DLA UŻYTKOWNIKÓW

Zamknij

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum
Profile

PL

RU CN DE EN ES FR IT JP KZ UZ PL BY
Zamknij
Support services
Scanners
Dr.Web vxCube
Trial
VCI investigations
Virus library
Knowledge base

Technologies

Terminology

Training and education

Myths

News

Android.Hidden.11687

Added to the Dr.Web virus database: 2023-03-25

Virus description added:

Technical information

Malicious functions:
Removes app icon from the screen.
Network activity:
Connects to:
  • UDP(DNS) 8####.8.4.4:53
  • TCP(HTTP/1.1) 1####.110.97.97:80
  • TCP(HTTP/1.1) 1####.110.97.30:80
  • TCP(HTTP/1.1) 1####.251.67.29:80
  • TCP(HTTP/1.1) mo####.yangk####.com:80
  • TCP(HTTP/1.1) n####.qq.com.####.net:80
  • TCP(HTTP/1.1) d####.pd####.com.####.cn:80
  • TCP(HTTP/1.1) 1####.28.206.151:80
  • TCP(HTTP/1.1) 81.69.2####.21:80
  • TCP(HTTP/1.1) 1####.35.212.35:80
  • TCP(HTTP/1.1) 1####.110.96.6:80
  • TCP(TLS/1.0) and####.a####.go####.com:443
  • TCP(TLS/1.0) 1####.194.177.94:443
  • TCP(TLS/1.0) t####.pindu####.com:443
  • TCP(TLS/1.0) www.google####.com:443
  • TCP(TLS/1.0) d####.pd####.com.####.cn:443
  • TCP(TLS/1.2) www.google####.com:443
  • TCP(TLS/1.2) gmscomp####.google####.com:443
  • TCP(TLS/1.2) 64.2####.164.139:443
  • TCP(TLS/1.2) 1####.177.14.94:443
  • TCP m####.yangk####.com.####.com:443
  • TCP d####.pd####.com.####.cn:443
  • TCP 1####.171.149.253:443
  • TCP n####.qq.com.####.net:443
  • TCP t####.pindu####.com:443
  • TCP pmm####.pindu####.com:443
  • TCP 1####.28.206.151:443
  • TCP 1####.251.67.33:443
  • TCP 1####.251.67.29:443
  • TCP t####.pindu####.com:80
  • TCP fu####.pd####.com:443
  • TCP c####.pd####.com.####.cn:443
DNS requests:
  • and####.a####.go####.com
  • c####.pd####.com
  • d####.pd####.com
  • dl.pd####.com
  • fu####.pd####.com
  • gmscomp####.google####.com
  • m####.yangk####.com
  • mo####.yangk####.com
  • pmm####.pindu####.com
  • t####.pindu####.com
  • t####.pindu####.com
  • t####.pindu####.com
  • th.pindu####.com
  • w####.qq.com
  • www.google####.com
HTTP GET requests:
  • d####.pd####.com.####.cn/pdd-marketing/2021-05-13/2a7e90d2-85de-4762-a9e...
  • d####.pd####.com.####.cn/pdd-marketing/2021-05-13/2d7e8a7c-fcd0-4354-a08...
  • d####.pd####.com.####.cn/pdd-marketing/2021-05-13/45941030-b774-48ef-ae6...
  • d####.pd####.com.####.cn/pdd-marketing/2021-05-13/6b209148-e2fe-48a2-bf8...
  • d####.pd####.com.####.cn:443/android_dev/2019-02-11/075158dfae9dd40777d1...
  • d####.pd####.com.####.cn:443/android_dev/2019-02-11/951adde03a6a2691aab7...
  • d####.pd####.com.####.cn:443/android_dev/2019-02-11/c0da666f2a07700220c4...
  • d####.pd####.com.####.cn:443/android_dev/2020-06-19/2360c1785071445eb294...
  • d####.pd####.com.####.cn:443/android_dev/2020-06-19/67bdb67a15354628aad2...
  • d####.pd####.com.####.cn:443/android_dev/2020-09-22/component/1/37591/fa...
  • d####.pd####.com.####.cn:443/android_dev/2020-12-27/component/265/49420/...
  • d####.pd####.com.####.cn:443/android_dev/2021-02-04/component/233/54498/...
  • d####.pd####.com.####.cn:443/android_dev/2021-02-07/component/60/54683/3...
  • d####.pd####.com.####.cn:443/android_dev/2021-02-07/component/8/54662/4b...
  • d####.pd####.com.####.cn:443/android_dev/2021-02-08/component/383/54713/...
  • d####.pd####.com.####.cn:443/android_dev/2021-05-28/component/1033/65892...
  • d####.pd####.com.####.cn:443/android_dev/2021-06-22/component/808/68456/...
  • d####.pd####.com.####.cn:443/android_dev/2021-09-15/component/583/76895/...
  • d####.pd####.com.####.cn:443/android_dev/2021-11-01/component/11/80493/8...
  • d####.pd####.com.####.cn:443/android_dev/2022-07-12/component/1433/10510...
  • d####.pd####.com.####.cn:443/android_dev/2022-11-18/component/1047/11949...
  • d####.pd####.com.####.cn:443/android_dev/2022-12-13/component/963/121809...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-02/component/440/128416...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-07/component/246/128955...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-08/component/so/1830/12...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-08/component/so/576/120...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-08/component/so/662/120...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-08/component/so/949/125...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-08/component/so/979/119...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-09/component/so/463/126...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-10/component/so/deploy/...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-16/component/434/129746...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-24/component/2614/13064...
  • d####.pd####.com.####.cn:443/android_dev/2023-03-24/component/3358/13054...
  • d####.pd####.com.####.cn:443/android_dev/secret_1/2019-09-10/501f324885b...
  • mo####.yangk####.com/
  • n####.qq.com.####.net/
File system changes:
Creates the following files:
  • /data/data/####/.commodity.keep
  • /data/data/####/.dirty
  • /data/data/####/082ff3b608d54379abd33802f67fe5e0.7z
  • /data/data/####/08778f5e2d684051b62a895ae7e20e9d.7z
  • /data/data/####/08b3f70234a145c7bb30c71aa48e593c.7z
  • /data/data/####/0900da442b7042cab8f0e481b1801eff.7z
  • /data/data/####/0944139670aa8eb930f6c3903f5fc24a46381e135c34646....0.tmp
  • /data/data/####/0944139670aa8eb930f6c3903f5fc24a46381e135c34646...b12f.0
  • /data/data/####/0b42f27bb75647a284f3a07028d30266.7z
  • /data/data/####/0e730eea8e1d49f9b9c4f8d23918be83.7z
  • /data/data/####/0e9b75d6eeb04cb09ef7d36d01dd1fd5.7z
  • /data/data/####/13b900e41773483987ae337302a50eb4.7z
  • /data/data/####/13c162d3e0dd4a1591a61754f1a33fce.7z
  • /data/data/####/14e3f130967748f28d8e351b36f5f153.7z
  • /data/data/####/15d8c76c0f4f48399086fa010c90ea75.7z
  • /data/data/####/1679742678_802_9c144d4d813184ada99a2e8bde42f7b3...leted)
  • /data/data/####/1679742678_802_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742679_415_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742679_415_d19c254ce9443f72e29c29209071695e.collect
  • /data/data/####/1679742679_94_d19c254ce9443f72e29c29209071695e....leted)
  • /data/data/####/1679742679_94_d19c254ce9443f72e29c29209071695e.collect
  • /data/data/####/1679742680_860_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742681_620_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742681_620_d19c254ce9443f72e29c29209071695e.collect
  • /data/data/####/1679742681_697_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742682_457_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742686_376_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742688_708_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742689_651_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742689_651_d19c254ce9443f72e29c29209071695e.collect
  • /data/data/####/1679742691_247_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742693_181_d19c254ce9443f72e29c29209071695e...leted)
  • /data/data/####/1679742693_971_9c144d4d813184ada99a2e8bde42f7b3.collect
  • /data/data/####/1679742694_65_0b86bc1ea0b5472be97fa67a2a411566....leted)
  • /data/data/####/1679742702_158_d19c254ce9443f72e29c29209071695e.collect
  • /data/data/####/16bf650666c42898c5262d24e47aae887c891f7626df489...e4ba.0
  • /data/data/####/17809775b81e446ab6fc5cd58cd51add.7z
  • /data/data/####/1a6a8444a7024be2bc12c17f72eca10a.7z
  • /data/data/####/1bcf2a1059534043b5ac602a43ab54d7.7z
  • /data/data/####/1be76f84ad9e40d1ac9c29e569fd10d8.7z
  • /data/data/####/1e6df2d8bb21420b9a2667e589faa4da.7z
  • /data/data/####/1ed0c76ec30249b697ad54df4b0a79d2.7z
  • /data/data/####/2157ca666b2246e9861549b7dd3fabd2.7z
  • /data/data/####/224470f59a284756a850be4ca8c3bfc5.7z
  • /data/data/####/240d8454924fcc1b350d7e1b5a3d1e3bc9649b2cd610c89....0.tmp
  • /data/data/####/240d8454924fcc1b350d7e1b5a3d1e3bc9649b2cd610c89...b926.0
  • /data/data/####/26f73232b3d4417d991955bb8f05844c.7z
  • /data/data/####/27592d1762448f556e789d44ef44144c2902fa0d5dd4d90....0.tmp
  • /data/data/####/27592d1762448f556e789d44ef44144c2902fa0d5dd4d90...0f67.0
  • /data/data/####/290d7d28e9434fa09676b6a573cd1601.7z
  • /data/data/####/2b2cde9a42ee4b5aa0b1c86d77cc1b29.7z
  • /data/data/####/2b8487fc71c843b5ad0e85d3c5da073a.7z
  • /data/data/####/2c3565881cd54643b61eb77aaf429c00.7z
  • /data/data/####/2d097dcfa1204bdea68d595e8a01b700.7z
  • /data/data/####/2f2ad84e1fb44ba0827fadf03429186a.7z
  • /data/data/####/321a28eed02f6e8655079024b67a2a4f3bafbcf04983636....0.tmp
  • /data/data/####/321a28eed02f6e8655079024b67a2a4f3bafbcf04983636...7f56.0
  • /data/data/####/339fb967fe2141cf9f5320859462310b.7z
  • /data/data/####/372d42ebd55143deb8f1b0b02e0d3bbb.7z
  • /data/data/####/385469d984e0f07759d142df18ed6f162bffbd987533bc2...0846.0
  • /data/data/####/38a5691ae6d94fbb9d480477c8be2c06.7z
  • /data/data/####/393AA269D4143473ECA6168CF611E99A.0.tmp
  • /data/data/####/3d6d054579774920bcec935a9ed6dc32.7z
  • /data/data/####/3db9b1a371d144a97d162e0ea42ca875ef599cf787a1a2f....0.tmp
  • /data/data/####/3db9b1a371d144a97d162e0ea42ca875ef599cf787a1a2f...4181.0
  • /data/data/####/41e23c58871540d4b808e8b35b44ddd7.7z
  • /data/data/####/424ae3d8351f4c84a180daee68e512bd.7z
  • /data/data/####/42724994c9605a3d14a00d3e980b9c6e5f407a65b0f71ad....0.tmp
  • /data/data/####/42724994c9605a3d14a00d3e980b9c6e5f407a65b0f71ad...bb61.0
  • /data/data/####/4338d12079edf68b51ca0a8e72c8b048dbb6974a7c41007....0.tmp
  • /data/data/####/4338d12079edf68b51ca0a8e72c8b048dbb6974a7c41007...b24c.0
  • /data/data/####/43a2b0c459b2454bbe52f609e32fb1ee.7z
  • /data/data/####/4475a277d0d440a1b53417acbab2ae98.7z
  • /data/data/####/44e641c6035e45cc8a9a1b71f44299c3.7z
  • /data/data/####/455a52d9908a4934821260c62c407f6b.7z
  • /data/data/####/495338d79f36203d29ee8a397d39eb3b9b0b06fca18e1a0...41ae.0
  • /data/data/####/49a6afb70979d5c5fd235975b1816c2f85e380920d83bc7...f7e4.0
  • /data/data/####/4b29adad43cbbbf6e1cc045cb02c0e63ed453a2a76e9053....0.tmp
  • /data/data/####/525108213339426c8669a7c491a1923a.7z
  • /data/data/####/530fc4774aeb192dc155751e61c2df859753f954524f97e...1f13.0
  • /data/data/####/549d4b4e9ee64c4b985ac3e035db3cc6.7z
  • /data/data/####/5578a57535b44eb3b41f574b4ccc2d45.7z
  • /data/data/####/55acbb44676b4953938483e2b5d93eaa.7z
  • /data/data/####/5966d64b21ad440c837f5e3918c38e98.7z
  • /data/data/####/5c167edf28084ff399ac8a48f34a584b.7z
  • /data/data/####/5c8fdfaad7d34a46a336f7965f9dc64f.7z
  • /data/data/####/5caf285dc7a94e0faf90d2a77687839c.7z
  • /data/data/####/5d1be2ac52ad44d4afc8df6655a2eff4.7z
  • /data/data/####/63e45718c3144b75a46926588fe6115f.7z
  • /data/data/####/66ab82ef4335e9772b6b1b3d7ee3bcc37a51674ffea42b2...68c0.0
  • /data/data/####/688e8dfa529240a8887879e054d68683.7z
  • /data/data/####/689b90269cc444de94fe895648eb70f8.7z
  • /data/data/####/6c4220a625ee40879f219db30634e72f.7z
  • /data/data/####/6d57dd90951c59dcee0db0bb920941481808c64a7890004....0.tmp
  • /data/data/####/6d57dd90951c59dcee0db0bb920941481808c64a7890004...2ecd.0
  • /data/data/####/7282f55d09104cda8e40d1531f98b8b0.7z
  • /data/data/####/73eee8f174754164b5c0a43620a0e1ab.7z
  • /data/data/####/7502c1bf85c94c3a9bcc89d89cbef516.7z
  • /data/data/####/75c0c579b7914f5eb3cc9f32aff90c70.7z
  • /data/data/####/762fc335798b405290b700d9bc85e415.7z
  • /data/data/####/78fe7f2a2b284f0abca6cfe50c92f3bd.7z
  • /data/data/####/7905f603524148caa5addccd829f3ef5.7z
  • /data/data/####/794796c4672341abbec30838b8628745.7z
  • /data/data/####/7983e1ecb73bea460ea3454e0549724647f928fbf970da7....0.tmp
  • /data/data/####/7983e1ecb73bea460ea3454e0549724647f928fbf970da7...4811.0
  • /data/data/####/79f688d761554c1eaf689d9587b07815.7z
  • /data/data/####/7a3ca9abc2d840a5aab01779821b7d19.7z
  • /data/data/####/7b039a973adc8dae85438f3d5c65ee3bf6354be3c366b79...847c.0
  • /data/data/####/7b4b58716033e14f2f6fbefa680539084eb5f494f98419f....0.tmp
  • /data/data/####/7b4b58716033e14f2f6fbefa680539084eb5f494f98419f...1157.0
  • /data/data/####/7b676784010743c1ab1243fe606fc21a.7z
  • /data/data/####/7c54a746b10549e18a74727d3d9b16a7.7z
  • /data/data/####/7ecc65abf36c4facea51424416bbad4d35778fd86408f73....0.tmp
  • /data/data/####/7ecc65abf36c4facea51424416bbad4d35778fd86408f73...16b1.0
  • /data/data/####/7f4db44da46441058189b08ad645053d.7z
  • /data/data/####/7fffeee3a4684ab9b23f9a4f65568ad3.7z
  • /data/data/####/814391d660e66bc080021b7ec86f6f2e2c278c24d5fe31d....0.tmp
  • /data/data/####/814391d660e66bc080021b7ec86f6f2e2c278c24d5fe31d...0a91.0
  • /data/data/####/8460b7e363ee4a8293e5ec0188b0d676.7z
  • /data/data/####/85bdae6124344de9b3767a0cec0dea02.7z
  • /data/data/####/86231d2155d941acb53028aaea1101f5.7z
  • /data/data/####/888fcccd3ef84dea88e8610214151430.7z
  • /data/data/####/8954a8606ab258705b76cbc0e5f55f7d80a21be2cf478d8....0.tmp
  • /data/data/####/8954a8606ab258705b76cbc0e5f55f7d80a21be2cf478d8...5163.0
  • /data/data/####/89ab8a8e89a54674b7b77a5ed31f2f87.7z
  • /data/data/####/89c4dc4f51e64495a67d482328121c7d.7z
  • /data/data/####/8a8507e2ddf94fd4b39acdb856afa176.7z
  • /data/data/####/8bea1e26c4aa42b5b793d80cf6281495.7z
  • /data/data/####/8c8d9798840c477f87d1587a3813b3fc.7z
  • /data/data/####/8cbf468f44a2a962f42ed143443debe59d42d12be16d14c....0.tmp
  • /data/data/####/8cbf468f44a2a962f42ed143443debe59d42d12be16d14c...a9ee.0
  • /data/data/####/9235a05733334d94b7f7f7bdcba6e0e3.7z
  • /data/data/####/98dde842024643c486fcd35772a99549.7z
  • /data/data/####/9bb2dce80476467ab28af3c8cf2d4ded.7z
  • /data/data/####/9f437311ed8e4e799fe2ceb2d9427dad.7z
  • /data/data/####/BS_mango_ab
  • /data/data/####/BS_mango_ab_exp
  • /data/data/####/C4E88366D9063D1BBB7D1B346697E26B.0
  • /data/data/####/C4E88366D9063D1BBB7D1B346697E26B.0.tmp
  • /data/data/####/CS_device_compat_mmkv_setting_6210
  • /data/data/####/CS_stat
  • /data/data/####/CS_ut_extra
  • /data/data/####/GlProcessor_main_1679742699254.tmp
  • /data/data/####/IPCBuffer
  • /data/data/####/PT.alm
  • /data/data/####/PT.snr
  • /data/data/####/PT.sum
  • /data/data/####/PT.wl
  • /data/data/####/Pdd_app_calendar_reminder_CalendarReminderDb-jo...leted)
  • /data/data/####/Pdd_app_push_PushReminderDatabase-journal (deleted)
  • /data/data/####/Vita
  • /data/data/####/WEB_PRE_RENDER_MODULE
  • /data/data/####/WebViewChromiumPrefs.xml
  • /data/data/####/Web_AbCompRelease
  • /data/data/####/a009b5cce57743c0b63b45e3443a7986.7z
  • /data/data/####/a434d90bc0ab4736a5ccd9b25fc4158d.7z
  • /data/data/####/a9e0ded5e8294f3780a219b7ebc94379.7z
  • /data/data/####/aaf929e56e47d62d94b7adb30637829a22cf808ec77286b....0.tmp
  • /data/data/####/aaf929e56e47d62d94b7adb30637829a22cf808ec77286b...1a08.0
  • /data/data/####/ab_net_update_lock_prefix
  • /data/data/####/ab_update_lock
  • /data/data/####/af26087a02894537b9759f3201c1839e.7z
  • /data/data/####/app_index_header_list_cache_1543.0
  • /data/data/####/app_index_header_list_cache_1543.0.tmp
  • /data/data/####/b24373ed0d924fd18e0a39af71138e24.7z
  • /data/data/####/b368a212fd884acc96bfe6779cbe7d9f.7z
  • /data/data/####/b3eb6a9d03cf0962cfa907e6e64a4039be8e5bf02bd8291....0.tmp
  • /data/data/####/b3eb6a9d03cf0962cfa907e6e64a4039be8e5bf02bd8291...e105.0
  • /data/data/####/b5bd0ec9ef8cfcd32e11ca913c6830471df4332ba6c657c...ba7f.0
  • /data/data/####/b8ef8a905f4f4458983f4c50673af3fd.7z
  • /data/data/####/b9c262cd8c1d423ba9d4184a8d55032c.7z
  • /data/data/####/backup_info
  • /data/data/####/bc412806bc074e1a8e997dcf09bec96b.7z
  • /data/data/####/bc7592f9ce89701dcb214f2347b933166467886341aa7b2...e671.0
  • /data/data/####/bizgroup_1.v1_cache
  • /data/data/####/bizgroup_2.v1_cache
  • /data/data/####/c03aa3ef85f94922857fdea4213fac70.7z
  • /data/data/####/c1ee04e79be848339ff355971b402e64.7z
  • /data/data/####/c61f194f1c6c4a1281c66fef1bcdb140
  • /data/data/####/c6cc7301dc5b56b706fd5067b7de46be85103e87cd11642...a1d2.0
  • /data/data/####/c7e4843a59f841eba360dccca73e3252.7z
  • /data/data/####/c877667751ec46e99f6a64d4f0bf711a.7z
  • /data/data/####/ca4b403daa504ddf90ee0c57acb4fe24.7z
  • /data/data/####/cache_key_home_bottom_tabs_skin.0
  • /data/data/####/cache_key_home_bottom_tabs_skin.0.tmp
  • /data/data/####/cache_key_home_header_data.0
  • /data/data/####/cache_key_home_pic_preload_data.0
  • /data/data/####/ce32f1ac19966704e98745e15d0df18b6f5a22dcba76e25....0.tmp
  • /data/data/####/ce32f1ac19966704e98745e15d0df18b6f5a22dcba76e25...b9e9.0
  • /data/data/####/cf929f81ca3d4c11bb71402ec2929a14.7z
  • /data/data/####/com.xunmeng.pinduoduo.AliveBaseAbility-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.AliveBaseAbility.manifest
  • /data/data/####/com.xunmeng.pinduoduo.AliveBaseAbility.md5checker
  • /data/data/####/com.xunmeng.pinduoduo.AliveBaseAbility.md5checker.temp
  • /data/data/####/com.xunmeng.pinduoduo.AliveBaseAbility.vlock
  • /data/data/####/com.xunmeng.pinduoduo.chatBuiltInTemplate.vlock
  • /data/data/####/com.xunmeng.pinduoduo.commodity-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.commodity.manifest
  • /data/data/####/com.xunmeng.pinduoduo.commodity.manifest.temp
  • /data/data/####/com.xunmeng.pinduoduo.commodity.md5checker
  • /data/data/####/com.xunmeng.pinduoduo.commodity.md5checker.temp
  • /data/data/####/com.xunmeng.pinduoduo.commodity.vlock
  • /data/data/####/com.xunmeng.pinduoduo.secdtbase-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.secdtbase.manifest
  • /data/data/####/com.xunmeng.pinduoduo.secdtbase.md5checker
  • /data/data/####/com.xunmeng.pinduoduo.secdtbase.md5checker.temp
  • /data/data/####/com.xunmeng.pinduoduo.secdtbase.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibANIBase.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibANICore.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibAlgoSystem.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibFlowerLuckyEngineAPI.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibGlProcessor.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibNovaAdaptor-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibNovaAdaptor.manifest.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibNovaAdaptor.md5checker
  • /data/data/####/com.xunmeng.pinduoduo.v7alibNovaAdaptor.md5checker.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibNovaAdaptor.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibREPlugin.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibSargDepImpl.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibScriptBind.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibUserEnv.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibaipin_wrapper.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibapm_thread_monitor.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibaudio_engine.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibavpai.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibboost_multidex.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibbrotli.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibbytehook.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibc++_shared.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibclInfo.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibcmtreport.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibcrashAvoid.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibdokodoor.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibdyncommon-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibdyncommon.manifest
  • /data/data/####/com.xunmeng.pinduoduo.v7alibdyncommon.manifest.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibdyncommon.md5checker
  • /data/data/####/com.xunmeng.pinduoduo.v7alibdyncommon.md5checker.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibdyncommon.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibefc2.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibface_anti_spoofing.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibfdk_aac-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibfdk_aac.manifest
  • /data/data/####/com.xunmeng.pinduoduo.v7alibfdk_aac.manifest.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibfdk_aac.md5checker.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibfdk_aac.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibgoldarch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibimage_search_mobile.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7aliblegonative.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibmanwe-lib.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibmarsxlog.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibmedia_engine.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibmmkv.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibnvwavm-lib.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpapmCommon.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpcrash.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpcrash_dumper.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpdd_sa_hook.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpdd_secure.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpddcpuinfo.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpdddsp.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpddmap.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpddxing_android.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibpvss_tailor.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibratel_base.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibriskplugin.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibshadowhook.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibslark_stub.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibsld.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibsoft264.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibsoft264_native_encoder.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibspng-0.0.2.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibstatic-webp.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtitan.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronav.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronavx-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronavx.manifest
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronavx.manifest.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronavx.md5checker
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronavx.md5checker.temp
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronavx.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronkit.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibtronplayer.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibudNativeLib.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibwcdb.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibxdl.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibxhook.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibyoga.vlock
  • /data/data/####/com.xunmeng.pinduoduo.v7alibyuv.vlock
  • /data/data/####/com.xunmeng.pinduoduo.web-patch.vlock
  • /data/data/####/com.xunmeng.pinduoduo.web.manifest
  • /data/data/####/com.xunmeng.pinduoduo.web.md5checker
  • /data/data/####/com.xunmeng.pinduoduo.web.vlock
  • /data/data/####/com.xunmeng.pinduoduo_preferences.xml
  • /data/data/####/comp_resource_visit_ratio
  • /data/data/####/config_update_lock_file
  • /data/data/####/cookie_prefs.xml
  • /data/data/####/cs_tracker.db-journal
  • /data/data/####/cs_tracker_titan.db-journal
  • /data/data/####/d127b613d38c4e0a963d8eaf83206668.7z
  • /data/data/####/d457703900d10867f94e0dbb6fde7344169e304f4cbcf56....0.tmp
  • /data/data/####/d457703900d10867f94e0dbb6fde7344169e304f4cbcf56...7680.0
  • /data/data/####/d53ed365634f4349a7ccbf78ec7396aa.7z
  • /data/data/####/data_for_nss
  • /data/data/####/db3a6ef32b1748d3b2f6ed5df9a58d4e.7z
  • /data/data/####/dc110adf251e43f1b473ea621c6305f4.7z
  • /data/data/####/dc30995b0cac4deb8517e9f513493861.7z
  • /data/data/####/dfa4eeee11ca3d90a296c544e496eabf38250ac215de1a7...6640.0
  • /data/data/####/e03e3c76af374dde8ab650cc0a1e8e30.7z
  • /data/data/####/e0f4e744c41b43c8a135e4eb37b7c589.7z
  • /data/data/####/e110c3f677d64cf6ba55063344163613.7z
  • /data/data/####/e1bf6b2a57ce47ef9165dd3456271646.7z
  • /data/data/####/e1e86769d9f24757855a69bc86cf517b.7z
  • /data/data/####/e220d500e8024b1ebca9e998c147d580.7z
  • /data/data/####/e3388477ea82416daba6c5d2917d74d6.7z
  • /data/data/####/e3fd25ea26f34450a52fb4afb3a3bee0.7z
  • /data/data/####/e40bff193fb24f829eed5a8968edc13b.7z
  • /data/data/####/e4299a5075eb4530bb6e5e8f6f3594af.7z
  • /data/data/####/e477cb0089cf4a199bcdb1dee085be8f.7z
  • /data/data/####/e56a91bccd9344029b39445ccdbcad51.7z
  • /data/data/####/e82f277b92aa42e995ce868f7254a1bb.7z
  • /data/data/####/e989deed3774955d5cb63c84fb1749b0c8a4cfc5728837f....0.tmp
  • /data/data/####/e989deed3774955d5cb63c84fb1749b0c8a4cfc5728837f...1bf2.0
  • /data/data/####/ea942d30fee22ba95f579e7ccbe060ec410a5e1cfa31386....0.tmp
  • /data/data/####/ea942d30fee22ba95f579e7ccbe060ec410a5e1cfa31386...e472.0
  • /data/data/####/eab44fcd6d4e6605c000f9ec41664e2c29eb03f0f259d55...8225.0
  • /data/data/####/eb524755477e48f0865663446ed21b5c.7z
  • /data/data/####/ee352e046bbc4d45bf46ec31df202390.7z
  • /data/data/####/ef05e33e169a4093ad1be4c7adba023a.7z
  • /data/data/####/ef15e6e73b5c48a6b1d7f9eaa8b33656.7z
  • /data/data/####/efa0bb51138643a6bd5470615b3b2ac8.7z
  • /data/data/####/event_data.db-journal
  • /data/data/####/event_data_support.db-journal
  • /data/data/####/event_data_titan.db-journal
  • /data/data/####/exp_ab_update
  • /data/data/####/exp_net_update_lock_prefix
  • /data/data/####/extra_info.json
  • /data/data/####/extra_info.json.temp
  • /data/data/####/f23786fe1899402fa1c3185787d68cde.7z
  • /data/data/####/f2861f0340a54bd88d927c27cf70e326.7z
  • /data/data/####/f45994e930bd49b28781048c76fd0f7b.7z
  • /data/data/####/f7077667462c49d484ae991fea453291.7z
  • /data/data/####/f728fad856ac434b8c07783bfcc58246.7z
  • /data/data/####/fa2b8bae1e194b12979f7f6644c5f269.7z
  • /data/data/####/fad6292bb13742ce8e36ca5fed4dcbca.7z
  • /data/data/####/fcefb7549a1b42028fd3f12acf8a29f0.7z
  • /data/data/####/fd851136ffeb44a9b4979b8cc4ca1b7f.7z
  • /data/data/####/fd86d419af1fd486e1cf51065708bca2dd5e709648e0f0c...6ed0.0
  • /data/data/####/feef4ad8fa3d4cd8b9e48973614a730a.7z
  • /data/data/####/ff052a44c9f04737abc7599082aa643a.7z
  • /data/data/####/ff7dde768794eb1c11976380141d29ad8e36205b2301bbe....0.tmp
  • /data/data/####/ff7dde768794eb1c11976380141d29ad8e36205b2301bbe...8356.0
  • /data/data/####/ffa6b0c5be064dfb87875390d966dca5.7z
  • /data/data/####/gc.vlock
  • /data/data/####/iris_downloader_main_v12.db-journal
  • /data/data/####/iris_downloader_titan_v12.db-journal
  • /data/data/####/journal
  • /data/data/####/json.config
  • /data/data/####/json.config.temp
  • /data/data/####/libGlProcessor_1676037476587_00754272_main_1679...80.tmp
  • /data/data/####/libNovaAdaptor.zip
  • /data/data/####/libNovaAdaptor.zip.temp
  • /data/data/####/libNovaAdaptor_1669810165386_42da2b87_main16797...84.tmp
  • /data/data/####/libdyncommon.zip
  • /data/data/####/libdyncommon.zip.temp
  • /data/data/####/libdyncommon_1675240520455_342cf64c_main1679742697854.tmp
  • /data/data/####/libfdk_aac.zip
  • /data/data/####/libfdk_aac.zip.temp
  • /data/data/####/libfdk_aac_1657101479989_d3177fda_main1679742731389.tmp
  • /data/data/####/libtitan_1676100635644_121805a1_main_1679742675604.tmp
  • /data/data/####/libtronavx.zip
  • /data/data/####/libtronavx.zip.temp
  • /data/data/####/libtronavx_1672759399072_f100c7fc_main1679742714654.tmp
  • /data/data/####/main_sp
  • /data/data/####/metrics_guid
  • /data/data/####/mmkv.vlock
  • /data/data/####/mpid
  • /data/data/####/mw1.bin
  • /data/data/####/mw1.bin.temp
  • /data/data/####/novabancache_2_1.v1_cache
  • /data/data/####/nw0.bin
  • /data/data/####/nw0.bin.temp
  • /data/data/####/okdownload-breakpoint-titan.db-journal
  • /data/data/####/okdownload-breakpoint.db-journal
  • /data/data/####/pdd_config.xml
  • /data/data/####/pdd_config_common.xml
  • /data/data/####/pdd_id_ondmrT6F_-_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000053_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000065_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000107_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000112_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000142_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000173_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000176_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000212_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_100000518_other_1..v1_cache
  • /data/data/####/pdd_id_ondmrT6F_25_other_1..v1_cache
  • /data/data/####/pinBackupFile
  • /data/data/####/pinduoduo.mmap1_8
  • /data/data/####/pinduoduo.mmap2_8
  • /data/data/####/pinduoduo_20230325.xlog
  • /data/data/####/pinduoduo_support.mmap1_8
  • /data/data/####/pinduoduo_support.mmap2_8
  • /data/data/####/pinduoduo_support_20230325.xlog
  • /data/data/####/pinduoduo_titan.mmap1_8
  • /data/data/####/pinduoduo_titan.mmap2_8
  • /data/data/####/pinduoduo_titan_20230325.xlog
  • /data/data/####/placeholder_00001679742676157001.dirty.xcrash
  • /data/data/####/placeholder_00001679742676203002.clean.xcrash
  • /data/data/####/placeholder_00001679742676204003.dirty.xcrash
  • /data/data/####/placeholder_00001679742676387004.clean.xcrash
  • /data/data/####/placeholder_00001679742714578001.dirty.xcrash
  • /data/data/####/placeholder_00001679742714585002.clean.xcrash
  • /data/data/####/placeholder_00001679742714585003.dirty.xcrash
  • /data/data/####/placeholder_00001679742714595004.clean.xcrash
  • /data/data/####/placeholder_00001679742732503001.dirty.xcrash
  • /data/data/####/placeholder_00001679742732505002.clean.xcrash
  • /data/data/####/placeholder_00001679742732505003.dirty.xcrash
  • /data/data/####/placeholder_00001679742732506004.clean.xcrash
  • /data/data/####/proc_auxv
  • /data/data/####/raw_ab_data.json
  • /data/data/####/raw_ab_data.json.temp-1679742695753
  • /data/data/####/raw_config_data.json
  • /data/data/####/raw_config_data.json.temp-1679742705859
  • /data/data/####/raw_exp_ab_data.json
  • /data/data/####/raw_exp_ab_data.json.temp-1679742688591
  • /data/data/####/raw_exp_ab_data.json.temp-1679742736487
  • /data/data/####/save_config_lock_file
  • /data/data/####/save_config_to_mmkv
  • /data/data/####/secure
  • /data/data/####/so_uuid_map
  • /data/data/####/so_uuid_map_main_120618
  • /data/data/####/so_uuid_map_main_136103
  • /data/data/####/so_uuid_map_main_157288
  • /data/data/####/stat_cookie_prefs.xml
  • /data/data/####/storage_permission_check_com.xunmeng.pinduoduo
  • /data/data/####/storage_permission_check_com.xunmeng.pinduoduo;support
  • /data/data/####/storage_permission_check_com.xunmeng.pinduoduo;titan
  • /data/data/####/support_sp
  • /data/data/####/thread_abcom.xunmeng.pinduoduo;support
  • /data/data/####/thread_abcom.xunmeng.pinduoduo;titan
  • /data/data/####/thread_pool_size_config
  • /data/data/####/titan_main_1679742675571.tmp
  • /data/data/####/titan_sp
  • /data/data/####/upgrade_picture.png
  • /data/data/####/ut_sp.xml
  • /data/data/####/uuid_2831c5f2eba95bcbc4976aedd13ec9d9
  • /data/data/####/uuid_57c2e8e29c5fc71f4a02018f12e6023a
  • /data/data/####/uuid_f035d4584692e9fdcd085d1cfe5cf6a5
  • /data/data/####/uuid_f4a435b83b08fb9d8cce556e065ab84a
  • /data/data/####/uuid_lock
  • /data/data/####/version_0.12.0
  • /data/data/####/version_0.31.0
  • /data/data/####/version_0.48.1
  • /data/data/####/version_1.43.0
  • /data/data/####/version_13.96.0
  • /data/data/####/version_21.86.0
  • /data/data/####/vita-database-journal (deleted)
  • /data/data/####/vita_database.vlock
  • /data/data/####/web-416061da86f89b0454b71f6f88c1497a
  • /data/media/####/5A968A4B377F25ED0A1FD3C67B0CEE31
  • /data/misc/####/primary.prof
Miscellaneous:
Executes the following shell scripts:
  • app_process /system/bin com.android.commands.pm.Pm list packages -u
  • cat /proc/self/cgroup
  • ip neigh show
  • ip route list table all
  • pm list package -3
  • pm list packages -u
  • sh -c cat /proc/sys/kernel/random/boot_id
  • stat -c %x /data/data
  • stat -f /storage/emulated
  • stat -f /system/etc
  • stat /data/system/users/0
  • stat /storage/emulated
  • uname -a
Loads the following dynamic libraries:
  • libANIBase
  • libbytehook
  • libc++_shared
  • libcmtreport
  • libcrashAvoid
  • libmanwe-lib
  • libmarsxlog
  • libmmkv
  • libpcrash
  • libpdd_sa_hook
  • libpdd_secure
  • libpvss_tailor
  • libtitan
  • libtronavx
  • libtronkit
  • libxdl
Uses the following algorithms to encrypt data:
  • AES-CBC-PKCS5Padding
  • AES-CBC-PKCS7Padding
  • AES-GCM-NoPadding
  • DES-ECB-PKCS5Padding
Uses the following algorithms to decrypt data:
  • AES-CBC-PKCS5Padding
  • AES-CBC-PKCS7Padding
  • DES-ECB-PKCS5Padding
  • RSA-ECB-PKCS1Padding
Accesses the ITelephony private interface.
Gets information about network.
Gets information about phone status (number, IMEI, etc.).
Displays its own windows over windows of other apps.
Intercepts notifications.
Requests the system alert window permission.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play