ba353e9752_0
- /data/data/####/73ae7d7def345b90_0
- /data/data/####/73ae7d7def345b90_1
- /data/data/####/758d655bcecd1061_0
- /data/data/####/761339f8da52c94ef5b0a2d7f7b99620
- /data/data/####/76bc4dad5b03e436d7fa0e9aeb77e626
- /data/data/####/7727a9af59d62109_0
- /data/data/####/77b30148c10cb91c_0
- /data/data/####/7806931a0e03c110_0
- /data/data/####/7886b16dfb199cd4_0
- /data/data/####/7b63e56359a81b50_0
- /data/data/####/7b71eb8879c2da06_0
- /data/data/####/7c033d265b21a10c046fab04c369c104.xml
- /data/data/####/813fa212793f2608_0
- /data/data/####/845aa409a99309b4_0
- /data/data/####/86129508019af31c_0
- /data/data/####/86a6ec8e241498ae_0
- /data/data/####/877c2cf6755617a8_0
- /data/data/####/887265345e5ae3c3_0
- /data/data/####/8a48f3dc11ec4692_0
- /data/data/####/8d5dcc0631193d51_0
- /data/data/####/8e0caf15e97ef779_0
- /data/data/####/905ae261da7ae4d1_0
- /data/data/####/95d34f5d77ae3e12_0
- /data/data/####/963d345b1f9b9640_0
- /data/data/####/9644038086c5f8a3_0
- /data/data/####/965801851d88d4a9_0
- /data/data/####/990f0c7a8c62b8a5_0
- /data/data/####/99340570c005cab6_0
- /data/data/####/9f6284efe1057b03_0
- /data/data/####/BUGLY_COMMON_VALUES.xml
- /data/data/####/Cookies-journal
- /data/data/####/FirebaseHeartBeatW0RFRkFVTFRd+MToyNzQ0MjEwNTMzO...Zk.xml
- /data/data/####/Ninja4.db
- /data/data/####/Ninja4.db-journal
- /data/data/####/PersistedInstallation.W0RFRkFVTFRd+MToyNzQ0MjEw...k.json
- /data/data/####/PersistedInstallation1075529789tmp
- /data/data/####/PersistedInstallation872158059tmp
- /data/data/####/UnityAdsStorage-private-data.json
- /data/data/####/UnityAdsStorage-public-data.json
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/a14f14afc7e8d187_0
- /data/data/####/a2bdc2f521377b56_0 (deleted)
- /data/data/####/a325493dbaa1d2e3_0 (deleted)
- /data/data/####/a7182242f6ed048d_0
- /data/data/####/a8f961432e731ece_0
- /data/data/####/a93f8bd9cbcd03e4_0
- /data/data/####/ac2f5ff6e8dbb1df_0
- /data/data/####/ae08b5ca78c64b1b_0
- /data/data/####/afae674a5bb501fd22038217665373da
- /data/data/####/androidx.work.workdb-journal (deleted)
- /data/data/####/anythink.db-journal
- /data/data/####/anythink_agent_log
- /data/data/####/anythink_hb_cache_file.xml
- /data/data/####/anythink_myoffer-journal
- /data/data/####/anythink_placement_load.xml
- /data/data/####/anythink_placement_strategy_update_check.xml
- /data/data/####/anythink_sdk.xml
- /data/data/####/anythink_sdk.xml.bak
- /data/data/####/anythink_temp_log
- /data/data/####/anythink_wt_cache_info.xml
- /data/data/####/anythinkadx_file.xml
- /data/data/####/app_set_id_storage.xml
- /data/data/####/app_set_id_storage.xml.bak
- /data/data/####/appsflyer-data.xml
- /data/data/####/appsflyer-data.xml.bak
- /data/data/####/b0ef4839f4bea4c2_0
- /data/data/####/b409e13684b05ffb_0 (deleted)
- /data/data/####/b99719f2381b1930_0
- /data/data/####/b9eb70a352019699_0
- /data/data/####/bcad8035555d67b5_0
- /data/data/####/be96752b487e9425_0
- /data/data/####/bf2af9ec5501ecb3_0
- /data/data/####/bf77e32c5b63c507_0
- /data/data/####/bf853b528263f56a_0
- /data/data/####/bugly_db_-journal
- /data/data/####/bugly_last_us_up_tm
- /data/data/####/c3e30a7170785749_0
- /data/data/####/c42d0b8d2a52394d_0 (deleted)
- /data/data/####/c57f6a80edfcc195_0
- /data/data/####/c68509b2e2343c19_0
- /data/data/####/c70cc33c1c4eb887_0
- /data/data/####/c89c50ed0fe1f2da_0
- /data/data/####/ca45119f1fa8e456_0
- /data/data/####/cb1d00d1983b11c3_0
- /data/data/####/cce26dc8aaeabc64_0
- /data/data/####/cf3390bcdae39662_0
- /data/data/####/com.facebook.sdk.USER_SETTINGS.xml
- /data/data/####/com.facebook.sdk.appEventPreferences.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml
- /data/data/####/com.hb.lite.browser_preferences.xml
- /data/data/####/com.vungle.sdk.xml
- /data/data/####/crashrecord.xml
- /data/data/####/d18942c96ed39623_0
- /data/data/####/d1e055360976fc11_0
- /data/data/####/d3457cc96244ada4_0
- /data/data/####/d52f7f4d8ef8e3a3_0
- /data/data/####/d7d24bb3b0497b0c_0
- /data/data/####/d7fb441289316df1_0
- /data/data/####/d90ca5862421bf50_0
- /data/data/####/dba1718882d62425_0
- /data/data/####/dd7752ee20d65014_0
- /data/data/####/de0d2104a4fa5cc3_0
- /data/data/####/dfe849ea27bca694_0
- /data/data/####/dfe849ea27bca694_1
- /data/data/####/e107c46e61287c59_0
- /data/data/####/e37dd951255e9612_0
- /data/data/####/e4914f805523655f_0
- /data/data/####/eda1a5041b23bbd1_0
- /data/data/####/exc_log.xml
- /data/data/####/f53b26bb1a724f38_0
- /data/data/####/f6f5658ab367ac6a_0
- /data/data/####/f739d53f548ffdcf_0
- /data/data/####/f7d91b78dc5744d0_0
- /data/data/####/f8907091ec5668e4_0
- /data/data/####/fa0fc4434cf3680f_0
- /data/data/####/fa0fc4434cf3680f_1
- /data/data/####/fb57c1d69528b911_0
- /data/data/####/fb57c1d69528b911_1
- /data/data/####/fda26e9a1f298521_0
- /data/data/####/generatefid.lock
- /data/data/####/google_app_measurement_local.db
- /data/data/####/google_app_measurement_local.db-journal
- /data/data/####/hosts.txt
- /data/data/####/index
- /data/data/####/local_crash_lock
- /data/data/####/metrics_guid
- /data/data/####/native_record_lock
- /data/data/####/native_record_lock (deleted)
- /data/data/####/proc_auxv
- /data/data/####/sp_global_app_id.xml
- /data/data/####/sp_global_file.xml
- /data/data/####/sp_global_icon_id.xml
- /data/data/####/sp_global_privacy.xml
- /data/data/####/sp_last_ad_show_cache_show_ad.xml
- /data/data/####/sp_multi_info.xml
- /data/data/####/sp_multi_ttadnet_config.xml
- /data/data/####/ss_app_config.xml
- /data/data/####/temp.txt
- /data/data/####/temp.txt (deleted)
- /data/data/####/temp_pkg_info.json
- /data/data/####/the-real-index
- /data/data/####/tramini.db-journal
- /data/data/####/tramini.xml
- /data/data/####/tt_ad_sdk_sp.xml
- /data/data/####/tt_ads_conf
- /data/data/####/tt_sdk_event_db_ad.xml
- /data/data/####/tt_sdk_event_db_state.xml
- /data/data/####/tt_sdk_event_db_trail.xml
- /data/data/####/tt_sdk_event_get_ad.xml
- /data/data/####/tt_sdk_event_net_ad.xml
- /data/data/####/tt_sdk_event_net_state.xml
- /data/data/####/tt_sdk_event_net_trail.xml
- /data/data/####/tt_sdk_settings.prop
- /data/data/####/tt_sdk_settings.xml
- /data/data/####/ttnet_tnc_config1371.xml
- /data/data/####/ttopenadsdk.xml
- /data/data/####/ttopenadsdk.xml.bak
- /data/data/####/ttopensdk.db-journal
- /data/data/####/unityads-installinfo.xml
- /data/data/####/vungle_db-journal
- /data/data/####/vungle_settings
- /data/data/####/vungle_settings (deleted)
- /data/media/####/-1941052644.tmp
- /data/media/####/-275339539
- /data/media/####/.nomedia
- /data/media/####/002add3f4eac1e3d438392d14dee4032.html
- /data/media/####/1JRpwU.png
- /data/media/####/236331564
- /data/media/####/6dd6669f731252b546f52a0d51b4b4ed.html
- /data/media/####/998897.mp4
- /data/media/####/9KrtnXCbjwcL6l--ae9PASTmYpN0iVwfGV9x18NpHhY=
- /data/media/####/9KrtnXCbjwcL6l--ae9PASTmYpN0iVwfGV9x18NpHhY=.vng_meta
- /data/media/####/UnityAdsTest.txt (deleted)
- /data/media/####/UnityAdsWebApp.html
- /data/media/####/UnityAdsWebViewConfiguration.json
- /data/media/####/VDczNKpBMDl8961Nswu-MnQab3PedE4gHFWpl8hqOnQ=
- /data/media/####/VDczNKpBMDl8961Nswu-MnQab3PedE4gHFWpl8hqOnQ=.vng_meta
- /data/media/####/X2ceN9-h_TvSnuMJH2PV6ov2AglyHILWNC8_I4q0nrk=
- /data/media/####/X2ceN9-h_TvSnuMJH2PV6ov2AglyHILWNC8_I4q0nrk=.vng_meta
- /data/media/####/ZzdkGR6BjqXC-rdlorS6J2AiQIEma0vwB0ugHT6Sxm4=
- /data/media/####/ZzdkGR6BjqXC-rdlorS6J2AiQIEma0vwB0ugHT6Sxm4=.vng_meta
- /data/media/####/cache_policy_journal
- /data/media/####/cache_touch_timestamp
- /data/media/####/index.html
- /data/media/####/ki3NNKCaTs0W4S0EeHFflDJ1N4OKmgzp99xbv550sMQ=
- /data/media/####/ki3NNKCaTs0W4S0EeHFflDJ1N4OKmgzp99xbv550sMQ=.vng_meta
- /data/media/####/log_16878374622307d3373d4-281d-465e-830c-9258b869da95
- /data/media/####/mraid.js
- /data/media/####/omsdk-session.js
- /data/media/####/omsdk.js
- /data/media/####/template
- /data/misc/####/primary.prof
Miscellaneous:
Executes the following shell scripts:
- getprop ro.build.version.emui
Loads the following dynamic libraries:
- libBugly_Native
Uses the following algorithms to encrypt data:
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS5Padding
Uses the following algorithms to decrypt data:
- AES-CBC-PKCS5Padding
Accesses the ITelephony private interface.
Gets information about network.
Gets information about phone status (number, IMEI, etc.).
Displays its own windows over windows of other apps.
