Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) et2-na6####.wagbr####.ali####.####.com:80
- TCP(HTTP/1.1) ada####.m.ta####.com:80
- TCP(HTTP/1.1) app####.haosh####.com:80
- TCP(HTTP/1.1) i####.hang####.com:80
- TCP(HTTP/1.1) ad####.m.ta####.com:80
- TCP(HTTP/1.1) q.q####.cn:80
- TCP(HTTP/1.1) a####.7####.com:80
- TCP(HTTP/1.1) ro####.g0.p####.####.cn:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) sh.wagbr####.aliyun####.com:80
- TCP(HTTP/1.1) i####.xinjuns####.net:80
- TCP(TLS/1.0) api.leanc####.cn:443
- TCP(TLS/1.0) publish####.b####.com.####.com:443
- TCP(TLS/1.0) cpu.b####.com:443
- TCP(TLS/1.0) fex.bdst####.com:443
- TCP(TLS/1.0) ssls####.jom####.com:443
- TCP(TLS/1.0) cac####.b####.com:443
- TCP(TLS/1.0) cn-n1-c####.leanc####.cn:443
- TCP(TLS/1.0) g####.b####.com:443
- TCP(TLS/1.0) hm.b####.com:443
- TCP(TLS/1.0) h####.b####.com:443
- TCP(TLS/1.0) si####.jom####.com:443
- a####.7####.com
- a####.man.aliy####.com
- a####.u####.com
- ad####.m.ta####.com
- ada####.m.ta####.com
- api.leanc####.cn
- app####.haosh####.com
- cac####.b####.com
- cn-n1-c####.leanc####.cn
- cpu.b####.com
- f10.b####.com
- f11.b####.com
- f12.b####.com
- fex.bdst####.com
- g####.b####.com
- g####.bdst####.com
- g####.bdst####.com
- h####.b####.com
- hm.b####.com
- i####.hang####.com
- i####.xinjuns####.net
- log.u####.com
- m.xinjuns####.net
- publish####.b####.com
- q.q####.cn
- ro####.g0.p####.####.cn
- s####.u####.com
- t10.b####.com
- t12.b####.com
- a####.7####.com/member_nouse/templets/images/dfboy.png
- a####.7####.com/xin.js
- ad####.m.ta####.com/rest/gc2?ak=####&av=####&c=####&d=####&sv=####&t=###...
- app####.haosh####.com/version_update.php?&appkey=####&version_code=####&...
- et2-na6####.wagbr####.ali####.####.com/bar/get/51ae9a3956240b64c4008c75/...
- i####.hang####.com/api2.4/app.php?mod=####&aid=####
- i####.xinjuns####.net/160815/4-160Q5160UTS.jpg
- i####.xinjuns####.net/allimg/180904/0UHT047-2.jpg
- i####.xinjuns####.net/allimg/180904/0UHT048-1.jpg
- i####.xinjuns####.net/allimg/180904/0UHU446-0.jpg
- i####.xinjuns####.net/allimg/180904/1024011F6-1.jpg
- i####.xinjuns####.net/allimg/180904/1024015642-2.jpg
- i####.xinjuns####.net/allimg/180904/102401CF-0.jpg
- i####.xinjuns####.net/allimg/180904/127344-1PZ4144F00-L.jpg
- i####.xinjuns####.net/allimg/180904/21-1PZ41022460-L.jpg
- i####.xinjuns####.net/allimg/180905/10414453b-0.jpg
- i####.xinjuns####.net/allimg/180905/1041445J3-2.jpg
- i####.xinjuns####.net/allimg/180905/104144Mb-1.jpg
- i####.xinjuns####.net/allimg/180905/1131331101-1.jpg
- i####.xinjuns####.net/allimg/180905/1131331W7-0.jpg
- i####.xinjuns####.net/allimg/180905/113133O58-2.jpg
- i####.xinjuns####.net/allimg/180905/127344-1PZ51049510-L.jpg
- i####.xinjuns####.net/allimg/180905/127344-1PZ51059140-L.jpg
- i####.xinjuns####.net/allimg/180905/127344-1PZ5133S40-L.jpg
- i####.xinjuns####.net/allimg/180905/127344-1PZ51343380-L.jpg
- i####.xinjuns####.net/allimg/180905/127344-1PZ51346050-L.jpg
- i####.xinjuns####.net/allimg/180905/1352593225-0.jpg
- i####.xinjuns####.net/allimg/180905/13525944K-2.jpg
- i####.xinjuns####.net/allimg/180905/1352596248-1.jpg
- i####.xinjuns####.net/allimg/180905/1409294H6-2.jpg
- i####.xinjuns####.net/allimg/180905/1409295061-3.jpg
- i####.xinjuns####.net/allimg/180905/1409295O6-0.jpg
- i####.xinjuns####.net/allimg/180905/1409296319-4.jpg
- i####.xinjuns####.net/allimg/180905/14092aI7-1.jpg
- i####.xinjuns####.net/allimg/180905/15958-1PZ51406060-L.jpg
- i####.xinjuns####.net/allimg/180905/15958-1PZ51406340-L.jpg
- i####.xinjuns####.net/allimg/180905/15958-1PZ51409280-L.jpg
- i####.xinjuns####.net/allimg/180905/15958-1PZ5140A70-L.jpg
- i####.xinjuns####.net/allimg/180905/15958-1PZ5140U40-L.jpg
- i####.xinjuns####.net/allimg/180905/15958-1PZ51410070-L.jpg
- i####.xinjuns####.net/allimg/180905/15958-1PZ51410330-L.jpg
- i####.xinjuns####.net/allimg/180905/21-1PZ50922560-L.jpg
- q.q####.cn/qqapp/100990706/3F31083FCECEA39B414124B1D9412F4D/100
- ro####.g0.p####.####.cn/v1/route?appId=####&installationId=####&secure=#...
- a####.u####.com/app_logs
- ada####.m.ta####.com/rest/sur?ak=####&av=####&c=####&v=####&s=####&d=###...
- i####.hang####.com/api2.4/app.php?mod=####
- i####.hang####.com/api2.4/app.php?mod=####&act=####&page=####
- i####.hang####.com/api2.4/app.php?mod=####&aid=####&type=####
- i####.hang####.com/api2.4/app.php?mod=####&page=####
- sh.wagbr####.aliyun####.com/man/api?ak=####&s=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/1536184307140.log
- /data/data/####/AV_CLOUD_API_VERSION_KEY_ZONE.xml
- /data/data/####/AV_PUSH_SERVICE_APP_DATA.xml
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/CookiePrefsFile.xml
- /data/data/####/MultiDex.lock
- /data/data/####/UTCommon.xml
- /data/data/####/__Baidu_Stat_SDK_SendRem.xml
- /data/data/####/__local_ap_info_cache.json
- /data/data/####/__local_last_session.json
- /data/data/####/__local_stat_cache.json
- /data/data/####/__send_data_1536184307084
- /data/data/####/ap.Lock
- /data/data/####/app_sp.xml
- /data/data/####/baidu_mtj_sdk_record.xml
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.avos.avoscloud.RequestStatisticsUtil.data.xml
- /data/data/####/com.avos.push.router.server.cachezja4gnztqflo4x...6d.xml
- /data/data/####/com.avoscloud.chat.message.xml
- /data/data/####/com.shenyuan.militarynews_preferences.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dbProvider.db-journal
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/f_00000f
- /data/data/####/f_000010
- /data/data/####/f_000011
- /data/data/####/f_000012
- /data/data/####/f_000013
- /data/data/####/f_000014
- /data/data/####/f_000015
- /data/data/####/f_000016
- /data/data/####/f_000017
- /data/data/####/f_000018
- /data/data/####/f_000019
- /data/data/####/index
- /data/data/####/installation
- /data/data/####/libcuid.so
- /data/data/####/libjiagu-1308218362.so
- /data/data/####/multidex.version.xml
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_socialize.xml
- /data/data/####/ut.db
- /data/data/####/ut.db-journal
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.confd
- /data/media/####/.confd-journal
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.nomedia
- /data/media/####/.timestamp
- /data/media/####/13t09spwewe34q4yu7uyq44xn
- /data/media/####/1c0aahqogazs6zl8dundbgpzt
- /data/media/####/1i0ubphwtvx79yv5b4gvwppiz
- /data/media/####/1m4nd6xzs9mnapusp6duxpz9h
- /data/media/####/1wscwpqzmhzqcc0f662ga89x9
- /data/media/####/1wsjtnosh30y4b5drpo8w7hey
- /data/media/####/1z5c4110eyrth742sne5c9fsd
- /data/media/####/2mrkrtoe4g89rn5z4zdqsl22c
- /data/media/####/2zolejnv8cnvks7t6ukym86dp
- /data/media/####/369occptcybgqt8rzfihw3r49
- /data/media/####/3ccvfmvy9e77ktztgqo9i4c59
- /data/media/####/3nh34jqsrxukhrfbb8pe0a7aa
- /data/media/####/3sa7e00u8w7904j1kurp4cski
- /data/media/####/3sme8solel0n4gb38eyzsh1ct
- /data/media/####/3xat5mmwk9vm03q12ua91bozc
- /data/media/####/43lo3igc250wg4rl0zlmrv58e
- /data/media/####/45bqdp12597xyxim87wkjn7n0
- /data/media/####/4ag86jm7jbvrv52dqisvo1487
- /data/media/####/4eoqhk5llzcvjy88ky14eyjq9
- /data/media/####/4hxcbow1uhyjjll113168kanx
- /data/media/####/4k5r9wbfb4gj1ounwuzhqlco6
- /data/media/####/4qcqw3dl7ykaek6q5mb7m2i64
- /data/media/####/4zdfe6ahtbfgqwx7y36uemlaj
- /data/media/####/5etsagojkatrkaidb087jr6ps
- /data/media/####/64pqgjlcwv06scixlsfq9j8fa
- /data/media/####/64z3x0aavaqg3q001zyj7xbzl
- /data/media/####/6divgwaps99ki77zg5f295end
- /data/media/####/6dj9m7yw4h806x5t44ftimndg
- /data/media/####/6l0hgpel66i3o5efga4a5fnlz
- /data/media/####/6l4icwj804g1s1bcn5qalt3px
- /data/media/####/6ucchpr7zqummbykr25bp47zd
- /data/media/####/6vhhcb1zcaaqttt3cg0783gvn
- /data/media/####/79wqp4tsktwm7mybmjw8vr0ag
- /data/media/####/7b3n1m9qjfgtbwalzw444srg3
- /data/media/####/7bgz6qur3yj4hwwnhw7b6ny8f
- /data/media/####/7i236k4vc09dzc2hbpqvpn4r5
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/dontpanic.cp
- /data/media/####/iuszc71z9sjbxt3hroj7uow0
- /data/media/####/xvyflc8hqm16zqf2mkkbulde
- chmod 755 <Package Folder>/.jiagu/libjiagu-1308218362.so
- getprop ro.build.display.id
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.miui.ui.version.name
- getprop ro.smartisan.version
- getprop ro.vivo.os.version
- crash_analysis
- libjiagu-1308218362
- ut_c_api
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding