Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) sdk.o####.amp.####.com:80
- TCP(HTTP/1.1) nav.cn.ron####.com:80
- TCP(HTTP/1.1) a####.b####.qq.com:8011
- TCP(HTTP/1.1) api.s####.mob.com:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) a####.b####.qq.com:8012
- TCP(HTTP/1.1) a####.exc.mob.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) loc.map.b####.com:80
- TCP(HTTP/1.1) pg.x####.com:80
- UDP(NTP) 1.cn.p####.####.org:123
- UDP(NTP) 0.a####.p####.####.org:123
- UDP(NTP) 2.a####.p####.####.org:123
- TCP(TLS/1.0) l####.s####.com.cn:443
- TCP(TLS/1.0) jic.talking####.com:443
- TCP(TLS/1.0) adt.x####.com:443
- TCP(TLS/1.0) s####.cn.ron####.com:443
- TCP(TLS/1.0) app.x####.com:443
- TCP(TLS/1.0) pass####.w####.cn:443
- TCP(TLS/1.0) cap####.appl####.com:443
- TCP(TLS/1.0) o####.w####.cn:443
- TCP(TLS/1.0) ro####.net:443
- TCP c####.g####.ig####.com:5225
- TCP sdk.o####.t####.####.com:5224
- TCP 1####.92.13.100:8614
- 0.a####.p####.####.org
- 1.cn.p####.####.org
- 2.a####.p####.####.org
- 7j####.c####.z0.####.com
- 7x####.c####.z0.####.com
- a####.b####.qq.com
- a####.exc.mob.com
- adt.x####.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- api.s####.mob.com
- app.x####.com
- c####.g####.ig####.com
- c-h####.g####.com
- cap####.w####.com
- i####.cn
- i.t####.com
- int.d####.s####.####.cn
- jic.talking####.com
- l####.s####.com.cn
- loc.map.b####.com
- mt####.go####.com
- nav.cn.ron####.com
- o####.w####.cn
- pass####.w####.cn
- pg.x####.com
- ro####.net
- s####.cn.ron####.com
- sdk.c####.ig####.com
- sdk.o####.amp.####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- sdk.o####.amp.####.com/api.htm?format=####&t=####
- t####.c####.q####.####.com/tdata_Soq141
- t####.c####.q####.####.com/tdata_vxj811
- t####.c####.q####.####.com/uploads/announcement/banner/1/55bbbbdedb.png
- t####.c####.q####.####.com/uploads/announcement/banner/2/f8d68fac39.png
- t####.c####.q####.####.com/uploads/announcement/banner/5/405c021e52.png
- t####.c####.q####.####.com/uploads/announcement/banner/6/36cf47aae2.png
- t####.c####.q####.####.com/uploads/image/avatar/5404/6b82b3fc7d.jpg!cover2
- t####.c####.q####.####.com/uploads/image/avatar/5405/30d4123786.jpg!cover2
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- a####.b####.qq.com:8011/rqd/async
- a####.b####.qq.com:8012/rqd/async
- a####.exc.mob.com/errconf
- and####.b####.qq.com/rqd/async
- api.s####.mob.com/conf5
- api.s####.mob.com/conn
- api.s####.mob.com/snsconf
- c-h####.g####.com/api.php?format=####&t=####
- loc.map.b####.com/offline_loc
- loc.map.b####.com/sdk.php
- nav.cn.ron####.com/navipush.json
- pg.x####.com/api/q/a/3c99d6d9a19c2699cbe29901bb0c04372
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.duid
- /data/data/####/.lock
- /data/data/####/.mrecord
- /data/data/####/.mrlock
- /data/data/####/.statistics
- /data/data/####/.vpl_lock
- /data/data/####/1038f583925fd02bc8d0a03e29ca0674287c67a37ba81a9....0.tmp
- /data/data/####/1537001972714_2074
- /data/data/####/1537001972761_2074
- /data/data/####/1537001972856_2074
- /data/data/####/1537001973281_2114
- /data/data/####/1537001973371_2114
- /data/data/####/1537001973622_2074
- /data/data/####/1537001976380_2138
- /data/data/####/1537001976436_2421
- /data/data/####/1537001976724_2421
- /data/data/####/1537001976753_2278
- /data/data/####/1537001976853_2138
- /data/data/####/1537001977000_2278
- /data/data/####/24d11368a8ec7cbe2d7b0c1d99b42f8fa98aacbf38c0280....0.tmp
- /data/data/####/455aa73ffed74b08f1f3d9374f7bd8b935ecd2561fd4cfa....0.tmp
- /data/data/####/7e7ade47a2e2700b3c614d0bfd7e602e3bea804fd118146....0.tmp
- /data/data/####/COUNTLY_STORE.xml
- /data/data/####/RongPush.xml
- /data/data/####/Statistics.xml
- /data/data/####/TDCloudSettingsConfig30C924C6D8FE2B51AE579EBB03D8B74D.xml
- /data/data/####/TD_app_pefercen_profile.xml
- /data/data/####/TDpref_longtime.xml
- /data/data/####/TDpref_longtime1.xml
- /data/data/####/TDpref_shorttime.xml
- /data/data/####/TDpref_shorttime1.xml
- /data/data/####/TDtcagent.db
- /data/data/####/TDtcagent.db-journal
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/ba8795948547246aa28e4017e9fa725246f5c5283c73f7c....0.tmp
- /data/data/####/bugly_db_legu-journal
- /data/data/####/cdd9d381005e69364d95f21946af144e42de131f37be76a....0.tmp
- /data/data/####/com.robin8.rb_preferences.xml
- /data/data/####/common.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/firll.dat
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal.tmp
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.9.0.2.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/locale.config.xml
- /data/data/####/mix.dex
- /data/data/####/mob_commons_1
- /data/data/####/mob_sdk_exception_1
- /data/data/####/mpush_app.db-journal
- /data/data/####/mpush_gateway_preferences_file
- /data/data/####/mpush_version_preferences_file
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/null.xml
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/robin_token.xml
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/share_sdk_1
- /data/data/####/sharesdk.db-journal
- /data/data/####/td.lock
- /data/data/####/tdata_Soq141
- /data/data/####/tdata_Soq141.jar
- /data/data/####/tdata_vxj811
- /data/data/####/tdata_vxj811.jar
- /data/data/####/tdid.xml
- /data/data/####/tdlock.txt
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.artc_lock
- /data/media/####/.cuid
- /data/media/####/.di
- /data/media/####/.dic_lock
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.lecd
- /data/media/####/.lesd_lock
- /data/media/####/.mn_-1464060969
- /data/media/####/.nomedia
- /data/media/####/.pkg_lock
- /data/media/####/.pkgs_lock
- /data/media/####/.rc_lock
- /data/media/####/.slw
- /data/media/####/.ss_lock
- /data/media/####/.tcookieid
- /data/media/####/RongLog_2_8_21.log
- /data/media/####/app.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.robin8.rb.bin
- /data/media/####/com.robin8.rb.db
- /data/media/####/ller.dat
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/media/####/tdata_Soq141
- /data/media/####/tdata_vxj811
- /data/media/####/test.0
- /data/media/####/test.log
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.receiver.DemoPushService 24217 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.0.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.receiver.DemoPushService 24217 300 0
- Bugly
- RongIMLib
- getuiext2
- libnfix
- libshella-2.9.0.2
- libufix
- locSDK6a
- nfix
- ufix
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS7Padding
- AES-ECB-NoPadding
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding