Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) x####.tc.qq.com:80
- TCP(HTTP/1.1) a####.qq.com:80
- TCP(HTTP/1.1) i####.qfc.cn:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) p####.tc.qq.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) pub.idq####.com.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) openmo####.qq.com:80
- TCP(HTTP/1.1) appsup####.qq.com:80
- TCP(HTTP/1.1) 3####.tc.qq.com:80
- TCP(HTTP/1.1) c.isds####.qq.com:80
- TCP(HTTP/1.1) a.a####.qq.com:80
- TCP(HTTP/1.1) cgi.con####.qq.com:80
- TCP(TLS/1.0) x####.tc.qq.com:443
- TCP(TLS/1.0) 1####.217.17.46:443
- TCP(TLS/1.0) ssl.google-####.com:443
- TCP(TLS/1.0) api.w####.com:443
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) me####.qfc.cn:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5226
- 7j####.c####.z0.####.com
- a####.qq.com
- a####.qq.com
- a.a####.qq.com
- and####.b####.qq.com
- api.map.b####.com
- api.w####.com
- appsup####.qq.com
- c####.g####.ig####.com
- c-h####.g####.com
- c.isds####.qq.com
- cgi.con####.qq.com
- i####.dd.qq.com
- i####.qfc.cn
- i.g####.cn
- m####.3g.qq.com
- me####.qfc.cn
- openmo####.qq.com
- pub.idq####.com
- q####.qq.com
- qzones####.g####.cn
- s.b####.g####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- ssl.google-####.com
- 3####.tc.qq.com/16891/A768F7EBDD7CA3E6AFDBD3A2D9B5FDA4.apk?fsname=####&c...
- 3####.tc.qq.com/16891/channel_70316555_1000395_1537149105984.apk?hsr=###...
- a####.qq.com/cgi-bin/download?data=tmast://download?downl_biz_id=####&do...
- a####.qq.com/cgi-bin/mapp_apptrace?appid_via_act_net_time_sender=####&ro...
- a####.qq.com/detail/com.tencent.mobileqq?autodownload=####&norecommend=#...
- a.a####.qq.com/o/myapp-down?g_f=####&fsname=####
- appsup####.qq.com/cgi-bin/appstage/mstats_report?report_type=####&platfo...
- c.isds####.qq.com/code.cgi?domain=####&cgi=####&type=####&code=####&time...
- cgi.con####.qq.com/qqconnectopen/openapi/policy_conf?sdkv=####&appid=###...
- i####.qfc.cn/upload/01/apu/b2/a5/2069151.jpg
- openmo####.qq.com/oauth2.0/m_authorize?status_userip=####&scope=####&red...
- p####.tc.qq.com/c/=/open/mobile/login/js/login_browser_jump.js
- p####.tc.qq.com/open/mobile/common_detail/img/basic.png
- p####.tc.qq.com/open/mobile/common_detail/img/sprites.png
- p####.tc.qq.com/open/mobile/login/qzsjump.html?status_userip=####&scope=...
- p####.tc.qq.com/open_proj/qqconnect/h5login/css/jump2.css?t=####
- p####.tc.qq.com/open_proj/qqconnect/h5login/css/sprite/jump2.png?max_age...
- pub.idq####.com.####.com/qconn/widget/mobile/login/images/loading.gif?ma...
- t####.c####.q####.####.com/tdata_YEE769
- t####.c####.q####.####.com/tdata_qHR433
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- x####.tc.qq.com/open/app_icon/00/68/68/48/100686848_100_m.png?max_age=####
- x####.tc.qq.com/open/app_icon/00/68/68/48/100686848_android_preview_p0.j...
- x####.tc.qq.com/open/app_icon/00/68/68/48/100686848_android_preview_p1.j...
- x####.tc.qq.com/open/app_icon/00/68/68/48/100686848_android_preview_p2.j...
- and####.b####.qq.com/rqd/async
- and####.b####.qq.com/rqd/async?aid=####
- appsup####.qq.com/cgi-bin/appstage/mstats_batch_report
- c-h####.g####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/1002
- /data/data/####/1004
- /data/data/####/BUGLY_COMMON_VALUES.xml
- /data/data/####/MultiDex.lock
- /data/data/####/SP_AROUTER_CACHE.xml
- /data/data/####/Setting.xml
- /data/data/####/authStatus_com.qfc.cloth.hi.xml
- /data/data/####/authStatus_com.qfc.cloth.hi;core.xml
- /data/data/####/authStatus_com.qfc.cloth.hi;patch.xml
- /data/data/####/authStatus_com.qfc.cloth.hi;pushservice.xml
- /data/data/####/bugly_db_-journal
- /data/data/####/bugly_db_legu-journal
- /data/data/####/cb2f37ab-b530-4251-b7c9-f991009f9581.zip
- /data/data/####/com.google.android.gms.analytics.prefs.xml
- /data/data/####/com.qfc.cloth.hi.BETA_VALUES.xml
- /data/data/####/com.qfc.cloth.hi.BETA_VALUES.xml.bak
- /data/data/####/com.qfc.cloth.hi.BETA_VALUES.xml.bak (deleted)
- /data/data/####/com.tencent.open.config.json.1105191811
- /data/data/####/crashrecord.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/gaClientId
- /data/data/####/gdaemon_20161017
- /data/data/####/google_analytics_v4.db-journal
- /data/data/####/gx_sp.xml
- /data/data/####/index
- /data/data/####/info.lock
- /data/data/####/init.pid
- /data/data/####/init_c.pid
- /data/data/####/libcuid.so
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.8.so
- /data/data/####/libufix.so
- /data/data/####/libwbsafeedit_x86.so
- /data/data/####/local_crash_lock
- /data/data/####/mix.dex
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/patch-a2841bc6.apk
- /data/data/####/patch.apk
- /data/data/####/patch.retry
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/qfc_buyer.db-journal
- /data/data/####/run.pid
- /data/data/####/sdk_report.db
- /data/data/####/sdk_report.db-journal
- /data/data/####/secure_lib.xml
- /data/data/####/security_info
- /data/data/####/tdata_YEE769
- /data/data/####/tdata_YEE769.jar
- /data/data/####/tdata_qHR433
- /data/data/####/tdata_qHR433.jar
- /data/data/####/temp.apk
- /data/data/####/tmpPatch.apk
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/weibo_sdk_aid1
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.nomedia
- /data/media/####/2069151.jpg
- /data/media/####/YYB.998886.afb035b894c40f349f2949e0d86a1ebf.co...il.apk
- /data/media/####/app.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.qfc.cloth.hi.db
- /data/media/####/com.tencent.mobileqq_7.7.8_908-1.apk
- /data/media/####/com.tencent.mobileqq_7.7.8_908-2.apk
- /data/media/####/com.tencent.mobileqq_7.7.8_908-3.apk
- /data/media/####/com.tencent.mobileqq_7.7.8_908.apk
- /data/media/####/com.tencent.mobileqq_connectSdk.18.09.17.10.log
- /data/media/####/journal.tmp
- /data/media/####/nim_sdk.log
- /data/media/####/tdata_YEE769
- /data/media/####/tdata_qHR433
- /data/media/####/test.log
- /system/bin/sh -c getprop
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 24518 300 0
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.8.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 24518 300 0
- BaiduMapSDK_base_v4_3_1
- Bugly
- getuiext2
- libnfix
- libshella-2.8
- libufix
- libwbsafeedit_x86
- nfix
- ufix
- weibosdkcore
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding