Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) ser####.dc####.net.cn:80
- TCP(HTTP/1.1) norma-e####.m####.com:80
- TCP(HTTP/1.1) qin####.com.www.####.com:80
- TCP(HTTP/1.1) sdk-ope####.g####.com:80
- TCP(HTTP/1.1) oss.app.ew####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8012
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8011
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) app.ew####.com:443
- TCP(TLS/1.0) ser####.dc####.net.cn:443
- TCP(TLS/1.0) 2####.58.211.110:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5226
- 7j####.c####.z0.####.com
- a####.b####.qq.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- api.map.b####.com
- app.ew####.com
- c####.g####.ig####.com
- c-h####.g####.com
- norma-e####.m####.com
- oss.app.ew####.com
- pub-####.qin####.com
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- ser####.dc####.net.cn
- www.dc####.io
- norma-e####.m####.com/android/exchange/getpublickey.do
- oss.app.ew####.com/package/<Package>_2.3.6_build_635.wgt
- qin####.com.www.####.com/tdata_EDT369
- ser####.dc####.net.cn/urd.json?v=####
- t####.c####.q####.####.com/config/hz-hzv6.conf
- t####.c####.q####.####.com/tdata_Jga153
- t####.c####.q####.####.com/tdata_bca864
- t####.c####.q####.####.com/tdata_duV457
- t####.c####.q####.####.com/tdata_mSr887
- aexcep####.b####.qq.com:8011/rqd/async
- aexcep####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- c-h####.g####.com/api.php?format=####&t=####
- norma-e####.m####.com/push/android/external/add.do
- sdk-ope####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####&d=####&k=####
- /data/data/####/.imei.txt
- /data/data/####/0.ba6be03665ed7f2c63ea.js
- /data/data/####/1.a4a441aeb362a80af80f.js
- /data/data/####/1.d75759a.jpg
- /data/data/####/10.bd2c673fa591195ef96e.js
- /data/data/####/11.6106840ffd3f2b34d058.js
- /data/data/####/12.a88b132d58771f49eeda.js
- /data/data/####/13.e02b56c684bab5719aab.js
- /data/data/####/14.b8ec95a0ccb148eb2dca.js
- /data/data/####/15.bd805d50da5e5785a2b1.js
- /data/data/####/16.64d130965764b65344d1.js
- /data/data/####/17.c69ef4f957f2b55c8ac2.js
- /data/data/####/17d6a116994e
- /data/data/####/18.67bd86e05c8a437bad02.js
- /data/data/####/19.b57c4a34c177e2a55f06.js
- /data/data/####/2.4fdb4d5c2356b093d3aa.js
- /data/data/####/2.59707dc.jpg
- /data/data/####/20.f5b8dea34fe9afcf6a48.js
- /data/data/####/21.bd748556c3b24f9edf2b.js
- /data/data/####/22.056127cc6ad81f74e2a9.js
- /data/data/####/23.96b0a92b6b4e41c902dc.js
- /data/data/####/24.851903de1a1fc0e63718.js
- /data/data/####/25.fbba2618e0b9ee767b85.js
- /data/data/####/26.300c1ce0b8fdc4c4a020.js
- /data/data/####/27.25f49f47418eabe5b631.js
- /data/data/####/28.34356ad878f7de13545c.js
- /data/data/####/29.f1fb752e7d0f7f9327fd.js
- /data/data/####/3.3b9340daa2b3953819f4.js
- /data/data/####/3.470ef3a.jpg
- /data/data/####/3.65764a6f1ffd68f6b83f.js
- /data/data/####/30.b99548314888f390e756.js
- /data/data/####/31.2cdf558cb6b62f7bbdd5.js
- /data/data/####/32.9c2755e377ea29893e5a.js
- /data/data/####/33.549e38af8b21bd79f34f.js
- /data/data/####/34.bd913c95de9f0adc6149.js
- /data/data/####/35.734cf07cfa25c10035fd.js
- /data/data/####/36.03529adbb3386eba63f3.js
- /data/data/####/37.6e4cbdc010583c04bd26.js
- /data/data/####/38.0d194c43d88c6c2185ab.js
- /data/data/####/39.5d21b3f0162be0a3bbb4.js
- /data/data/####/4.1744905e5689d34f7840.js
- /data/data/####/4.30902349f09a2f405b66.js
- /data/data/####/5.46797563bb2ac6af00cd.js
- /data/data/####/6.e6b4474da62acfe65d02.js
- /data/data/####/7.6a8eb09e1febf1197d70.js
- /data/data/####/8.901df040c19299ef1016.js
- /data/data/####/9.0f5996b55ed4d6a6bd22.js
- /data/data/####/9.bbd76c2be00d952d9de5.js
- /data/data/####/MultiDex.lock
- /data/data/####/_adio.dcloud.feature.ad.a.a.xml
- /data/data/####/app.45a20fc9e074caa11850313a20e3b394.css
- /data/data/####/app.5571bfa7bc5f2f62d5cf46a9bc81af05.css
- /data/data/####/app.5bee4fd9a26d02076279.js
- /data/data/####/app.a2596c3d3a7f095b7826.js
- /data/data/####/application-active.svg
- /data/data/####/application.svg
- /data/data/####/approval.3917c2d.png
- /data/data/####/authStatus_com.ewsedu.eteacher.xml
- /data/data/####/bridge.js
- /data/data/####/bugly_db_legu-journal
- /data/data/####/class.139ecfc.png
- /data/data/####/classes.087aae7.png
- /data/data/####/classes_score.5d0dfb6.png
- /data/data/####/com.ewsedu.eteacher.xml
- /data/data/####/com.ewsedu.eteacher_download_dcloud.xml
- /data/data/####/com.ewsedu.eteacher_storages.xml
- /data/data/####/com.x.y.1.xml
- /data/data/####/com.x.y.2.xml
- /data/data/####/common.css
- /data/data/####/contact-active.svg
- /data/data/####/contact.svg
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/default.bd58853.png
- /data/data/####/edition1.1a5f5f7.jpg
- /data/data/####/eje3cnc
- /data/data/####/error.e115ced.png
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/grade.e115ced.png
- /data/data/####/gx_sp.xml
- /data/data/####/home.html
- /data/data/####/home.js
- /data/data/####/icon.png
- /data/data/####/iconfont.4afe8c7.eot
- /data/data/####/iconfont.57c8a60.svg
- /data/data/####/iconfont.a1ce529.woff
- /data/data/####/iconfont.eb28e44.ttf
- /data/data/####/imagePlaceholder.88618a6.png
- /data/data/####/index
- /data/data/####/index.html
- /data/data/####/index.js
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/launchBg.jpg
- /data/data/####/leave.d58138d.png
- /data/data/####/libcuid.so
- /data/data/####/libnfix.so
- /data/data/####/libshella-3.0.0.0.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/login-bg.62a5366.png
- /data/data/####/logo.612f6de.png
- /data/data/####/logo.png
- /data/data/####/logoTeacher.612f6de.png
- /data/data/####/logoTitle.5985d81.png
- /data/data/####/manifest.1bad37be41bc8ce7176b.js
- /data/data/####/manifest.895a63a691c28e8f1a0f.js
- /data/data/####/manifest.json
- /data/data/####/mark.3e4adea.png
- /data/data/####/message-active.svg
- /data/data/####/message.svg
- /data/data/####/mix.dex
- /data/data/####/money.249f1e0.png
- /data/data/####/monitor.f8f3fd0.png
- /data/data/####/mui.css
- /data/data/####/mui.ttf
- /data/data/####/multidex.version.xml
- /data/data/####/my-active.svg
- /data/data/####/my.svg
- /data/data/####/native_record_lock
- /data/data/####/network.5a0b10f.svg
- /data/data/####/none.054f81f.png
- /data/data/####/office.43bae7d.png
- /data/data/####/package.json
- /data/data/####/pdr.xml
- /data/data/####/plus.js
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushk.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/recipe.926fda8.png
- /data/data/####/run.pid
- /data/data/####/search.0f7fe59.svg
- /data/data/####/security_info
- /data/data/####/start.html
- /data/data/####/start_statistics_data.xml
- /data/data/####/stream_permission.xml
- /data/data/####/tdata_Jga153
- /data/data/####/tdata_Jga153.jar
- /data/data/####/tdata_bca864
- /data/data/####/tdata_bca864.jar
- /data/data/####/tdata_duV457
- /data/data/####/tdata_duV457.jar
- /data/data/####/tdata_mSr887
- /data/data/####/tdata_mSr887.jar
- /data/data/####/team.127ee61.png
- /data/data/####/test_app
- /data/data/####/vendor.bundle.js
- /data/data/####/vendor.c4dec575a3c1988234b0.js
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/data/####/work.b2f55bc.png
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.imei.txt
- /data/media/####/.nomedia
- /data/media/####/2019-04-24.log.txt
- /data/media/####/app.db
- /data/media/####/com.ewsedu.eteacher.bin
- /data/media/####/com.ewsedu.eteacher.db
- /data/media/####/com.ewsedu.eteacher_2.3.6_build_635.wgt
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/tdata_Jga153
- /data/media/####/tdata_bca864
- /data/media/####/tdata_duV457
- /data/media/####/tdata_mSr887
- /data/media/####/test.log
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.getui.plugins.DemoPushService 24897 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-3.0.0.0.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.getui.plugins.DemoPushService 24897 300 0
- BaiduMapSDK_base_v5_2_1
- Bugly
- getuiext3
- libnfix
- libshella-3.0.0.0
- libufix
- nfix
- ufix
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding