Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) t.j####.com:8081
- TCP(HTTP/1.1) phon####.x####.d####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) 1####.55.144.200:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) h####.opensp####.cn:80
- TCP(HTTP/1.1) t.j####.com:8008
- TCP(HTTP/1.1) www.j####.com:80
- TCP(HTTP/1.1) t.xinhu####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) d####.opensp####.cn:80
- TCP(TLS/1.0) p.xi####.cn:443
- TCP(TLS/1.0) l####.xinhu####.com:443
- TCP(TLS/1.0) s####.tc.qq.com:443
- TCP c####.g####.ig####.com:5225
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- and####.b####.qq.com
- c####.g####.ig####.com
- c-h####.g####.com
- d####.opensp####.cn
- h####.opensp####.cn
- l####.xinhu####.com
- p.xi####.cn
- phon####.x####.d####.com
- r####.wx.qq.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- st####.xinhu####.com
- t.j####.com
- t.xinhu####.com
- www.j####.com
- h####.opensp####.cn/launchconfig?t=####&p=####
- phon####.x####.d####.com/weather/getWeatherByAreaID?areaId=####
- t####.c####.q####.####.com/tdata_Soq141
- t####.c####.q####.####.com/tdata_ntt510
- t.j####.com:8008/app_if/MobileApp?appKey=####&channel=####&versionCode=#...
- t.j####.com:8008/app_if/getArticles?columnId=####&version=####&lastFileI...
- t.j####.com:8008/app_if/getColumns?siteId=####&parentColumnId=####&versi...
- t.j####.com:8008/app_if/getConfig?appID=####
- t.j####.com:8008/app_if/redDot?siteID=####
- t.j####.com:8081/jnrb/201707/26/15e6dac5-c96d-4277-b8b0-8b93792ec366.png
- t.j####.com:8081/jnrb/201707/26/2f4c0eb3-d3b2-48c7-988f-4b055ab994a2.png
- t.j####.com:8081/jnrb/201707/26/33366e2d-1b5e-48fd-866c-ee0f369bb70c.png
- t.j####.com:8081/jnrb/201707/26/46881957-6ff5-4f3b-93eb-e17d642d56e5.png
- t.j####.com:8081/jnrb/201707/26/4f65c474-c074-40aa-be14-3981bc006bfb.png
- t.j####.com:8081/jnrb/201707/26/60b53f13-eec0-4e33-b636-7a159e9be183.png
- t.j####.com:8081/jnrb/201707/26/a5c92c44-2ff7-49d9-9387-2ce9fe527680.png
- t.j####.com:8081/jnrb/201707/26/ca019fc1-3864-40d4-8ea6-543f28050d5c.png
- t.j####.com:8081/jnrb/201707/26/f8384775-2d40-464b-aa94-a4d2390e0bee.png
- t.j####.com:8081/jnrb/201707/26/fda608e1-27e8-4cd4-8996-6f38315048d8.png
- t.xinhu####.com/ra5TleK
- www.j####.com/75423517-8a3a-4d8f-9265-1ae317d56eb2.jpg
- www.j####.com/paperapp/pic/201812/19/2d7c75e0-dd11-40b9-be3a-1327a452df1...
- www.j####.com/zsjn/pic/2018-12/06/c9795c73-50de-4d23-b703-3537114f5cf8c0...
- www.j####.com/zsjn/pic/2018-12/18/t0_(4X29X147X135)b5451c8f-ca70-40be-9b...
- www.j####.com/zsjn/pic/2018-12/19/t0_(177X3X600X316)5df944a2-5e5b-4a93-8...
- www.j####.com/zsjn/pic/2018-12/19/t0_(32X35X527X401)3fd047d9-1c95-42ef-8...
- www.j####.com/zsjn/pic/2018-12/19/t0_(34X43X521X403)cf44dad0-540d-4904-8...
- www.j####.com/zsjn/pic/2018-12/19/t0_(42X47X475X367)dff396f0-3e89-4eac-a...
- www.j####.com/zsjn/pic/2018-12/19/t0_(43X26X573X418)84745f1a-afd0-433a-a...
- www.j####.com/zsjn/pic/2018-12/19/t0_(80X60X554X410)ef24edeb-4e35-4245-9...
- www.j####.com/zsjn/pic/2018-12/19/t2_(262X11X600X201)5df944a2-5e5b-4a93-...
- www.j####.com/zsjn/pic/2018-12/19/t2_(74X0X540X262)07e3bb88-268e-442d-b1...
- and####.b####.qq.com/rqd/async
- c-h####.g####.com/api.php?format=####&t=####
- d####.opensp####.cn/index.php/clientrequest/clientcollect/isCollect
- sdk.o####.p####.####.com/api.php?format=####&t=####
- t.j####.com:8008/app_if/event
- t.j####.com:8008/app_if/getPaperDates
- t.j####.com:8008/app_if/getPaperLayouts
- t.j####.com:8008/app_if/getPapers
- /data/data/####/-1005909431
- /data/data/####/-1084604138
- /data/data/####/-1194544856
- /data/data/####/-1230275987
- /data/data/####/-1391058361
- /data/data/####/-1398936441
- /data/data/####/-1681567853
- /data/data/####/-1695136617
- /data/data/####/-1791963451
- /data/data/####/-1988476956
- /data/data/####/-211977331
- /data/data/####/-408490836
- /data/data/####/-801517846
- /data/data/####/-809395926
- /data/data/####/-934889704
- /data/data/####/1030950414
- /data/data/####/107192b530383501f2ff28a495409ddd3cf3b131439de58....0.tmp
- /data/data/####/1084282501
- /data/data/####/109831274
- /data/data/####/1221409398
- /data/data/####/1298416625
- /data/data/####/1342a4472cd9e03329680f7d49c29266d369a5cda52df67....0.tmp
- /data/data/####/1402515637
- /data/data/####/1691443635
- /data/data/####/1815232e6e1356fb824abcc48e00c5a5059ae1e66eb3874....0.tmp
- /data/data/####/1887957140
- /data/data/####/18c6b0ae00535a3082661e7e753046c320e186f3e47d1ac....0.tmp
- /data/data/####/264d38ddad02ab358dfd5f0c0b52fdbfc581fc66655041d....0.tmp
- /data/data/####/290f846666cd7526df53dd84664256dee7ccf8469083202....0.tmp
- /data/data/####/35ec4e4ac4c318e8f5174257340c46a683f0086b66ecea9....0.tmp
- /data/data/####/3a82bca909e07fad2e07ee8d30cc813ef34bb084cb63fb2....0.tmp
- /data/data/####/461e76d65f354713ecd4b7d186d7084c3ed3d181d5cad1d....0.tmp
- /data/data/####/48e8e828de111de70339a3260452e81416f21ace0d97804....0.tmp
- /data/data/####/4e0e14f1641483e9244365444163cb4949433821b3bc728....0.tmp
- /data/data/####/57a6aa737e929cad5b8efa86c2a53600c4333f897af49c1....0.tmp
- /data/data/####/5bc3443fbae8135149b1e7b68b7e4f6982c1d7084227a15....0.tmp
- /data/data/####/5ebb7a52a40214bee15cb189da70c4f78a31be97ed15e33....0.tmp
- /data/data/####/69ebd58b9b73083e23e39a80eecc0b7127484e03c483b62....0.tmp
- /data/data/####/6a35640a436a390faad3600da3714d9e423b2876b8bbf45....0.tmp
- /data/data/####/6abd9de1eb24afda2a07b1868439f8a3505f27fcff54a18....0.tmp
- /data/data/####/6b297e1a66ac81b3276b690bf9d4b7818c79a8693976ab8....0.tmp
- /data/data/####/6cfff96db8392d92bed66361f03cb33459307d3d8f8f45f....0.tmp
- /data/data/####/708876110
- /data/data/####/783290435
- /data/data/####/7f8a75519ea65e985b82b0e438ff9303679cce2d1c8dfe2....0.tmp
- /data/data/####/905389615
- /data/data/####/937065445c5b1a6259768e5fdd2b5741d0aadf53693630c....0.tmp
- /data/data/####/a240554fed0a136c34ce5fdcfd97f1f8c470351c7cd1035....0.tmp
- /data/data/####/a3719782f1d7f8927ab22d331ae730a2007ee02d9e59b0e....0.tmp
- /data/data/####/ad40bdd3dbe598b6cb3e547e814dd9626ce20ba1a7de2aa....0.tmp
- /data/data/####/ae1ad0843830383c6a416f4ba4f2b8599d3f36cef9166c7....0.tmp
- /data/data/####/bugly_db_legu-journal
- /data/data/####/columnId.xml
- /data/data/####/com.iflytek.id.xml
- /data/data/####/com.iflytek.msc.xml
- /data/data/####/d9fdcd3f4875272352139e97b6b6cca27cbeffdc63b2660....0.tmp
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/db_founder26118
- /data/data/####/db_founder26118-journal
- /data/data/####/def4012dd80909a85b9e0edcaf5d7f95a7ada7c301f872c....0.tmp
- /data/data/####/e0eb5d857e952735c49e3c3c2b9a294d20a5e8385832a4f....0.tmp
- /data/data/####/f3e811d5a5dbdedfe250c13671eae10dab265824533af5c....0.tmp
- /data/data/####/fdd85ca75e4d1ae0f3ba987be64191b6d7aee783dfaeeb7....0.tmp
- /data/data/####/fontSytleMsg.xml
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/ifly_launch_lib.xml
- /data/data/####/iflytek_state_com.jiningdaily.product.xml
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal.tmp
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.8.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/mix.dex
- /data/data/####/mobclick_agent_cached_com.jiningdaily.product
- /data/data/####/mobclick_agent_header_com.jiningdaily.product.xml
- /data/data/####/mobclick_agent_state_com.jiningdaily.product.xml
- /data/data/####/multidex.version.xml
- /data/data/####/my_database.db-journal
- /data/data/####/native_record_lock
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/reader.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/subscribeColumnId.xml
- /data/data/####/tdata_Soq141
- /data/data/####/tdata_Soq141.jar
- /data/data/####/tdata_ntt510
- /data/data/####/tdata_ntt510.jar
- /data/data/####/weatherSp.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.2F6E2C5B63F0F83B
- /data/media/####/.cuid
- /data/media/####/app.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.jiningdaily.product.bin
- /data/media/####/com.jiningdaily.product.db
- /data/media/####/iflyworkdir_test
- /data/media/####/tdata_Soq141
- /data/media/####/tdata_ntt510
- /data/media/####/test.log
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.founder.product.push.MyGetuiService 25350 300 0
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.8.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- Bugly
- RSSupportIO
- getuiext2
- libnfix
- librsjni
- libshella-2.8
- libufix
- msc
- nfix
- ufix
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-GCM-NoPadding