手机中恶意程序,IP源是阿里云的,要怎么处理?-问答-阿里云开发者社区-阿里云

开发者社区> 问答> 正文

手机中恶意程序,IP源是阿里云的,要怎么处理?

2018-07-23 18:30:23 2845 1

解屏/打开新app/返回主界面都弹出全屏广告
查看手机上的软件发现一个com.service.usbhelper
通过fiddler查看发现广告请求ip都是139.196段
其中两个ip:139.196.110.187,139.196.6.81

请求如下,敏感信息已打码:
http://139.196.110.187:7701/adv/dgfly?
sdk=REL&
n=WIFI&
mfr=samsung&
cc=CN&
action=us&
tz=%2B0800&
rom=6240924%7C12507020&
bdsp=**&
hst_sdk_info=NA&
rel=5.0&
hdpp=true&
nt=wifi&
dm=1080x1920&
iir=true&
apn="*"&
hwssp=false&
hipp=true&
outerUrlList=zh&
si=**&
stat=%5B"app_com.android.settings"%2C"screen_on"%2C"power_disconnected"%5D&
no=46000&
mdl=**&
mac=**&
did=357555059379919&
ddpi=480&
pan=p_698&
bid=LRX21V&
ssn2=&
si2=&
av=5.00.9&
sdki=21&
an=com.service.usbhelper&
brnd=samsung&
sys=400188%7C2270376&
sdc=true&
pap=%7B"2018-07-22"%3A300000%7D&
avc=50000&
aid=512bd4dd8df5f246&
ssn=**&
cp=AK062

返回的信息:
{"cnf":{"dgfly":{"adtype":"bb","name":"u6f02u4eaeu5c0fu59d0u59d0u9080u8bf7u4f60u4e00u8d77u73a9u6296u97f3uff0cu5febu6765u770bu770bu5427uff01","show_type":"bb_banner_app","icon_img":"http://sf3-ttcdn-tos.pstatp.com/obj/web.business.image/201805285d0d2393d5c5f8ce4f8c90ed","ad_img":["http://sf6-ttcdn-tos.pstatp.com/obj/web.business.image/201805285d0dc49dfc79ccc84f24b675"],"desc":"u6f02u4eaeu5c0fu59d0u59d0u9080u8bf7u4f60u4e00u8d77u73a9u6296u97f3uff0cu5febu6765u770bu770bu5427uff01","w":690,"h":388,"s_dur":9000,"down_url":"https://lf.snssdk.com/api/ad/union/redirect/?req_id=1532274139409478u1242&use_pb=1&rit=900504076&call_back=szoF0cN6O7ncuCAgOMn%2BUFO9n0tD2%2BmEHrlRKA%2BJ6nk%3D&extra=d4nGnUoz35jp7D6eGLhzcfGyv82fYTYXpEILoP06buOwDq5gKQ4SOV2EJ5ecZk%2BxS8k%2BLI%2BtwG8Dk4GaiCWWLbSSji4QShfpKug5MMoTaRaMuXmdb0M4Oxmmj%2FZqEEy2AHlWvf2j49QaJmec%2F1h48p7f8EDqhTvv6%2B9kuVrkRW55CgAYX6Rvf7AyK2CRW%2B3F1OnKGYuHPKYI%2FWnV%2FL8A%2FYmhiZKzxt7UK3N5poh3P2HJ4tQJfAPPvOCr9z3NugngVPFv%2FVxSpWCerbLlkpBedGG0lnTXXaTHpgMg7y4jZklgmXIMuc2u1C5VvM%2BfhEXdJ0bsXzG6cHwhIb42iBG3mrl4ZIe46OZgspO6FOA%2FUcFCtIXAHn04C6SMomeEDPmG6oxK9a%2BrvC%2BY3lHKjk5efF9fJ0OHVORwGBLNXchOcXDISXQgIkZDrlvvfDLM0e%2FM1%2Bk%2Bw69Ony3WADfumsBSY1ecAAcdbbDSL9i1KeVtKkzoJrBQJXFWSAazFN0L7XaNjeTZHUwoxQaGlwpMU80DVaIfKJnDUid0z9wWRAI1yI4aI%2FZWkDoqyPLDexpYDDWVZp9X%2BNwb8gPYCBIXAyRzow%3D%3D&source_type=1&pack_time=1532274139.91&active_extra=sQfbi%2BJb18N1F9jUMD0oWBJod%2FaEvF0RipQ%2BDaSokRVM7FHrhqNed0ivPzhOh%2Bpbx%2FGDKVDNwaMFoP26RrVJ6w%3D%3D","dplnk":"","rtp":false,"rtp1":false,"ia":0,"s_rpt":["https://lf.snssdk.com/api/ad/union/show_event/?req_id=1532274139409478u1242&extra=oYhcW%2Fcxc3YLaSatyXClAQ088o%2Fr3CZCmhmDdu9MbHUQiMXb0QFxzQCKyCLwWGq5tjhkXx7Rqt1i65IJd7HJlEKdD%2Bs8ZkVdZZbV32R%2Fnc2U2cDeZYlsABG1fiR8syIC9FzAi8AvNl13dFkGDkzI3KCm4hJKUa8LPzvzHcIvjZo6xGQhGxy615bNTbEKZOy2wOKQFlTU17eZw3K0%2BTzy60D%2BqqGMlFmBjIffhS8Et7GYvGXRk%2FWFdexjLuZ1Tehv2rv0NICNBp4YYWFt%2FBZduO2xnLI%2Fax0CGIcBXvLUaqzWkETmILCrpvm%2F07i%2BkCZHDm%2B1GbX9sNfL9O0fEjAuX7kwIYVu9jWGo%2F7KxS0xlLUPcgewCyvJ7qhf0yJIUmD0sBTFM2yfgTGBGm6BsTlsbC4%2FzDZShRcvHtnlqtadHUrRX3TNnv43HuQhvfmsiQ85cBRQArC9m6s4TK3W89MECM8%2FzSw5K7GIZz5teVKkjxxHsqoakJXrB0k5vHlQaZeHKLYeNcpVi7Vd7OgdFmFwmDUCargD35cpT9PP6ILOBAsGBI5Vws9rutiLcMcz0nXj4O6jYSI5MYNIF1xlKU7L2v%2Fk3FIHnQ4y25vYu3cqJqbICmg4IsTwwN2Ouh%2BaKlsLz%2FaL8%2BIXr3GFRUeVlUm5nVi2KnwXrRI%2BwcBJljULugSWTqsRZl75L8IJYjvmIyczfu0jfPGnMBvfynKs2psIQpMlm9ghqvoH1j5QM78fEKkJ9L0DtB73AAx5%2B611zPBOnTZhG0FXZmTHCDmHA0kRAmD9HAAzvufa65xpKMbdQzf3vaMWIk%2BqEYBRagnystZAkSmhBjNBxqp9wlgLje3nigN4VrxZ17UsovvL9TM6aOc%2BoSvEX0JKx1k4TgUK3lmr6qxZpS7%2BNpYhG2Mohwf8YIm3vT9MVefnX5wZeQgxsxfAynp9GxVlm8J94bq9dXi2QgSu1R%2BGuGjH1xBhImnU1Rl%2Fm%2FGT1KqfkX7gfLL1UoRnY3EMZYGe3CNhgb%2BuS5AgRzz8xW6f7Ukv%2BWymDBgk1x16RPNIwKEubYMQIWRUYjrWBGOs%2FAIrz%2Fbt1BoTxgQRUKrC6X6ldKe5Ta5SqvSUhb8CCNmvPHc%2Fbr%2FHGsK1XncdtuSFFl%2Fy40fJBYqsJcjPun9hjxtnyKyJ6h82%2FaBldJkeL69bS%2FNo%2BtvBluRjx8enoC%2FwR2lZ%2F%2FrNq3%2BGMd4X52WGC9pe0jn4t9HgGrjKw1xi9O98d62Pfp2f7PLzy87P%2BQGGn72jpCG8jZZctWkNzkxUivUAaMxckGiOTSghdVGFVjMGe1KsFux%2Bc1%2F13T%2F2LLFzjqeZpt4Li96wSw%2BFZp9X%2BNwb8gPYCBIXAyRzow%3D%3D&source_type=1&pack_time=1532274139.91","http://139.196.171.67:5678/dgfly_rpt.php?reqid=1532274139.507775.90dfe&act=s&dl_si=0&adci=0&is_wifi=1&ad=AdvJrttUn&u_ad_type=2&adid=a955c68a&cp=AK062&did=357555059379919&aid=512bd4dd8df5f246"],"c_rpt":["https://lf.snssdk.com/api/ad/union/event/?req_id=1532274139409478u1242&extra=oYhcW%2Fcxc3YLaSatyXClAQ088o%2Fr3CZCmhmDdu9MbHUQiMXb0QFxzQCKyCLwWGq5tjhkXx7Rqt1i65IJd7HJlEKdD%2Bs8ZkVdZZbV32R%2Fnc2U2cDeZYlsABG1fiR8syIC9FzAi8AvNl13dFkGDkzI3KCm4hJKUa8LPzvzHcIvjZo6xGQhGxy615bNTbEKZOy2wOKQFlTU17eZw3K0%2BTzy60D%2BqqGMlFmBjIffhS8Et7GYvGXRk%2FWFdexjLuZ1Tehv2rv0NICNBp4YYWFt%2FBZduO2xnLI%2Fax0CGIcBXvLUaqzWkETmILCrpvm%2F07i%2BkCZHDm%2B1GbX9sNfL9O0fEjAuX7kwIYVu9jWGo%2F7KxS0xlLUPcgewCyvJ7qhf0yJIUmD0sBTFM2yfgTGBGm6BsTlsbC4%2FzDZShRcvHtnlqtadHUrRX3TNnv43HuQhvfmsiQ85cBRQArC9m6s4TK3W89MECM8%2FzSw5K7GIZz5teVKkjxxHsqoakJXrB0k5vHlQaZeHKLYeNcpVi7Vd7OgdFmFwmDUCargD35cpT9PP6ILOBAsGBI5Vws9rutiLcMcz0nXj4O6jYSI5MYNIF1xlKU7L2v%2Fk3FIHnQ4y25vYu3cqJqbICmg4IsTwwN2Ouh%2BaKlsLz%2FaL8%2BIXr3GFRUeVlUm5nVi2KnwXrRI%2BwcBJljULugSWTqsRZl75L8IJYjvmIyczfu0jfPGnMBvfynKs2psIQpMlm9ghqvoH1j5QM78fEKkJ9L0DtB73AAx5%2B611zPBOnTZhG0FXZmTHCDmHA0kRAmD9HAAzvufa65xpKMbdQzf3vaMWIk%2BqEYBRagnystZAkSmhBjNBxqp9wlgLje3nigN4VrxZ17UsovvL9TM6aOc%2BoSvEX0JKx1k4TgUK3lmr6qxZpS7%2BNpYhG2Mohwf8YIm3vT9MVefnX5wZeQgxsxfAynp9GxVlm8J94bq9dXi2QgSu1R%2BGuGjH1xBhImnU1Rl%2Fm%2FGT1KqfkX7gfLL1UoRnY3EMZYGe3CNhgb%2BuS5AgRzz8xW6f7Ukv%2BWymDBgk1x16RPNIwKEubYMQIWRUYjrWBGOs%2FAIrz%2Fbt1BoTxgQRUKrC6X6ldKe5Ta5SqvSUhb8CCNmvPHc%2Fbr%2FHGsK1XncdtuSFFl%2Fy40fJBYqsJcjPun9hjxtnyKyJ6h82%2FaBldJkeL69bS%2FNo%2BtvBluRjx8enoC%2FwR2lZ%2F%2FrNq3%2BGMd4X52WGC9pe0jn4t9HgGrjKw1xi9O98d62Pfp2f7PLzy87P%2BQGGn72jpCG8jZZctWkNzkxUivUAaMxckGiOTSghdVGFVjMGe1KsFux%2Bc1%2F13T%2F2LLFzjqeZpt4Li96wSw%2BFZp9X%2BNwb8gPYCBIXAyRzow%3D%3D&source_type=1&pack_time=1532274139.91","http://139.196.171.67:5678/dgfly_rpt.php?reqid=1532274139.507775.90dfe&act=c&dl_si=0&adci=0&is_wifi=1&ad=AdvJrttUn&u_ad_type=2&adid=a955c68a&cp=AK062&did=357555059379919&aid=512bd4dd8df5f246"],"d_rpt":["http://139.196.171.67:5678/dgfly_rpt.php?reqid=1532274139.507775.90dfe&act=d&dl_si=0&adci=0&is_wifi=1&ad=AdvJrttUn&adid=a955c68a&cp=AK062&did=357555059379919&aid=512bd4dd8df5f246"],"dc_rpt":["http://139.196.171.67:5678/dgfly_rpt.php?reqid=1532274139.507775.90dfe&act=dc&dl_si=0&adci=0&is_wifi=1&ad=AdvJrttUn&adid=a955c68a&cp=AK062&did=357555059379919&aid=512bd4dd8df5f246"],"i_rpt":["http://139.196.171.67:5678/dgfly_rpt.php?reqid=1532274139.507775.90dfe&act=i&dl_si=0&adci=0&is_wifi=1&ad=AdvJrttUn&adid=a955c68a&cp=AK062&did=357555059379919&aid=512bd4dd8df5f246"],"a_rpt":["http://139.196.171.67:5678/dgfly_rpt.php?reqid=1532274139.507775.90dfe&act=a&dl_si=0&adci=0&is_wifi=1&ad=AdvJrttUn&adid=a955c68a&cp=AK062&did=357555059379919&aid=512bd4dd8df5f246"],"o_rpt":[],"ad_pack":"banner","ad_ver":"","vsb":true,"dlsign":false,"logo":true,"is_act":"1","ci":"0","in_broser":false,"cl":1,"bb_area":true,"aicnf":[]}}}

取消 提交回答
全部回答(1)
相关问答

1

回答

阿里云如何处理将申通的应用容器化?

2021-01-15 03:42:38 269浏览量 回答数 1

0

回答

服务器被植入 恶意进程(云查杀)-挖矿程序,怎么处理

2020-05-28 10:06:34 407浏览量 回答数 0

6

回答

服务器被植入 恶意进程(云查杀)-挖矿程序,怎么处理

2018-07-04 11:01:14 8688浏览量 回答数 6

2

回答

阿里云虚拟主机安装不了DZ程序

2017-11-29 11:39:14 1962浏览量 回答数 2

2

回答

阿里云是否可以生产云手机

2017-11-27 08:33:18 1972浏览量 回答数 2

5

回答

阿里云的带宽处理能力?

2017-09-30 10:00:39 3077浏览量 回答数 5

1

回答

域名转入阿里云需要怎么处理?

2016-06-17 13:59:52 1699浏览量 回答数 1

1

回答

阿里云绿网报违规问题请教

2016-05-18 11:49:56 4520浏览量 回答数 1

2

回答

曾经在万网备案,网站早已倒闭,现在换阿里云还用在备案吗?

2015-01-19 11:29:56 5844浏览量 回答数 2

1

回答

阿里云主机可以安装其他程序不?DZ可以不?

2011-08-29 19:29:07 4725浏览量 回答数 1
+关注
0
文章
1
问答
问答排行榜
最热
最新
相关电子书
更多
低代码开发师(初级)实战教程
立即下载
阿里巴巴DevOps 最佳实践手册
立即下载
冬季实战营第三期:MySQL数据库进阶实战
立即下载