搜索

[28431] 2020-07-23_AndroidRootnik恶意软件:深入研究第二部分

文档创建者:s7ckTeam
浏览次数:65
最后更新:2025-01-19
2020-07-23_AndroidRootnik恶意软件:深入研究第二部分 A n d r o i d   R o o t n i k   F o r t i G u a r d   O t s   2 0 2 0 - 0 7 - 2 3 R o o t n i k D E X D E X D E X d e m o . o u t e r a p p s h e l l . O u t e r S h e l l A p p O u t e r S h e l l A p p 1 . d e m o . o u t e r a p p s h e l l . O u t e r S h e l l A p p a t t a c h B a s e C o n t e x t L i n k I n n e r S h e l l a B C 2 . L i n k I n n e r S h e l l a B C 使 D e x C l a s s L o a d e r D E X d e m o . i n n e r a p p s h e l l . L o a d T a r g e t A p p l o a d
m o v e S o u r c e A p k h e l l o . a p k / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / h e l l o . a p k 3 . m o v e S o u r c e A p k o n C r e a t e 1 . b a C o n t e x t t h i s c o m . d h y . k q i b . c c 4 . b a C o n t e x t t h i s 2 . t h i s . m L i n k I n n e r S h e l l . o C d e m o . i n n e r a p p s h e l l . L o a d T a r g e t A p p i n i t C r e a t e
5 . o C h e l l o . a p k h e l l o . a p k 6 . h e l l o . a p k d e m o . i n n e r a p p s h e l l . L o a d T a r g e t A p p l o a d i n i t C r e a t e l o a d s o u r c e . a p k / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / s o u r c e . a p k D e x C l a s s L o a d e r i n i t C r e a t e 7 . i n i t C r e a t e r e p l a c e S y s t e m A p p l i c a t i o n c o m . d e m o . M y A p p l i c a t i o n o n C r e a t e s o u r c e . a p k
8 . r e p l a c e S y s t e m A p p l i c a t i o n S o u r c e . a p k s o u r c e . a p k s o u r c e . a p k
9 . s o u r c e . a p k s o u r c e . a p k c o m . d e m o . M y A p p l i c a t i o n o n C r e a t e 1 0 .   c o m . d e m o . M y A p p l i c a t i o n o n C r e a t e
1 1 . l i b h j d S s D M x u U Q a C V M D b o o t s t r a p . s o / a w s r a b f   / /   a w s r a b f   / /   a w s r a b f   / 1 2 . a s s e t s   /   a w s r a b f   / / d a t a / a p p - l i b / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n - 1 / l i b h j d S s D M x u U Q a C V M D b o o t s t r a p . s o / d a t a / d a t a / n e t . g o t s u n . a n d r o i d   . w i f i _ c o n f i g u r a t i o n   /   f i l e s   /   l i b h j d S s D M x u U Q a C V M D b o o t s t r a p . s o . s o l i b h j d S s D M x u U Q a C V M D b o o t s t r a p . s o / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / . s o J N I _ O n l o a d l i b h j d S s D M x u U Q a C V M D b o o t s t r a p . s o J N I _ O n l o a d J N I _ O n l o a d / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / a w s r a b f / l i b L D y A R N D i d K i Y c q z x d y n a m i c l o a d e r . s o / d a t a / d a t a / n e t . g o t s u n   . a n d r o i d . w i f i _ c o n f i g u r a t i o n   /   f i l e s   / L D y A R N D i d K i Y c q z x d y n a m i c l o a d e r . j a r 使 D e x C l a s s L o a d e r . j a r c o m . n a t i v e d r o i d . m o d u l e . d y n a m i c l o a d e r . D y n a m i c s t a r t
1 3 . c o m . n a t i v e d r o i d . m o d u l e . d y n a m i c l o a d e r . D y n a m i c s t a r t c o m . n a t i v e d r o i d . m o d u l e . d y n a m i c l o a d e r . D y n a m i c 1 4 .
1 5 . S D K l i b   /   a r m e a b i l i b Q S R D Z T u W g d c f L b E X d a e m o n . s o / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / Q S R D Z T u W g d c f L b E X d a e m o n . s o J A R b c V P H H D p a V h s x L G U l a l a . j a r q B i k v X z x O R C e g o s E z x c . j a r U n i U x q s T C x k M n v n g b t . j a r J A R D E X c o m . n a t i v e r o i d . s a . s d k . S D K s t a r t 广 广 W i f i C o n f i g u r a t i o n A c t i v i t y A n d r o i d M a n i f e s t . x m l n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n . W i f i C o n f i g u r a t i o n A c t i v i t y o n C r e a t e o n C r e a t e o n C r e a t e
1 6 . o n C r e a t e 1 . f a c o m . a n d r o i d . j 1 c o l l e c t i o n . G o o g S e r 1 7 . f a G o o g S e r 1 8 . G o o g S e r
c o m . a n d r o i d . j a r 1 a h . a b C o n t e x t   a r g 6 1 9 . c o m . a n d r o i d . j a r 1 a h . a b C o n t e x t   a r g 6 1 . a c a r g 6 U R L   h x x p / / g p . m i a o x i a 1 2 3 . c o m / c r / s v / g e t G o F i l e n a m e   =   o n l y V 1 7 0 4 1 4 0 1 A j 1 a r s o 3 2 j s o n U R L   h x x p / / s h . p e n c i l l i . c o m / c r / s d k / d y n V 1 7 0 4 1 7 0 1 D / d e s _ o n l y d y V 1 7 0 4 1 7 0 1 D j 1 s o 3 2 . z i p / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s   / 2 3 h a m m e r h e a d 3 2 / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n 1 2 h a m m e r h e a d 2 n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n 1 2 h a m m e r h e a d 2 o n l y d y V 1 7 0 4 1 7 0 1 D j 1 s o 3 2 z i p / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / 1 4 9 7 9 1 2 6 8 9 8 1 3 _ o n l y d y V 1 7 0 4 1 7 0 1 D j 1 s o 3 2 . s o   1 4 9 7 9 1 2 6 8 9 8 1 3 2 k a a r g 6 k a f . c l a s s f . c l a s s 3 k a f . c l a s s k a a r g 6 k a f . c l a s s / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / n a 1 l 2 t / n t m p 1 1 0 1 4 1 1 0 6 0 p i d t i d   1 1 0 1 4 1 1 0 6 0 3 S y s t e m . l o a d v 3 _ 1 / d a t a / d a t a / n e t . g o t s u n . a n d r o i d . w i f i _ c o n f i g u r a t i o n / f i l e s / 1 4 9 7 9 1 2 6 8 9 8 1 3 _ o n l y d y V 1 7 0 4 1 7 0 1 D j 1 s o 3 2 . s o f a t h i s . a . g e t A p p l i c a t i o n C o n t e x t c o m . a n d r o i d . j a r 1 a h . f v o i d   a C o n t e x t   a r g 0 t h i s . a a 线 c o m . a n d r o i d . j 1 c o l l e c t i o n . b
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理