Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) q####.c####.l####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) sdk-ope####.g####.com:80
- TCP(HTTP/1.1) www.card####.cc:80
- TCP(HTTP/1.1) c.d####.mob.com:80
- TCP(HTTP/1.1) cdn-sdk####.g####.com.####.com:80
- TCP(HTTP/1.1) amap####.cn-hang####.oss####.####.com:80
- TCP(HTTP/1.1) m.d####.mob.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) res####.a####.com:80
- TCP(HTTP/1.1) 1####.211.155.179:80
- TCP(HTTP/1.1) 1####.211.155.176:80
- TCP(HTTP/1.1) d####.d####.mob.com:80
- TCP(TLS/1.0) res####.a####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP cm-1####.ig####.com:5226
- 7j####.c####.z0.####.com
- amap####.cn-hang####.oss####.####.com
- c-h####.g####.com
- c.d####.mob.com
- cdn-sdk####.g####.com
- cm-1####.ig####.com
- d####.d####.mob.com
- m.d####.mob.com
- res####.a####.com
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- www.card####.cc
- amap####.cn-hang####.oss####.####.com/sdkcoor/android/x86/libJni_wgs2gcj...
- cdn-sdk####.g####.com.####.com/tdata_EDB102
- cdn-sdk####.g####.com.####.com/tdata_HNa879
- m.d####.mob.com/cconf?appkey=####&plat=####&apppkg=####&appver=####&netw...
- q####.c####.l####.####.com/config/hz-hzv6.conf
- sdk.o####.p####.####.com/api/addr.htm
- ti####.c####.l####.####.com/tdata_BAI450
- www.card####.cc/image/background/19.jpg
- 1####.211.155.179/errconf
- c-h####.g####.com/api.php?format=####&t=####
- c.d####.mob.com/cdata
- d####.d####.mob.com/dinfo
- d####.d####.mob.com/dsign
- res####.a####.com/v3/weather/weatherInfo
- sdk-ope####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####&d=####&k=####
- www.card####.cc/vipmodule/api.do?method=####
- www.card####.cc/vipmodule/shop/api.do
- /data/data/####/.jg.ic
- /data/data/####/.lock
- /data/data/####/.mrecord
- /data/data/####/.mrecord (deleted)
- /data/data/####/.mrlock
- /data/data/####/.statistics
- /data/data/####/0d656eb4587c1d902f4258aa270e0233780e1366c63f7d1....0.tmp
- /data/data/####/0f8b6bbe57a900f38098be9e138c8b7e35f3da1caca3b96....0.tmp
- /data/data/####/10232cd2619dd8091fbe7b9e966b81f87ec7b6fd347a2c2....0.tmp
- /data/data/####/14108941901055.0
- /data/data/####/1ba84172acdc299ad8c302306217a8610d709a37b782178....0.tmp
- /data/data/####/1d2b904cbeadfb72ed9546111a231c85.0
- /data/data/####/2709530d3c2714ee423bf5be69a2becdc1c776ce77fa472....0.tmp
- /data/data/####/39a04f9bedf4d5eee4a82a2300294b51df8783a33ec881e....0.tmp
- /data/data/####/45ca83e95efcbb658d0598c0cc2ff880d5f9c7d8ba8d2eb....0.tmp
- /data/data/####/7131737481155.0
- /data/data/####/74132269612188.0
- /data/data/####/875adf918d4b8089c1310c239c33fae18cd50fb27d0ec74....0.tmp
- /data/data/####/9284504ca8c880fb9ebd195e5a27e50fe380b899d1f7605....0.tmp
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/a232b07b0f9f1f29cd20d15468c7881065f77c233568e90....0.tmp
- /data/data/####/cardpool_city.xml
- /data/data/####/cardpool_config.xml
- /data/data/####/cardpool_myinfo.xml
- /data/data/####/d04b03807a3bd0feea111e10103b89ee7778a879effd12b....0.tmp
- /data/data/####/d6f4c3c80e4c
- /data/data/####/eff994f9a664eac7b0830e47755a01908ce10491dded491....0.tmp
- /data/data/####/f2434f03743785c6ebc7fcbe006c6a2ca7ddb6efceb12a8....0.tmp
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/libjiagu.so
- /data/data/####/loctemp.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/mob_commons_1.xml
- /data/data/####/mob_sdk_exception_1.xml
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/share_sdk_1.xml
- /data/data/####/sharesdk.db-journal
- /data/data/####/tdata_HNa879
- /data/data/####/tdata_HNa879.jar
- /data/data/####/xUtils_http_cache.db
- /data/data/####/xUtils_http_cache.db-journal
- /data/data/####/xUtils_http_cookie.db
- /data/data/####/xUtils_http_cookie.db-journal
- /data/data/####/x_cardpooldownload.db-journal
- /data/media/####/.al
- /data/media/####/.ccLock
- /data/media/####/.ccc
- /data/media/####/.dh-journal
- /data/media/####/.dhlock
- /data/media/####/.dic_lock
- /data/media/####/.dk
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.nomedia
- /data/media/####/.nulal
- /data/media/####/.nulplt
- /data/media/####/.pkg_lock
- /data/media/####/.plst
- /data/media/####/.rc_lock
- /data/media/####/.usLock
- /data/media/####/1578668811262.db
- /data/media/####/alsn20170807.db
- /data/media/####/alsn20170807.db-journal
- /data/media/####/app.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.yangtai.vip_business.bin
- /data/media/####/com.yangtai.vip_business.db
- /data/media/####/tdata_HNa879
- /system/bin/cat /proc/cpuinfo
- cat /sys/class/net/wlan0/address
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- grep -E -v root|shell|system
- mount
- sh
- top -d 0 -n 1
- getuiext2
- libjiagu
- neh
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS7Padding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-ECB-NoPadding
- AES-ECB-PKCS5Padding