Technical information
- Adware.Mobby.4.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) www.z####.com:80
- TCP(HTTP/1.1) o####.map.b####.com:80
- TCP(HTTP/1.1) img.z####.com:80
- TCP(HTTP/1.1) c.d####.mob.com:80
- TCP(HTTP/1.1) api.s####.mob.com:80
- TCP(HTTP/1.1) up####.sdk.jig####.cn:80
- TCP(HTTP/1.1) d####.d####.mob.com:80
- TCP(HTTP/1.1) a####.exc.mob.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) aliyun-####.al####.com:80
- TCP(HTTP/1.1) m.d####.mob.com:80
- TCP(HTTP/1.1) 1####.205.160.63:80
- TCP(HTTP/1.1) 1####.205.163.87:80
- TCP(HTTP/1.1) loc.map.b####.com:80
- TCP(HTTP/1.1) cgi.con####.qq.com:80
- TCP(HTTP/1.1) a####.a####.m.####.com:80
- TCP(TLS/1.0) sh.wagbr####.ta####.com:443
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) s####.j####.cn:443
- TCP(TLS/1.0) ada####.ut.ta####.com:443
- TCP 1####.121.49.103:7003
- TCP acs4pu####.m.ta####.com:443
- TCP accscdn####.m.ta####.com:80
- UDP s.j####.cn:19000
- a####.exc.mob.com
- a####.m.ta####.com
- accscdn####.m.ta####.com
- acs4pu####.m.ta####.com
- ada####.ut.ta####.com
- adas####.ut.ta####.com
- ag####.m.ta####.com
- and####.b####.qq.com
- api.map.b####.com
- api.s####.mob.com
- c.d####.mob.com
- cgi.con####.qq.com
- d####.d####.mob.com
- img.z####.com
- loc.map.b####.com
- m.d####.mob.com
- mpush####.al####.com
- o####.map.b####.com
- s####.j####.cn
- s.j####.cn
- up####.sdk.jig####.cn
- www.z####.com
- cgi.con####.qq.com/qqconnectopen/openapi/policy_conf?sdkv=####&appid=###...
- img.z####.com/UploadFolder/2017-12-08/2017120814461280718664.png
- img.z####.com/cache!220x147/UploadFolder/2017-10-26/20171026154744549263...
- img.z####.com/cache!220x147/UploadFolder/2017-10-26/20171026155149457089...
- img.z####.com/cache!220x147/UploadFolder/2017-11-23/20171123173140833228...
- img.z####.com/cache!220x147/UploadFolder/2017-11-23/20171123174738906653...
- img.z####.com/cache!220x147/UploadFolder/2017-11-23/20171123175335510410...
- img.z####.com/cache!220x147/UploadFolder/2017-12-06/20171206140232594284...
- img.z####.com/cache!220x147/UploadFolder/2017-12-06/20171206140512692884...
- img.z####.com/cache!220x147/UploadFolder/2017-12-06/20171206140607116628...
- img.z####.com/cache!220x147/UploadFolder/2017-12-06/20171206140647149890...
- img.z####.com/cache!220x147/UploadFolder/2017-12-06/20171206140732149818...
- img.z####.com/cache!220x147/UploadFolder/2017-12-06/20171206141324512245...
- img.z####.com/cache!220x147/UploadFolder/2017-12-07/20171207152011203626...
- m.d####.mob.com/v4/cconf?appkey=####&plat=####&apppkg=####&appver=####&n...
- www.z####.com/AppWebService.asmx/get_anipiggyrecommendlist?Page=####&use...
- www.z####.com/AppWebService.asmx/get_appcorrelationimage_lsit?obj_typeva...
- www.z####.com/AppWebService.asmx/get_bbsinvitation_list?Page=####&cid=####
- www.z####.com/AppWebService.asmx/get_bbsplate_id?keyvalue=####
- www.z####.com/AppWebService.asmx/get_systemrelated_value?obj_typevalue=#...
- www.z####.com/AppWebService.asmx/getproducttypelist?catevalue=####&title...
- a####.a####.m.####.com/amdc/mobileDispatch?appkey=####&deviceId=####&pla...
- a####.exc.mob.com/errconf
- aliyun-####.al####.com/config
- and####.b####.qq.com/rqd/async
- and####.b####.qq.com/rqd/async?aid=####
- api.s####.mob.com/conf5
- api.s####.mob.com/conn
- api.s####.mob.com/log4
- api.s####.mob.com/snsconf
- c.d####.mob.com/v3/cdata
- d####.d####.mob.com/dinfo
- d####.d####.mob.com/dsign
- loc.map.b####.com/sdk.php
- o####.map.b####.com/offline_loc
- up####.sdk.jig####.cn/v1/push/sdk/postlist
- <Package Folder>/app_crashrecord/1002
- <Package Folder>/app_crashrecord/1004
- <Package Folder>/cache/####/08323f5302f16270f7707fe4c941c319488....0.tmp
- <Package Folder>/cache/####/3aae156e9af92afc95321a0a6fb8bd61b86....0.tmp
- <Package Folder>/cache/####/404fda2821804e4bdf62ea7dc3ef8b04c3a....0.tmp
- <Package Folder>/cache/####/498a7cffbc53966d31f38f759daf5d8f1f1....0.tmp
- <Package Folder>/cache/####/5de2986cd42aa4e4c7eeea716df71fc2eeb....0.tmp
- <Package Folder>/cache/####/720676bbabc5c471b9427f2284a9435b5b5....0.tmp
- <Package Folder>/cache/####/729d6cae2ec7b1a081f8dfc1349f76bbb1c....0.tmp
- <Package Folder>/cache/####/894b7321eed31ee9a0568531b6ea873e9a1....0.tmp
- <Package Folder>/cache/####/9198290f64048c3e021ae04556b2dd1c203....0.tmp
- <Package Folder>/cache/####/93e05718c402e01750c34a70077fff35830....0.tmp
- <Package Folder>/cache/####/a14e3bb67a785bed085ce0324c7bf55ed7e....0.tmp
- <Package Folder>/cache/####/c32d42277ef54f3e333510590953cae1d04....0.tmp
- <Package Folder>/cache/####/c6b182527730f460dcee33666620b0eb423....0.tmp
- <Package Folder>/cache/####/cbbdef965e8559c4bfe00330d48ac13504b....0.tmp
- <Package Folder>/cache/####/d7616201bce5001c2db52e79616a6d1e484....0.tmp
- <Package Folder>/cache/####/dffa1fd83c5825719b5872792a22bb767c7....0.tmp
- <Package Folder>/cache/####/e074af4d2068b6d6c2d620462a359cd7433....0.tmp
- <Package Folder>/cache/####/journal.tmp
- <Package Folder>/databases/Application.db-journal
- <Package Folder>/databases/ThrowalbeLog.db-journal
- <Package Folder>/databases/accs.db-journal
- <Package Folder>/databases/bugly_db_-journal
- <Package Folder>/databases/bugly_db_legu-journal
- <Package Folder>/databases/jpush_statistics.db
- <Package Folder>/databases/jpush_statistics.db-journal
- <Package Folder>/databases/jpush_statistics.db-shm (deleted)
- <Package Folder>/databases/jpush_statistics.db-wal
- <Package Folder>/databases/message_accs_db
- <Package Folder>/databases/message_accs_db-journal
- <Package Folder>/databases/sharesdk.db-journal
- <Package Folder>/databases/ut.db
- <Package Folder>/databases/ut.db-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/databases/webviewCookiesChromiumPrivate.db-journal
- <Package Folder>/eudemon
- <Package Folder>/files/####/.mrlock
- <Package Folder>/files/####/firll.dat
- <Package Folder>/files/####/gal.db
- <Package Folder>/files/####/gal.db-journal
- <Package Folder>/files/####/hst.db
- <Package Folder>/files/####/hst.db-journal
- <Package Folder>/files/####/mob_commons_1
- <Package Folder>/files/####/mob_sdk_exception_1
- <Package Folder>/files/####/ofl.config
- <Package Folder>/files/####/ofl_location.db
- <Package Folder>/files/####/ofl_location.db-journal
- <Package Folder>/files/####/ofl_statistics.db
- <Package Folder>/files/####/ofl_statistics.db-journal
- <Package Folder>/files/####/share_sdk_1
- <Package Folder>/files/.lock
- <Package Folder>/files/.mrecord
- <Package Folder>/files/.statistics
- <Package Folder>/files/DaemonServer
- <Package Folder>/files/agoo.pid
- <Package Folder>/files/ap.Lock
- <Package Folder>/files/appPackageNames
- <Package Folder>/files/com.tencent.open.config.json.101367152
- <Package Folder>/files/jpush_stat_cache.json
- <Package Folder>/files/jpush_stat_cache_history.json
- <Package Folder>/files/libcuid.so
- <Package Folder>/files/local_crash_lock
- <Package Folder>/files/native_record_lock
- <Package Folder>/files/security_info
- <Package Folder>/mix.dex
- <Package Folder>/shared_prefs/<Package>.BETA_VALUES.xml
- <Package Folder>/shared_prefs/<Package>.BETA_VALUES.xml.bak
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/ACCS_BIND24662023.xml
- <Package Folder>/shared_prefs/ACCS_SDK.xml
- <Package Folder>/shared_prefs/ACCS_SDK_CHANNEL.xml
- <Package Folder>/shared_prefs/AGOO_BIND.xml
- <Package Folder>/shared_prefs/Agoo_AppStore.xml
- <Package Folder>/shared_prefs/Alvin2.xml
- <Package Folder>/shared_prefs/BUGLY_COMMON_VALUES.xml
- <Package Folder>/shared_prefs/ContextData.xml
- <Package Folder>/shared_prefs/JPushSA_Config.xml
- <Package Folder>/shared_prefs/UTCommon.xml
- <Package Folder>/shared_prefs/authStatus_<Package>;remote.xml
- <Package Folder>/shared_prefs/cn.jmessage.preferences.xml
- <Package Folder>/shared_prefs/cn.jpush.android.user.profile.xml
- <Package Folder>/shared_prefs/cn.jpush.preferences.v2.rid.xml
- <Package Folder>/shared_prefs/cn.jpush.preferences.v2.xml
- <Package Folder>/shared_prefs/crashrecord.xml
- <Package Folder>/shared_prefs/jpush_device_info.xml
- <Package Folder>/shared_prefs/multidex.version.xml
- <Package Folder>/shared_prefs/spUtils.xml
- <Package Folder>/tx_shell/libnfix.so
- <Package Folder>/tx_shell/libshella-2.10.7.1.so
- <Package Folder>/tx_shell/libufix.so
- <SD-Card>/.DataStorage/ContextData.xml
- <SD-Card>/.UTSystemConfig/####/Alvin2.xml
- <SD-Card>/<Package>/.nomedia
- <SD-Card>/Android/####/.nomedia
- <SD-Card>/Android/####/20c60f5a5f75437ab8bb2d31b3b0949e
- <SD-Card>/Android/####/4c829137c3fb40188302ab7b7caccdeb
- <SD-Card>/Android/####/e27f6b825d7b4902a14d2665533f061b
- <SD-Card>/Android/####/ebf33ff6ac734dbd80e3e06a95352bf7
- <SD-Card>/Mob/####/.al
- <SD-Card>/Mob/####/.artc_lock
- <SD-Card>/Mob/####/.dh-journal
- <SD-Card>/Mob/####/.dhlock
- <SD-Card>/Mob/####/.di
- <SD-Card>/Mob/####/.dic_lock
- <SD-Card>/Mob/####/.duid
- <SD-Card>/Mob/####/.globalLock
- <SD-Card>/Mob/####/.mps
- <SD-Card>/Mob/####/.nulal
- <SD-Card>/Mob/####/.nulplt
- <SD-Card>/Mob/####/.pkg_lock
- <SD-Card>/Mob/####/.plst
- <SD-Card>/Mob/####/.rcTag
- <SD-Card>/Mob/####/.rc_lock
- <SD-Card>/Mob/.iew
- <SD-Card>/Mob/.slw
- <SD-Card>/backups/####/.cuid
- <SD-Card>/backups/####/.cuid2
- <SD-Card>/baidu/####/conlts.dat
- <SD-Card>/baidu/####/ls.db
- <SD-Card>/baidu/####/ls.db-journal
- <SD-Card>/baidu/####/yoh.dat
- <SD-Card>/baidu/####/yol.dat
- <SD-Card>/baidu/####/yom.dat
- <SD-Card>/data/.push_deviceid
- /system/bin/sh -c getprop
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/DaemonServer -s <Package Folder>/lib/ -n runServer -p startservice -n <Package>/com.taobao.accs.ChannelService --user 0 -f <Package Folder> -t 600 -c agoo.pid -P <Package Folder> -K 1009527 -U tb_accs_eudemon_1.1.3 -L http://agoodm.m.taobao.com/agoo/report -D {"package":"<Package>","appKey":"24662023","utdid":"Wg19Sj5Y/WoDAGdzx1Evf7VD","sdkVersion":"221"} -I agoodm.m.taobao.com -O 80 -T -Z
- app_process /system/bin com.android.commands.pm.Pm list packages
- chmod 500 <Package Folder>/files/DaemonServer
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.10.7.1.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- grep -E -v root|shell|system
- logcat -d -v threadtime
- pm list packages
- sh
- top -d 0 -n 1
- Bugly
- Motu
- jcore118
- libnfix
- libshella-2.10.7.1
- libufix
- locSDK7a
- neh
- nfix
- tnet-3.1
- ufix
- ut_c_api
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-ECB-NoPadding
- AES-GCM-NoPadding