Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) q####.c####.l####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) sdk-ope####.g####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) cdn-sdk####.g####.com.####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) hd.a####.com:443
- TCP(TLS/1.0) o####.map.b####.com:443
- TCP(TLS/1.0) loc.map.b####.com:443
- TCP(TLS/1.0) www.51j####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP cm-1####.ig####.com:5226
- TCP cm-1####.ig####.com:5225
- 7j####.c####.z0.####.com
- a####.u####.com
- api.map.b####.com
- c-h####.g####.com
- cdn-sdk####.g####.com
- cm-1####.ig####.com
- cm-1####.ig####.com
- cm-1####.ig####.com
- collec####.51j####.com
- l####.tbs.qq.com
- loc.map.b####.com
- o####.map.b####.com
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- st####.51j####.com
- www.51j####.com
- cdn-sdk####.g####.com.####.com/tdata_EDB102
- cdn-sdk####.g####.com.####.com/tdata_SIq813
- cdn-sdk####.g####.com.####.com/tdata_agG322
- cdn-sdk####.g####.com.####.com/tdata_xEA084
- q####.c####.l####.####.com/config/hz-hzv6.conf
- q####.c####.l####.####.com/tdata_LRe817
- sdk.o####.p####.####.com/api/addr.htm
- a####.u####.com/app_logs
- c-h####.g####.com/api.php?format=####&t=####
- l####.tbs.qq.com/ajax?c=####&k=####
- sdk-ope####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####&d=####&k=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####&d=####&k=####
- /data/anr/traces.txt
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/9c10ac2e616d
- /data/data/####/MultiDex.lock
- /data/data/####/access_control.control.mx
- /data/data/####/access_control.write.mx
- /data/data/####/authStatus_com.jinke.finance.xml
- /data/data/####/authStatus_com.jinke.finance;remote.xml
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/core_info
- /data/data/####/default.realm
- /data/data/####/default.realm.lock
- /data/data/####/download_upload
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/firll.dat
- /data/data/####/gal.db
- /data/data/####/gal.db-journal
- /data/data/####/gdaemon_20161017
- /data/data/####/geofencing.db
- /data/data/####/geofencing.db-journal
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/gx_sp.xml
- /data/data/####/hst.db
- /data/data/####/hst.db-journal
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/jinke.xml
- /data/data/####/libcuid.so
- /data/data/####/libjiagu635904408.so
- /data/data/####/mipush_extra.xml
- /data/data/####/mipush_region
- /data/data/####/mipush_region.lock
- /data/data/####/multidex.version.xml
- /data/data/####/ofl.config
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_config.xml.bak
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbs_pv_config
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/tdata_SIq813
- /data/data/####/tdata_SIq813.jar
- /data/data/####/tdata_agG322
- /data/data/####/tdata_agG322.jar
- /data/data/####/tdata_xEA084
- /data/data/####/tdata_xEA084.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.nomedia
- /data/media/####/02d8adc4da6502b5017e0eaed42f9e1d6db8d6d3802da7....0.tmp
- /data/media/####/05028eb6ff268a8aad7d6d391839bd60bd32c5c11fab62....0.tmp
- /data/media/####/16add887973dedba1a481f12f35d11aa4522fe6136645e....0.tmp
- /data/media/####/18ff0bcb46bf6e681e46242711c65f65275ec8bbf54b44....0.tmp
- /data/media/####/1b1e4d6b936efbd26a9711e5a234061a.0.tmp
- /data/media/####/1b1e4d6b936efbd26a9711e5a234061a.1.tmp
- /data/media/####/240e8490e8ca2e74c3a216ce944a1536.0.tmp
- /data/media/####/240e8490e8ca2e74c3a216ce944a1536.1.tmp
- /data/media/####/25b3f1c5f2bb7a8c6dd7381e0411c09c107cd7254d347c....0.tmp
- /data/media/####/268be230b9bbe32fcc800332072c9de805527c6f68adb6....0.tmp
- /data/media/####/2978b1e25dc3cc2652f58060dda9f931aa7faf819d20b9....0.tmp
- /data/media/####/2c57a01dee08c6b953a4a316c1bcbe270643963e0a0439....0.tmp
- /data/media/####/366d57cc583567e8ac3e4e4dd0a4c362.0.tmp
- /data/media/####/366d57cc583567e8ac3e4e4dd0a4c362.1.tmp
- /data/media/####/3894738abfc5b00b73345699f319e4bc.0.tmp
- /data/media/####/3894738abfc5b00b73345699f319e4bc.1.tmp
- /data/media/####/445faeab6360e9127f2ff48c5d70b3f92c1e2890a7a066....0.tmp
- /data/media/####/455ea4a7d51cb5d5e0358c728d31fbabab6b2010af4d42....0.tmp
- /data/media/####/456908b2a361dd8d81e9371f9f7a280a6f7cbd247ee0de....0.tmp
- /data/media/####/47682b3702bac829570f9558f9731c3752919327364b39....0.tmp
- /data/media/####/477266b700c892fcab0d6978150ce5dd.0.tmp
- /data/media/####/477266b700c892fcab0d6978150ce5dd.1.tmp
- /data/media/####/4a383d6c8b829c583c6b4204612c50a0.0.tmp
- /data/media/####/4a383d6c8b829c583c6b4204612c50a0.1.tmp
- /data/media/####/4a558e3b630378969343430cb1fb3732d7943218ccdf12....0.tmp
- /data/media/####/4bc7cf7ffa224ce9e8d7ac7b6261e5b6.0.tmp
- /data/media/####/4bc7cf7ffa224ce9e8d7ac7b6261e5b6.1.tmp
- /data/media/####/52a5a47e644fb7085f9ae88599c237f579e065ce47706d....0.tmp
- /data/media/####/6e8173f581f6500fc8920ea2d7b3ad84.0.tmp
- /data/media/####/6e8173f581f6500fc8920ea2d7b3ad84.1.tmp
- /data/media/####/701a547c2620631ed48937e3782b11edf1e505ada6d96f....0.tmp
- /data/media/####/731fac1238735ee251eff778f0017bd1dcc505f80ef432....0.tmp
- /data/media/####/78c638006d127eef2d27a0ebeec4ee35.0.tmp
- /data/media/####/78c638006d127eef2d27a0ebeec4ee35.1.tmp
- /data/media/####/7e13e8d223187434c6f5fc8f366f2ea369da9d45735038....0.tmp
- /data/media/####/8571523c30b91d65636ab0ae11ab2c9fe753f852149f42....0.tmp
- /data/media/####/91a73eedcaa7afb233e2800520d45ee634ff6c25bfcaaa....0.tmp
- /data/media/####/9505c1f260f5369d51c10b8a251167c14282bf4658d4eb....0.tmp
- /data/media/####/9596d8a47e1a1dd8d3f3ef7a485078ce2f819a5d60c458....0.tmp
- /data/media/####/9dbc09e30303a701649eb4199ee29bd46c00f9a1dd2610....0.tmp
- /data/media/####/9fe07ed4d8d1445048d3f8e3800387f7450c0f5ff1c1a0....0.tmp
- /data/media/####/a07de4e348e905a036c60d7f3f46a81a23e7ab9acd1550....0.tmp
- /data/media/####/a4efc44e67b73e1819c93934c20c063d393abcdfd3bf66....0.tmp
- /data/media/####/a59ef5be99faf5d538544639f0b4e67d.0.tmp
- /data/media/####/a59ef5be99faf5d538544639f0b4e67d.1.tmp
- /data/media/####/a889645b658bff17eafa009ebeae02b9157f0ebe3ac834....0.tmp
- /data/media/####/afe093f23f61501a14c3e22b18bf8eb19d4a42cb764020....0.tmp
- /data/media/####/app.db
- /data/media/####/b03b6b3d69e7fdeb497cba5b0d15a3ad3d9a0d0280ab46....0.tmp
- /data/media/####/b41d6ebad8fec076b149b88e34b2d94a3b020f2bad0052....0.tmp
- /data/media/####/b6776ab0e9ded05d4001f200128258f6cb655802612662....0.tmp
- /data/media/####/b8f10a43610bdd04e6128b6556847d60492b02f406fe84....0.tmp
- /data/media/####/ba261daf750c79954ba5be173d8eaea5.0.tmp
- /data/media/####/ba261daf750c79954ba5be173d8eaea5.1.tmp
- /data/media/####/banner.dat
- /data/media/####/bd94a2783afaa5c6225d49c9af389ef68e558c8adb97ec....0.tmp
- /data/media/####/cc5456614dd28f4bb9665be9c8f1bb9dfeafe339d3d815....0.tmp
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.jinke.finance.bin
- /data/media/####/com.jinke.finance.db
- /data/media/####/com.tencent.mobileqq_connectSdk.19.12.09.18.log
- /data/media/####/commonUse.dat
- /data/media/####/conlts.dat
- /data/media/####/d03751aa8194a0feadc41b5bc4d5cdb51442cdf36675ce....0.tmp
- /data/media/####/d9780c359fa2e033a754e95c00a5a88920e31ee540d95a....0.tmp
- /data/media/####/dca160ae7127de7c4409f072f87465ffd7c46cd1c32471....0.tmp
- /data/media/####/e1d84bc9ebe63a167b72ef60943e8b1926e76241f62453....0.tmp
- /data/media/####/e1ecf7a44f6176d911c6444680978858.0.tmp
- /data/media/####/e1ecf7a44f6176d911c6444680978858.1.tmp
- /data/media/####/f4b326ae600798dd837605904cc9f20f9e9a823a8e7d08....0.tmp
- /data/media/####/f5f0695cab81df6fd306a13b9bedcdf1f6a6f8ec8aeea3....0.tmp
- /data/media/####/ff94bc3f93af7b3a7b91d472faa602f02513b5603a808c....0.tmp
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/home_cate_data
- /data/media/####/home_red_msg.dat
- /data/media/####/icons.dat
- /data/media/####/journal
- /data/media/####/journal.tmp
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/media/####/tbslog.txt
- /data/media/####/tdata_SIq813
- /data/media/####/tdata_agG322
- /data/media/####/tdata_xEA084
- /data/media/####/test.log
- /system/bin/cat /proc/cpuinfo
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.ernest.push.target.getui.GPushService 24664 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- getprop ro.product.cpu.abi
- mount
- sh
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.ernest.push.target.getui.GPushService 24664 300 0
- BaiduMapSDK_base_v4_5_2
- X86Bridge
- getuiext3
- libjiagu635904408
- locSDK7a
- realm-jni
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- RSA-ECB-NoPadding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding