Technical information
- Android.BankBot.738.origin
- UDP(DNS) 8####.8.4.4:53
- UDP(NTP) 2.and####.p####.####.org:123
- TCP(TLS/1.0) rr3---s####.g####.com:443
- TCP(TLS/1.0) rr2---s####.g####.com:443
- TCP(TLS/1.0) www.gst####.com:443
- TCP(TLS/1.0) www.face####.com:443
- TCP(TLS/1.0) con####.face####.net:443
- TCP(TLS/1.0) 1####.251.36.42:443
- TCP(TLS/1.0) rr4---s####.g####.com:443
- TCP(TLS/1.0) and####.google####.com:443
- TCP(TLS/1.0) android####.go####.com:443
- TCP(TLS/1.0) geo####.insta####.com:443
- TCP(TLS/1.2) 1####.217.168.238:443
- TCP(TLS/1.2) 1####.217.168.202:443
- TCP(TLS/1.2) 1####.217.168.195:443
- TCP(TLS/1.2) 1####.251.36.42:443
- UDP 1####.217.168.202:443
- UDP rr4---s####.g####.com:443
- UDP 1####.251.36.42:443
- 2.and####.p####.####.org
- and####.a####.go####.com
- and####.google####.com
- android####.go####.com
- con####.face####.net
- m####.go####.com
- rr2---s####.g####.com
- rr3---s####.g####.com
- rr4---s####.g####.com
- rr4---s####.g####.com
- www.face####.com
- www.gst####.com
- www.insta####.com
- /data/data/####/7940141d9baa85ad25aa2d18ed513df3.xml
- /data/data/####/payload.dex
- /data/data/####/payload.dex.flock (deleted)
- /data/data/####/payload.jar
- /data/media/####/uu.dd