Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) pub-####.qin####.com:80
- TCP(HTTP/1.1) log.sn####.com.####.net:80
- TCP(HTTP/1.1) www.sweet####.net:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) c####.g####.com:80
- TCP(HTTP/1.1) i####.2####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) syy-ima####.b0.upa####.com:80
- TCP(HTTP/1.1) log####.ku####.cn:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) l####.cc:80
- TCP(HTTP/1.1) gs.g####.com:80
- TCP(HTTP/1.1) sh.wagbr####.aliyun####.com:80
- TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) s####.ml####.cc:443
- TCP(TLS/1.0) t####.c####.q####.####.com:443
- TCP(TLS/1.0) res####.a####.com:443
- TCP(TLS/1.0) q####.c####.l####.####.com:443
- TCP(TLS/1.0) 1####.217.17.110:443
- TCP(TLS/1.0) log.sn####.com.####.net:443
- TCP(TLS/1.0) api.weilin####.net:443
- TCP c####.g####.ig####.com:5227
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- amap####.cn-hang####.oss####.####.com
- api.weilin####.net
- b####.g####.com
- c####.g####.com
- c####.g####.com
- c####.g####.ig####.com
- c-h####.g####.com
- gs.g####.com
- i####.2####.com
- img####.st####.suishe####.net
- is.sn####.com
- l####.cc
- log####.ku####.cn
- log.sn####.com
- ommdq####.q####.com
- pc.weilito####.net
- plb####.u####.com
- pub-####.qin####.com
- res####.a####.com
- s####.ml####.cc
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- u####.u####.com
- www.sweet####.net
- i####.2####.com/book/0/8424/18424_jr_tadu.jpg
- l####.cc/i/sdk/is_gal?imei_md5=####&os=####&p_chklst_version=####&retry_...
- pub-####.qin####.com/tdata_EDT356
- sh.wagbr####.aliyun####.com/sdkcoor/android/x86/libJni_wgs2gcj.so
- syy-ima####.b0.upa####.com/2e52e1dc5ac9d868e9983bd3fd8ced1c/04a8bb0dd6fb...
- syy-ima####.b0.upa####.com/2e52e1dc5ac9d868e9983bd3fd8ced1c/08c2f4b61b61...
- syy-ima####.b0.upa####.com/2e52e1dc5ac9d868e9983bd3fd8ced1c/7d5603d74f3f...
- syy-ima####.b0.upa####.com/2e52e1dc5ac9d868e9983bd3fd8ced1c/7fc125d5f8ef...
- syy-ima####.b0.upa####.com/2e52e1dc5ac9d868e9983bd3fd8ced1c/830d64cb0d2e...
- syy-ima####.b0.upa####.com/2e52e1dc5ac9d868e9983bd3fd8ced1c/c867f10d37dd...
- syy-ima####.b0.upa####.com/2e52e1dc5ac9d868e9983bd3fd8ced1c/dcc74607c8f9...
- t####.c####.q####.####.com/tdata_bca864
- t####.c####.q####.####.com/tdata_ynp969
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- www.sweet####.net//UploadFile/bookphoto/4327/source.jpg
- c####.g####.com/api.php?format=####&t=####
- c-h####.g####.com/api.php?format=####&t=####
- gs.g####.com/encryption/key/fetch
- gs.g####.com/geshu/sdkStatistics/bd
- gs.g####.com/geshu/sdkStatistics/ubi
- l####.cc/i/sdk/install
- log####.ku####.cn/collect/event/log
- log.sn####.com.####.net/service/2/app_log_exception/?openudid=####&versi...
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/1545737965610
- /data/data/####/1545737969517
- /data/data/####/1545737975999
- /data/data/####/743a435eda4a
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/ECalendarPreferences.xml
- /data/data/####/LKME_Server_Request_Queue.xml
- /data/data/####/MultiDex.lock
- /data/data/####/Reader.xml
- /data/data/####/SuishenAd_prf.xml
- /data/data/####/SuishenExitPageSDK_v92.apk
- /data/data/####/UserInfo.xml
- /data/data/####/WLNOVEL_preference.xml
- /data/data/####/a==7.5.3&&1.1.1_1545737984108_envelope.log
- /data/data/####/book_city.xml
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ1NzM3OTY2Njkx;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ1NzM3OTY4NTgy;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ1NzM3OTY5MzEx;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ1NzM3OTc1Nzc4;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ1NzM3OTcxMzkz;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ1NzM3OTcyMjky;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ1NzM3OTgxMTMz;
- /data/data/####/downloader.db
- /data/data/####/downloader.db-journal
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gtc.db-journal
- /data/data/####/gx_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/i==1.2.0&&1.1.1_1545737966746_envelope.log
- /data/data/####/ias.db-journal
- /data/data/####/ias_sp.xml
- /data/data/####/info.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/libjiagu-197859388.so
- /data/data/####/linkedme_referral_shared_pref.xml
- /data/data/####/linkedme_referral_shared_pref.xml (deleted)
- /data/data/####/linkedme_referral_shared_pref.xml.bak
- /data/data/####/loctemp.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/multidex.version.xml
- /data/data/####/mwsdk_analytics.db-journal
- /data/data/####/persistent_data.xml
- /data/data/####/persistent_data.xml.bak (deleted)
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/suishen_ad.db-journal
- /data/data/####/suishen_ad_pramas.xml
- /data/data/####/suishen_ad_pramas.xml.bak
- /data/data/####/tdata_bca864
- /data/data/####/tdata_bca864.jar
- /data/data/####/tdata_ynp969
- /data/data/####/tdata_ynp969.jar
- /data/data/####/tt_sdk_settings.xml
- /data/data/####/ttopenadsdk.xml
- /data/data/####/ttopensdk.db
- /data/data/####/ttopensdk.db-journal
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/umdat.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/.a.dat
- /data/media/####/.adfwe.dat
- /data/media/####/.cca.dat
- /data/media/####/.lm_device_id
- /data/media/####/.umm.dat
- /data/media/####/0d7b176445bc40c8a9b6f6d39a06e551
- /data/media/####/1ccc2b2e9992f91258dc1234ec29dca6
- /data/media/####/1f7f91af336dc3af409a5ad04229ea2a
- /data/media/####/38de8dca065e62c1105b65462cdcb27a
- /data/media/####/426f83bc8e26969648f7eb95b7abf34dd4f015f5d20a79....0.tmp
- /data/media/####/53441b5c1ecb4df9b281eae3046db581
- /data/media/####/5e6a8a077fdeb3b628fe7fc9a4149dd0
- /data/media/####/5e8b94af8ade59662aa948de0ec43e8f
- /data/media/####/75a0637145fdb045cba912a3dc7fd03a
- /data/media/####/77dc47be5ec997cebfecfabb0f5e18ccc126261877dc27....0.tmp
- /data/media/####/8b8fdac012bccac22a9cd242cfaee9c7
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/a936887be09e746f1b7c5c2c1a5220dffed620347008cf....0.tmp
- /data/media/####/als.db
- /data/media/####/als.db-journal
- /data/media/####/app.db
- /data/media/####/b4093a5b7191dc7202f04fff8b9ce7624502da60adf9f3....0.tmp
- /data/media/####/blank.png
- /data/media/####/btn_nav_bg.9.png
- /data/media/####/btn_nav_sel.9.png
- /data/media/####/c44031338c2a330d34a9170e34c73596
- /data/media/####/c4e5fd4ea170e98126208227be7ed67fa17a50cd0833a9....0.tmp
- /data/media/####/cd76005e2ff6d02e47630d835a147466
- /data/media/####/cn.weli.novel.bin
- /data/media/####/cn.weli.novel.db
- /data/media/####/cn.weli.novel_.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/d3ed06da97ed46fab01970fa08333435
- /data/media/####/d7248ea043878922d3852e5db0554605430ebb25feda91....0.tmp
- /data/media/####/dialog_details_bg.9.png
- /data/media/####/dialog_dismiss.png
- /data/media/####/dialog_dismiss_sel.png
- /data/media/####/download_btn_normal.9.png
- /data/media/####/e7ea5a87393352828c5a384165f0110d
- /data/media/####/ed27d74439cdd8e5091560bdf31f82c5
- /data/media/####/f148340a130ed22acf8dd0b1b10643940a58667f9a22c3....0.tmp
- /data/media/####/f6aee7ccbaca576b57b60edb1b2009022700e60ddd1018....0.tmp
- /data/media/####/fes_type_sel.9.png
- /data/media/####/grid_bg.9.png
- /data/media/####/grid_sel.9.png
- /data/media/####/ic_btn_down.png
- /data/media/####/ic_default.png
- /data/media/####/info
- /data/media/####/journal
- /data/media/####/journal.tmp
- /data/media/####/list_bg_sel.png
- /data/media/####/tdata_bca864
- /data/media/####/tdata_ynp969
- /data/media/####/test.log
- /data/media/####/top_btn_normal.9.png
- /data/media/####/top_btn_selected.9.png
- /data/media/####/update_btn_normal.9.png
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.module.push.DemoPushService 24282 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- getprop ro.build.version.emui
- getprop ro.letv.release.version
- getprop ro.vivo.os.build.display.id
- ls /sys/class/thermal
- mount
- getuiext3
- libjiagu-197859388
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- DESede
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding