Technical information
- Adware.Waps.5.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) www.qili####.com:80
- TCP(HTTP/1.1) t####.dmp.y####.net:80
- TCP(HTTP/1.1) h####.b####.com:80
- TCP(HTTP/1.1) www.dianm####.com:80
- TCP(HTTP/1.1) l####.c####.q####.####.com:80
- TCP(HTTP/1.1) qzones####.g####.cn.####.com:80
- TCP(HTTP/1.1) ping####.qq.com:80
- TCP(HTTP/1.1) ui.ptlo####.qq.com:80
- TCP(HTTP/1.1) a.dia####.com:80
- TCP(HTTP/1.1) y####.b0.a####.com:80
- TCP(HTTP/1.1) app.w####.cn:80
- TCP(HTTP/1.1) cap####.qq.com:80
- TCP(HTTP/1.1) ty.cap####.qq.com:80
- TCP(HTTP/1.1) imgc####.qq.com.####.com:80
- TCP(HTTP/1.1) t####.qq.com:80
- TCP(HTTP/1.1) happ####.qili####.com:80
- TCP(HTTP/1.1) cap####.g####.com.####.com:80
- TCP(HTTP/1.1) s.y####.net:80
- TCP(TLS/1.0) t####.qq.com:443
- TCP(TLS/1.0) ty.cap####.qq.com:443
- TCP(TLS/1.0) 2####.58.208.110:443
- TCP(TLS/1.0) ssl.cap####.qq.com:443
- UDP 2####.0.0.1:9998
- 7####.nd####.y####.com
- a.dia####.com
- aos.w####.y####.net
- app.w####.cn
- au.y####.net
- cap####.g####.com
- cap####.qq.com
- h####.b####.com
- happ####.qili####.com
- imgc####.qq.com
- ping####.qq.com
- qzones####.g####.cn
- s####.gw.y####.net
- s.y####.net
- sdk.st####.y####.com
- ssl.cap####.qq.com
- t####.dmp.y####.net
- t####.qq.com
- ty.cap####.qq.com
- ui.ptlo####.qq.com
- www.dianm####.com
- www.qili####.com
- app.w####.cn/action/connect/active?app_id=####&udid=####&imsi=####&net=#...
- cap####.g####.com.####.com/2/tcaptcha-frame.b46b256e.js
- cap####.qq.com/template/TCapIframeApi.js?aid=####&rand=####&clientype=##...
- happ####.qili####.com/happyApi/v1/banner/praise
- imgc####.qq.com.####.com/ptlogin/ac/v9/js/area_chs.js
- imgc####.qq.com.####.com/ptlogin/v4/style/42/images/search.png
- imgc####.qq.com.####.com/ptlogin/v4/style/mobile_common.css
- l####.c####.q####.####.com/core/aos-dex/1701/7011/6f830529.jar
- l####.c####.q####.####.com/core/aos-so/1611/7000/ad389c56.so
- ping####.qq.com/pingd?dm=####&pvi=####&si=####&url=####&arg=pt_####&styl...
- qzones####.g####.cn.####.com/ptlogin/ver/19042519/js/login_10.js
- qzones####.g####.cn.####.com/qzone/phone/style/img/ptlogin-logo.png
- s.y####.net/stat/aos/v3/pkc?s=####
- s.y####.net/stat/aos/v3/pku?s=####
- s.y####.net/stat/v3/udt2?appid=####&s=####
- s.y####.net/v3/get?s=####
- s.y####.net/v3/zip_upd?s=####
- t####.qq.com/stats?sId=####
- ty.cap####.qq.com/code?siteKey=####&Action=####
- ui.ptlo####.qq.com/cgi-bin/login?pt_hide_ad=1&style=9&daid=5&appid=54900...
- ui.ptlo####.qq.com/cgi-bin/report?id=####
- ui.ptlo####.qq.com/cgi-bin/report?id=####&t=####
- ui.ptlo####.qq.com/ptui_ver.js?ptui_identifier=####&v=####
- www.qili####.com/QQPraise/appVersion?current_version=####
- y####.b0.a####.com/offer/dist/aos/pkg/3.3.1/offers_3.3.1.zip
- a.dia####.com/dev/api/connect.php?device_id=####&imsi=####&device_name=#...
- app.w####.cn/action/user_info
- h####.b####.com/app.gif
- t####.dmp.y####.net/v1/android/packages?rt=####&sign=####
- t####.dmp.y####.net/v2/android/pkgtime?rt=####&sign=####
- www.dianm####.com/diancai/wall.do
- www.qili####.com/QQPraise/billboard/user/get
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/229c483508ebee90a585535e4892df6e
- /data/data/####/229c483508ebee90a585535e4892df6e-journal
- /data/data/####/517a56138b796971b6fe511a5904b234-journal
- /data/data/####/AppSettings.xml
- /data/data/####/C0XKJAO3JLZKJPDKJFXLINQCJIOAOD.xml
- /data/data/####/CE94557724F842149D690D0E8CBB1CBD.xml
- /data/data/####/CacheTime.dat
- /data/data/####/OFFERSCONFIG1.xml
- /data/data/####/OxgHkj2lz09F
- /data/data/####/OxgHkj2lz09F-journal
- /data/data/####/P15pKIjsm64m
- /data/data/####/P15pKIjsm64m-journal
- /data/data/####/PaySettings.xml
- /data/data/####/ShowAdFlag.xml
- /data/data/####/T1oX0rhhuXWt
- /data/data/####/T1oX0rhhuXWt-journal
- /data/data/####/XKwVoK0huy3R
- /data/data/####/XKwVoK0huy3R-journal
- /data/data/####/__Baidu_Stat_SDK_SendRem.xml
- /data/data/####/__Baidu_Stat_SDK_SendRem.xml.bak
- /data/data/####/__local_last_session.json
- /data/data/####/__local_stat_cache.json
- /data/data/####/a5eed241bd45671cac9d188e22e7dd5d.zip
- /data/data/####/arrow-left-pink.png
- /data/data/####/arrow-left.png
- /data/data/####/arrow-right-pink.png
- /data/data/####/arrow-right.png
- /data/data/####/b0128a1b4bc22d7e47728dbd70d48723
- /data/data/####/b0128a1b4bc22d7e47728dbd70d48723-journal
- /data/data/####/blank.gif
- /data/data/####/close-icon.png
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/default.png
- /data/data/####/detail-wx-miniprogram.html
- /data/data/####/detail-wx-miniprogram.js
- /data/data/####/detail-wx.html
- /data/data/####/detail-wx.js
- /data/data/####/detail.html
- /data/data/####/detail.js
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/feedback.html
- /data/data/####/feedback.js
- /data/data/####/form.css
- /data/data/####/global.js
- /data/data/####/index
- /data/data/####/jqIqJYOT3JpT
- /data/data/####/jqIqJYOT3JpT-journal
- /data/data/####/libabcdefgh.so.new
- /data/data/####/libjiagu.so
- /data/data/####/lists.css
- /data/data/####/lists.html
- /data/data/####/lists.js
- /data/data/####/md5.js
- /data/data/####/nointernet.png
- /data/data/####/pic_friend_step1.jpg
- /data/data/####/pic_friend_step2.jpg
- /data/data/####/pic_friend_step3.jpg
- /data/data/####/pic_friend_step4.jpg
- /data/data/####/pic_friend_step5.jpg
- /data/data/####/pic_m.png
- /data/data/####/pic_tips_01.png
- /data/data/####/pic_tips_02.png
- /data/data/####/pic_xiaochengxu_kefu_step1.png
- /data/data/####/pic_xiaochengxu_kefu_step2.png
- /data/data/####/pic_xiaochengxu_kefu_step3.png
- /data/data/####/pic_xiaochengxu_kefu_step4.png
- /data/data/####/pic_xiaochengxu_kefu_step5.png
- /data/data/####/pic_xiaochengxu_kefu_step6.png
- /data/data/####/pic_xiaochengxu_step1.png
- /data/data/####/pic_xiaochengxu_step2.png
- /data/data/####/pic_xiaochengxu_step3.png
- /data/data/####/pic_xiaochengxu_step4.png
- /data/data/####/pic_xiaochengxu_step5.png
- /data/data/####/preferences.xml
- /data/data/####/result.png
- /data/data/####/rule.html
- /data/data/####/sdetail.html
- /data/data/####/share.css
- /data/data/####/share.html
- /data/data/####/share.js
- /data/data/####/sprite-face.png
- /data/data/####/sprite-icons.png
- /data/data/####/sprite-icons2.png
- /data/data/####/wIU6pTyUBYWX
- /data/data/####/wIU6pTyUBYWX-journal
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/data/####/wsUL1uCdKvjD
- /data/data/####/wsUL1uCdKvjD-journal
- /data/data/####/wx-qr-step1.jpg
- /data/data/####/wx-qr-step2.jpg
- /data/data/####/wx-qr-step3.jpg
- /data/data/####/wx-qr-step4.jpg
- /data/data/####/wx-qr-step5.jpg
- /data/data/####/wx-step1.jpg
- /data/data/####/wx-step2.jpg
- /data/data/####/wx-step3.jpg
- /data/data/####/wx-step4.jpg
- /data/data/####/wx-step5.jpg
- /data/data/####/wx-wifi-step1.jpg
- /data/data/####/wx-wifi-step2.jpg
- /data/data/####/wx-wifi-step3.jpg
- /data/data/####/wx-wifi-step4.jpg
- /data/data/####/wx-wifi-step5.jpg
- /data/data/####/ymdex.jar
- /data/data/####/ymdex.jar.new
- /data/data/####/zonepre.xml
- /data/data/####/zonepre.xml.bak
- /data/media/####/.cuid
- /data/media/####/4f381e4a18db964acd607fbc01c91ab6
- /data/media/####/4f381e4a18db964acd607fbc01c91ab6.ymtf
- /data/media/####/AppPackage.dat
- /data/media/####/CacheTime.dat
- /data/media/####/DXTX902KJZX9JASLDJF
- /data/media/####/DXTX902KJZX9JASLDJF.ymtf
- /data/media/####/SOX90123JSOALK2098SD
- /data/media/####/SOX90123JSOALK2098SD.ymtf
- /data/media/####/UnPackage.dat
- /data/media/####/android
- /data/media/####/djaof.dll
- /data/media/####/i42d45df023jnkdd93la483f9xGFKXI
- /data/media/####/s92TjjdfoP2n3o9dfji2l9s1olkjf0p
- /system/bin/cat /sys/devices/system/cpu/kernel_max
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- abcdefgh
- libjiagu
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS5Padding
- DES-CBC-PKCS5Padding
- PBEWITHMD5andDES
- AES
- PBEWITHMD5andDES