Technical information
- Adware.Plague.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) 47.94.1####.155:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) secgw-i####.m.ta####.com:80
- TCP(HTTP/1.1) gcw.b####.shoujid####.####.com:80
- TCP(HTTP/1.1) s####.e.qq.com:80
- TCP(HTTP/1.1) cdnri####.shoujid####.com.####.com:80
- TCP(HTTP/1.1) mi.g####.qq.com:80
- TCP(HTTP/1.1) oth.up####.mdt.####.com:8080
- TCP(HTTP/1.1) luna-im####.qq.com.####.com:80
- TCP(TLS/1.0) ada####.m.ta####.com:443
- TCP(TLS/1.0) secgw-i####.m.ta####.com:443
- TCP(TLS/1.0) sh.wagbr####.ta####.com:443
- TCP(TLS/1.0) vt####.y####.com:443
- a####.u####.com
- ada####.ut.ta####.com
- adas####.ut.ta####.com
- api.y####.com
- cdnri####.shoujid####.com
- d####.shoujid####.com
- fb.u####.com
- gcw.b####.shoujid####.com
- imgc####.qq.com
- k.y####.com
- l.y####.com
- mi.g####.qq.com
- oc.u####.com
- oth.up####.mdt.####.com
- p####.dj####.com
- p####.dj####.com
- p####.dj####.com
- s####.e.qq.com
- v####.atm.y####.com
- vt####.y####.com
- cdnri####.shoujid####.com.####.com/bama/img/c_80000006.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000007.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000013.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000017.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000018.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000036.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000037.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000041.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000042.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000043.jpg
- cdnri####.shoujid####.com.####.com/bama/img/c_80000044.jpg
- gcw.b####.shoujid####.####.com/ad/c_80000069.png
- gcw.b####.shoujid####.####.com/bama/img/c_80000083.png
- gcw.b####.shoujid####.####.com/bama/img/c_80000086.png
- gcw.b####.shoujid####.####.com/v/190808/10032312.jpg
- gcw.b####.shoujid####.####.com/v/190808/10032510.jpg
- gcw.b####.shoujid####.####.com/v/190808/10032686.jpg
- gcw.b####.shoujid####.####.com/v/190808/10033075.jpg
- gcw.b####.shoujid####.####.com/v/190808/10033330.jpg
- gcw.b####.shoujid####.####.com/v/190808/10034188.jpg
- gcw.b####.shoujid####.####.com/v/190808/10034761.jpg
- gcw.b####.shoujid####.####.com/v/190809/10026594.jpg
- gcw.b####.shoujid####.####.com/v/190809/10026641.jpg
- gcw.b####.shoujid####.####.com/v/190809/10026788.jpg
- gcw.b####.shoujid####.####.com/v/190809/10027807.jpg
- gcw.b####.shoujid####.####.com/v/190819/10004282.jpg
- gcw.b####.shoujid####.####.com/v/190820/10001980.jpg
- gcw.b####.shoujid####.####.com/v/190820/10001989.jpg
- gcw.b####.shoujid####.####.com/v/191209/10067566.jpg
- gcw.b####.shoujid####.####.com/v/191209/10068669.jpg
- gcw.b####.shoujid####.####.com/v/191210/10066041.jpg
- luna-im####.qq.com.####.com/qzone/biz/gdt/mod/android/AndroidAllInOne/pr...
- mi.g####.qq.com/gdt_mview.fcg?datatype=####&posid=####&count=####&r=####...
- secgw-i####.m.ta####.com/sdkconfig.xml
- a####.u####.com/app_logs
- oth.up####.mdt.####.com:8080/beacon/vercheck
- s####.e.qq.com/activate
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/Alvin2.xml
- /data/data/####/AppStore.xml
- /data/data/####/ContextData.xml
- /data/data/####/GDTSDK.db
- /data/data/####/GDTSDK.db-journal
- /data/data/####/PlayerUIApk.apk
- /data/data/####/UTCommon.xml
- /data/data/####/UmengLocalNotificationStore.db-journal
- /data/data/####/_preferences.xml
- /data/data/####/ap.Lock
- /data/data/####/beacontsa_cover.xml
- /data/data/####/beacontsa_cover_check.lock
- /data/data/####/classes.jar
- /data/data/####/cn.com.mma.mobile.tracking.other.xml
- /data/data/####/cn.com.mma.mobile.tracking.sdkconfig.xml
- /data/data/####/dbrbp-journal
- /data/data/####/devCloudSetting.cfg
- /data/data/####/devCloudSetting.sig
- /data/data/####/duoduo_oldboy.db-journal
- /data/data/####/gdt_plugin.jar
- /data/data/####/gdt_plugin.jar.sig
- /data/data/####/gdt_plugin.tmp
- /data/data/####/gdt_plugin.tmp.sig
- /data/data/####/gdt_suid
- /data/data/####/info.v36ac5af.d50e7d_preferences.xml
- /data/data/####/libjiagu-1138360480.so
- /data/data/####/mobclick_agent_online_setting_info.v36ac5af.d50e7d.xml
- /data/data/####/nnbb
- /data/data/####/sdkCloudSetting.cfg
- /data/data/####/sdkCloudSetting.sig
- /data/data/####/umeng_feedback_user_info.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_message_state.xml
- /data/data/####/update_lc
- /data/data/####/ut.db
- /data/data/####/ut.db-journal
- /data/data/####/webview.db-journal
- /data/data/####/youkusdk_preferences.xml
- /data/media/####/.nomedia
- /data/media/####/105ftw33sgpattrlua9ujudeg.tmp
- /data/media/####/1141240000
- /data/media/####/1270322719
- /data/media/####/1399405438
- /data/media/####/1tgx53mzit23ona0c30ec3pv4.tmp
- /data/media/####/1tvieaaa1s3afdd0rgm2imm6h.tmp
- /data/media/####/1vgn9ut76r4p4iq1smvdhk2tm.tmp
- /data/media/####/1wnrugd5hz1mkaoqbe7o80rhg.tmp
- /data/media/####/2028743681
- /data/media/####/26tga4mz9b7z1uocrvl62ye0f.tmp
- /data/media/####/2d9tywwo546ty75sgfri9tbue.tmp
- /data/media/####/2h12we1p7grrbrfnjuxj47eya.tmp
- /data/media/####/300bnk2qydj2ohkkcqe8m52ha.tmp
- /data/media/####/37jl5v2a3xmglctpsxqddq0dp.tmp
- /data/media/####/3bxwvk2nhmpgto8nzoe1zzqns.tmp
- /data/media/####/3nl53sl9xmguvenkaagimzu5y.tmp
- /data/media/####/3r3z8o7g67fh89bu153erwue5.tmp
- /data/media/####/3wbxm6w9yatcd0ymdp1njm3nt.tmp
- /data/media/####/43x2w3ihmnu4901gxfr1e9js2.tmp
- /data/media/####/4edkc2oioswj37o1231ynoh4h.tmp
- /data/media/####/4p7vau79c2cj3k6bqf391waup.tmp
- /data/media/####/57n3x6mw9o3h1r5znjrcz2w5x.tmp
- /data/media/####/5fc68dicpxfzkl3guadbr6xfl.tmp
- /data/media/####/5gwqf7fe4w8eiwqemc4ns458n.tmp
- /data/media/####/5tbu3dqa1qviwjqcanzye9kb6.tmp
- /data/media/####/5v1jytxvedjesk18om9caceo1.tmp
- /data/media/####/5wba8g17n2lgc3p0sd6yod1ew.tmp
- /data/media/####/6a749mh3gy8l4dzamz75u768q.tmp
- /data/media/####/6kfuanys1hyppnwihr7ullbth.tmp
- /data/media/####/724q5v5mq7o1xsctpz2zff2c9.tmp
- /data/media/####/752l3j4uwvvqztvxl0q3wrq3w.tmp
- /data/media/####/75z64mqn1riysbfgqmvk2colx.tmp
- /data/media/####/7apqakb4vkz96l35ot55amdpl.tmp
- /data/media/####/7evee8yr57mig0fllfwou8i1t.tmp
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/config.tmp
- /data/media/####/journal
- /data/media/####/journal.tmp
- /data/media/####/tlonvmu261pudisj74krh00j.tmp
- /data/media/####/uezjm01e1xhemmfm2q0ze5uv.tmp
- /data/media/####/vnbbmdlo3j10duslqnjvs5gc.tmp
- chmod 755 <Package Folder>/.jiagu/libjiagu-1138360480.so
- libjiagu-1138360480
- netcache
- ut_c_api
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS7Padding
- DES-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS7Padding
- RSA-ECB-PKCS1Padding