▲ 3 r/antivirus
I’m looking for help identifying something suspicious I found on my Dune Android box. It was a package found here: package: com.google.android.sysinfo Dropped file: /data/user/0/com.google.android.sysinfo/files/.zz/systemd-daemon.
This IP was found inside it: 185.246.189.69 Some of the text found inside the file included: reverseShell, uploadFile, downloadFile, listrunexe, killrunexe, upgradeFileServerAddr.
Not really well versed in this area but wanted to know if it was dangerous
u/Groundbreaking_Tap85 — 1 month ago