Technical information
- Android.Backdoor.641.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) tjser####.g####.cc:80
- TCP(TLS/1.0) www.go####.com:443
- tjser####.g####.cc
- www.go####.com
- tjser####.g####.cc/Scripts/jquery-1.9.1.min.js
- tjser####.g####.cc/login?userid=####
- <Package Folder>/.jiagu/libjiagu.so
- <Package Folder>/cache/####/data_0
- <Package Folder>/cache/####/data_1
- <Package Folder>/cache/####/data_2
- <Package Folder>/cache/####/data_3
- <Package Folder>/cache/####/f_000001
- <Package Folder>/cache/####/index
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/files/####/.jg.ic
- <Package Folder>/shared_prefs/CONSTANT_JP.xml
- <Package Folder>/shared_prefs/jg_so_upgrade_setting.xml
- <Package Folder>/shared_prefs/multidex.version.xml
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- libjiagu