Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8011
- TCP(HTTP/1.1) 4####.98.16.182:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8012
- TCP(HTTP/1.1) da####.c####.qini####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) 2####.i####.com:80
- TCP(HTTP/1.1) cl####.tiantia####.com:80
- TCP(HTTP/1.1) www.a.sh####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) ope####.jieg####.com:80
- TCP(TLS/1.0) av1.x####.com:443
- TCP(TLS/1.0) ope####.jieg####.com:443
- 2####.i####.com
- a####.b####.qq.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- av1.x####.com
- cl####.tiantia####.com
- i.t####.com
- mt####.go####.com
- ope####.jieg####.com
- sdk.o####.p####.####.com
- spf####.huin####.cn
- www.b####.com
- 2####.i####.com/ic.asp
- www.a.sh####.com/
- aexcep####.b####.qq.com:8011/rqd/async
- aexcep####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- cl####.tiantia####.com/user/rg.do
- da####.c####.qini####.com/advertisement_bdad_1745.zip
- da####.c####.qini####.com/advertisement_plugin_1855.zip
- da####.c####.qini####.com/advertisement_yima_150.zip
- ope####.jieg####.com/Advertise/getSdkStrategyList
- ope####.jieg####.com/SDKBase/checkUpdate
- ope####.jieg####.com/SDKBase/initPlugin
- ope####.jieg####.com/SDKBase/initSDK
- ope####.jieg####.com/baseData/uploadUserInfo
- ope####.jieg####.com/logger/logInfoUpload
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/125630ef715cdbc24dfb5f16ddb02523
- /data/data/####/1555826399083_2337
- /data/data/####/1555826399323_2337
- /data/data/####/1555826400052_2337
- /data/data/####/1555826400268_2337
- /data/data/####/1555826400697_2337
- /data/data/####/1555826400810_2337
- /data/data/####/1555826401009_2337
- /data/data/####/1555826401722_2337
- /data/data/####/1555826403105_2459
- /data/data/####/1555826403276_2459
- /data/data/####/1555826403351_2459
- /data/data/####/1555826405469_2570
- /data/data/####/1555826405691_2570
- /data/data/####/1555826406434_2570
- /data/data/####/1555826467022_2570
- /data/data/####/1a7709507a5b056843641e6232754569
- /data/data/####/2b44928ae11fb9384c4cf38708677c48.zip
- /data/data/####/36781c2ecadc6c0a9590c54b7507d0b8
- /data/data/####/4c9c7781134279b367ffdbddce39adc9
- /data/data/####/53a671b2f0755cd26e6de6500f2e2597
- /data/data/####/93935425aa2720c0c897e4e2e295aa45
- /data/data/####/TD_app_pefercen_profile.xml
- /data/data/####/TDpref_longtime.xml
- /data/data/####/TDpref_longtime0.xml
- /data/data/####/TDpref_shorttime.xml
- /data/data/####/TDpref_shorttime0.xml
- /data/data/####/a3c65c2974270fd093ee8a9bf8ae7d0b.zip
- /data/data/####/b4ce30df77f78f164ecb7f9dbddbbd31
- /data/data/####/bd.xml
- /data/data/####/bugly_db_legu-journal
- /data/data/####/bundle.zip
- /data/data/####/cache.xml
- /data/data/####/com.reader.tiantianaikan_preferences.xml
- /data/data/####/da4fb5c6e93e74d3df8527599fa62642.zip
- /data/data/####/default_config.xml
- /data/data/####/e209e7e482bfa87866d4a45a61a2c688
- /data/data/####/ea2d7d844a22614ff59ca7a76a029d10
- /data/data/####/gdt.xml
- /data/data/####/getui_sp.xml
- /data/data/####/global.xml
- /data/data/####/hreader_db-journal
- /data/data/####/init_c1.pid
- /data/data/####/init_er.pid
- /data/data/####/jy_icon_close.png
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.9.1.1.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/meta
- /data/data/####/mix.dex
- /data/data/####/native_record_lock
- /data/data/####/plugin.so
- /data/data/####/plugin.xml
- /data/data/####/security_info
- /data/data/####/sensorsdata-journal
- /data/data/####/tdid.xml
- /data/data/####/user_info_temp.xml
- /data/data/####/yima.xml
- /data/media/####/.hpay_device_id
- /data/media/####/.nomedia
- /data/media/####/.tcookieid
- /data/media/####/2019-04-21.log
- /data/media/####/cuid
- /data/media/####/journal
- /data/media/####/journal.tmp
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- cat /proc/cpuinfo
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.1.1.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- Bugly
- getuiext2
- libnfix
- libshella-2.9.1.1
- libufix
- nfix
- ufix
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- DESede-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- DESede-ECB-PKCS5Padding