FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
Support services
Scanners
Dr.Web vxCube
Trial
VCI investigations
Virus library
Knowledge base

Technologies

Terminology

Training and education

Myths

News

Android.MulDrop.1038

Added to the Dr.Web virus database: 2017-03-25

Virus description added:

Technical information

Malicious functions:
Prompts to install third-party applications.
Network activity:
Connecting to:
  • c####.####.com
  • po####.####.com
  • c####.####.com:7080
  • r####.####.com
HTTP GET requests:
  • c####.####.com/group1/M02/F6/5A/pYYBAFjGZHSAOGWUAAAfo6IP3qw511.gif
  • c####.####.com/group1/M01/26/9F/poYBAFf76yOAPPGVAAAbERCNz9k632.png
  • c####.####.com/group1/M02/1A/B8/qoYBAFjHjy2AMXKVAAAa_0waWuY486.png
  • c####.####.com/group1/M02/F6/5E/pYYBAFjGauiAe_AUAAB3tDId52g720.png
  • po####.####.com/config/winDataConfig?app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=####&ne...
  • c####.####.com/group1/M02/06/46/poYBAFjToC6ABPVvAAANxMI5EmU359.png
  • c####.####.com/group1/M00/0C/AD/pYYBAFcGJL-AJ-Q-AAJrNokm-iw291.png
  • r####.####.com/v3/app/com.kiloo.subwaysurfninegame.json?sid=####&app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=...
  • c####.####.com/group1/M00/A5/06/poYBAFZqauCARdpvAACSAjCL7MQ675.jpg
  • c####.####.com/group1/M02/EC/B0/pYYBAFi-LgmAfYMfAAA14Rnea9s625.png
  • c####.####.com/group1/M01/A5/06/pYYBAFZqauCAfQmfAAA6a9GAg4U334.jpg
  • c####.####.com/group1/M02/44/6C/qYYBAFjHjy2AUjJJAb8Q9sTr7mk613.apk?pid=####&a=####
  • c####.####.com/group1/M02/EC/B0/pYYBAFi-LgCAebAlAAHwyJ9By-Q666.png
  • c####.####.com/group1/M02/7A/B6/poYBAFhZC4aAMtFBAAAOC0cVNc8838.png
  • r####.####.com/app.pkgUrlList?app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=####&netWorkTy...
  • c####.####.com/group1/M02/04/12/qoYBAFizoeuACm08AEQf8Dyd_I0897.apk?pid=####&a=####
  • c####.####.com/group1/M01/63/EA/pYYBAFg-FY6AH0xmAAAdTHX4yWs198.png
  • c####.####.com/group1/M00/A5/06/pYYBAFZqauGANuPaAABIwWfMnHc493.jpg
  • c####.####.com/group1/M02/BF/13/qoYBAFh0WoOAewTpAAEjm5SrgHY868.png
  • c####.####.com/group1/M01/2C/20/pYYBAFciaoeABbpsAABriPTrhE0284.png
  • c####.####.com/group1/M02/1B/FA/qYYBAFihmdaAD2aIAAAdAo3ePiU486.png
  • c####.####.com/group1/M00/2A/35/pYYBAFf_atmAYd_qAAAeXm_wdlk520.png
  • c####.####.com/group1/M02/32/96/p4YBAFjI09mATNLGACc-CEFRdrg257.apk?pid=####&a=####
  • c####.####.com/group1/M02/42/AA/qYYBAFjGAj6AOLnMAAAOf5Ji_ek429.png
  • c####.####.com/group1/M00/67/21/poYBAFdUhvOATk1IAAAXl76E7Yw061.png
  • c####.####.com:7080/group1/M00/28/DF/qoYBAFjTfMaAd9w9AUEKYu-A9Jc742.apk?pid=####&a=####
  • c####.####.com/group1/M02/C5/60/p4YBAFhmbomALADCAAC7Gk2wj2A555.png
  • c####.####.com/group1/M00/68/86/pYYBAFdVyb2Aeh_wAAAq9xYhqZw955.png
  • c####.####.com/group1/M02/39/6B/qYYBAFi-LfGAZwimAAA_2S59Ne8834.png
  • c####.####.com/group1/M00/28/DF/qoYBAFjTfMaAd9w9AUEKYu-A9Jc742.apk?pid=####&a=####
  • r####.####.com/downStat/group1/M02/32/96/p4YBAFjI09mATNLGACc-CEFRdrg257.apk?pid=####&v=####&resourceType=####&a=####&rafa=####&platformId=####
  • r####.####.com/topic/2181.json?app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&size=####&v=####&langCode=###...
  • c####.####.com/group1/M01/5E/F5/poYBAFYVjY2ACAg4AAAXjKgxAzs480.png
  • c####.####.com/group1/M00/00/A2/ooYBAFQSby2ARXRSAACMACxG3eo532.png
  • c####.####.com/group1/M00/A5/06/poYBAFZqauGAeZbLAABLTVrhTIs104.jpg
  • c####.####.com/group1/M02/9F/DD/poYBAFh3MwuAdR5vAAAeHWRb6IY165.png
  • c####.####.com/group1/M02/6C/07/q4YBAFi-LfqAVtx2AAA-Wh7x-wM143.png
  • c####.####.com/group1/M00/FD/E0/poYBAFfQaz2ALDg6AAAd6VClE2k724.png
  • c####.####.com/group1/M02/6D/3F/q4YBAFi_NQCAfJjhAAAXqg_Q8dg618.png
  • c####.####.com/group1/M02/00/63/qYYBAFiICW-AVBhkAAALVP4C4N0756.png
  • c####.####.com/group1/M02/F1/0C/qIYBAFiK8xGAOx79AAAQv0_7hhw254.png
  • c####.####.com/group1/M01/22/19/p4YBAFbXFcyAJ7WoAABxdb9kbNk576.png
  • c####.####.com/group1/M01/7E/5F/qIYBAFc2JwSABx8TAABuNUb8Qzw419.png
  • c####.####.com/group1/M00/E8/9A/poYBAFbXJQOAE5SiAABt8CPIHSc740.png
  • r####.####.com/downStat/group1/M02/04/12/qoYBAFizoeuACm08AEQf8Dyd_I0897.apk?pid=####&v=####&resourceType=####&a=####&rafa=####&platformId=####
  • c####.####.com/group1/M00/0A/E9/oYYBAFR-DmKAQ-4mAAAevmYdJHg634.png
  • c####.####.com/group1/M00/90/35/pYYBAFd-xUyAfvtMAAAd9OurjEU945.png
  • c####.####.com/group1/M00/CD/F2/pYYBAFenk0OAb_I-AAAetpsFuS8937.png
  • c####.####.com/group1/M01/D0/36/p4YBAFeEEa2AOf2gAAAiTkQDTc4008.png
  • c####.####.com/group1/M02/03/B7/q4YBAFhgyHyABAPdAAAOMEmrN3E474.png
  • c####.####.com:7080/group1/M02/32/96/p4YBAFjI09mATNLGACc-CEFRdrg257.apk?pid=####&a=####
  • r####.####.com/downStat/group1/M00/28/DF/qoYBAFjTfMaAd9w9AUEKYu-A9Jc742.apk?pid=####&v=####&resourceType=####&a=####&rafa=####&platformId=####
  • r####.####.com/keywords.json?app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=####&netWorkTyp...
  • c####.####.com/group1/M02/7A/B5/poYBAFhZCyaAUSjqAAAPvkr8EBQ451.png
  • c####.####.com/group1/M00/7A/26/p4YBAFcyxsmADqvBAABkh57-kWc058.png
  • r####.####.com/downStat/group1/M02/44/6C/qYYBAFjHjy2AUjJJAb8Q9sTr7mk613.apk?pid=####&v=####&resourceType=####&a=####&rafa=####&platformId=####
  • c####.####.com/group1/M02/8B/5B/pYYBAFhmW9yAcXN9AAB88GBovkY160.png
  • r####.####.com/pushmessage.json?app=####&imei=####&versionCode=####&versioncode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v...
  • c####.####.com/group1/M02/0F/B7/qoYBAFi-LfqAS6hdAAIoqVZOKmY328.png
  • r####.####.com/v3/app/ru.lextre.cr3d_ru.json?sid=####&app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####...
  • r####.####.com/config.get?app=####&keys=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=####&net...
  • c####.####.com/group1/M00/86/FC/q4YBAFjU6mWAH64oAACbTmfsy3I006.jpg
  • c####.####.com/group1/M01/42/C0/qYYBAFfJ64eABmQrAAAdcAYoQZ0312.png
  • c####.####.com/group1/M01/4F/D1/qYYBAFfWCtWAU5lUAABYUAvllVY839.png
  • c####.####.com/group1/M01/00/C5/oYYBAFQSdfSAR-znAAAZMToVoa8901.png
  • r####.####.com/config?app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=####&netWorkType=####&...
  • r####.####.com/pushmessage.json?app=####&updatetime=####&imei=####&versionCode=####&versioncode=####&versionName=####&um_ch=####&appPackageName=####&p...
  • c####.####.com/group1/M02/B4/46/qIYBAFhZCQyAT3H8AAAOVsSyiMg568.png
  • r####.####.com/v3/check-for-update.json?app=####&packageName=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=#...
  • c####.####.com/group1/M01/A5/06/pYYBAFZqauCAT_5aAABJAZWKg3A522.jpg
  • c####.####.com/group1/M02/6C/08/q4YBAFi-LhGABKg6AAAfQYFnnkE858.png
  • c####.####.com/group1/M02/26/A7/p4YBAFi-LdWAIPmxAAITecbPGL0684.png
  • r####.####.com/app.bizAlsoLike?app=####&packageName=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langC...
  • c####.####.com/group1/M01/B9/E6/pYYBAFaFYJmABqeJAAAfqge7nW4311.png
  • r####.####.com/messageUser?app=####&imei=####&versionCode=####&versioncode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&versio...
  • c####.####.com/group1/M02/E8/C8/qYYBAFh0WoOACMKQAAAWcNIcbvE587.png
  • c####.####.com/group1/M01/96/6D/poYBAFeEDFqAVzLpAAA-POy_OQU452.png
  • c####.####.com/group1/M00/9B/AE/pYYBAFeFZ6GAUJh1AAAf6gXgYQY326.png
  • c####.####.com/group1/M01/74/2E/p4YBAFcuHiKAY9ZsAAAfIIVCRyk676.png
  • c####.####.com/group1/M00/A5/06/poYBAFZqauGACFPVAAA-Az9hqsw143.jpg
  • c####.####.com/group1/M02/84/1D/q4YBAFjSfKmABdDnAACQgKmLlCU600.png
  • r####.####.com/config.get?countryId=####&app=####&keys=####&mcc=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&...
  • c####.####.com/group1/M02/9F/8D/qIYBAFhAL-WATH5tAAAjy5JoC3s937.png
  • r####.####.com/client/check/task?app=####&versionCode=####&versionName=####&net=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=##...
  • c####.####.com/group1/M01/D9/D1/qIYBAFeICjiAHQ1NAAAdL5bISNo269.png
  • c####.####.com/group1/M00/A5/06/pYYBAFZqauGAQTqIAABAUg04D3M815.jpg
  • c####.####.com:7080/group1/M02/04/12/qoYBAFizoeuACm08AEQf8Dyd_I0897.apk?pid=####&a=####
  • c####.####.com/group1/M01/A5/06/poYBAFZqauGAQEJPAAAySDXqFzc596.jpg
  • c####.####.com/group1/M01/E6/A3/poYBAFbVZv-AZ2TfAAB5q3Kc59Q805.png
  • c####.####.com/group1/M01/1E/00/p4YBAFbS2RKATdMeAABUsBO70X8908.png
  • c####.####.com/group1/M02/21/B5/qYYBAFimyhaAWVn_AAAkD7VYd6s651.png
  • c####.####.com/group1/M02/EC/FD/poYBAFi-LgGAMO9gAAA6OzrkXmA311.png
  • r####.####.com/v3/page/template?app=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=####&newClie...
  • c####.####.com/group1/M01/44/56/qIYBAFcEwQyAJLkPAACaJQm8IRU330.png
  • c####.####.com/group1/M01/A5/06/poYBAFZqauGAb8YGAAAp2xdXjsE375.jpg
  • c####.####.com/group1/M01/0A/96/p4YBAFeo6F2AEAMiAAA-68GPXag644.png
  • c####.####.com/group1/M02/50/EC/qYYBAFjSFK-AV2WrAAB4aHCAY-A292.jpg
  • c####.####.com/group1/M02/06/42/poYBAFjTnPKAc0VgAAA-Wezr920142.png
HTTP POST requests:
  • r####.####.com/user/check-increment-update.json?app=####&gzip=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=...
  • r####.####.com/stat/visit?app=####&gzip=####&versionCode=####&versionName=####&um_ch=####&appPackageName=####&platformId=####&v=####&langCode=####&net...
Modified file system:
Creates the following files:
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/43d7526d434ffe305aad471eafe9eb56b3670753a42487db8800c064818870ed.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/2e046a64b1f7d39b9604dca324acf4314d3ac778b0cb931f0a7e5cb842e9262a.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/45f82ef86953459a301c859d2e1adb4739af11374d5f45e0104b678a93f2eaf1.0.tmp
  • /data/data/####/cache/httpCache/14c23dfed92a9b07beee3e3dee8207d1.1.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/60392c33dcce73d67dbf73bd1374d0657fceca5732cdd7fc5f0865c2df486e1d.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/91d53c3eb6c0c912b978e554a6b0cd5f8f8903925656fe966bf98ba33a4045b2.0.tmp
  • /data/data/####/cache/httpCache/6a529c2e6bdf331fd1b17a4d7be6a672.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/bcb87e38ae4c92702f43985314d24d0b199b46a5f4ea099f3d118b8e12a464f9.0.tmp
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.uptime
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/eb93cd67570ed41ec278d864df2c3250d47e2314005c71052253f8c0551f8756.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/1c599c6eaeef37f91adaa735fc885c69d5e7474f89aef939344f8329e3365df5.0.tmp
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.bb
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/bde97d0de6a789707f79669a00a511bbd7787d200797075643996a2dcd1749ed.0.tmp
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.meminfo
  • /data/data/####/app_stat_log/1485416465463
  • /data/data/####/cache/httpCache/ea4374d2987d76271de6fdb67b168a2c.1.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/3e313505471ad8ae42be1f066402306955900a1cbd06ff839151c79496cee641.0.tmp
  • /data/data/####/cache/httpCache/0dc7fb1fcd0c22ac51ba660579f4e20b.1
  • /data/data/####/cache/httpCache/965d7f7328cbf9f1f5b940ea0142d452.1
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/8a94fa1e25f02a0bdbe982e14561457e0d82a41970a5d68073fab2a94e510484.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/e1e6f89c8f7f82b94b1a0714d9839f73c900186779a9b772a0fa3dc9dc0c10c1.0.tmp
  • /data/data/####/app_stat_log/1485416454336
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/b26eda465cdc5ac8d6553177612a458e2a97f7f370ca9803f104afa1aa4cef87.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/86319e542d6d87a9c68a52e18d1628828dcc86fcbe9b9447412955f68f699d16.0.tmp
  • /data/data/####/cache/httpCache/1225f2fc7f2046a0f403e6ba3a929627.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/085c64303165bb4c42debedec58787e6e17963aa3a2a773cdb10cdbc94c39217.0.tmp
  • /data/data/####/cache/httpCache/0dc7fb1fcd0c22ac51ba660579f4e20b.0
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/b200c9e84eaf03e351e8b7c045e399537708073a1a637a5d0af6cc57e94a2765.0.tmp
  • /data/data/####/cache/httpCache/ea4374d2987d76271de6fdb67b168a2c.0.tmp
  • /data/data/####/app_stat_log/1485416476031
  • /data/data/####/app_wa/wa/sv/12hqtegf_1485416446135002097.wa
  • /data/data/####/cache/httpCache/5fe2f1c043c78296969d41e88be6012e.1
  • /data/data/####/cache/httpCache/5fe2f1c043c78296969d41e88be6012e.0
  • /data/data/####/cache/httpCache/41d04c5e680bc325f40fdc1a9b2826f0.1.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/ecf523938a450ac9cdefdde14ab804bcac084a4d13ba0219390213ebb8418781.0.tmp
  • /data/data/####/cache/httpCache/54b29f0a77a94e50a751521e7345df99.0
  • /data/data/####/databases/downloader-journal
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/846beb7cfb487ab3f1da25ecc327bac00972386e6ddbb2738acdfe098a788ea2.0.tmp
  • /data/data/####/files/daemon
  • /data/data/####/cache/httpCache/924e0d348c0152414475cdda678569be.1.tmp
  • /data/data/####/cache/httpCache/54b29f0a77a94e50a751521e7345df99.1
  • /data/data/####/cache/httpCache/6a529c2e6bdf331fd1b17a4d7be6a672.1.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/a191b1469f6510cc1d45bbc4911469a56c608b724beb6b5f1f5cdf80be1784a4.0.tmp
  • /sdcard/9appsPro/downloader/tmp/com.uc.iflow_1.4.9.941_41pakage.apk.tmp
  • /data/data/####/databases/main
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/8ed95decaeb1d3eb64058a41a6f24be6736f4a0ad30c49bae2d771251899c241.0.tmp
  • /data/data/####/app_wa/wa/sv/14jsvgih_1485416478096002097.wa
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/9c5ed970979f985fff588950aefa99ec1282b29e2a1f875a4d39e3275388ac2b.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/7a341ab641aa5914442096bd5d898e8ffc4f947d537532d3939da9e3933ab442.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/1ab98c684d3aba8697892ace494c6ada32326e0c75c56e7b90647fd5c7ee2d19.0.tmp
  • /data/data/####/cache/httpCache/dcaa62468fd97cf5bc76885d42e1ebf6.1.tmp
  • /data/data/####/databases/pushmessage-journal
  • /data/data/####/cache/httpCache/924e0d348c0152414475cdda678569be.0.tmp
  • /data/data/####/app_wa/wa/sv/13irufhg_1485416464505002097.wa
  • /data/data/####/shared_prefs/9apps.xml
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/d17199e408ed2800d9b1d65b4ada1696ba5063781bdd323e26a7b5379a6a1f48.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/37d79a11742599c00aeb764dd6a10e3fbc44a3aae12671333c0624c96c55413e.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/bf70dd740a8a7f37146993f0dda91528c3a4fa4ffacc7d5a52db4f67fd71b97b.0.tmp
  • /data/data/####/cache/httpCache/e0748159352104b997f55b44409205e0.0
  • /data/data/####/cache/httpCache/e0748159352104b997f55b44409205e0.1
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/254370af45b6c010e470466fb2f89ece3c3902c2fd439ecdb09232bbc9b5ceb4.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/b951632ece4f82ddf3acf2a4cb3c657218be866b21b147975e43be9a76ad65a3.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/13e1b9f2c607138142d3a2eb6cb6aa86a7ddedc4c10657acced0da10c0f0388f.0.tmp
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.start
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/fee13f95721111be122089fb71c3afed6b4e552218379d39f1250f0e520425fe.0.tmp
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.time
  • /data/data/####/cache/httpCache/a0d7f542cb6bc6f296e2a38725f44e9f.1
  • /data/data/####/cache/httpCache/a0d7f542cb6bc6f296e2a38725f44e9f.0
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/1e5e4b9f5b9d8b02c741b3155752714ef575ba737843813917dd8a00ee3ee306.0.tmp
  • /data/data/####/cache/httpCache/d0982fca6f03f1761c7b639fc689e822.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/95701a3ecc10bcea1b34c0c07ec47ce701e0f117507590b077b0d15eb153153d.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/d0f3be613dd25695d554001a14785e4279dd280a8df6e9d5d304aabeb40b06d0.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/389dcf5e4bed667d153fff7e929664d4a8a636d51685dcbf34ae908cc236e5a3.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/7f7796274b8e55538b2d378854f632d5d175d908258da0c2bc9c425b4a814a71.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/10e7c8e1598a4cb694cdaa2b1f69f86bbb0a11c1e894467912469b663908c2bc.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/f7d467a130b65735cc0bc46c084b9bf8cecdf5cc80760a4809e63ee1006909f2.0.tmp
  • /data/data/####/databases/WaValue.db-journal
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/7270d439b236d7cea916ce070544c3e5266a1041bd9f991a84fe22099c91513b.0.tmp
  • /data/data/####/crashsdk/tags/unique
  • /data/data/####/cache/httpCache/eea893a57182a2fa1f480bbbd600faf0.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/97154221b535b11b71e77e37bd29c3da867fd50d9207483f3becb17361d60e29.0.tmp
  • /data/data/####/cache/httpCache/41d04c5e680bc325f40fdc1a9b2826f0.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/3d4d4c8c7f26a57ea2f81f81120b7713cbf81f4bdf8e17635a7665964de57ec1.0.tmp
  • /data/data/####/cache/httpCache/1225f2fc7f2046a0f403e6ba3a929627.1.tmp
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.ff
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/fe9d83cbf0d45c2b4311753c024e5628ba540ee628a06b229a2f1a5a31bb5b4d.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/764c253284b60f85c3e207308ebe15e165430da9efadee6f938f546213259a36.0.tmp
  • /data/data/####/cache/httpCache/d0982fca6f03f1761c7b639fc689e822.1.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/7f7c62663c12817af04426c4531ea8fd171078ce93fefdc9cc811a4081c1192e.0.tmp
  • /data/data/####/cache/httpCache/eea893a57182a2fa1f480bbbd600faf0.1.tmp
  • /data/data/####/cache/httpCache/dcaa62468fd97cf5bc76885d42e1ebf6.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/43e93f4bf106e8cf53fedacca995c2b505dc8425b8259170276efb2b88223424.0.tmp
  • /data/data/####/databases/main-journal
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/248cf67ed743e3a1a550986849cb1561877b80a9f99789bb997c09e0e2f61361.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/ca962938f2ac0e636a5e5b4f448384b5fed06e1dcb8ec383b3327eb1705f239e.0.tmp
  • /sdcard/9appsPro/downloader/tmp/com.uc.browser.en_10.9.0_104pakage.apk.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/f2d87b377c5928cee4d686eeff981fd50063cf0ec06a51b82e648a555a8c1267.0.tmp
  • /sdcard/9appsPro/downloader/tmp/com.bbm_3.3.1.24_2564pakage.apk.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/47be57c072af327e99c485997eb7550d6cf978c65ebcae80a01ee6c3b1a7f649.0.tmp
  • /data/data/####/shared_prefs/ffc1d42b1ca5e3db2657d00b91997f6a.xml
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/8fd0db51eda192395fadb001a7156426219dfc47fedc5a82dd462e080fa14de8.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/ee9966bf30d56802888c014eb96b7ea167779e4de32a7e688eab44196c7406fd.0.tmp
  • /data/data/####/cache/httpCache/3d61c9dcf1d4aa80d309442009b63cf5.0
  • /data/data/####/cache/httpCache/3d61c9dcf1d4aa80d309442009b63cf5.1
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/4c70e7a10529924a1225af16b93ab1795ee727c2c2ca7605af76b6fee4dbae19.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/446e734549adb0d5db56015ac1d81772db2bdd8bfd5ee0ce56cf146f305e74d5.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/e0940dbcf17ec55f3035171f51c47196efc099f325caa2f9eba5c5c492b7f1ec.0.tmp
  • /data/data/####/shared_prefs/####_preferences.xml
  • /data/data/####/shared_prefs/com.google.android.gcm.xml
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/aaa46ba2b68a19c47769f498f85e4ca3fc3b5e3f8f36ee64cd7ad41aa4c2d763.0.tmp
  • /data/data/####/shared_prefs/9apps.xml.bak
  • /sdcard/9appsPro/downloader/tmp/com.UCMobile.intl_11.2.8.945_361pakage.apk.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/c1cd8dbe82b4332fe7b064994ccc32e13b81f4e8891493287f990d20bc5f7d65.0.tmp
  • /data/data/####/cache/httpCache/journal
  • /data/data/####/app_wa/wa/sv/1/11gpsdfe_1485416445154002097.wa
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.pid
  • /data/data/####/cache/httpCache/965d7f7328cbf9f1f5b940ea0142d452.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/a579f83b909954b0479e3c7aaef40b50ada31625c1277a45ce4939b6432ceaec.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/2c09381ef7534b71f5f9a462acf39bb96736317c4f98a6a652a63a491003952d.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/5b2025ab0923c0603f87d99250dbac94a573b9acf152fea5355a33a87c0a7191.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/85d50592bc3c7ad83ea074670e9241767b1e24d00f3bb23be321444c1abe3ac0.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/a053ae01588a28c520c1fb7835c26004ad5a6166e71dadc0ecb3fa935ffecd67.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/ec8a663e84063c452b7ae84a0f43b1cf45ad893453300b44d65245fd63df8fc2.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/df6859912c13fa1f57d8b3417eb71b55e6bc8a3e579d68aea4224ffeb50c75b4.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/64f6928678fc970ac38e72907695bb6d730bc0712caa405da89e87d15765a1fc.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/03ea6931c09d8ef1889e02d16507a211291d5a7cc3268d5636830a456a22eb2e.0.tmp
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/journal.tmp
  • /data/data/####/HasStarted
  • /data/data/####/cache/httpCache/89d4de8a9fe11df1fe8bd4583917827a.0
  • /data/data/####/cache/httpCache/89d4de8a9fe11df1fe8bd4583917827a.1
  • /sdcard/Android/data/####/cache/image_manager_disk_cache/8c561419b9fc7c64b112170e79d21d8294710a6c0df89dce74939671b7c41084.0.tmp
  • /data/data/####/cache/httpCache/14c23dfed92a9b07beee3e3dee8207d1.0.tmp
  • /data/data/####/crashsdk/tags/EROTSENIN0DIORDNA0PPA.ps
  • /data/data/####/databases/gpoffer-journal
Sets the 'executable' attribute to the following files:
  • /data/data/####/files/daemon
Miscellaneous:
Executes next shell scripts:
  • sh
Contains functionality to send SMS messages automatically.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play