Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) pub-####.qin####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) ipswitc####.fmscach####.ou####.com:80
- TCP(HTTP/1.1) www.w####.com:80
- TCP(HTTP/1.1) xiu.xi####.com.####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) dn####.fas####.com:80
- TCP(TLS/1.0) 9ec8524####.bug####.com:443
- TCP(TLS/1.0) 1####.217.17.110:443
- TCP c####.g####.ig####.com:5225
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- 9ec8524####.bug####.com
- a####.u####.com
- c####.g####.ig####.com
- c-h####.g####.com
- dn####.fas####.com
- l####.tbs.qq.com
- pub-####.qin####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- w####.xi####.com
- www.w####.com
- x1.xi####.com
- x3.xi####.com
- xiu.xi####.com
- dn####.fas####.com/dnionget
- ipswitc####.fmscach####.ou####.com/vshow/streamname?get_url=####
- pub-####.qin####.com/tdata_EDT356
- t####.c####.q####.####.com/config/hz-hzv3.conf
- t####.c####.q####.####.com/tdata_BAI450
- t####.c####.q####.####.com/tdata_YJA893
- www.w####.com/firstpay.html?sign=####×tamp=####&client_info=####&us...
- www.w####.com/script/page/app/common.js
- www.w####.com/style/wxstyle/release/mobile/v1/css/active/firstpay.css?v#...
- www.w####.com/style/wxstyle/release/mobile/v1/css/common/wx_common_v2.css
- www.w####.com/style/wxstyle/release/mobile/v1/img/woxiu_active/firstpay/...
- www.w####.com/style/xiu/base/hz/hz050.png
- www.w####.com/style/xiu/base/hz/hz051.gif
- www.w####.com/style/xiu/base/hz/hzsun.png
- www.w####.com/webjs/lib/jquery/jquery/1.7.2/jquery.js
- xiu.xi####.com.####.com/style/xiu/base/v1/css/gift_v.1.css
- xiu.xi####.com.####.com/upload/xiu/1/84/qq-luxktescuo_pixel_56.com_17122...
- xiu.xi####.com.####.com/upload/xiu/12/33/wx-extmmnmzkz_pixel_56.com_1805...
- xiu.xi####.com.####.com/upload/xiu/16/76/ee12aa1_union_b_171028184729_19...
- xiu.xi####.com.####.com/upload/xiu/22/28/zj90043_pixel_56.com_1809131119...
- xiu.xi####.com.####.com/upload/xiu/22/89/ee12aa2_union_b_171028212946_23...
- xiu.xi####.com.####.com/upload/xiu/25/87/qq-vedejrdars_pixel_56.com_1811...
- xiu.xi####.com.####.com/upload/xiu/34/28/wangxinxin638_pixel_56.com_1807...
- xiu.xi####.com.####.com/upload/xiu/36/68/qq-zihumvqton_pixel_56.com_1809...
- xiu.xi####.com.####.com/upload/xiu/40/67/zj90046_pixel_56.com_1712301204...
- xiu.xi####.com.####.com/upload/xiu/41/28/qq-bzpatdixgf_pixel_56.com_1811...
- xiu.xi####.com.####.com/upload/xiu/42/65/qq-exxuwgsfrc_pixel_56.com_1808...
- xiu.xi####.com.####.com/upload/xiu/44/49/sj-pofwdrdavz_pixel_56.com_1809...
- xiu.xi####.com.####.com/upload/xiu/46/42/bhc31203_pixel_56.com_150620155...
- xiu.xi####.com.####.com/upload/xiu/54/5/wx-udwsloitiu_pixel_56.com_18100...
- xiu.xi####.com.####.com/upload/xiu/59/60/wlp1314ai_pixel_56.com_18092916...
- xiu.xi####.com.####.com/upload/xiu/60/54/wangdan1005_pixel_56.com_181028...
- xiu.xi####.com.####.com/upload/xiu/64/50/bnm0067_union_b_171129140916_73...
- xiu.xi####.com.####.com/upload/xiu/70/16/bnm177_pixel_56.com_18102713481...
- xiu.xi####.com.####.com/upload/xiu/70/99/sj-isnexkrlsb_pixel_56.com_1807...
- xiu.xi####.com.####.com/upload/xiu/74/3/sj-wyniedczik_pixel_56.com_18110...
- xiu.xi####.com.####.com/upload/xiu/75/9/qq-ijrlnnwcdu_pixel_56.com_18110...
- xiu.xi####.com.####.com/upload/xiu/87/44/sj-ilujrveyjl_pixel_56.com_1804...
- xiu.xi####.com.####.com/upload/xiu/87/98/qq-kfbyapkeig_pixel_56.com_1810...
- xiu.xi####.com.####.com/upload/xiu/90/30/qq-sjejcwsimh_pixel_56.com_1808...
- xiu.xi####.com.####.com/upload/xiu/90/40/sj-azkisxocxb_pixel_56.com_1810...
- xiu.xi####.com.####.com/upload/xiu/91/29/hxm7780_pixel_56.com_1806300127...
- xiu.xi####.com.####.com/upload/xiu/95/50/qq-pluagrauku_pixel_56.com_1807...
- xiu.xi####.com.####.com/upload/xiu/95/74/qq-27120890_pixel_56.com_181113...
- xiu.xi####.com.####.com/upload/xiu/96/88/shunshilili_pixel_56.com_181109...
- a####.u####.com/app_logs
- c-h####.g####.com/api.php?format=####&t=####
- l####.tbs.qq.com/ajax?c=####&k=####
- l####.tbs.qq.com/ajax?c=####&v=####&k=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- www.w####.com/index.php?action=####&do=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/013e3a14a17273187cc0fbc1007626153750ff6ba45770d....0.tmp
- /data/data/####/0efc3ad2dfca0982b88fcba43fd3dbbba8745e81607485b....0.tmp
- /data/data/####/0efc78db4f6743ab4a1280e4ace7a5e406769d1437e1f94....0.tmp
- /data/data/####/121cabc1c3ff
- /data/data/####/13e9fd8fc4e1daf9340545b8f66f1109e6db2c1ecb648f3....0.tmp
- /data/data/####/15e452c78fa7b5fbe565b4ecb0472293.0.tmp
- /data/data/####/15e452c78fa7b5fbe565b4ecb0472293.1.tmp
- /data/data/####/1d8867ea0b5fdf55ce4c4be5c006e047ec24b5231be64df....0.tmp
- /data/data/####/1de80fe009f00298c9440703d10ef3940149ab9735aed66....0.tmp
- /data/data/####/2f55589c1c3531cb11ed9a8c8270d005ded422d429fe77a....0.tmp
- /data/data/####/391be2134153f7419862b7ecc1837d95ac3e6318f35f3d7....0.tmp
- /data/data/####/3eb5b0fbe1d6883c15935d56685afad17b7766e31dd1fda....0.tmp
- /data/data/####/44cae3cd0b37768857f39579b391379bb3e8d5ac8720213....0.tmp
- /data/data/####/4e3a545944057248db4a28bd6d5199e732d8a8d9a3f28b6....0.tmp
- /data/data/####/538669535dde15ce7dd9aae5fb7d8ab9729b5ef218df934....0.tmp
- /data/data/####/5c960d9f6d3c45fdc78f3126f854489e43859de91af0b0a....0.tmp
- /data/data/####/75b56d06853ed7cfe0efadbfafa33a200da7f245449624e....0.tmp
- /data/data/####/9537ac39738742d1380155cbeb731993ed4a8305a69cd3c....0.tmp
- /data/data/####/TrineaAndroidCommon.xml
- /data/data/####/a06791343744eb1602cce0dd00587d8b8b054e488880e61....0.tmp
- /data/data/####/a304364d3f5cc93aad5eb341c9e7351b6897349e6eb711f....0.tmp
- /data/data/####/a6e959b37393767331f5232de4ac2515feac844aa22c32f....0.tmp
- /data/data/####/a88a6db7d9c483e66d1e10b04780d4cd5683bdf0f0f1244....0.tmp
- /data/data/####/b45d81292633258c2ae5ab9a3daff90a4925b0a9d180b1e....0.tmp
- /data/data/####/ba6980cc65172d8bddc88c744ebe8d6ca0ef5783864f4be....0.tmp
- /data/data/####/c3a31debe40e13677ed9a6a92761a1c93e48fe2b28029ff....0.tmp
- /data/data/####/c4821458faeb02f4798eeb43b09ed5624433ee1eb35fc9d....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/cfb933ec27089f7634177b991bc3a940f7c8968ea3f9547....0.tmp
- /data/data/####/core_info
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/debug.conf
- /data/data/####/e2bb9de0ec1f663904be97c30e89c05eaf8d0ecc4dcd460....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f600b15b674ce0c75f32a7ef956d138b39e5e31086f1503....0.tmp
- /data/data/####/f6e55893eedf911503d7ac059b3ef0d6c674d7ae6736897....0.tmp
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/fb049c0d39e2bc1f4e8f22e3dee4f36fd4f7787e4d5627e....0.tmp
- /data/data/####/fe463da9fd02cda4705b1b40fd07634d39de2c236240da9....0.tmp
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal.tmp
- /data/data/####/libjiagu616568235.so
- /data/data/####/multidex.version.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_config.xml.bak
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/tdata_BAI450
- /data/data/####/tdata_BAI450.jar
- /data/data/####/tdata_YJA893
- /data/data/####/tdata_YJA893.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/app.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.wole56.ishow.bin
- /data/media/####/com.wole56.ishow.db
- /data/media/####/tdata_BAI450
- /data/media/####/tdata_YJA893
- /data/media/####/test.log
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.service.DemoPushService 24511 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- getprop ro.product.cpu.abi
- mount
- Bugtags
- getuiext2
- libjiagu616568235
- AES-CBC-PKCS7Padding
- DESede-ECB-PKCS5Padding
- RSA-ECB-NoPadding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS7Padding