用户服务中心

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

CN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
服务
扫描仪
Dr.Web vxCube
试用
计算机病毒事件调查
病毒知识库
知识库

技术

术语

教育培训

误区

新闻

Android.Triada.4863

Added to the Dr.Web virus database: 2021-01-16

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.Triada.554.origin
Network activity:
Connects to:
  • UDP(DNS) 8####.8.4.4:53
  • TCP(TLS/1.0) md####.google####.com:443
  • TCP(TLS/1.0) instant####.google####.com:443
  • TCP(TLS/1.0) and####.google####.com:443
  • TCP(TLS/1.0) wcf.seven####.com:443
  • TCP(TLS/1.0) fo####.site:443
  • TCP(TLS/1.0) and####.cli####.go####.com:443
  • TCP(TLS/1.0) h####.b####.com:443
  • TCP(TLS/1.0) gd.a.s####.com:443
  • TCP(TLS/1.0) www.google####.com:443
  • TCP(TLS/1.0) connect####.gst####.com:443
  • TCP(TLS/1.2) 2####.58.211.110:443
  • TCP(TLS/1.2) 2####.58.208.106:443
  • TCP(TLS/1.2) and####.google####.com:443
DNS requests:
  • and####.cli####.go####.com
  • and####.google####.com
  • connect####.gst####.com
  • fo####.site
  • h####.b####.com
  • instant####.google####.com
  • m####.go####.com
  • md####.google####.com
  • p####.google####.com
  • pla####.googleu####.com
  • pv.s####.com
  • wcf.seven####.com
  • www.google####.com
File system changes:
Creates the following files:
  • /data/data/####/.confd
  • /data/data/####/.confd-journal
  • /data/data/####/.mtj_timestamp
  • /data/data/####/Web Data
  • /data/data/####/WebViewChromiumPrefs.xml
  • /data/data/####/__Baidu_Stat_SDK_SendRem.xml
  • /data/data/####/__Baidu_Stat_SDK_SendRem.xml.bak
  • /data/data/####/__local_ap_info_cache.json
  • /data/data/####/__local_last_session.json
  • /data/data/####/__local_stat_cache.json
  • /data/data/####/__send_data_1610798814800
  • /data/data/####/as0230rfjm20rn3g93h409.xml
  • /data/data/####/as0230rfjm20rn3g93h409.xml (deleted)
  • /data/data/####/as0230rfjm20rn3g93h409.xml.bak
  • /data/data/####/as0230rfjm20rn3g93h409.xml.bak (deleted)
  • /data/data/####/ascs.xml
  • /data/data/####/ascs.xml (deleted)
  • /data/data/####/baidu_mtj_sdk_record.xml
  • /data/data/####/base.dex
  • /data/data/####/com.mastesta.fbookest_preferences.xml
  • /data/data/####/com.mastesta.fbookest_preferences.xml (deleted)
  • /data/data/####/comccawmian.
  • /data/data/####/comccawmian. (deleted)
  • /data/data/####/comccawmian.dex
  • /data/data/####/comccawmian.dex (deleted)
  • /data/data/####/comccawmian.dex.flock (deleted)
  • /data/data/####/ferfawefbdfsasf.vv
  • /data/data/####/libcuid.so
  • /data/data/####/metrics_guid
  • /data/data/####/sbtyu76j7ui78pi7_6i7c8i78i78oin78fi76i8ig78i7.xml
  • /data/data/####/tqwj_mh.xml
  • /data/data/####/tqwj_res.xml
  • /data/data/####/webview_data.lock
  • /data/misc/####/primary.prof
Miscellaneous:
Executes the following shell scripts:
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798812169/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798814414/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798814505/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798815441/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798816445/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798816696/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798817854/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798819026/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798820248/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798821052/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798821805/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798823400/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798823776/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798824011/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798825407/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798825438/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798825634/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798825983/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798827228/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798827407/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798828009/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798828178/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798828251/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798828749/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798828757/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798829291/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798830300/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798831455/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798831902/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798832142/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798832471/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798833308/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798833319/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798833331/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798834040/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798834353/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798835244/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798835427/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798835763/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798836211/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798836432/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798836452/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798836482/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798837951/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798839520/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798839534/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798839541/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798840010/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798841562/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798841741/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=36 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798843514/comccawmian.dex --compiler-filter=speed
  • /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/<Package>_d/comccawmian. --oat-fd=42 --oat-location=/data/user/0/<Package>/files/<Package>_d/<Package>/1610798810260/comccawmian.dex --compiler-filter=speed
  • getprop ro.build.display.id
  • getprop ro.build.version.emui
  • getprop ro.build.version.opporom
  • getprop ro.miui.ui.version.name
  • getprop ro.smartisan.version
  • getprop ro.vivo.os.version
Uses the following algorithms to encrypt data:
  • AES-CBC-PKCS5Padding
  • AES-ECB-PKCS5Padding
  • RSA-ECB-PKCS1Padding
Uses the following algorithms to decrypt data:
  • AES-CBC-PKCS5Padding
  • desede-CBC-PKCS5Padding
Accesses the ITelephony private interface.
Gets information about network.
Gets information about phone status (number, IMEI, etc.).
Gets information about installed apps.
Displays its own windows over windows of other apps.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play
Wechat