Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) t####.vpgam####.com:80
- TCP(HTTP/1.1) api.s####.mob.com:80
- TCP(HTTP/1.1) s####.tc.qq.com:80
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(HTTP/1.1) a####.exc.mob.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) webser####.vp####.com.####.net:80
- TCP(HTTP/1.1) d506####.cdn.uc####.####.cn:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) sni.c####.q####.####.net:80
- TCP(HTTP/1.1) m.vp####.com.####.net:80
- TCP(HTTP/1.1) at.al####.com:80
- TCP(HTTP/1.1) t####.vp####.com:80
- TCP(TLS/1.0) t.growi####.com:443
- TCP(TLS/1.0) at.al####.com:443
- TCP(TLS/1.0) d506####.cdn.uc####.####.cn:443
- TCP(TLS/1.0) api.vp####.com.####.net:443
- TCP(TLS/1.0) resourc####.vp####.com:443
- TCP(TLS/1.0) e.crashly####.com:443
- TCP(TLS/1.0) api.growi####.com:443
- TCP(TLS/1.0) sett####.crashly####.com:443
- TCP c####.g####.ig####.com:5224
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- a####.exc.mob.com
- api.growi####.com
- api.s####.mob.com
- api.vp####.com
- as####.growi####.com
- at.al####.com
- c####.g####.ig####.com
- c-h####.g####.com
- d####.ser####.vp####.com
- e.crashly####.com
- g.al####.com
- l####.tbs.qq.com
- m.d####.mob.com
- m.vp####.com
- pub-####.qin####.com
- r####.wx.qq.com
- reso####.vp####.com
- resourc####.vp####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- sett####.crashly####.com
- t####.vp####.com
- t####.vpgam####.com
- t.growi####.com
- webser####.vp####.com
- at.al####.com/t/font_37570_261rxxcqor9ysyvi.css
- at.al####.com/t/font_512643_gmverc5ojf8.css
- at.al####.com/t/font_512643_gmverc5ojf8.ttf?t=####
- d506####.cdn.uc####.####.cn/2.1/gio.js
- m.vp####.com.####.net/league/api/webservice/v2/match/match-battle?schedu...
- m.vp####.com.####.net/league/sso/sso/user/navinfo?t=####
- m.vp####.com.####.net/league/survey/index/11961/D001708/dota8768ef14e618...
- m.vp####.com.####.net/league/yii/social/topic/detail?league_id=####&t=####
- s####.tc.qq.com/open/js/jweixin-1.0.0.js
- sni.c####.q####.####.net/config/hz-hzv3.conf
- sni.c####.q####.####.net/tdata_YYn966
- sni.c####.q####.####.net/tdata_eOt091
- t####.c####.q####.####.com/tdata_EDT356
- t####.vp####.com/1a8dbd19.jpg
- t####.vp####.com/3002502e.jpg
- t####.vp####.com/37310d6.png
- t####.vp####.com/39bc8786e.jpg
- t####.vp####.com/47ff484.jpg
- t####.vp####.com/5187c61.jpg
- t####.vp####.com/53cf86105a0.png
- t####.vp####.com/5b1347d.jpg
- t####.vp####.com/5c12fec2cc.jpg
- t####.vp####.com/699150afd3f.jpg
- t####.vp####.com/97fd83ac.jpg
- t####.vp####.com/b895bb976.jpg
- t####.vp####.com/ba0f53ae1993485f9d67f73d7434e37.png
- t####.vp####.com/d9d3ee29.jpg
- t####.vp####.com/mleague/2.0.10/css/antd.7749aab6.css
- t####.vp####.com/mleague/2.0.10/css/style.8279d67b.css
- t####.vp####.com/mleague/2.0.10/images/ready.png
- t####.vp####.com/mleague/2.0.10/js/app.a4003713.js
- t####.vp####.com/mleague/2.0.10/js/manifest.341c6314.js
- t####.vp####.com/mleague/2.0.10/js/vendor.fbebc827.js
- t####.vpgam####.com/file/12be841f4a.jpg
- t####.vpgam####.com/file/28461eb0.jpg
- t####.vpgam####.com/file/44afdff2b07e.jpg
- webser####.vp####.com.####.net/dota2/pro/webservice/schedule/schedule-re...
- webser####.vp####.com.####.net/social/topic/detail?topic_id=####&uid=###...
- webser####.vp####.com.####.net/social/topic/list?type=####&curr_page=###...
- webser####.vp####.com.####.net/social/topic/tie_list?topic_id=####&is_ho...
- webser####.vp####.com.####.net/v2/app/global/config?uid=####&token=####
- webser####.vp####.com.####.net/v2/mobile/device/index?os_versions=####&i...
- webser####.vp####.com.####.net/v2/social/dynamic/new_counts?game_type=##...
- webser####.vp####.com.####.net/v2/social/message/count?uid=####&token=####
- a####.exc.mob.com/errconf
- a####.exc.mob.com/errlog
- api.s####.mob.com/conf5
- api.s####.mob.com/conn
- api.s####.mob.com/log4
- api.s####.mob.com/snsconf
- c-h####.g####.com/api.php?format=####&t=####
- l####.tbs.qq.com/ajax?c=####&k=####
- m.vp####.com.####.net/league/wechat/signature
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.jg.ic
- /data/data/####/.lock
- /data/data/####/.mrecord
- /data/data/####/.mrlock
- /data/data/####/.statistics
- /data/data/####/346d2bff536c6532c609356b46de0bb4.0.tmp
- /data/data/####/346d2bff536c6532c609356b46de0bb4.1.tmp
- /data/data/####/387833e17034bbff25701b7fd5f0b8e6.0.tmp
- /data/data/####/387833e17034bbff25701b7fd5f0b8e6.1.tmp
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0BeginSession.cls_temp
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0BeginSession.json
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0SessionApp.cls_temp
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0SessionApp.json
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0SessionDevice.cls_temp
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0SessionDevice.json
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0SessionOS.cls_temp
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0SessionOS.json
- /data/data/####/5B4FA6FB0002-0001-082C-480C9BACEBA0SessionUser.cls_temp
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0BeginSession.cls_temp
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0BeginSession.json
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0SessionApp.cls_temp
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0SessionApp.json
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0SessionDevice.cls_temp
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0SessionDevice.json
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0SessionOS.cls_temp
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0SessionOS.json
- /data/data/####/5B4FA6FD00A7-0001-0856-480C9BACEBA0user.meta
- /data/data/####/5c3bc21f1099a9898ea26abb20ac9144.0.tmp
- /data/data/####/5c3bc21f1099a9898ea26abb20ac9144.1.tmp
- /data/data/####/6c9cdad7f935bfc35f7e3763e3219605.0.tmp
- /data/data/####/6c9cdad7f935bfc35f7e3763e3219605.1.tmp
- /data/data/####/82d7c36bb0de27899241dd9d5b691a71.0.tmp
- /data/data/####/82d7c36bb0de27899241dd9d5b691a71.1.tmp
- /data/data/####/913cce658971
- /data/data/####/936da66a51c94cd80a73d3f0fbba607c.0.tmp
- /data/data/####/936da66a51c94cd80a73d3f0fbba607c.1.tmp
- /data/data/####/MultiDex.lock
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/TwitterAdvertisingInfoPreferences.xml
- /data/data/####/WebViewSettings.xml
- /data/data/####/ac9ba329cef3827eb7d36a101a4d790f.0.tmp
- /data/data/####/ac9ba329cef3827eb7d36a101a4d790f.1.tmp
- /data/data/####/b803c3c190721323d3c2d54126c6a316.0.tmp
- /data/data/####/b803c3c190721323d3c2d54126c6a316.1.tmp
- /data/data/####/com.crashlytics.prefs.xml
- /data/data/####/com.crashlytics.sdk.android;answers;settings.xml
- /data/data/####/com.crashlytics.settings.json
- /data/data/####/com.vpgame.eric;pushservice.growing.db
- /data/data/####/com.vpgame.eric;pushservice.growing.db-journal
- /data/data/####/com.vpgame.eric_preferences.xml
- /data/data/####/core_info
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/debug.conf
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/fba16990a98ddf18d76dd655255d3f08.0.tmp
- /data/data/####/fba16990a98ddf18d76dd655255d3f08.1.tmp
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/growing.db-journal
- /data/data/####/growing_ecsid.xml
- /data/data/####/growing_persist_data.xml
- /data/data/####/growing_profile.xml
- /data/data/####/gx_sp.xml
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/initialization_marker
- /data/data/####/io.fabric.sdk.android;fabric;io.fabric.sdk.andr...ng.xml
- /data/data/####/journal.tmp
- /data/data/####/libjiagu1996635172.so
- /data/data/####/mob_commons_1
- /data/data/####/multidex.version.xml
- /data/data/####/nbaplus-journal
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/sa_085c5f7e-a73c-4dc9-baf5-8faf722b9793_1531946747257.tap
- /data/data/####/sa_26b8d07a-b05f-4423-8599-ea82b2932a12_1531946750116.tap
- /data/data/####/sa_85f6093a-b870-4069-836d-ff9c0d4c470f_1531946749536.tap
- /data/data/####/session_analytics.tap
- /data/data/####/session_analytics.tap (deleted)
- /data/data/####/session_analytics.tap.tmp
- /data/data/####/share_sdk_1
- /data/data/####/sharesdk.db-journal
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/tdata_YYn966
- /data/data/####/tdata_YYn966.jar
- /data/data/####/tdata_eOt091
- /data/data/####/tdata_eOt091.jar
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.dic_lock
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.pkg_lock
- /data/media/####/0072bc66f59afef0ac4ee3caac2324f56229ff487b325d....0.tmp
- /data/media/####/1569f3c741dca6bc9754ab92af6b33b20a42cdf9415cc3....0.tmp
- /data/media/####/3f0b5a2c0ee3e96d461e34ee0790af3d328969c2a17335....0.tmp
- /data/media/####/4116691a7d7e3f4b58fa08e68ecd1ec7ad085b78ed1aea....0.tmp
- /data/media/####/4b9612b185c102a9b7b0b39295be9aec18cd747f810930....0.tmp
- /data/media/####/5105616b3eddf8afd6b2bf30d3e2207e2bf99032c23e13....0.tmp
- /data/media/####/6d5ca270bc7c64dc041eeeebdb11625827057d7a8c1f65....0.tmp
- /data/media/####/75acc834dd17e143b28ce45172719578e2eec7634ef80f....0.tmp
- /data/media/####/7adfecb9abb45df8750cd091b5cdf1fe3051fa940066e1....0.tmp
- /data/media/####/83c6bd0610a0edac2eb7679456f6cfb3f2304c45dd104b....0.tmp
- /data/media/####/930f170f9b85a83fbfdf0ba1e7cf49f559ad9df3f4d861....0.tmp
- /data/media/####/a116c31c912e88c06e2a0a95273c1c0c9ffe4c9da3a77e....0.tmp
- /data/media/####/ad05fea260c51c7540d5bf841abf595018dc30e4705b70....0.tmp
- /data/media/####/app.db
- /data/media/####/b37bd1d05ab96d1da93d941cc28c97230bb6a553607be4....0.tmp
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.vpgame.eric.bin
- /data/media/####/com.vpgame.eric.db
- /data/media/####/d4b953389f99859e8aa2d58743cbd23cf8b7a8fb44e9a0....0.tmp
- /data/media/####/d502c687f04f4965c2a4a730f20f60d3948c5164158b4e....0.tmp
- /data/media/####/f1b431d7f779616974e952c775458dfe6fa9169bf7b196....0.tmp
- /data/media/####/f2e4b03c628030ffb6bdffa95632dd84a138674eabd158....0.tmp
- /data/media/####/f6222aff8417941794b672171b366ff4a8af66740c49b9....0.tmp
- /data/media/####/f80197d2af32f2bee332ee28eb751bfb157037d51bcb98....0.tmp
- /data/media/####/f9ddfdd8e99d4f5c7e17fc968f909b35a4e77b672d8ef5....0.tmp
- /data/media/####/journal.tmp
- /data/media/####/log-2018-07-18-1531946749427.txt
- /data/media/####/log-2018-07-18-1531946749488.txt
- /data/media/####/log-2018-07-18-1531946749502.txt
- /data/media/####/log-2018-07-18-1531946749511.txt
- /data/media/####/log-2018-07-18-1531946754144.txt
- /data/media/####/log-2018-07-18-1531946755166.txt
- /data/media/####/log-2018-07-18-1531946756819.txt
- /data/media/####/log-2018-07-18-1531946756902.txt
- /data/media/####/log-2018-07-18-1531946770156.txt
- /data/media/####/log-2018-07-18-1531946773272.txt
- /data/media/####/log-2018-07-18-1531946776439.txt
- /data/media/####/log-2018-07-18-1531946779886.txt
- /data/media/####/log-2018-07-18-1531946805952.txt
- /data/media/####/log-2018-07-18-1531946805960.txt
- /data/media/####/log-2018-07-18-1531946805993.txt
- /data/media/####/tdata_YYn966
- /data/media/####/tdata_eOt091
- /data/media/####/test.log
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.GeTuiPushService 24470 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu1996635172.so
- getprop ro.product.cpu.abi
- mount
- getuiext2
- libjiagu1996635172
- neh
- AES-ECB-PKCS7Padding
- RSA-ECB-NoPadding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-ECB-NoPadding