Technical information
- Android.Rootkit.5.origin
- Android.Hmad.2
- Android.Backdoor.333.origin
- Android.Hmad.7.origin
- Android.DownLoader.602
- d2h8j6q####.####.net
- epup####.####.com:7013
- ecre####.####.com:8012
- g####.####.com
- e####.####.com:8011
- q####.####.com:8092
- e####.####.com
- e####.####.com:7011
- epcon####.####.com
- epcon####.####.com:7014
- ecup####.####.com:8013
- ecre####.####.com
- a####.####.com
- d2h8j6q####.####.net/oversea/lockad/img/1481787089203.jpg
- g####.####.com/atmp/ad.png
- d2h8j6q####.####.net/oversea/pushad/logo/73f37fb6-4223-4d4e-8e21-966b691a3290.png
- d2h8j6q####.####.net/oversea/lockad/img/1481247530884.png
- d2h8j6q####.####.net/oversea/lockad/img/1481880152922.jpg
- d2h8j6q####.####.net/oversea/lockad/logo/1481247530897.png
- d2h8j6q####.####.net/oversea/lockad/logo/1481880152867.png
- d2h8j6q####.####.net/oversea/pushad/logo/18a8ec2b-621d-446d-af54-f745ee19be8a.jpg
- d2h8j6q####.####.net/oversea/lockad/logo/1481096613742.png
- e####.####.com:8011/ugetad.do
- e####.####.com/pcheckvalid.do
- ecre####.####.com/upostdata.do
- epup####.####.com:7013/pkup.do
- epcon####.####.com:7014/getccontrol.do
- epcon####.####.com/ppostdata.do
- q####.####.com:8092/active.do?ie=####&ch=####&svs=####&system=####&ua=####&pkg=####&iswifi=####&ipad=####
- a####.####.com/zoomy-advert/inter/getHeartbeatInfo.shtml
- e####.####.com:7011/pgetad.do
- ecre####.####.com:8012/upostdata.do
- ecup####.####.com:8013/ukup.do
- /data/data/####/files/psneuter.js
- /data/data/####/app_jc/tfx.jar
- /data/data/####/files/obs.apk
- /data/data/####/files/abc.apk
- /data/data/####/files/install-recovery.sh
- /data/data/####/files/xyn.jar
- /data/data/####/shared_prefs/flowapp_shared.xml.xml
- /data/data/####/shared_prefs/fxkit.xml.bak
- /data/data/####/databases/fastnotedb
- /data/data/####/files/busybox
- /data/data/####/me/ce.zip
- /data/data/####/files/cid.ini
- /data/data/####/databases/fxlock.db
- /data/data/####/app_dex/.do
- /data/data/####/.cache/libsecexe.x86.so
- /data/data/####/databases/fx_kit_unlock
- /data/data/####/.cache/####
- /data/data/####/app_snex/dkt.jar
- /data/data/####/files/armeabi/libmonitor.so
- /data/data/####/files/armeabi/temp_monitor.so
- /data/data/####/shared_prefs/web_sdk.xml
- /data/data/####/app_jc/dfx.jar
- /data/data/####/.md5
- /sdcard/Android/data/un/358851_imgs.png
- /data/data/####/files/mda.ico
- /sdcard/Android/data/un/358859_icon.png
- /data/data/####/files/.rtt/chattr
- /data/data/####/files/su
- /data/data/####/.cache/libsecpreload.x86.so
- /data/data/####/files/suc
- /data/data/####/app_jni/libskin
- /data/data/####/files/classes.dex
- /data/data/####/databases/fp.db-journal
- /data/data/####/app_sgdex/dos.jar
- /data/data/####/databases/fxlock.db-journal
- /data/data/####/shared_prefs/fpksp.xml.bak
- /data/data/####/files/wddex.jar
- /sdcard/Android/data/un/358854_icon.png
- /data/data/####/shared_prefs/fxkit.xml
- /data/data/####/shared_prefs/fpssp.xml
- /data/data/####/.sec_version
- /data/data/####/files/.rtt/nis
- /data/data/####/app_libs/asysup.so
- /sdcard/.sys/ch1
- /data/data/####/files/asysdatafile
- /sdcard/Android/data/fp/38522.png
- /data/data/####/shared_prefs/fpksp.xml
- /data/data/####/shared_prefs/aa.xml
- /sdcard/Android/data/shard/.UUID
- /data/data/####/.cache/classes.jar
- /data/data/####/app_jc/dfp.jar
- /data/data/####/shared_prefs/web_sdk.xml.bak
- /sdcard/Android/data/un/358851_icon.png
- /data/data/####/files/png.ico
- /data/data/####/databases/fx_kit_unlock-journal
- /data/data/####/.cache/classes.dex
- /data/data/####/.cache/####.art
- /data/data/####/.cache/####.art.20
- /data/data/####/shared_prefs/aice.xml
- /data/data/####/databases/fpdown.db-journal
- /data/data/####/shared_prefs/fxssp.xml
- /data/data/####/files/su2
- /data/data/####/files/.rtt/r1
- /data/data/####/files/.rtt/r2
- /data/data/####/files/.rtt/r3
- /data/data/####/files/.rtt/r4
- /data/data/####/databases/fp.db
- /sdcard/.xxx/map.ico
- /sdcard/Android/data/un/358854_imgs.png
- /data/data/####/.cache/libsecmain.x86.so
- /sdcard/Android/data/un/358859_imgs.png
- /data/data/####/app_jc/tfp.jar
- /sdcard/Android/data/fp/287538.png
- /data/data/####/databases/fastnotedb-journal
- /data/data/####/.cache/####
- /data/data/####/files/.rtt/r1
- /data/data/####/files/.rtt/r2
- /data/data/####/files/.rtt/r3
- /data/data/####/files/.rtt/r4
- /data/data/####/me/ce.zip
- /data/data/####/files/suc
- /data/data/####/files/suc HygZRm2IHTKWpp7Hll/sS0uY66xdcw== /system/bin/sh /data/data/####/files/psneuter.js
- /data/data/####/files/.rtt/r4 -c /data/data/####/files/psneuter.js
- chmod 0777 /data/data/####/files/busybox
- getprop ro.product.cpu.abi
- chmod 755 /data/data/####/.cache/####
- chmod 0777 /data/data/####/files/.rtt/chattr
- chmod 0777 /data/data/####/files/.rtt/r4
- chmod 0777 /data/data/####/files/.rtt/r1
- chmod 0777 /data/data/####/files/.rtt/r3
- chmod 0777 /data/data/####/files/.rtt/r2
- chmod 0777 /data/data/####/files/su
- chmod 777 /data/data/####/app_outdex
- /data/data/####/files/.rtt/r1 /data/data/####/files/psneuter.js
- /data/data/####/files/.rtt/r2 -c /data/data/####/files/psneuter.js
- chmod 755 /data/data/####/.cache/####.art.20
- chmod 777 /data/data/####/files/wsh.jar
- chmod 0777 /data/data/####/files/.rtt/nis
- chmod 0777 /data/data/####/files/suc
- /data/data/####/files/suc f0h5zguZ9aJXbCZExMaN2kDhh6V0Uw== /system/bin/sh /data/data/####/files/psneuter.js
- chmod 0777 /data/data/####/files/psneuter.js
- /data/data/####/files/.rtt/r3 -c /data/data/####/files/psneuter.js
- /data/data/####/files/suc al1s7jBFNtn9faBmC0Jb9A9Ns1GZSg== /system/bin/sh /data/data/####/files/psneuter.js
- chmod 755 /data/data/####/.cache/####.art