Executes next shell scripts:
- cat /proc/cpuinfo
- chmod 755 <Package Folder>/files
- chmod 755 <Package Folder>/files/coolkey
- chmod 755 <Package Folder>/files/libjiagu.so
- chmod 755 <Package Folder>/files/skeleton
- chmod 755 <Package Folder>/files/skeleton/coolkey
- ls /dev/socket
- netstat
- ps
- service call iphonesubinfo 1
- sh -c cat /proc/cpuinfo
- sh -c cat /proc/net/arp
- sh -c cat /proc/sys/kernel/osrelease
- sh -c cat /proc/sys/kernel/random/boot_id
- sh -c cat /proc/sys/kernel/random/uuid
- su -v
Loads the following dynamic libraries:
Uses the following algorithms to encrypt data:
- AES-CBC-PKCS5Padding
- DES-CBC-PKCS5Padding
Uses elevated priveleges.
Uses special library to hide executable bytecode.
Gains access to geolocation.
Gains access to telephone information (number, imei, etc.).
Gains access to information about installed applications.
Adds tasks to the system scheduler.
Displays its own windows over windows of other applications.