Technical information
- Android.Backdoor.613.origin
- Android.Triada.236.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) 1####.159.152.136:8090
- TCP(HTTP/1.1) i####.cn.com:80
- TCP(HTTP/1.1) www.a.sh####.com:80
- TCP(HTTP/1.1) sh.wagbr####.alibaba####.com:80
- TCP(HTTP/1.1) pg.x####.com:80
- TCP(HTTP/1.1) sdk.hzzr####.com:80
- TCP(HTTP/1.1) s####.hzzr####.com:80
- TCP(HTTP/1.1) dev.pu####.com:80
- TCP(HTTP/1.1) 1####.159.180.48:8090
- TCP(HTTP/1.1) 1####.27.154.102:1234
- TCP(HTTP/1.1) 1####.77.209.125:8080
- TCP(HTTP/1.1) www.w####.com:80
- TCP(HTTP/1.1) www.talking####.com:80
- TCP(HTTP/1.1) p1.i####.cc:80
- TCP(HTTP/1.1) f####.disp####.spcd####.com:80
- TCP(HTTP/1.1) 1####.129.132.111:8001
- TCP(HTTP/1.1) pay.9####.com:9000
- TCP(HTTP/1.1) s####.ha####.com:9999
- TCP(HTTP/1.1) up.y####.com:80
- TCP(HTTP/1.1) 1####.159.103.205:8090
- TCP(HTTP/1.1) sdk.qipa####.cn:8088
- TCP(HTTP/1.1) v####.api.eeric####.com:80
- TCP(HTTP/1.1) jx####.ha####.com:9999
- TCP(HTTP/1.1) gs.a.s####.com:80
- TCP(TLS/1.0) ga.x####.com:443
- dev.pu####.com
- ga.x####.com
- game-12####.f####.myqc####.com
- i####.cn.com
- jx####.ha####.com
- l####.i####.cc
- p1.i####.cc
- pay.9####.com
- pg.x####.com
- s####.ha####.com
- s####.hzzr####.com
- sdk.hzzr####.com
- sdk.qipa####.cn
- up.y####.com
- v####.api.eeric####.com
- www.b####.com
- www.s####.com
- www.talking####.com
- www.u####.com
- www.w####.com
- f####.disp####.spcd####.com/c.rmvb
- gs.a.s####.com/
- i####.cn.com/a/3cff577985556567209c8fa8131303f63
- jx####.ha####.com:9999/page/getPageContent.do?IMSI=####&V=####&imei=####...
- pay.9####.com:9000/versionpatch?updVersion=####&crc32=####&version=####&...
- s####.ha####.com:9999/log/stat.do?i=####&v=####&c=####&av=####&dm=####&t...
- s####.hzzr####.com/SdkNotity.aspx?i=####&v=####&c=####&av=####&dm=####&t...
- sdk.hzzr####.com/getconfig.aspx
- sdk.hzzr####.com/getjar.aspx?pno=####
- sdk.hzzr####.com/versioncheck.aspx
- sh.wagbr####.alibaba####.com/
- up.y####.com/version/35/patch/astep_A_J_3.0.0_35.apk_33_patch.apk
- www.a.sh####.com/
- www.talking####.com/
- www.w####.com/
- dev.pu####.com/mvc/network/get_info.do
- p1.i####.cc/index.php/MC/HB
- p1.i####.cc/index.php/MC/LP
- p1.i####.cc/index.php/MC/RP
- pg.x####.com/api/q/a/3cff577985556567209c8fa8131303f63
- sdk.qipa####.cn:8088/a.do
- v####.api.eeric####.com/api/payment/mobileInit.html
- v####.api.eeric####.com/api/payment/updateinit_v2
- <Package Folder>/app_wyzf_plg/5.3.0.jar
- <Package Folder>/databases/####/cc.db
- <Package Folder>/databases/####/cc.db-journal
- <Package Folder>/databases/.fb
- <Package Folder>/databases/.fb-journal
- <Package Folder>/databases/347781996620052-journal
- <Package Folder>/databases/mpush_game.db-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/wochi_v4.db
- <Package Folder>/databases/wochi_v4.db-journal
- <Package Folder>/files/####/config.ini
- <Package Folder>/files/####/dERlZG
- <Package Folder>/files/####/game.jar
- <Package Folder>/files/####/gd-sdk-a_j_3.0.0-33-release_lang.so
- <Package Folder>/files/####/libyunsvc
- <Package Folder>/files/####/logo.jpg
- <Package Folder>/files/####/res.bin
- <Package Folder>/files/Plugin2.apk
- <Package Folder>/files/cp_block_201.dat
- <Package Folder>/files/game.so
- <Package Folder>/files/libyunsvc
- <Package Folder>/files/mantle.mantle
- <Package Folder>/files/mantle.mantle.zip
- <Package Folder>/files/md.tmp
- <Package Folder>/files/mobclick_agent_cached_<Package>44
- <Package Folder>/files/mpush_gateway_preferences_file
- <Package Folder>/files/mpush_version_preferences_file
- <Package Folder>/files/plugin.jar
- <Package Folder>/files/retry1
- <Package Folder>/files/second_block_201.dat
- <Package Folder>/files/yl_plugin.apk
- <Package Folder>/shared_prefs/3cff577985556567209c8fa8131303f63...le.xml
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/LANG_SDK_PREF.xml
- <Package Folder>/shared_prefs/TD_app_pefercen_profile.xml
- <Package Folder>/shared_prefs/abc.xml
- <Package Folder>/shared_prefs/dbinfo.xml
- <Package Folder>/shared_prefs/org.xml
- <Package Folder>/shared_prefs/p2j5x0m0v2q6e6a98911n867b7m4f3.xml
- <Package Folder>/shared_prefs/pref_file.xml
- <Package Folder>/shared_prefs/pz_sharedpre_cmreaderlogininfo.xml
- <Package Folder>/shared_prefs/runtimeConfig.xml
- <Package Folder>/shared_prefs/service.xml
- <Package Folder>/shared_prefs/shareyuanlangfirst.xml
- <Package Folder>/shared_prefs/sp_name_configcom.sdk.wyzf.plugin...il.xml
- <Package Folder>/shared_prefs/td_pefercen_profile.xml
- <Package Folder>/shared_prefs/tdid.xml
- <Package Folder>/shared_prefs/umeng_general_config.xml
- <Package Folder>/shared_prefs/wyzf_configcom.sdk.wyzf.plugin.ut...il.xml
- <Package Folder>/shared_prefs/wyzf_configcom.sdk.wyzf.util.f.xml
- <Package Folder>/shared_prefs/wyzf_configcom.sdk.wyzf.util.f.xml.bak
- <Package Folder>/shared_prefs/yunchao_sp.xml
- <SD-Card>/.tcookieid
- <SD-Card>/Android/####/pkg.dat
- <SD-Card>/Android/####/pkg.tmp
- <SD-Card>/Android/####/uu.dat
- <SD-Card>/close.png
- <SD-Card>/exit
- <SD-Card>/qin_yuanlang/yl_plugin.apk_33_35
- <SD-Card>/qin_yuanlang/yl_plugin.apk_35
- cat /proc/cpuinfo
- chmod 755 <Package Folder>/files/libyunsvc
- getprop
- ls -l /system/bin/su
- service list
- sh
- bsjni
- game
- AES-CBC-PKCS5Padding
- DES
- DES-CBC-PKCS5Padding
- AES-CBC-PKCS5Padding
- DES
- DES-CBC-PKCS5Padding
- DESede