Executes next shell scripts:
- <Package Folder>/app_lib/unobs <Package> http://112.124.45.224/uninstall/?site=malbum&device_id=<IMEI>fe972356a9e0kkapp&version=2.3.20140709&imsi=<IMSI>&channel=wangdoujia&model=<System Property>&free_mem=838426624&total_mem=1055907840&language=en_US 0
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- chmod 775 <Package Folder>/app_lib/unobs
- sh <Package Folder>/app_lib/unobs <Package> http://112.124.45.224/uninstall/?site=malbum&device_id=<IMEI>fe972356a9e0kkapp&version=2.3.20140709&imsi=<IMSI>&channel=wangdoujia&model=<System Property>&free_mem=838426624&total_mem=1055907840&language=en_US 0
Loads the following dynamic libraries:
- ku3d
- libjiagu
- tiffdecoder
Uses the following algorithms to encrypt data:
Uses the following algorithms to decrypt data:
- AES-ECB-PKCS5Padding
- DES
- RSA-ECB-PKCS1Padding
Uses special library to hide executable bytecode.
Gains access to network information.
Gains access to telephone information (number, imei, etc.).
Gains access to information about running applications.
Displays its own windows over windows of other applications.