Technical information
- Android.Spy.2440
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) beacon####.aliy####.com:80
- TCP(HTTP/1.1) api.t####.cn:80
- TCP(HTTP/1.1) 2####.107.1.2:80
- TCP(HTTP/1.1) norma-e####.m####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) 2####.107.1.1:80
- TCP(HTTP/1.1) sf3-ttc####.ps####.com:80
- TCP(HTTP/1.1) f####.t####.cn:80
- TCP(HTTP/1.1) f####.fengkon####.com:80
- TCP(TLS/1.0) ssl.gst####.com:443
- TCP(TLS/1.0) googl####.g.doublec####.net:443
- TCP(TLS/1.0) dualsta####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) ada####.m.ta####.com:443
- TCP(TLS/1.0) www.go####.com:443
- TCP(TLS/1.0) sf3-ttc####.ps####.com:443
- TCP(TLS/1.0) www.gst####.com:443
- TCP(TLS/1.0) 2####.107.1.97:443
- TCP(TLS/1.0) adser####.go####.nl:443
- TCP(TLS/1.0) api.t####.cn:443
- TCP(TLS/1.0) sh.wagbr####.ta####.com:443
- TCP(TLS/1.0) fp.fraudme####.cn:443
- TCP(TLS/1.0) www.go####.nl:443
- TCP(TLS/1.0) adser####.go####.com:443
- a####.man.aliy####.com
- ada####.ut.ta####.com
- adas####.ut.ta####.com
- adser####.go####.com
- adser####.go####.nl
- and####.b####.qq.com
- api.t####.cn
- beacon####.aliy####.com
- f####.fengkon####.com
- f####.t####.cn
- fp.fraudme####.cn
- googl####.g.doublec####.net
- is.sn####.com
- log.sn####.com
- norma-e####.m####.com
- s####.t####.cn
- sf3-ttc####.ps####.com
- ssl.gst####.com
- u####.u####.com
- www.go####.com
- www.go####.nl
- www.gst####.com
- f####.t####.cn/account/avatar/id/56488027/sz/228
- f####.t####.cn/account/avatar/id/56488689/sz/228
- f####.t####.cn/account/avatar/id/56491091/sz/228
- f####.t####.cn/account/avatar/id/56492147/sz/228
- f####.t####.cn/account/avatar/id/56551418/sz/228
- f####.t####.cn/account/avatar/id/56551457/sz/228
- f####.t####.cn/account/avatar/id/56551474/sz/228
- f####.t####.cn/account/avatar/id/57265503/sz/228
- f####.t####.cn/img/frame/id/57328842?w=####&delogo=####
- f####.t####.cn/img/frame/id/57329117?w=####&delogo=####
- f####.t####.cn/img/frame/id/57329296?w=####&delogo=####
- f####.t####.cn/img/frame/id/57329867?w=####&delogo=####
- f####.t####.cn/img/frame/id/57331366?w=####&delogo=####
- f####.t####.cn/img/webp/id/57259163/sz/360
- f####.t####.cn/img/webp/id/57264484/sz/360
- f####.t####.cn/img/webp/id/57281989/sz/360
- f####.t####.cn/img/webp/id/57285600/sz/360
- f####.t####.cn/img/webp/id/57398568/sz/360
- f####.t####.cn/img/webp/id/57540378/sz/360
- norma-e####.m####.com/android/exchange/getpublickey.do
- and####.b####.qq.com/rqd/async?aid=####
- api.t####.cn/stat/action?sign=####
- api.t####.cn/stat/report_user_info?sign=####
- api.t####.cn/stat/save_device_info?sign=####
- beacon####.aliy####.com/beacon/fetch/config/byappkey
- f####.fengkon####.com/v3/cloudconf
- f####.fengkon####.com/v3/profile/android
- norma-e####.m####.com/push/android/external/add.do
- sf3-ttc####.ps####.com/service/2/app_log_exception/?openudid=####&versio...
- /data/data/####/-1127729055-1266689676
- /data/data/####/-5998622401067643521
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.td-3
- /data/data/####/.tdck
- /data/data/####/1002
- /data/data/####/1004
- /data/data/####/1021689741840853517
- /data/data/####/1565785935245
- /data/data/####/1565785935252
- /data/data/####/1565785945429
- /data/data/####/1565785945927
- /data/data/####/1565785957576
- /data/data/####/1565785957670
- /data/data/####/1565785957753
- /data/data/####/1565785957825
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/Did.xml
- /data/data/####/MultiDex.lock
- /data/data/####/UTCommon.xml
- /data/data/####/UUDid.xml
- /data/data/####/a==7.5.3&&2.3.0_1565785900361_envelope.log
- /data/data/####/ad_cfg.xml
- /data/data/####/ap.Lock
- /data/data/####/app_crash_copy.xml
- /data/data/####/app_duration.xml
- /data/data/####/bugly_db_-journal
- /data/data/####/com.f.a.c.xml
- /data/data/####/com.shumei.xml
- /data/data/####/com.tiantiankan.video.BETA_VALUES.xml
- /data/data/####/com.tiantiankan.video_preferences.xml
- /data/data/####/com.x.y.1.xml
- /data/data/####/com.x.y.2.xml
- /data/data/####/com_alibaba_aliyun_crash_defend_sdk_info
- /data/data/####/common.xml
- /data/data/####/crashrecord.xml
- /data/data/####/downloader.db-journal
- /data/data/####/dso_deps
- /data/data/####/dso_lock
- /data/data/####/dso_manifest
- /data/data/####/dso_state
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/fc_times.xml
- /data/data/####/fm_shared.xml
- /data/data/####/httpdns_config_cache.xml
- /data/data/####/libjiagu631520780.so
- /data/data/####/local_crash_lock
- /data/data/####/message.db
- /data/data/####/multidex.version.xml
- /data/data/####/mz_push_preference.xml
- /data/data/####/native_record_lock
- /data/data/####/push_permission.xml
- /data/data/####/qihoo_jiagu_crash_report.xml
- /data/data/####/security_info
- /data/data/####/smartdns.dat
- /data/data/####/splash_config.json
- /data/data/####/tracker.db-journal
- /data/data/####/tt_sdk_settings.xml
- /data/data/####/ttk.mmap2
- /data/data/####/ttopenadsdk.xml
- /data/data/####/ttopensdk.db-journal
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/ut.db
- /data/data/####/ut.db-journal
- /data/data/####/webview.db-journal
- /data/data/####/zuiyou.db
- /data/media/####/.nomedia
- /data/media/####/.td-3
- /data/media/####/.tdck
- /data/media/####/.thumbcache_idx0
- /data/media/####/1Df36K6o0iC7ZGs3aQjApaDAcwo.-1296146774.tmp
- /data/media/####/1qiCRFUfs5kepolkV2M2kumRVnc.1886002482.tmp
- /data/media/####/2019-08-14.log.txt
- /data/media/####/3zzjFO83aIa2gvsKSxoyfceoLM8.-1194446294.tmp
- /data/media/####/794fdbff1104beadba13f6f4859917af.tmp
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/QfuK48RbruybqoSuoC41UCV5upM.1886002482.tmp
- /data/media/####/RnuXvb384XqwJrDGjljdwJFaiDs.-852898239.tmp
- /data/media/####/So100sKUSlp9QnSBgMCBuIAEMpI.1886002482.tmp
- /data/media/####/XUgQ6IsurFiE87FBjTewofHfRg8.-852898239.tmp
- /data/media/####/ccb79b34a97b88769173a6d24b216637.tmp
- /data/media/####/ccb79b34a97b88769173a6d24b216637.tmp (deleted)
- /data/media/####/shumei.txt
- /data/media/####/temp_pkg_info.json
- /data/media/####/ttk.conf
- /data/media/####/ttk_20190814.xlog
- /data/media/####/vMEEg3GUSrCyOw7h8z3GcIS0ls0.-852898239.tmp
- /data/media/####/wDZSybI30zPfzggNwdLg8S71tEg.1886002482.tmp
- /system/bin/sh -c getprop
- cat /proc/self/cgroup
- getprop
- getprop net.dns1
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.letv.release.version
- getprop ro.miui.ui.version.code
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.vivo.os.version
- logcat -d -v threadtime
- ps
- sh
- which su
- Bugly
- imagepipeline
- libimagepipeline
- libjiagu631520780
- libnative-filters
- marsxlog
- net_crypto
- smsdk
- stlport_shared
- tongdun
- ut_c_api
- wcdb
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- DES-ECB-NoPadding