PARA USUARIOS

Cerrar

Mi biblioteca
Mi biblioteca

+ Añadir a la biblioteca

Buscar
Buscar

Soporte
Soporte 24 horas | Normas de contactar

Escribir

una solicitud al rellenar un formulario

Llamar

+7 (495) 789-45-86

Foro

Sus solicitudes

Crear una nueva solicitud

Llamar

+7 (495) 789-45-86

Perfil

ES

RU CN DE EN ES FR IT JP KZ UZ PL BY
Cerrar
Servicios
Escáneres
Dr.Web vxCube
Demo
Peritaje de IIV
Biblioteca de virus
Base de conocimiento

Tecnologías

Términos

Formación y educación

Mitos

Noticias

Android.RemoteCode.8387

Added to the Dr.Web virus database: 2024-06-24

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.RemoteCode.337.origin
Network activity:
Connects to:
  • UDP(DNS) <Google DNS>
  • TCP(TLS/1.0) and####.a####.go####.com:443
  • TCP(TLS/1.0) 2####.239.32.223:443
  • TCP(TLS/1.0) connect####.gst####.com:443
  • TCP(TLS/1.2) 1####.250.150.101:443
  • TCP(TLS/1.2) 1####.251.1.95:443
  • TCP(TLS/1.2) 1####.177.14.94:443
  • TCP(TLS/1.2) 64.2####.164.95:443
  • TCP(TLS/1.2) 64.2####.162.95:443
  • TCP(TLS/1.2) 64.2####.161.95:443
  • TCP(TLS/1.2) and####.a####.go####.com:443
  • TCP(TLS/1.2) 64.2####.163.95:443
  • TCP 64.2####.161.100:443
DNS requests:
  • and####.a####.go####.com
  • connect####.gst####.com
File system changes:
Creates the following files:
  • /data/anr/traces.txt
  • /data/data/####/.bundledAppData
  • /data/data/####/.fsgkea
  • /data/data/####/.jg.ri
  • /data/data/####/.jg.store.report_cf
  • /data/data/####/.jg.store.report_pid
  • /data/data/####/.set_app_data.zip
  • /data/data/####/000003.log
  • /data/data/####/02bf33e4df0b9f5aeb915a46162e7c3542290b82973b129...90b8.0
  • /data/data/####/0323f5d7b6bf442d32e0c09b7dd914a46e401d9d58fda0b...8ffc.0
  • /data/data/####/04d7098d5011d821563b4e6aefb0abd5c5b8a540651926f...f9f8.0
  • /data/data/####/06f496c5f828b91c2f4829e51afa9dbc.0
  • /data/data/####/06f496c5f828b91c2f4829e51afa9dbc.1
  • /data/data/####/081e17d76eb8c5b0f32269e0a116b27465c828f0f0a3714...2a93.0
  • /data/data/####/082f7fd22db835c46514d6377c0705a6263f2aa99367178...b419.0
  • /data/data/####/08cc83b25e9810fdda1db365bfb400310c19fb4af4ac667...6010.0
  • /data/data/####/08d460f9b79d01538e34d2063b9c67b6.0
  • /data/data/####/08d460f9b79d01538e34d2063b9c67b6.1
  • /data/data/####/10f4185e2271aafb70f70fc22d1c0f14aa9dd91601ec49e...a409.0
  • /data/data/####/1218363059d70a4f92cf16e860e7cc5d8224dc481f2045b...ea18.0
  • /data/data/####/14eb57250e5dad236d11d6d562cc9f6522852fa23e47ed1...5563.0
  • /data/data/####/15ddc2d371ce6f67_0
  • /data/data/####/16d819b8a6ba2fdb60ff0c9d1ee973a6ce980a136f4905c...acaf.0
  • /data/data/####/17cca99f36fc1bd39e44eace4e75f7f353b92611e8d602c...70f3.0
  • /data/data/####/1aa31204085bb21eca23babc4c383ccb.0
  • /data/data/####/1aa31204085bb21eca23babc4c383ccb.1
  • /data/data/####/1c4fc0c11619ea42589cdad6a5f222f7e4a7570d9b574b7...d07e.0
  • /data/data/####/1cc84ceea7b4281112e6e3f195aeb04d.0
  • /data/data/####/1cc84ceea7b4281112e6e3f195aeb04d.1
  • /data/data/####/2060762962de9f775a09580d7eb5932f.0
  • /data/data/####/2060762962de9f775a09580d7eb5932f.1
  • /data/data/####/21e0a028b8124615d8a54a3f67a70d40.0
  • /data/data/####/21e0a028b8124615d8a54a3f67a70d40.1
  • /data/data/####/25bfc496ab53a0856174ce20802aac0bf9998c35186330f...06a6.0
  • /data/data/####/264b92a2671cd32f20efd1efaf290025c104f9348a6c8e4...741f.0
  • /data/data/####/280c00b42ad8467b7d433499b651a8e0ddf78f1418b25ad...bc08.0
  • /data/data/####/2a01798f53fc17e67360a42ee2e43f7b.0
  • /data/data/####/2a01798f53fc17e67360a42ee2e43f7b.1
  • /data/data/####/2a08a4fffc50311492a9042b68cc84e3d13970f3c5c815b...31ed.0
  • /data/data/####/2aabc8709dccb357ab9ae95da4c936a215887bc8ad18b9f...2253.0
  • /data/data/####/2c2c76fc3358a0c295d16ec199642010e59e7680fb2993f...30a8.0
  • /data/data/####/3804ac0efe04121c_0
  • /data/data/####/3b98b17c3a70b19a7c45854bd837085be10710cc1eeb4fa...0b20.0
  • /data/data/####/3cae8f1f9fe335640173ce163c150faac4f79c6f0a39859...30e5.0
  • /data/data/####/3d1162b062bee5e.uid
  • /data/data/####/3d22216329afff52a9f634d76dfcd3532f3d79ea0ba1a64...5a7c.0
  • /data/data/####/3e46a35885881028f78754b95a672deb8b457e0060d8a24...7e66.0
  • /data/data/####/3ef8b8d49cd0d1d7805e84415ce09f7511820b7a4ee3c97...f88a.0
  • /data/data/####/45e69c67ad830f52fefa4d31298d24c2103f87c81694d71...4eaf.0
  • /data/data/####/462c5eedbd09a6243e698c5122e53d8e72c65dd2c6dc92a...61ab.0
  • /data/data/####/47b404af4c31f0f52cf24ac8c4d2821bdbf5cc4c5fe3676...146f.0
  • /data/data/####/48c06cc0beef0a54f32f0d4bd918946b.0
  • /data/data/####/48c06cc0beef0a54f32f0d4bd918946b.1
  • /data/data/####/494c5ee58917f02799f9ba0b8f95ae4c.0
  • /data/data/####/494c5ee58917f02799f9ba0b8f95ae4c.1
  • /data/data/####/4bf50fd970107fc12749c999c805cad7ca084088cb15419...1a0c.0
  • /data/data/####/4cb0cbd5c868f955ccb67fb76cc50cf2866d816b5d2a214...b674.0
  • /data/data/####/4cdd4690106d1afe3487f962e6cde7bff0acb0f469caca9...cddc.0
  • /data/data/####/51cd6dcff757d14b.uid
  • /data/data/####/527c50c8650a23324de618ae1a851741aafbcd5864b6926...84ee.0
  • /data/data/####/541f8cc137d7a7ec1adee58ac9e79d12.0
  • /data/data/####/541f8cc137d7a7ec1adee58ac9e79d12.1
  • /data/data/####/552663c44d0a421abeea21f0b657f55ad0a972ae5d8b731...a639.0
  • /data/data/####/554fdb472038623dc4d4afb76302d868ea96167058429b0...1a7f.0
  • /data/data/####/56aec2629a5abbfd325dc5249554d69fd7c9ba42e9c99c5...1acc.0
  • /data/data/####/5813ea5617541d7db0279a193ec6d73f0dd4cd3fbff9b4a...dbde.0
  • /data/data/####/5a26fd4680905fa8f44b3f0dbe55bb680845e6947de7df0...ae00.0
  • /data/data/####/5beba1d881062d0f2faf490b7e856689b6408bda82ea262...5ecb.0
  • /data/data/####/60a1feb6b529dfd491d3143468c5e33da13380c8d60e960...7b50.0
  • /data/data/####/60f50b70e7dae7508e0689987004d52c0e737d0d183ee8c...eb89.0
  • /data/data/####/629c146b510483222c424fe967050b73.0
  • /data/data/####/629c146b510483222c424fe967050b73.1
  • /data/data/####/62aa7f51e621aab5ab4978cd09bd92a96a4c125e8cef7e5...1238.0
  • /data/data/####/632131d733547a4b620d89f7b3017f26ce1c8e4d78a0d1c...2871.0
  • /data/data/####/63d7266f70ac5f9590849e4d953bea5b65a125c96f362cb...c0a4.0
  • /data/data/####/65ee3869377e0db52d421d6e831b55fee3b7137abc33c14...c70f.0
  • /data/data/####/6641C80F00FD000128E067D4B1276578
  • /data/data/####/6641C82400DB00012AEA67D4B1276578
  • /data/data/####/6641CADC03500001369867D4B1276578
  • /data/data/####/66478E0D00AA00010F9C67D4B1276578
  • /data/data/####/67a5f5962b0729a94d667e5b21279541b3b8519adf917d3...3301.0
  • /data/data/####/696733fb63329d1a8a38fb496eb25b15982f7679c70904b...6dce.0
  • /data/data/####/6a164d419a29f909d099fed06a7273a0f02b227f717860a...45ee.0
  • /data/data/####/6a4a1748acd1f0af7f22e67062d09fe1ac1795a1ed4c0f6...6b52.0
  • /data/data/####/6ca9e94e8f7b1217486e30839a56da41cab0cc47ca5aa9e...83b2.0
  • /data/data/####/6e9d71beb91d3cfa58480862087e4950.0
  • /data/data/####/6e9d71beb91d3cfa58480862087e4950.1
  • /data/data/####/6f9c0d79566798adb3691f085d873f93e0d71f8e42303e5...e0df.0
  • /data/data/####/720d8f75fcf0f5e5ca9cb139545238a11876189fe5558d7...c670.0
  • /data/data/####/73b98dc95072d8512a382ff7085b46bb86e6dd4b1b2825c...e23b.0
  • /data/data/####/76ea701c034973fb9d6ceedf69c89fc4eb121bd3fee905a...0730.0
  • /data/data/####/7891d9913d1ada50123421b5eeea4133.0
  • /data/data/####/7891d9913d1ada50123421b5eeea4133.1
  • /data/data/####/7a9afba648ae46dc0c94f55b7b9a3ee5b9dc51b70cb72d2...d636.0
  • /data/data/####/7b8b5d08759261592d6e5d1727beaa6b1bf838bfb79bd3e...5aa1.0
  • /data/data/####/7e434b19551c2f4fd16d41d457e747e53e294380edb0363...058d.0
  • /data/data/####/83cb1595ff2d7594837297359b371f8ef2cd3e0c61ba237...4805.0
  • /data/data/####/83ec9a40ac8515a799e5024955b3229f.0
  • /data/data/####/83ec9a40ac8515a799e5024955b3229f.1
  • /data/data/####/8511961a37bbcba54b147bdab7ee0e81c7085bd11b21497...5af0.0
  • /data/data/####/8a0d5a76027a3dfee10fdab321eb473370d5262013a545b...ba88.0
  • /data/data/####/8d07308584db2b73226273b1ae11431a5f92d07674277af...510e.0
  • /data/data/####/8d749856063ea0cd1b51b1047cd718ec473966881f4bf1f...0fd7.0
  • /data/data/####/8eeb36694fb9c5528bafd15c9c1fd4b4.0
  • /data/data/####/8eeb36694fb9c5528bafd15c9c1fd4b4.1
  • /data/data/####/8f9d1a1f6c488e40c5fdc10dc768d722.0
  • /data/data/####/8f9d1a1f6c488e40c5fdc10dc768d722.1
  • /data/data/####/9051c86ba8513dfebb5eb76f63af257396bcda7748baae3...2f6d.0
  • /data/data/####/90a03c422c0973d6e99bd19dfd86f188756fc6cd7e53b69...ef90.0
  • /data/data/####/90bd96d1c0b3dbe341cc5a33f373183a.xml
  • /data/data/####/94dc4d1d55dcbfa405684c27d813ed4dacb5bf710912906...8d4b.0
  • /data/data/####/953cf19b0a4d20453d344996de71c3c5a8e5af6364ee0ab...3c11.0
  • /data/data/####/967ca4208bc18909405d5b3e158ea3b7d48b959861134a9...4860.0
  • /data/data/####/9745c47f6481c000ab96b61075426782dc9e7ce983f6d93...97ed.0
  • /data/data/####/974abe228c36b39d04b67188af34f9db8b975993e9292b9...ae47.0
  • /data/data/####/9978a04cb1d8d17516dac07faf38bec4215d719122dc0db...8017.0
  • /data/data/####/99b6eaae429cd6b48665ac2d7fdf030d.0
  • /data/data/####/99b6eaae429cd6b48665ac2d7fdf030d.1
  • /data/data/####/99ee269dcd02a60b55f13861a595dbcef36748a9b509c18...34c7.0
  • /data/data/####/9b160a8b9afda04413d01925ec777cd4.0
  • /data/data/####/9b160a8b9afda04413d01925ec777cd4.1
  • /data/data/####/9c30b0cd5abe55941ef557d1baec0ab220b99f9d0491da6...0ec5.0
  • /data/data/####/9d5429f45ad7693cc91da2d221f49b6f95b182644a47cde...d044.0
  • /data/data/####/9f2fa118b4a1e75af2f7918036b192e149006c67b70efd8...1d5a.0
  • /data/data/####/AAAAAAAAAAAAAAAAAAAAAAAAAAAA
  • /data/data/####/AAAAAAAAAAAAAAAAAAAAAAAAAAAA (deleted)
  • /data/data/####/AAAAAAAAAAAAAAAAAAAAAAAAAAAAA
  • /data/data/####/AAAAAAAAAAAAAAAAAAAAAAAAAAAAA (deleted)
  • /data/data/####/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
  • /data/data/####/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (deleted)
  • /data/data/####/AppEventsLogger.persistedevents
  • /data/data/####/AwOriginVisitLoggerPrefs.xml
  • /data/data/####/BrowserMetrics-66478E0F-F9C.pma
  • /data/data/####/BrowserMetrics-66478E81-1592.pma
  • /data/data/####/CURRENT
  • /data/data/####/Cookies
  • /data/data/####/Cookies-journal
  • /data/data/####/FBAdPrefs.xml
  • /data/data/####/FirebaseHeartBeatT05FU0lHTkFMX1NES19GQ01fQVBQX0...Yz.xml
  • /data/data/####/FirebaseHeartBeatW0RFRkFVTFRd+MToxNDg4NDk2NTc0M...Q3.xml
  • /data/data/####/FirebasePerfSharedPrefs.xml
  • /data/data/####/GTPlayerPurchases.xml
  • /data/data/####/LOCK
  • /data/data/####/LOG
  • /data/data/####/LOG.old
  • /data/data/####/MANIFEST-000001
  • /data/data/####/MOEInteractions
  • /data/data/####/MOEInteractions-journal
  • /data/data/####/OneSignal.db
  • /data/data/####/OneSignal.db-journal
  • /data/data/####/OneSignal.xml
  • /data/data/####/OneSignalTriggers.xml
  • /data/data/####/PersistedInstallation.T05FU0lHTkFMX1NES19GQ01fQ...z.json
  • /data/data/####/PersistedInstallation.W0RFRkFVTFRd+MToxNDg4NDk2...3.json
  • /data/data/####/Techie_Gamer.patch
  • /data/data/####/Web Data
  • /data/data/####/Web Data-journal
  • /data/data/####/WebViewChromiumPrefs.xml
  • /data/data/####/a2f611321bc8d9e46875d2b2d934e32a.0
  • /data/data/####/a2f611321bc8d9e46875d2b2d934e32a.1
  • /data/data/####/a36ae95ffa0317a6dc4f7547491b02cc4eddd4466576f61...d399.0
  • /data/data/####/a4.xml
  • /data/data/####/a4ccfbabf8c49503c18c027f65c860c207db3e65f71fe6b...09be.0
  • /data/data/####/a534d4add04bf067b91c02cf32fc215b26b7f781f692213...c349.0
  • /data/data/####/a56c09504bd380f90323796284b92120.0
  • /data/data/####/a56c09504bd380f90323796284b92120.1
  • /data/data/####/a6efdef08a0991a971375dd61ae32236.0
  • /data/data/####/a6efdef08a0991a971375dd61ae32236.1
  • /data/data/####/aade1e03da00bebc282bc7e980c31ce2.0
  • /data/data/####/aade1e03da00bebc282bc7e980c31ce2.1
  • /data/data/####/admob.xml
  • /data/data/####/aecc19e381fdf2b0026db10aa4f6babef52bfdd8b2bf691...571a.0
  • /data/data/####/aefed285660dd0f02a4490cb06ce6200b9f597ef79def5c...941e.0
  • /data/data/####/afa6ff45e0a5e49c198ddd86c7191606b19af2c080e9f6a...749b.0
  • /data/data/####/androidx.work.workdb
  • /data/data/####/androidx.work.workdb-shm
  • /data/data/####/androidx.work.workdb-wal
  • /data/data/####/androidx.work.workdb.lck
  • /data/data/####/app_config_pref.xml
  • /data/data/####/appsflyer-data.xml
  • /data/data/####/aps_mobile_client_config.json
  • /data/data/####/b262738f8685b3131225ff4b63af2dd6f7ec41e864af963...ba1d.0
  • /data/data/####/b277be5870f2b6fb54e3121cb254afcb5907bc142ba393d...59ba.0
  • /data/data/####/b4b981c279945e900db4a533683c1bf4.0
  • /data/data/####/b4b981c279945e900db4a533683c1bf4.1
  • /data/data/####/b4e3992a9aea86f59cc146ffb6e9c54203cab9d476078a7...aa64.0
  • /data/data/####/b7d86730e0a73da57ca595a57cbbf700733f0606b95def6...5757.0
  • /data/data/####/batch.db
  • /data/data/####/batch.db-journal
  • /data/data/####/c91ac7e0f045891f4be876826be67a8bdaf98a1109ffeae...e0ab.0
  • /data/data/####/c92e5b99aad2edad1bccbb4a0f72ad50.0
  • /data/data/####/c92e5b99aad2edad1bccbb4a0f72ad50.1
  • /data/data/####/ca48169243a4228fe08d02000b91f5c5.0
  • /data/data/####/ca48169243a4228fe08d02000b91f5c5.1
  • /data/data/####/caaf9d9e4ecb5f73173f896414970271730eaed20acc158...8a33.0
  • /data/data/####/cache_pref.xml
  • /data/data/####/cd1f979d626882ce44ad6e5dd0dbff6224fa3a32adfe145...b794.0
  • /data/data/####/classes.dex
  • /data/data/####/classes.dex;classes10.dex
  • /data/data/####/classes.dex;classes11.dex
  • /data/data/####/classes.dex;classes12.dex
  • /data/data/####/classes.dex;classes13.dex
  • /data/data/####/classes.dex;classes2.dex
  • /data/data/####/classes.dex;classes3.dex
  • /data/data/####/classes.dex;classes4.dex
  • /data/data/####/classes.dex;classes5.dex
  • /data/data/####/classes.dex;classes6.dex
  • /data/data/####/classes.dex;classes7.dex
  • /data/data/####/classes.dex;classes8.dex
  • /data/data/####/classes.dex;classes9.dex
  • /data/data/####/cloneSettings.json
  • /data/data/####/com.amazon.device.ads.dtb.preferences.xml
  • /data/data/####/com.applisto.appcloner.classes.xml
  • /data/data/####/com.crashlytics.settings.json
  • /data/data/####/com.facebook.ads.FEATURE_CONFIG.xml
  • /data/data/####/com.facebook.internal.MODEL_STORE.xml
  • /data/data/####/com.facebook.internal.preferences.APP_GATEKEEPERS.xml
  • /data/data/####/com.facebook.internal.preferences.APP_SETTINGS.xml
  • /data/data/####/com.facebook.sdk.USER_SETTINGS.xml
  • /data/data/####/com.facebook.sdk.appEventPreferences.xml
  • /data/data/####/com.facebook.sdk.attributionTracking.xml
  • /data/data/####/com.google.android.datatransport.events
  • /data/data/####/com.google.android.datatransport.events-journal
  • /data/data/####/com.google.android.gms.appid-no-backup
  • /data/data/####/com.google.android.gms.appid.xml
  • /data/data/####/com.google.android.gms.measurement.prefs.xml
  • /data/data/####/com.google.firebase.crashlytics.prefs.xml
  • /data/data/####/com.google.firebase.crashlytics.xml
  • /data/data/####/com.google.firebase.messaging.xml
  • /data/data/####/com.im.keyValueStore.batch_processing_info.xml
  • /data/data/####/com.im.keyValueStore.coppa_store.xml
  • /data/data/####/com.im.keyValueStore.sdk_version_store.xml
  • /data/data/####/com.im_10.6.7.db
  • /data/data/####/com.im_10.6.7.db-journal
  • /data/data/####/com.radio.pocketfm_preferences.xml
  • /data/data/####/com.smaato.sdk.prefs.xml
  • /data/data/####/config_godel_2.1.20.json
  • /data/data/####/d10c8d34905b7b95bab8fd204f0d59c66978e589a58988a...5786.0
  • /data/data/####/d1940d072e7e87849e8aa7101daa0318bebe3651bf269e4...9ab2.0
  • /data/data/####/d929c0a7658bedb25a577040bd65e811c9d10ccaf5727f3...d25d.0
  • /data/data/####/dab6bcf0a7dc73a06b8d63ecc3727b4301a081698d22f5f...b734.0
  • /data/data/####/db
  • /data/data/####/db-journal
  • /data/data/####/db1bf9236b624680e52a069aad9fefca.0
  • /data/data/####/db1bf9236b624680e52a069aad9fefca.1
  • /data/data/####/dc631612b0d832fe57581cd4b5e4e5a320a3bd447c81aec...3dc3.0
  • /data/data/####/dd22377e6b26173594219a2fbe4696ee55f4047c8e6e735...7f36.0
  • /data/data/####/dddb7c1dd7f3bb102d2dc0753267c22316c81a9c3bdbf43...1739.0
  • /data/data/####/dde7912531699a3a83f952122fe28a871b4af7c423bfd82...a74d.0
  • /data/data/####/e1facbf8c01dcd64fe16ca09a0c843922513785caf2fc4a...55d6.0
  • /data/data/####/e3d4580c570ca7b5a230749192bb4824.0
  • /data/data/####/e3d4580c570ca7b5a230749192bb4824.1
  • /data/data/####/e41fd72f7c858e1f11ef8507333bd2e719ecca512ead265...06bc.0
  • /data/data/####/e71cdbd6db383230764f6459758fdd50.0
  • /data/data/####/e71cdbd6db383230764f6459758fdd50.1
  • /data/data/####/e848e88132eaf9cc0b29a3ff553392c50f574b0772fc1db...bce2.0
  • /data/data/####/ea0f85f7b98b8e6a9a8200d1342784000cfa2393e8eff80...3f26.0
  • /data/data/####/ef03fa3cdb65ddc4b72e54b80369a6b8e8456a365c5e83b...2848.0
  • /data/data/####/event0000000000
  • /data/data/####/exoplayer_internal.db
  • /data/data/####/exoplayer_internal.db-journal
  • /data/data/####/f03f9e3c30a2e266cb9e4abdbc1551ea5e209e4fb9e12bd...5b20.0
  • /data/data/####/f136d856af5c64b5a47c56fb8de2ec2f4e54bb4151aa04e...d3bd.0
  • /data/data/####/f3eaa477d1d207be084d0c71b090d1242449143794e5912...39de.0
  • /data/data/####/f3f4d20bce8d7aaa36bb96afb2cfb43fe3fd62692b4917b...1f29.0
  • /data/data/####/f57b508f77b4777231e44db8096c7f3228a82937a253226...374d.0
  • /data/data/####/f7c126fc70dddcffb966bdddaedc2ac04c2f77b1ee70b32...72d1.0
  • /data/data/####/fa1846a190872b0197ea99a4af3aa2faf5de597e0c6eee5...23ba.0
  • /data/data/####/fa50c1266cb7ac2c781d1b06ea5c6d657034148f585b972...5c48.0
  • /data/data/####/fabb690f08101653677887e77f187315f03caeeee10d410...7594.0
  • /data/data/####/fb5e084ea6c8d0dea5f5b2921f02ad73a57ad212bdeaded...a30f.0
  • /data/data/####/fbf7ad96532b1f6f_0
  • /data/data/####/fcc11743644a813c4f9f24588e7d7fdcb616167af6d0b34...6729.0
  • /data/data/####/fd37c468da80cee0e421941eb961cd77ceff3666469644c...95ec.0
  • /data/data/####/firebase_session_Y29tLnJhZGlvLnBvY2tldGZt_data....ces_pb
  • /data/data/####/firebase_session_Y29tLnJhZGlvLnBvY2tldGZt_setti...ces_pb
  • /data/data/####/font_unique_name_table.pb
  • /data/data/####/frc_1;148849657400;android;92c785d79f1bfb47_fir...e.json
  • /data/data/####/frc_1;148849657400;android;92c785d79f1bfb47_fir...gs.xml
  • /data/data/####/frc_1;148849657400;android;92c785d79f1bfb47_fir...s.json
  • /data/data/####/freshchat.db
  • /data/data/####/freshchat.db-journal
  • /data/data/####/generatefid.lock
  • /data/data/####/godel.xml
  • /data/data/####/google_app_measurement_local.db
  • /data/data/####/google_app_measurement_local.db-journal
  • /data/data/####/ic_bank_508532_godel_2.1.20.png
  • /data/data/####/ic_bank_508534_godel_2.1.20.png
  • /data/data/####/ic_bank_508548_godel_2.1.20.png
  • /data/data/####/ic_bank_607153_godel_2.1.20.png
  • /data/data/####/ic_googlepay_godel_2.1.20.png
  • /data/data/####/ic_mode_wallet_godel_2.1.20.png
  • /data/data/####/ic_paytm_godel_2.1.20.png
  • /data/data/####/index
  • /data/data/####/jgobfppppp (deleted)
  • /data/data/####/journal
  • /data/data/####/jp_ic_new_upi_godel_2.1.20.png
  • /data/data/####/juspay-pre-logs-queue-0.dat
  • /data/data/####/last-exit-info
  • /data/data/####/libjiagu.so
  • /data/data/####/manifest_godel_2.1.20.json
  • /data/data/####/natives_sec_blob1007679267.dex
  • /data/data/####/natives_sec_blob1007679267.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1014974172.dex
  • /data/data/####/natives_sec_blob1014974172.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1134864764.dex
  • /data/data/####/natives_sec_blob1134864764.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1201026250.dex
  • /data/data/####/natives_sec_blob1201026250.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1202934671.dex
  • /data/data/####/natives_sec_blob1202934671.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1272017086.dex
  • /data/data/####/natives_sec_blob1272017086.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1374729718.dex
  • /data/data/####/natives_sec_blob1374729718.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1384871107.dex
  • /data/data/####/natives_sec_blob1384871107.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1414669159.dex
  • /data/data/####/natives_sec_blob1414669159.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1478583449.dex
  • /data/data/####/natives_sec_blob1478583449.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1650028217.dex
  • /data/data/####/natives_sec_blob1650028217.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1729868277.dex
  • /data/data/####/natives_sec_blob1729868277.dex.flock (deleted)
  • /data/data/####/natives_sec_blob1911485082.dex
  • /data/data/####/natives_sec_blob1911485082.dex.flock (deleted)
  • /data/data/####/natives_sec_blob253217323.dex
  • /data/data/####/natives_sec_blob253217323.dex.flock (deleted)
  • /data/data/####/natives_sec_blob41377741.dex
  • /data/data/####/natives_sec_blob41377741.dex.flock (deleted)
  • /data/data/####/natives_sec_blob59703950.dex
  • /data/data/####/natives_sec_blob634842259.dex
  • /data/data/####/natives_sec_blob634842259.dex.flock (deleted)
  • /data/data/####/natives_sec_blob932609436.dex
  • /data/data/####/natives_sec_blob932609436.dex.flock (deleted)
  • /data/data/####/natives_sec_blob982996217.dex
  • /data/data/####/natives_sec_blob982996217.dex.flock (deleted)
  • /data/data/####/pocketfm_database
  • /data/data/####/pocketfm_database-shm
  • /data/data/####/pocketfm_database-wal
  • /data/data/####/pocketfm_database.lck
  • /data/data/####/pref_moe.xml
  • /data/data/####/pref_moe_common.xml
  • /data/data/####/pref_store
  • /data/data/####/profileInstalled
  • /data/data/####/profileinstaller_profileWrittenFor_lastUpdateTime.dat
  • /data/data/####/report
  • /data/data/####/sdk_config_godel_2.1.20.json
  • /data/data/####/start-time
  • /data/data/####/temp-logs-queue-0.dat
  • /data/data/####/the-real-index
  • /data/data/####/user-data
  • /data/data/####/user_pref.xml
  • /data/data/####/userlog
  • /data/data/####/v1-acs_godel_2.1.20.jsa
  • /data/data/####/v1-boot_loader_godel_2.1.20.jsa
  • /data/data/####/v1-config_godel_2.1.20.jsa
  • /data/data/####/v1-configuration_godel_2.1.20.jsa
  • /data/data/####/v1-icons_godel_2.1.20.jsa
  • /data/data/####/v1-index_bundle_godel_2.1.20.jsa
  • /data/data/####/v1-loader_bundle_godel_2.1.20.jsa
  • /data/data/####/v1-strings_godel_2.1.20.jsa
  • /data/data/####/v1-tracker_godel_2.1.20.jsa
  • /data/data/####/variations_seed
  • /data/data/####/variations_stamp
  • /data/data/####/webview_data.lock
Miscellaneous:
Loads the following dynamic libraries:
  • libjiagu
Uses the following algorithms to decrypt data:
  • AES
Uses special library to hide executable bytecode.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play