Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(TLS/1.0) fp.fraudme####.cn:443
- TCP(TLS/1.0) acc####.kejidai####.com:443
- TCP(TLS/1.0) fe####.zhenron####.com:443
- TCP(TLS/1.0) das.bai####.cn:443
- TCP(TLS/1.0) bt.kejidai####.com:443
- TCP(TLS/1.0) t####.growi####.com:443
- TCP(TLS/1.0) t.growi####.com:443
- TCP c####.g####.ig####.com:5224
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5226
- a####.u####.com
- acc####.kejidai####.com
- bt.kejidai####.com
- c####.g####.ig####.com
- c####.g####.ig####.com
- c####.g####.ig####.com
- c####.g####.ig####.com
- c-h####.g####.com
- das.bai####.cn
- fe####.zhenron####.com
- fp.fraudme####.cn
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- t####.growi####.com
- t.growi####.com
- t####.c####.q####.####.com/config/hz-hzv3.conf
- /data/data/####/.jg.ic
- /data/data/####/.xml
- /data/data/####/01b799249f42c3dd74542e3fdca069a3.0.tmp
- /data/data/####/01b799249f42c3dd74542e3fdca069a3.1.tmp
- /data/data/####/07d1dedccab51d7e9d95628a11e5d1e6.0.tmp
- /data/data/####/07d1dedccab51d7e9d95628a11e5d1e6.1.tmp
- /data/data/####/089709a91b6ac7e56553d3416ab813a6.0.tmp
- /data/data/####/089709a91b6ac7e56553d3416ab813a6.1.tmp
- /data/data/####/100credit_contents_zw.xml
- /data/data/####/13a7bb299d6a3560d6a4be0fffa5a270.0.tmp
- /data/data/####/13a7bb299d6a3560d6a4be0fffa5a270.1.tmp
- /data/data/####/14efeaebe4dccc3217366b3d5ea63293.0.tmp
- /data/data/####/14efeaebe4dccc3217366b3d5ea63293.1.tmp
- /data/data/####/1fd2f10b06cca4a20cb1862aed6e2fbe.0.tmp
- /data/data/####/1fd2f10b06cca4a20cb1862aed6e2fbe.1.tmp
- /data/data/####/207ebff0d7d84f52bf93302108e8ab41.0.tmp
- /data/data/####/207ebff0d7d84f52bf93302108e8ab41.1.tmp
- /data/data/####/2d92f7a13e00cec342ee984c9136a95e.0.tmp
- /data/data/####/2d92f7a13e00cec342ee984c9136a95e.1.tmp
- /data/data/####/304381ae1e63656a37f0590d415065cb.0.tmp
- /data/data/####/304381ae1e63656a37f0590d415065cb.1.tmp
- /data/data/####/323a73c8df0c62e9abf144e04345b288.0.tmp
- /data/data/####/323a73c8df0c62e9abf144e04345b288.1.tmp
- /data/data/####/34eb5b178b378463fd597bc55b01765f.0.tmp
- /data/data/####/34eb5b178b378463fd597bc55b01765f.1.tmp
- /data/data/####/3eb0c27e9caa2e56092243cc9a7386cf.0.tmp
- /data/data/####/3eb0c27e9caa2e56092243cc9a7386cf.1.tmp
- /data/data/####/56886114853f1ba4390015e325381d9c.0.tmp
- /data/data/####/56886114853f1ba4390015e325381d9c.1.tmp
- /data/data/####/59b12e38ade406585e50b5516c70b9bf.0.tmp
- /data/data/####/59b12e38ade406585e50b5516c70b9bf.1.tmp
- /data/data/####/5f1436f83d6367eee3cfad1c4a69d13d.0.tmp
- /data/data/####/5f1436f83d6367eee3cfad1c4a69d13d.1.tmp
- /data/data/####/6134d53c47a4f7ce682a7e3a794e90d3.0.tmp
- /data/data/####/6134d53c47a4f7ce682a7e3a794e90d3.1.tmp
- /data/data/####/64398f0c04b51a48ff7c2edbeb823353.0.tmp
- /data/data/####/67b3b00b7cb1e2f57f9127fa9e5d0bf9.0.tmp
- /data/data/####/67b3b00b7cb1e2f57f9127fa9e5d0bf9.1.tmp
- /data/data/####/79b4504f3c8bacff0daf9fdf42ca7732.0.tmp
- /data/data/####/79b4504f3c8bacff0daf9fdf42ca7732.1.tmp
- /data/data/####/8d3e90e3b745b0c8576e31a8c4403ae5.0.tmp
- /data/data/####/8d3e90e3b745b0c8576e31a8c4403ae5.1.tmp
- /data/data/####/MultiDex.lock
- /data/data/####/a6d6434b54c8f7f811f46b6047097a53.0.tmp
- /data/data/####/a6d6434b54c8f7f811f46b6047097a53.1.tmp
- /data/data/####/a960fc39d1d1564fe679ebcfa54c7ac8.0.tmp
- /data/data/####/a960fc39d1d1564fe679ebcfa54c7ac8.1.tmp
- /data/data/####/bef3a4f14e22397a6e9902819742504b.0.tmp
- /data/data/####/bef3a4f14e22397a6e9902819742504b.1.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.kwkx.songjindai;pushservice.growing.db-journal
- /data/data/####/de63ee0c5adabf80720a7dccaf4fbe80.0.tmp
- /data/data/####/de63ee0c5adabf80720a7dccaf4fbe80.1.tmp
- /data/data/####/device_id.xml.xml
- /data/data/####/ee38538190db9b0765f87928f2e2715d.0.tmp
- /data/data/####/ee38538190db9b0765f87928f2e2715d.1.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f62c64c57287e1729272c6c0289b7284.0.tmp
- /data/data/####/f62c64c57287e1729272c6c0289b7284.1.tmp
- /data/data/####/f741c9ec95f0a5310cee931c540a8920.0.tmp
- /data/data/####/f741c9ec95f0a5310cee931c540a8920.1.tmp
- /data/data/####/ff4f908fe4ea575d7229cdb1549f0924.0.tmp
- /data/data/####/ff4f908fe4ea575d7229cdb1549f0924.1.tmp
- /data/data/####/ff690d2fb0a1835243e570e5ca997a7d.0.tmp
- /data/data/####/fm_shared.xml
- /data/data/####/getui_sp.xml
- /data/data/####/growing.db-journal
- /data/data/####/growing_ecsid.xml
- /data/data/####/growing_persist_data.xml
- /data/data/####/growing_profile.xml
- /data/data/####/growing_server_pref.xml
- /data/data/####/ikwkx.db-journal
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal.tmp
- /data/data/####/libjiagu1036419398.so
- /data/data/####/multidex.version.xml
- /data/data/####/push.pid
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/sp_cache.xml
- /data/data/####/td_fm.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/.dev_id.txt
- /data/media/####/.nomedia
- /data/media/####/.uuid_bairong
- /data/media/####/1543010246744
- /data/media/####/1543010252235
- /data/media/####/1543010255362
- /data/media/####/1543010257631
- /data/media/####/1543010263024
- /data/media/####/1543010266438
- /data/media/####/1543010268383
- /data/media/####/1543010273468
- /data/media/####/1543010278819
- /data/media/####/1543010282017
- /data/media/####/1543010283211
- /data/media/####/1543010287946
- /data/media/####/1543010297982
- /data/media/####/1543010304817
- /data/media/####/1543010307244
- /data/media/####/1543010313312
- /data/media/####/1543010317762
- /data/media/####/com.kwkx.songjindai.bin
- /data/media/####/exception_log.txt
- /system/bin/cat /proc/cpuinfo
- cat /sys/class/net/wlan0/address
- getprop net.dns1
- ls -l /system/xbin/su
- basesec_client
- basesec_client_jni
- getuiext2
- libjiagu1036419398
- pl_droidsonroids_gif
- tongdun
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding