PARA USUARIOS

Cerrar

Mi biblioteca
Mi biblioteca

+ Añadir a la biblioteca

Buscar
Buscar

Soporte
Soporte 24 horas | Normas de contactar

Escribir

una solicitud al rellenar un formulario

Llamar

+7 (495) 789-45-86

Foro

Sus solicitudes

Crear una nueva solicitud

Llamar

+7 (495) 789-45-86

Perfil

ES

RU CN DE EN ES FR IT JP KZ UZ PL BY
Cerrar
Servicios
Escáneres
Dr.Web vxCube
Demo
Peritaje de IIV
Biblioteca de virus
Base de conocimiento

Tecnologías

Términos

Formación y educación

Mitos

Noticias

Android.Hidden.12127

Added to the Dr.Web virus database: 2024-10-13

Virus description added:

Technical information

Malicious functions:
Removes app icon from the screen.
Threat detection based on machine learning.
Network activity:
Connects to:
  • UDP(DNS) <Google DNS>
  • TCP(TLS/1.0) firebas####.crashly####.com:443
  • TCP(TLS/1.0) cdn.ever####.com:443
  • TCP(TLS/1.0) grs.dbankc####.com:443
  • TCP(TLS/1.0) lo####.sc.om####.net:443
  • TCP(TLS/1.0) 1####.194.163.20:443
  • TCP(TLS/1.0) edge-####.de####.net:443
  • TCP(TLS/1.0) 4jhelh-####.appsfly####.com:443
  • TCP(TLS/1.0) android####.go####.com:443
  • TCP(TLS/1.0) publish####.adobeae####.com:443
  • TCP(TLS/1.0) lotusth####.austral####.ever####.com:443
  • TCP(TLS/1.0) api####.lo####.com:443
  • TCP(TLS/1.0) 2####.239.38.223:443
  • TCP(TLS/1.0) cn-as####.adob####.com.####.net:443
  • TCP(TLS/1.0) ssl.google-####.com:443
  • TCP(TLS/1.0) www.google-####.com:443
  • TCP(TLS/1.0) firebas####.google####.com:443
  • TCP(TLS/1.0) gmscomp####.google####.com:443
  • TCP(TLS/1.0) 1####.250.183.163:443
  • TCP(TLS/1.2) 1####.177.14.104:443
  • TCP(TLS/1.2) firebas####.google####.com:443
  • TCP(TLS/1.2) 64.2####.162.94:443
  • TCP(TLS/1.2) 1####.250.183.163:443
  • TCP(TLS/1.2) 64.2####.164.139:443
  • TCP(TLS/1.2) 1####.250.150.95:443
  • TCP(TLS/1.2) 1####.194.220.95:443
  • TCP(TLS/1.2) 64.2####.164.138:443
  • TCP api####.lo####.com:443
  • UDP 2####.58.208.110:443
  • TCP api-cus####.lo####.com:443
DNS requests:
  • 4jhelh-####.appsfly####.com
  • 4jhelh-####.appsfly####.com
  • 4jhelh-####.appsfly####.com
  • 4jhelh-####.appsfly####.com
  • 4jhelh-####.appsfly####.com
  • android####.go####.com
  • api####.lo####.com
  • api-cus####.lo####.com
  • as####.adob####.com
  • cdn.ever####.com
  • dpm.de####.net
  • firebas####.crashly####.com
  • firebas####.google####.com
  • firebas####.google####.com
  • firebas####.google####.com
  • firebas####.google####.com
  • firebas####.google####.com
  • g####.face####.com
  • gmscomp####.google####.com
  • grs.dbankc####.com
  • lo####.sc.om####.net
  • lotusth####.austral####.ever####.com
  • publish####.adobeae####.com
  • ssl.google-####.com
  • www.google-####.com
  • www.lo####.com
HTTP GET requests:
  • 4jhelh-####.appsfly####.com:443/android/v1/42aeaf0cd25cf29c018eddd012852...
  • cdn.ever####.com:443/api/dataset/isthprod/appConfig/Android/<Package>/2....
  • cn-as####.adob####.com.####.net:443/873297b9a33a/62880ebb326f/launch-88f...
  • edge-####.de####.net:443/id?d_rtbd=####&d_ver=####&d_orgid=####&d_mid=####
  • firebas####.crashly####.com:443/spi/v2/platforms/android/gmp/1:364576841...
  • lotusth####.austral####.ever####.com:443/api/dataset/isthprod/appConfig/...
HTTP POST requests:
  • 4jhelh-####.appsfly####.com:443/v1.0/android/<Package>?af_sig=####&sdk_v...
  • firebas####.google####.com:443/v1/projects/364576841982/namespaces/fireb...
  • firebas####.google####.com:443/v1/projects/oneapp-25388/installations
  • lo####.sc.om####.net:443/b/ss/lotuss-th-prod/0/ANDN010208011106/s51895938
File system changes:
Creates the following files:
  • /data/data/####/.font5141-5141-0
  • /data/data/####/.     ​
  • /data/data/####/.  ​
  • /data/data/####/.  ​.flock (deleted)
  • /data/data/####/.    
  • /data/data/####/.    .flock (deleted)
  • /data/data/####/.  ​
  • /data/data/####/.  ​.flock (deleted)
  • /data/data/####/.      
  • /data/data/####/.    
  • /data/data/####/.    .flock (deleted)
  • /data/data/####/.     
  • /data/data/####/.     
  • /data/data/####/044955e27c201b7d2566a996d49c9588f057755d86da444....0.tmp
  • /data/data/####/044955e27c201b7d2566a996d49c9588f057755d86da444....1.tmp
  • /data/data/####/059c21f7b3672d7b1b0863d1f849ec21e0d942293d4c723....0.tmp
  • /data/data/####/059c21f7b3672d7b1b0863d1f849ec21e0d942293d4c723....1.tmp
  • /data/data/####/059c21f7b3672d7b1b0863d1f849ec21e0d942293d4c723...17f7.1
  • /data/data/####/08a56dc8831e7e1a65764bba95ac713aba02ac1e4f394ca....0.tmp
  • /data/data/####/08a56dc8831e7e1a65764bba95ac713aba02ac1e4f394ca....1.tmp
  • /data/data/####/0d1c1a99802349567599ba70056ec31dcae1db870173973....0.tmp
  • /data/data/####/0d1c1a99802349567599ba70056ec31dcae1db870173973...442e.0
  • /data/data/####/0d1c1a99802349567599ba70056ec31dcae1db870173973...442e.1
  • /data/data/####/1200f2bf3e3e593c924c533ef1e19685865a899ebef7dd4...11d3.0
  • /data/data/####/1200f2bf3e3e593c924c533ef1e19685865a899ebef7dd4...11d3.1
  • /data/data/####/1728812010972
  • /data/data/####/1728812010976
  • /data/data/####/1d19c2538f973af0451a647de399ecbbf25ce176bdbafc0....0.tmp
  • /data/data/####/1d19c2538f973af0451a647de399ecbbf25ce176bdbafc0....1.tmp
  • /data/data/####/1e91d1543f11bef230b7d5fc6ba037bd7c41c18db460af0....0.tmp
  • /data/data/####/1e91d1543f11bef230b7d5fc6ba037bd7c41c18db460af0....1.tmp
  • /data/data/####/1f1e8eff608a7b8e5c09bd5ec682c85964e94e5f3026096....0.tmp
  • /data/data/####/1f1e8eff608a7b8e5c09bd5ec682c85964e94e5f3026096....1.tmp
  • /data/data/####/1f1e8eff608a7b8e5c09bd5ec682c85964e94e5f3026096...e1cd.1
  • /data/data/####/268d68daf63635f77c958dc575e819add3d99b2d0729498....0.tmp
  • /data/data/####/268d68daf63635f77c958dc575e819add3d99b2d0729498....1.tmp
  • /data/data/####/275b218f3e04569ff9825ff8f8698ef503b31df1ff87eac....0.tmp
  • /data/data/####/275b218f3e04569ff9825ff8f8698ef503b31df1ff87eac....1.tmp
  • /data/data/####/2a8c07ad8f9a150cae9f7bbeb33fc06de6c8927e807add9....0.tmp
  • /data/data/####/2a8c07ad8f9a150cae9f7bbeb33fc06de6c8927e807add9....1.tmp
  • /data/data/####/2e8819f3413bb5b581a7d46aa86bf460976555daa3d68c7....0.tmp
  • /data/data/####/2e8819f3413bb5b581a7d46aa86bf460976555daa3d68c7....1.tmp
  • /data/data/####/305ef39f1be81e8f39d354f8242be629720352a6388e732....0.tmp
  • /data/data/####/305ef39f1be81e8f39d354f8242be629720352a6388e732....1.tmp
  • /data/data/####/32ed07f00559da4926df51cc45dcf96092292c25e95fe06...artial
  • /data/data/####/33ddc011872fd66b4b35dc0de82e6c255f3814a5b8d9f0d....0.tmp
  • /data/data/####/33ddc011872fd66b4b35dc0de82e6c255f3814a5b8d9f0d....1.tmp
  • /data/data/####/3714b1f86752d63eb2fa1487c630980165ba264c12dd123....0.tmp
  • /data/data/####/3714b1f86752d63eb2fa1487c630980165ba264c12dd123....1.tmp
  • /data/data/####/37ecfb26dd67197efc4ed315b1eee9668a639f6b4f1d839....0.tmp
  • /data/data/####/37ecfb26dd67197efc4ed315b1eee9668a639f6b4f1d839....1.tmp
  • /data/data/####/387ff361c7cfe76baa99b369930eb2355aed7bacbd16688....0.tmp
  • /data/data/####/387ff361c7cfe76baa99b369930eb2355aed7bacbd16688....1.tmp
  • /data/data/####/410f7accc20cb7a714dfa281b2c1544b3c870e6ef487227....0.tmp
  • /data/data/####/410f7accc20cb7a714dfa281b2c1544b3c870e6ef487227....1.tmp
  • /data/data/####/4d03206bcaf2be5f08308273e0c2d5f56fcc6ba0582872d....0.tmp
  • /data/data/####/4d03206bcaf2be5f08308273e0c2d5f56fcc6ba0582872d....1.tmp
  • /data/data/####/4d03206bcaf2be5f08308273e0c2d5f56fcc6ba0582872d...a72d.1
  • /data/data/####/4fc8bd52-b46a-4847-9564-59bb2fc87e57
  • /data/data/####/4fc8bd52-b46a-4847-9564-59bb2fc87e57_SFMC_PrivacyMode
  • /data/data/####/571d1464bd017ecb34832c53898f54d77075c0e97c471e1....0.tmp
  • /data/data/####/571d1464bd017ecb34832c53898f54d77075c0e97c471e1....1.tmp
  • /data/data/####/571d1464bd017ecb34832c53898f54d77075c0e97c471e1...9d39.1
  • /data/data/####/5bef923598cd3bd6f3c618f2a5e9e354e04986e8cd17ff9....0.tmp
  • /data/data/####/5bef923598cd3bd6f3c618f2a5e9e354e04986e8cd17ff9....1.tmp
  • /data/data/####/5bef923598cd3bd6f3c618f2a5e9e354e04986e8cd17ff9...9022.1
  • /data/data/####/60b28c32206f861cefd779b71e314db271a6f96d85d700d....0.tmp
  • /data/data/####/60b28c32206f861cefd779b71e314db271a6f96d85d700d....1.tmp
  • /data/data/####/62d22a1b805dd476de5f4f846ffad3d391dff7dff0ffeba...502a.0
  • /data/data/####/62d22a1b805dd476de5f4f846ffad3d391dff7dff0ffeba...502a.1
  • /data/data/####/640286e3c1932a7554bbfcdb2be6b773b1adda65641fad0....0.tmp
  • /data/data/####/640286e3c1932a7554bbfcdb2be6b773b1adda65641fad0....1.tmp
  • /data/data/####/640286e3c1932a7554bbfcdb2be6b773b1adda65641fad0...adf4.1
  • /data/data/####/6570d4bc87cd83b15c6732ff4d422eeee79fce1776211ea....0.tmp
  • /data/data/####/6570d4bc87cd83b15c6732ff4d422eeee79fce1776211ea....1.tmp
  • /data/data/####/66e6c09f98bcd6d5978607d61603d68942ad71eb33ca62a....0.tmp
  • /data/data/####/66e6c09f98bcd6d5978607d61603d68942ad71eb33ca62a....1.tmp
  • /data/data/####/66e6c09f98bcd6d5978607d61603d68942ad71eb33ca62a...68c3.1
  • /data/data/####/6782a3275e7b3e6d5be5dcea528790b4302d971fb451dce....0.tmp
  • /data/data/####/6782a3275e7b3e6d5be5dcea528790b4302d971fb451dce....1.tmp
  • /data/data/####/6782a3275e7b3e6d5be5dcea528790b4302d971fb451dce...92ad.1
  • /data/data/####/6a0f91697fe0703e55cfb9f94e98f337ed6729a3d0e882d....0.tmp
  • /data/data/####/6a0f91697fe0703e55cfb9f94e98f337ed6729a3d0e882d....1.tmp
  • /data/data/####/6a0f91697fe0703e55cfb9f94e98f337ed6729a3d0e882d...8e2a.1
  • /data/data/####/6cb3683b0606fb6da6de55ae1717457ca3858631f08d948....0.tmp
  • /data/data/####/6cb3683b0606fb6da6de55ae1717457ca3858631f08d948....1.tmp
  • /data/data/####/6e8ff90bbd543b2f6cea44075eae8b54cb3181726420025....0.tmp
  • /data/data/####/6e8ff90bbd543b2f6cea44075eae8b54cb3181726420025....1.tmp
  • /data/data/####/6e8ff90bbd543b2f6cea44075eae8b54cb3181726420025...3ff3.1
  • /data/data/####/704609e0dba32f29ba1f4dca89c9210b6cdb6259a7198c0....0.tmp
  • /data/data/####/704609e0dba32f29ba1f4dca89c9210b6cdb6259a7198c0....1.tmp
  • /data/data/####/704609e0dba32f29ba1f4dca89c9210b6cdb6259a7198c0...fdd8.1
  • /data/data/####/716b4ddcbb855ccb48f54b3a9016007937f798ad43ec65a....0.tmp
  • /data/data/####/716b4ddcbb855ccb48f54b3a9016007937f798ad43ec65a....1.tmp
  • /data/data/####/761b6e9b8f00ff60f12ed29fc055345a347f9516581e08f....0.tmp
  • /data/data/####/761b6e9b8f00ff60f12ed29fc055345a347f9516581e08f....1.tmp
  • /data/data/####/7efb020c15534afedf55d16a8f140684a63663348e63170....0.tmp
  • /data/data/####/7efb020c15534afedf55d16a8f140684a63663348e63170....1.tmp
  • /data/data/####/80ab88a8c562a38d642a09ad28cc76ce5d7fc4e27d81c59....0.tmp
  • /data/data/####/80ab88a8c562a38d642a09ad28cc76ce5d7fc4e27d81c59....1.tmp
  • /data/data/####/85ed74d0b88ff0cd240c5611778df4163afc347a5adadc6....0.tmp
  • /data/data/####/85ed74d0b88ff0cd240c5611778df4163afc347a5adadc6....1.tmp
  • /data/data/####/8bdfe30bd0408182e4480ab21ba1ae1f5a0063c7fb86a3d....0.tmp
  • /data/data/####/8bdfe30bd0408182e4480ab21ba1ae1f5a0063c7fb86a3d....1.tmp
  • /data/data/####/8bdfe30bd0408182e4480ab21ba1ae1f5a0063c7fb86a3d...c2b5.1
  • /data/data/####/90ecad8969b311e57339f98aba86ffe6c29e250c0c1fbe4....0.tmp
  • /data/data/####/90ecad8969b311e57339f98aba86ffe6c29e250c0c1fbe4....1.tmp
  • /data/data/####/91cc0fca2b80a57e8c34657fa7c2f79c23757105b8a18c6....0.tmp
  • /data/data/####/91cc0fca2b80a57e8c34657fa7c2f79c23757105b8a18c6....1.tmp
  • /data/data/####/91cc0fca2b80a57e8c34657fa7c2f79c23757105b8a18c6...a011.1
  • /data/data/####/95b5ab9782bbd320155a05ea48e0b4f2ff396b5b7c1b878....0.tmp
  • /data/data/####/95b5ab9782bbd320155a05ea48e0b4f2ff396b5b7c1b878....1.tmp
  • /data/data/####/9f671520d180e27bdacc90b093b6f8e4f1fc328f67e7631....0.tmp
  • /data/data/####/9f671520d180e27bdacc90b093b6f8e4f1fc328f67e7631....1.tmp
  • /data/data/####/ADBMobileDataCache.sqlite-journal
  • /data/data/####/ADBMobileIdentity.sqlite-journal
  • /data/data/####/ADBMobileSignalDataCache.sqlite-journal
  • /data/data/####/AdobeMobile_ConfigState.xml
  • /data/data/####/AdobeMobile_Lifecycle.xml
  • /data/data/####/AdobeMobile_Lifecycle.xml.bak
  • /data/data/####/AdobeMobile_Lifecycle.xml.bak (deleted)
  • /data/data/####/AnalyticsDataStorage.xml
  • /data/data/####/EventHistory-journal
  • /data/data/####/Evergage-config
  • /data/data/####/Evergage-events
  • /data/data/####/Evergage-events (deleted)
  • /data/data/####/FirebaseHeartBeatW0RFRkFVTFRd+MTozNjQ1NzY4NDE5O...Fm.xml
  • /data/data/####/PersistedInstallation.W0RFRkFVTFRd+MTozNjQ1NzY4...m.json
  • /data/data/####/PersistedInstallation769397162tmp
  • /data/data/####/PersistedInstallation948341589tmp
  • /data/data/####/SFMCDeviceUUID
  • /data/data/####/WebViewChromiumPrefs.xml
  • /data/data/####/a2dfb081234a859eb3f075d9226b75ed6ca1b9f8bd470e5....0.tmp
  • /data/data/####/a2dfb081234a859eb3f075d9226b75ed6ca1b9f8bd470e5....1.tmp
  • /data/data/####/a2dfb081234a859eb3f075d9226b75ed6ca1b9f8bd470e5...a7bc.1
  • /data/data/####/a735ba192d2ad8e5f2f8f91a9fcc5e7870369f7da06ba22....0.tmp
  • /data/data/####/a735ba192d2ad8e5f2f8f91a9fcc5e7870369f7da06ba22....1.tmp
  • /data/data/####/ad9425d3eb056468c1dc4c90d57de04b8e17912f9a39c00....0.tmp
  • /data/data/####/ad9425d3eb056468c1dc4c90d57de04b8e17912f9a39c00....1.tmp
  • /data/data/####/ad9425d3eb056468c1dc4c90d57de04b8e17912f9a39c00...652d.1
  • /data/data/####/adac08db76c7de4f8352da75cd032f756cc21f81be06890....0.tmp
  • /data/data/####/adac08db76c7de4f8352da75cd032f756cc21f81be06890....1.tmp
  • /data/data/####/appsflyer-data.xml
  • /data/data/####/appsflyer-data.xml.bak
  • /data/data/####/aqs.951b298609be4bc8a2d1bc4cf77f59d4
  • /data/data/####/b07d14b1094437fbd02e4984e4b7e43f3e04a391ab834f1....0.tmp
  • /data/data/####/b07d14b1094437fbd02e4984e4b7e43f3e04a391ab834f1....1.tmp
  • /data/data/####/b07d14b1094437fbd02e4984e4b7e43f3e04a391ab834f1...1619.1
  • /data/data/####/b1964b770ff0ace5f7df7d542e01bf50ded24de8d387971....0.tmp
  • /data/data/####/b1964b770ff0ace5f7df7d542e01bf50ded24de8d387971....1.tmp
  • /data/data/####/b88b187f3242c82dfd14b13298a1a89688a3fbcd1659191....0.tmp
  • /data/data/####/b88b187f3242c82dfd14b13298a1a89688a3fbcd1659191....1.tmp
  • /data/data/####/b88b187f3242c82dfd14b13298a1a89688a3fbcd1659191...7ef7.1
  • /data/data/####/bacfda680c1781d13d82e727bb1a89b954f39efd85ae13f....0.tmp
  • /data/data/####/bacfda680c1781d13d82e727bb1a89b954f39efd85ae13f....1.tmp
  • /data/data/####/c5d8e3f1c77d9418c916715879aced494edf14bd7e1ebd4....0.tmp
  • /data/data/####/c5d8e3f1c77d9418c916715879aced494edf14bd7e1ebd4...1a6c.0
  • /data/data/####/c6dc732f2c73aec9aee42aef80635dc87eadb680548cb46....0.tmp
  • /data/data/####/c6dc732f2c73aec9aee42aef80635dc87eadb680548cb46....1.tmp
  • /data/data/####/c6dc732f2c73aec9aee42aef80635dc87eadb680548cb46...e861.1
  • /data/data/####/c89d833d9c60e17f4d5115867c7e8d126e92be401ae72cb....0.tmp
  • /data/data/####/c89d833d9c60e17f4d5115867c7e8d126e92be401ae72cb....1.tmp
  • /data/data/####/c89d833d9c60e17f4d5115867c7e8d126e92be401ae72cb...6dda.1
  • /data/data/####/c9ace1386cd83c7ca4a04ba2b224080b4c1c6f1e0022500....0.tmp
  • /data/data/####/c9ace1386cd83c7ca4a04ba2b224080b4c1c6f1e0022500....1.tmp
  • /data/data/####/cbabb16499d994a47eb497eaf3d1bd54b64bfaa7aaf2484....0.tmp
  • /data/data/####/cbabb16499d994a47eb497eaf3d1bd54b64bfaa7aaf2484....1.tmp
  • /data/data/####/cf17b948bf1cc63c61061db19f90c9b14ab4770bd05d4cd....0.tmp
  • /data/data/####/cf17b948bf1cc63c61061db19f90c9b14ab4770bd05d4cd....1.tmp
  • /data/data/####/cf17b948bf1cc63c61061db19f90c9b14ab4770bd05d4cd...fea8.1
  • /data/data/####/com.adobe.assurance.preferences.xml
  • /data/data/####/com.crashlytics.settings.json
  • /data/data/####/com.facebook.sdk.USER_SETTINGS.xml
  • /data/data/####/com.facebook.sdk.appEventPreferences.xml
  • /data/data/####/com.google.android.datatransport.events-journal
  • /data/data/####/com.google.android.gms.analytics.prefs.xml
  • /data/data/####/com.google.android.gms.appid-no-backup
  • /data/data/####/com.google.android.gms.appid.xml
  • /data/data/####/com.google.android.gms.measurement.prefs.xml
  • /data/data/####/com.google.android.gms.measurement.prefs.xml.bak
  • /data/data/####/com.google.firebase.crashlytics.xml
  • /data/data/####/com.google.firebase.inappmessaging.xml
  • /data/data/####/com.google.firebase.inappmessaging.xml.bak
  • /data/data/####/com.lotuss.oneapp
  • /data/data/####/com.lotuss.oneapp_preferences.xml
  • /data/data/####/com.salesforce.marketingcloud.storagePrefs.xml
  • /data/data/####/com.salesforce.marketingcloud_sfmcsdk_default.xml
  • /data/data/####/d5426cedd5b6623f848c923d216879677009fbecb79501a....0.tmp
  • /data/data/####/d5426cedd5b6623f848c923d216879677009fbecb79501a....1.tmp
  • /data/data/####/d5426cedd5b6623f848c923d216879677009fbecb79501a...7ee6.1
  • /data/data/####/d96d083cf93629a83860337da315340cc76a8c40d0b1d43....0.tmp
  • /data/data/####/d96d083cf93629a83860337da315340cc76a8c40d0b1d43....1.tmp
  • /data/data/####/d96d083cf93629a83860337da315340cc76a8c40d0b1d43...ca86.1
  • /data/data/####/dbfe162217f024069511d59589ea08cb07344f7da520cc5....0.tmp
  • /data/data/####/dbfe162217f024069511d59589ea08cb07344f7da520cc5....1.tmp
  • /data/data/####/dbfe162217f024069511d59589ea08cb07344f7da520cc5...6f46.1
  • /data/data/####/default_pref.xml
  • /data/data/####/e0ae74810de11bebc29349af5162fc500a6b78d653add03...artial
  • /data/data/####/e3559562c120422104f70fd0c16c5b414576a201234cb1c....0.tmp
  • /data/data/####/e3559562c120422104f70fd0c16c5b414576a201234cb1c....1.tmp
  • /data/data/####/e77a07852caa600e40dd151aed24ded904637a2a4170282....0.tmp
  • /data/data/####/e77a07852caa600e40dd151aed24ded904637a2a4170282....1.tmp
  • /data/data/####/e8dbc07046c571b9dd2986d2c342f551ae6663976953699....0.tmp
  • /data/data/####/e8dbc07046c571b9dd2986d2c342f551ae6663976953699....1.tmp
  • /data/data/####/ec999b2adfa70a3b55a5fb41971834bf3aa6df9d6e5cfd8....0.tmp
  • /data/data/####/ec999b2adfa70a3b55a5fb41971834bf3aa6df9d6e5cfd8....1.tmp
  • /data/data/####/f0531ae827c79478810b7fbc66dc0524517f85c53bb145e....0.tmp
  • /data/data/####/f0531ae827c79478810b7fbc66dc0524517f85c53bb145e....1.tmp
  • /data/data/####/f0ce0d5454560bb8b3634b2658ea470039b87fa1ca4c167....0.tmp
  • /data/data/####/f0ce0d5454560bb8b3634b2658ea470039b87fa1ca4c167....1.tmp
  • /data/data/####/f0ce0d5454560bb8b3634b2658ea470039b87fa1ca4c167...4518.1
  • /data/data/####/f4355013c9a96bc1a9bdd8d048f299c1f54a14a839baab5....0.tmp
  • /data/data/####/f4355013c9a96bc1a9bdd8d048f299c1f54a14a839baab5....1.tmp
  • /data/data/####/f4355013c9a96bc1a9bdd8d048f299c1f54a14a839baab5...e703.1
  • /data/data/####/f477b1c6a90cfdcc8e7dca98417d49387dbd7447aa5641c....0.tmp
  • /data/data/####/f477b1c6a90cfdcc8e7dca98417d49387dbd7447aa5641c....1.tmp
  • /data/data/####/f477b1c6a90cfdcc8e7dca98417d49387dbd7447aa5641c...53b0.0
  • /data/data/####/f477b1c6a90cfdcc8e7dca98417d49387dbd7447aa5641c...53b0.1
  • /data/data/####/f72da9c0a378d973fa2b66fbe2b03bf5223b7cde510cc3d....0.tmp
  • /data/data/####/f72da9c0a378d973fa2b66fbe2b03bf5223b7cde510cc3d....1.tmp
  • /data/data/####/f72da9c0a378d973fa2b66fbe2b03bf5223b7cde510cc3d...9381.1
  • /data/data/####/fiam_eligible_campaigns_cache_file
  • /data/data/####/fiam_impressions_store_file
  • /data/data/####/firebase_session_Y29tLmxvdHVzcy5vbmVhcHA=_data....ces_pb
  • /data/data/####/firebase_session_Y29tLmxvdHVzcy5vbmVhcHA=_setti...ces_pb
  • /data/data/####/frc_1;364576841982;android;d5f9b5437061facf3785...e.json
  • /data/data/####/frc_1;364576841982;android;d5f9b5437061facf3785...gs.xml
  • /data/data/####/frc_1;364576841982;android;d5f9b5437061facf3785...h.json
  • /data/data/####/frc_1;364576841982;android;d5f9b5437061facf3785...s.json
  • /data/data/####/gaClientId
  • /data/data/####/generatefid.lock
  • /data/data/####/google_analytics_v4.db-journal
  • /data/data/####/google_app_measurement_local.db
  • /data/data/####/google_app_measurement_local.db-journal
  • /data/data/####/hms_global_v2_com.lotuss.oneapp.xml
  • /data/data/####/index
  • /data/data/####/initialization_marker
  • /data/data/####/journal
  • /data/data/####/journal.tmp
  • /data/data/####/lottie_cache_httpswwwlotusscomcontentdamaemcplo...p.json
  • /data/data/####/mcsdk_4fc8bd52-b46a-4847-9564-59bb2fc87e57.db-journal
  • /data/data/####/mcsdk_4fc8bd52-b46a-4847-9564-59bb2fc87e57.xml
  • /data/data/####/mcsdk_4fc8bd52-b46a-4847-9564-59bb2fc87e57.xml.bak
  • /data/data/####/mcsdk_custprefs_4fc8bd52-b46a-4847-9564-59bb2fc87e57.xml
  • /data/data/####/meta.txt
  • /data/data/####/metrics_guid
  • /data/data/####/profileinstaller_profileWrittenFor_lastUpdateTime.dat
  • /data/data/####/rate_limit_store_file
  • /data/data/####/report
  • /data/data/####/resource_GTM-KPCCWSR
  • /data/data/####/rules.json
  • /data/data/####/start-time
  • /data/data/####/the-real-index
  • /data/data/####/unified_sdk_registration.xml
  • /data/data/####/user-data
  • /data/data/####/userlog
  • /data/data/####/v5_gtmContainerRefreshPolicy_GTM-KPCCWSR.xml
  • /data/data/####/visitorIDServiceDataStore.xml
  • /data/data/####/visitorIDServiceDataStore.xml.bak
  • /data/misc/####/primary.prof
  • /data/user_de/####/grs_move2DE_records.xml
  • /data/user_de/####/share_pre_grs_conf_com.lotuss.oneapp.xml
  • /data/user_de/####/share_pre_grs_services_com.lotuss.oneapp.xml
Miscellaneous:
Loads the following dynamic libraries:
  • libconscrypt_gmscore_jni
Uses the following algorithms to encrypt data:
  • AES-CBC-PKCS5Padding
  • AES-GCM-NoPadding
  • RSA-ECB-PKCS1Padding
Uses the following algorithms to decrypt data:
  • AES-CBC-PKCS5Padding
Gets information about network.
Gets information about phone status (number, IMEI, etc.).
Displays its own windows over windows of other apps.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play