Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) s####.e.qq.com:80
- TCP(HTTP/1.1) sdk-ope####.g####.com:80
- TCP(HTTP/1.1) sdk.c####.g####.####.cn:80
- TCP(HTTP/1.1) www.dianm####.com:80
- TCP(HTTP/1.1) reso####.msg.xi####.net:80
- TCP(HTTP/1.1) hk.wagbr####.non####.####.com:80
- TCP(HTTP/1.1) m.d####.mob.com:80
- TCP(HTTP/1.1) i####.sms.mob.com:80
- TCP(HTTP/1.1) qzs.gd####.com.####.com:80
- TCP(HTTP/1.1) ada####.m.ta####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) a####.a####.m.####.com:80
- TCP(HTTP/1.1) na61-####.wagbr####.ali####.####.com:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- UDP(NTP) 2.and####.p####.####.org:123
- TCP(TLS/1.0) def####.duals####.cn.####.com:443
- TCP(TLS/1.0) 2####.85.233.95:443
- TCP(TLS/1.0) msg.umengc####.com:443
- TCP(TLS/1.0) regi####.xm####.xi####.com:443
- TCP(TLS/1.0) sh.wagbr####.ta####.com:443
- TCP(TLS/1.2) 2####.85.233.94:443
- TCP openj####.m.ta####.com:443
- UDP 2####.85.233.95:443
- TCP cm-10####.g####.com:5226
- UDP 2####.0.0.1:9998
- TCP 1####.205.160.76:443
- TCP app.c####.xi####.net:5222
- TCP sdk.o####.t####.####.com:5224
- 2.and####.p####.####.org
- 5####.nd####.y####.com
- 7j####.c####.z0.####.com
- 9####.nd####.y####.com
- a####.exc.mob.com
- a####.m.ta####.com
- ad####.m.ta####.com
- ada####.m.ta####.com
- addr####.sms.mob.####.8
- addr####.sms.mob.com
- aos.w####.y####.####.8
- aos.w####.y####.net
- api.q####.com
- app.c####.xi####.net
- bcfeed####.ta####.com
- c-h####.g####.com
- cdn-sdk####.g####.com
- cm-10####.g####.com
- i####.sms.mob.com
- locksc####.mob####.cn
- locksc####.mob####.cn.####.8
- log.u####.com
- m####.go####.com
- m.d####.mob.com
- msg.umengc####.com
- qzs.gd####.com
- regi####.xm####.xi####.com
- reso####.msg.xi####.net
- s####.e.qq.com
- s####.gw.y####.####.8
- s####.gw.y####.net
- s####.u####.com
- s####.u####.com.####.8
- s.y####.net
- s.y####.net.####.8
- sd####.sms.mob.com
- sdk-ope####.g####.com
- sdk.c####.g####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- t####.dmp.y####.####.8
- t####.dmp.y####.net
- umengj####.m.ta####.com
- wb.110.ta####.com
- www.dianm####.com
- y####.al####.com
- def####.duals####.cn.####.com:443/bar/get/55652c7967e58ed6fa001afd/?ud_g...
- m.d####.mob.com/v2/cconf?appkey=####&plat=####&apppkg=####&appver=####&n...
- qzs.gd####.com.####.com/union/res/android/plugin/plugin.dex-960.jar
- reso####.msg.xi####.net/gslb/?ver=####&type=####&conpt=####&uuid=####&li...
- sdk.c####.g####.####.cn/config/hzv9.conf
- sdk.c####.g####.####.cn/tdata_EDB102
- sdk.c####.g####.####.cn/tdata_svG098
- sdk.c####.g####.####.cn/tdata_zNZ623
- sh.wagbr####.ta####.com:443/getConfiguration.do?status=####&appkey=####&...
- ti####.c####.l####.####.com/tdata_BAI450
- a####.a####.m.####.com/amdc/mobileDispatch?platform=####&v=####&deviceId...
- ada####.m.ta####.com/rest/sur?ak=####&av=####&c=####&v=####&s=####&d=###...
- c-h####.g####.com/api.php?format=####&t=####
- hk.wagbr####.non####.####.com/saveWb.json
- i####.sms.mob.com/sdk/init
- i####.sms.mob.com/token/get
- m.d####.mob.com/errconf
- na61-####.wagbr####.ali####.####.com/api/update.do
- s####.e.qq.com/activate
- s####.e.qq.com/msg
- sdk-ope####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####&d=####&k=####
- www.dianm####.com/diancai/wall.do
- /data/data/####/.cb
- /data/data/####/.jg.ic
- /data/data/####/.lock
- /data/data/####/.mrecord
- /data/data/####/.mrecord (deleted)
- /data/data/####/.mrlock
- /data/data/####/0a231bd8575dcf72.txt
- /data/data/####/1666801677321.log
- /data/data/####/1d77ea041509fe06.lock
- /data/data/####/21c22f492aba3de8.lock
- /data/data/####/31b31a7e085e
- /data/data/####/50c56e13d82d11ba17aeb5e3764c4d4f
- /data/data/####/50c56e13d82d11ba17aeb5e3764c4d4f-journal
- /data/data/####/87f75c18
- /data/data/####/8ef9c457b3bbb403.lock
- /data/data/####/930a31b34bd52c08.lock
- /data/data/####/ACCS_BIND.xml
- /data/data/####/ACCS_SDK.xml
- /data/data/####/ACCS_SDK_CHANNEL.xml
- /data/data/####/ACCS_SDK_CHANNEL.xml.bak
- /data/data/####/AGOO_BIND.xml
- /data/data/####/Agoo_AppStore.xml
- /data/data/####/Alvin2.xml
- /data/data/####/C0XKJAO3JLZKJPDKJFXLINQCJIOAOD.xml
- /data/data/####/CE94557724F842149D690D0E8CBB1CBD.xml
- /data/data/####/CE94557724F842149D690D0E8CBB1CBD.xml.bak (deleted)
- /data/data/####/ContextData.xml
- /data/data/####/Cookies-journal
- /data/data/####/MessageStore.db-journal
- /data/data/####/MsgLogStore.db-journal
- /data/data/####/OFFERSCONFIG1.xml
- /data/data/####/OxgHkj2lz09F
- /data/data/####/OxgHkj2lz09F-journal
- /data/data/####/P15pKIjsm64m
- /data/data/####/P15pKIjsm64m-journal
- /data/data/####/SGMANAGER_DATA2
- /data/data/####/SGMANAGER_DATA2.tmp
- /data/data/####/SMSSDK_2.xml
- /data/data/####/SMSSDK_2.xml (deleted)
- /data/data/####/SMSSDK_VCODE_1.xml
- /data/data/####/T1oX0rhhuXWt
- /data/data/####/T1oX0rhhuXWt-journal
- /data/data/####/TestinAgent.xml
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/UTCommon.xml
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/XKwVoK0huy3R
- /data/data/####/XKwVoK0huy3R-journal
- /data/data/####/XMPushServiceConfig.xml
- /data/data/####/accs.db-journal
- /data/data/####/agoo.pid
- /data/data/####/ap.Lock
- /data/data/####/b3174b7a6d3bea51202ab7a342495ddf-journal
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/cc.db-journal (deleted)
- /data/data/####/classes.dex
- /data/data/####/classes.oat
- /data/data/####/classes2.dex
- /data/data/####/classes3.dex
- /data/data/####/com.anroid.mylockscreen;pushservice
- /data/data/####/com.anroid.mylockscreen_preferences.xml
- /data/data/####/devCloudSetting.cfg
- /data/data/####/devCloudSetting.sig
- /data/data/####/e22c534f482a6f9f0867c77fa2c670d2
- /data/data/####/e22c534f482a6f9f0867c77fa2c670d2-journal
- /data/data/####/gdt_plugin.dex
- /data/data/####/gdt_plugin.dex.flock (deleted)
- /data/data/####/gdt_plugin.jar
- /data/data/####/gdt_plugin.jar.sig
- /data/data/####/gdt_plugin.next.sig
- /data/data/####/gdt_plugin.tmp
- /data/data/####/gdt_plugin.tmp.sig
- /data/data/####/gdt_suid
- /data/data/####/geofencing.db
- /data/data/####/geofencing.db-journal
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/gx_sp.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/jfq.dex
- /data/data/####/jfq.dex.flock (deleted)
- /data/data/####/jfq.jar
- /data/data/####/jqIqJYOT3JpT
- /data/data/####/jqIqJYOT3JpT-journal
- /data/data/####/jqIqJYOT3JpT-journal (deleted)
- /data/data/####/libjiagu.so
- /data/data/####/libsgmain_315522000000.dex
- /data/data/####/libsgmain_315522000000.dex.flock (deleted)
- /data/data/####/libsgmainso-5.1.81.so.tmp
- /data/data/####/lock.lock
- /data/data/####/lockscreen.xml
- /data/data/####/mipush.xml
- /data/data/####/mipush.xml.bak
- /data/data/####/mipush_account.xml
- /data/data/####/mipush_extra.xml
- /data/data/####/mob_commons_1.xml
- /data/data/####/mob_sdk_exception_1.xml
- /data/data/####/mob_sdk_exception_1.xml.bak
- /data/data/####/pref_registered_pkg_names.xml
- /data/data/####/proc_auxv
- /data/data/####/push.pid
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/qihoo_jiagu_crash_report.xml
- /data/data/####/run.pid
- /data/data/####/sdkCloudSetting.cfg
- /data/data/####/sdkCloudSetting.sig
- /data/data/####/sp.lock
- /data/data/####/tdata_svG098
- /data/data/####/tdata_svG098.dex
- /data/data/####/tdata_svG098.dex.flock (deleted)
- /data/data/####/tdata_svG098.jar
- /data/data/####/tdata_zNZ623
- /data/data/####/tdata_zNZ623.dex
- /data/data/####/tdata_zNZ623.dex.flock (deleted)
- /data/data/####/tdata_zNZ623.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_general_config.xml.bak
- /data/data/####/umeng_socialize.xml
- /data/data/####/umeng_socialize.xml (deleted)
- /data/data/####/umeng_socialize.xml.bak
- /data/data/####/update_lc
- /data/data/####/ut.db
- /data/data/####/ut.db-journal
- /data/data/####/wIU6pTyUBYWX
- /data/data/####/wIU6pTyUBYWX-journal
- /data/data/####/wsUL1uCdKvjD
- /data/data/####/wsUL1uCdKvjD-journal
- /data/data/####/ymdex.dex
- /data/data/####/ymdex.dex.flock (deleted)
- /data/data/####/ymdex.jar
- /data/data/####/ywPrefsTools.xml
- /data/data/####/zy_init.xml
- /data/media/####/.al
- /data/media/####/.dh-journal
- /data/media/####/.dhlock
- /data/media/####/.dic_lock
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.nulal
- /data/media/####/.nulplt
- /data/media/####/.pkg_lock
- /data/media/####/.rcTag
- /data/media/####/.rc_lock
- /data/media/####/.slock
- /data/media/####/3778777224464f2eb060d190fc26bb0e
- /data/media/####/6c709c11d2d46a7b
- /data/media/####/8be390b0c3d94623ac41b075c6fa08be
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/accs_election
- /data/media/####/app.db
- /data/media/####/com.anroid.mylockscreen.bin
- /data/media/####/com.anroid.mylockscreen.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/config
- /data/media/####/dd7893586a493dc3
- /data/media/####/f8e5d9ddd9ab44c59dbdf131a4902810
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/i42d45df023jnkdd93la483f9xGFKXI
- /data/media/####/inapp_20221026.log
- /data/media/####/lock.dat
- /data/media/####/log.lock
- /data/media/####/log1.txt
- /data/media/####/s92TjjdfoP2n3o9dfji2l9s1olkjf0p
- /data/media/####/tdata_svG098
- /data/media/####/tdata_zNZ623
- /data/media/####/zhaocaisuo.txt
- /data/misc/####/primary.prof
- /system/bin/cat /proc/cpuinfo
- /system/bin/cat /sys/devices/system/cpu/kernel_max
- app_process /system/bin com.android.commands.pm.Pm list packages
- cat /proc/self/cgroup
- cat /sys/class/net/wlan0/address
- chmod 755 /data/user/0/<Package>/.jiagu/libjiagu.so
- mount
- pm list packages
- sh
- libabcdefgh
- libgetuiext2
- libjiagu
- libsgmainso-5.1.81
- libtnet-3.1.7
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- AES-ECB-PKCS7Padding
- PBEWITHMD5andDES
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-ECB-PKCS7Padding
- PBEWITHMD5andDES
- RSA-ECB-PKCS1Padding