Executes next shell scripts:
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c type su
- chmod 644 /system/app/Qq2634511037.apk
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.10.6.0.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- chmod 777 /system/app/2634511037
- cp <SD-Card>/Android/2634511037 /system/app/
- getprop ro.board.platform
- getprop ro.yunos.version
- logcat -d -v threadtime
- mount -o rw,remount /system
- mount -o rw,remount /system/app
- mv /system/app/2634511037 /system/app/Qq2634511037.apk
- reboot
- sh
- su
Loads the following dynamic libraries:
- Bugly
- libnfix
- libshella-2.10.6.0
- libufix
- nfix
- ufix
Uses the following algorithms to encrypt data:
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
Uses the following algorithms to decrypt data:
Uses elevated priveleges.
Uses special library to hide executable bytecode.
Gains access to telephone information (number, imei, etc.).