Adware.Gexin.5579

Technical information

Malicious functions:

Executes code of the following detected threats:

Adware.Gexin.2.origin

Accesses the ITelephony private interface.

Network activity:

Connects to:

UDP(DNS) <Google DNS>
TCP(HTTP/1.1) pi####.qq.com:80
TCP(HTTP/1.1) log.renre####.com:80
TCP(HTTP/1.1) 1####.254.116.117:80
TCP(HTTP/1.1) 1####.232.98.178:443
TCP(HTTP/1.1) t####.qq.com:8080
TCP(HTTP/1.1) m####.rr####.com:80
TCP(HTTP/1.1) reso####.msg.xi####.net:80
TCP(HTTP/1.1) a####.rr####.com:80
TCP(HTTP/1.1) t####.qq.com:80
TCP(HTTP/1.1) i####.rr####.com:80
TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
TCP(TLS/1.0) log.renre####.com:443
TCP(TLS/1.0) i####.rr####.com:443
TCP(TLS/1.0) sc.shanyis####.com:443
TCP(TLS/1.0) api.w####.com:443
TCP(TLS/1.0) app####.renre####.com:443
TCP(TLS/1.0) o####.map.b####.com:443
TCP(TLS/1.0) a####.rr####.com:443
TCP(TLS/1.0) api.renre####.com:443
TCP(TLS/1.0) d####.rr####.com:443
TCP(TLS/1.0) appver####.renre####.com:443
TCP(TLS/1.0) regi####.xm####.xi####.com:443
TCP(TLS/1.0) api.map.b####.com:443
TCP(TLS/1.0) loc.map.b####.com:443
TCP 1####.232.98.178:443
TCP t####.qq.com:8080
TCP 4####.62.94.2:443
TCP t####.qq.com:80
TCP 47.74.1####.156:5222

DNS requests:

a####.rr####.com
api.map.b####.com
api.renre####.com
api.w####.com
app####.renre####.com
appver####.renre####.com
d####.rr####.com
i####.rr####.com
loc.map.b####.com
log.renre####.com
m####.rr####.com
o####.map.b####.com
pi####.qq.com
plb####.u####.com
regi####.xm####.xi####.com
reso####.msg.xi####.net
sc.shanyis####.com
t####.qq.com
u####.u####.com

HTTP GET requests:

a####.rr####.com/rop/uploads/9hMtDXlMdlIlz4_j.png?imageVi####
a####.rr####.com/watermark_rop/uploads/eL3uN6Ph1qxcb17h.jpg?imageVi####
i####.rr####.com/dlqj.jpg
i####.rr####.com/hbxd.jpg
i####.rr####.com/jdbz.jpg
i####.rr####.com/jndf.jpg
i####.rr####.com/rop/uploads/9hMtDXlMdlIlz4_j.png?imageVi####
i####.rr####.com/smw.jpg?imageVi####
i####.rr####.com/watermark_rop/uploads/cF1I2cMuUrKTLE0U.jpg?imageVi####
i####.rr####.com/yzg.jpg
m####.rr####.com/rop/uploads/9hMtDXlMdlIlz4_j.png?imageVi####
reso####.msg.xi####.net/gslb/?ver=####&type=####&conpt=####&uuid=####&li...

HTTP POST requests:

log.renre####.com/index.php?c=####&m=####
pi####.qq.com/mstat/report/?index=####
t####.qq.com/203.205.211.75:80/
t####.qq.com:8080/203.205.211.75:8080/

File system changes:

Creates the following files:

/data/data/####/.imprint
/data/data/####/.jg.ic
/data/data/####/.tpns.service.xml.xml
/data/data/####/.tpns.settings.xml.xml
/data/data/####/.xml
/data/data/####/Alvin2.xml
/data/data/####/Carapp.db-journal
/data/data/####/ContextData.xml
/data/data/####/RRCCrashStore.xml
/data/data/####/SP_AROUTER_CACHE.xml
/data/data/####/XMPushServiceConfig.xml
/data/data/####/_default_renrenche_cache_file_name.xml
/data/data/####/a==7.5.3&&5.5.0_1543715819319_envelope.log
/data/data/####/abtest_cache_data.0.tmp
/data/data/####/authStatus_com.renrenche.carapp;remote.xml
/data/data/####/com.renrenche.android.agent.v1_com.renrenche.carapp.xml
/data/data/####/com.renrenche.carapp.xml
/data/data/####/com.renrenche.carapp;pushservice
/data/data/####/com.renrenche.carapp_preferences.xml
/data/data/####/com.sensorsdata.analytics.android.sdk.SensorsDataAPI.xml
/data/data/####/connect.xml
/data/data/####/controlInfo.ini
/data/data/####/d==7.5.3&&5.5.0_1543715819741_envelope.log
/data/data/####/d==7.5.3&&5.5.0_1543715827684_envelope.log
/data/data/####/d==7.5.3&&5.5.0_1543715842166_envelope.log
/data/data/####/d==7.5.3&&5.5.0_1543715855032_envelope.log
/data/data/####/d==7.5.3&&5.5.0_1543715860465_envelope.log
/data/data/####/d==7.5.3&&5.5.0_1543715866055_envelope.log
/data/data/####/d==7.5.3&&5.5.0_1543715870050_envelope.log
/data/data/####/d==7.5.3&&5.5.0_1543715877460_envelope.log
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQzNzE1ODE3OTcw;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQzNzE1ODI1NTU2;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQzNzE1ODMzMjcz;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQzNzE1ODQwNDYx;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQzNzE1ODUzOTc1;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQzNzE1ODY0MTIx;
/data/data/####/dW1weF9pbnRlcm5hbF8xNTQzNzE1ODc1OTM2;
/data/data/####/data_0
/data/data/####/data_1
/data/data/####/data_2
/data/data/####/data_3
/data/data/####/device_id.xml
/data/data/####/exchangeIdentity.json
/data/data/####/exid.dat
/data/data/####/filter_record.0.tmp
/data/data/####/firll.dat
/data/data/####/gal.db
/data/data/####/gal.db-journal
/data/data/####/geofencing.db
/data/data/####/geofencing.db-journal
/data/data/####/home_frist_pay_cache_key.0.tmp
/data/data/####/home_headline_info_cache_key.0.tmp
/data/data/####/hst.db
/data/data/####/hst.db-journal
/data/data/####/i==1.2.0&&5.5.0_1543715818028_envelope.log
/data/data/####/i==1.2.0&&5.5.0_1543715825595_envelope.log
/data/data/####/i==1.2.0&&5.5.0_1543715833277_envelope.log
/data/data/####/i==1.2.0&&5.5.0_1543715840489_envelope.log
/data/data/####/i==1.2.0&&5.5.0_1543715853987_envelope.log
/data/data/####/i==1.2.0&&5.5.0_1543715864181_envelope.log
/data/data/####/i==1.2.0&&5.5.0_1543715875958_envelope.log
/data/data/####/index
/data/data/####/info.xml
/data/data/####/installed_1543715818932.info
/data/data/####/installed_1543715819333.info
/data/data/####/installed_1543715819682.info
/data/data/####/installed_1543715828861.info
/data/data/####/installed_1543715829891.info
/data/data/####/installed_1543715830072.info
/data/data/####/installed_1543715836599.info
/data/data/####/installed_1543715837044.info
/data/data/####/installed_1543715837242.info
/data/data/####/installed_1543715844331.info
/data/data/####/installed_1543715844376.info
/data/data/####/installed_1543715844483.info
/data/data/####/journal.tmp
/data/data/####/libcuid.so
/data/data/####/libjiagu-826918854.so
/data/data/####/log.db
/data/data/####/log.db-journal
/data/data/####/mipush.xml
/data/data/####/mipush_account.xml
/data/data/####/mipush_extra.xml
/data/data/####/multidex.version.xml
/data/data/####/ofl.config
/data/data/####/ofl_location.db
/data/data/####/ofl_location.db-journal
/data/data/####/ofl_statistics.db
/data/data/####/ofl_statistics.db-journal
/data/data/####/pref_registered_pkg_names.xml
/data/data/####/recommend_car_info_cache.0.tmp
/data/data/####/response_server_time.xml
/data/data/####/rrc_carapp_conf.xml
/data/data/####/rrc_user.xml
/data/data/####/search_hot_words.0.tmp
/data/data/####/sell_sell_banner.0.tmp
/data/data/####/sensorsdata-journal
/data/data/####/sensorsdata.xml
/data/data/####/sp.db-journal
/data/data/####/tpush.shareprefs.xml
/data/data/####/ua.db
/data/data/####/ua.db-journal
/data/data/####/um_pri.xml
/data/data/####/umdat.xml
/data/data/####/umeng_common_config.xml
/data/data/####/umeng_common_location.xml
/data/data/####/umeng_general_config.xml
/data/data/####/umeng_it.cache
/data/data/####/webview.db-journal
/data/data/####/webviewCookiesChromium.db-journal
/data/data/####/weibo_sdk_aid1
/data/media/####/.a.dat
/data/media/####/.adfwe.dat
/data/media/####/.cca.dat
/data/media/####/.cuid
/data/media/####/.cuid2
/data/media/####/.nomedia
/data/media/####/.umm.dat
/data/media/####/00c559ed27647f9265695073b5cbd6df.0.tmp
/data/media/####/00c559ed27647f9265695073b5cbd6df.1.tmp
/data/media/####/039172d5ed050041203e174e46f6e1be.0.tmp
/data/media/####/039172d5ed050041203e174e46f6e1be.1.tmp
/data/media/####/03e2fe96324750efdf69a788151b1e21.0.tmp
/data/media/####/03e2fe96324750efdf69a788151b1e21.1.tmp
/data/media/####/0bf4003042792ce39b32a2881fdd2836.0.tmp
/data/media/####/0bf4003042792ce39b32a2881fdd2836.1.tmp
/data/media/####/0dfed6ab15be99fb8f0996718da20bcc.0.tmp
/data/media/####/0dfed6ab15be99fb8f0996718da20bcc.1.tmp
/data/media/####/0e30655d7b5733559f6e243f14ed6a89.0.tmp
/data/media/####/0e30655d7b5733559f6e243f14ed6a89.1.tmp
/data/media/####/105051c07564a021d57eb45699b054df.0.tmp
/data/media/####/105051c07564a021d57eb45699b054df.1.tmp
/data/media/####/11ee050c8f098023ab5e1fa2d9ec0ca7.0.tmp
/data/media/####/11ee050c8f098023ab5e1fa2d9ec0ca7.1.tmp
/data/media/####/132ad6b02c32379a5f5d4b17d327e0b3.0.tmp
/data/media/####/132ad6b02c32379a5f5d4b17d327e0b3.1.tmp
/data/media/####/16596262087683cf7fa121a47d8e3756.0.tmp
/data/media/####/16596262087683cf7fa121a47d8e3756.1.tmp
/data/media/####/16c11a4af20daf006b458c87023fcef7.0.tmp
/data/media/####/16c11a4af20daf006b458c87023fcef7.1.tmp
/data/media/####/1793d747abed2845cf53b75e3238b0ef.0.tmp
/data/media/####/1793d747abed2845cf53b75e3238b0ef.1.tmp
/data/media/####/180c61826e8b578748699f7566a2e0dc.0.tmp
/data/media/####/180c61826e8b578748699f7566a2e0dc.1.tmp
/data/media/####/1cd96ba27c8e2829e74984b583131a14.0.tmp
/data/media/####/1cd96ba27c8e2829e74984b583131a14.1.tmp
/data/media/####/1e19054d84a90ce815a2b4469338613e.0.tmp
/data/media/####/1e19054d84a90ce815a2b4469338613e.1.tmp
/data/media/####/1fcfe95872dfe84d7a343a06f9e6fdb9.0.tmp
/data/media/####/1fcfe95872dfe84d7a343a06f9e6fdb9.1.tmp
/data/media/####/1qlzwh904ej0rwenbjq4v01h4.0.tmp
/data/media/####/2029f4f3cd61daaf7d0a7f780177a28d.0.tmp
/data/media/####/2029f4f3cd61daaf7d0a7f780177a28d.1.tmp
/data/media/####/208f2ef3f3ce244aab769de547e1f306.0.tmp
/data/media/####/208f2ef3f3ce244aab769de547e1f306.1.tmp
/data/media/####/21cm92miw5btcmf2xyufwffuu.0.tmp
/data/media/####/23b15951595dd15719ffa8128083dbc0.0.tmp
/data/media/####/23b15951595dd15719ffa8128083dbc0.1.tmp
/data/media/####/2607cbee0f8ca33cab7e21d86e84cdc4.0.tmp
/data/media/####/2607cbee0f8ca33cab7e21d86e84cdc4.1.tmp
/data/media/####/28bfb769dc533540844fd835a0730287.0.tmp
/data/media/####/28bfb769dc533540844fd835a0730287.1.tmp
/data/media/####/29d37854cd10e117dc15c45840c412e5.0.tmp
/data/media/####/29d37854cd10e117dc15c45840c412e5.1.tmp
/data/media/####/29daa4df0aa1135ec19e3c66d9140acb.0.tmp
/data/media/####/29daa4df0aa1135ec19e3c66d9140acb.1.tmp
/data/media/####/2cssamvvoagk1nn7pbx3mb07i.0.tmp
/data/media/####/2e7ea705f2c830bd47b2011da8e927ef.0.tmp
/data/media/####/2e7ea705f2c830bd47b2011da8e927ef.1.tmp
/data/media/####/2f3f13087943ba7baf64c9739bf34778.0.tmp
/data/media/####/2f3f13087943ba7baf64c9739bf34778.1.tmp
/data/media/####/30906e860532f997dca868fb79dbced2.0.tmp
/data/media/####/30906e860532f997dca868fb79dbced2.1.tmp
/data/media/####/30ed96093363c7ba647c01f9feba0db8.0.tmp
/data/media/####/30ed96093363c7ba647c01f9feba0db8.1.tmp
/data/media/####/31tku7borv6k9xvo1j8f6fev9.0.tmp
/data/media/####/322b87a96cdaee93b0368751ac3a333f.0.tmp
/data/media/####/322b87a96cdaee93b0368751ac3a333f.1.tmp
/data/media/####/334aecbecb59431a7f6b91d90670cf9c.0.tmp
/data/media/####/334aecbecb59431a7f6b91d90670cf9c.1.tmp
/data/media/####/3704df4d0c085f2fe53cf2daea4ae718.0.tmp
/data/media/####/3704df4d0c085f2fe53cf2daea4ae718.1.tmp
/data/media/####/376ttdtu0vn5bf8yv3w0vmcin.0.tmp
/data/media/####/3786f8c2cc71b1167aa0dab3202785b3.0.tmp
/data/media/####/3786f8c2cc71b1167aa0dab3202785b3.1.tmp
/data/media/####/388ca2e18e387aba3d6e34f11f669b61.0.tmp
/data/media/####/388ca2e18e387aba3d6e34f11f669b61.1.tmp
/data/media/####/39eh7imjge1jzaigmf6pnlga6.0.tmp
/data/media/####/3a0f907328c8be78b1bf8837c1813edf.0.tmp
/data/media/####/3a0f907328c8be78b1bf8837c1813edf.1.tmp
/data/media/####/3da5024722992278a8b5042fedb9d520.0.tmp
/data/media/####/3da5024722992278a8b5042fedb9d520.1.tmp
/data/media/####/3dae64cd086868a28ec013246d350710.0.tmp
/data/media/####/3dae64cd086868a28ec013246d350710.1.tmp
/data/media/####/3gauqbfwksuz4o5khc5bbzj4n.0.tmp
/data/media/####/3wy5zn8ibchr89r5blu222529.0.tmp
/data/media/####/407b4a162e810da00337d55662673c51.0.tmp
/data/media/####/407b4a162e810da00337d55662673c51.1.tmp
/data/media/####/4081ce84a7f2c8e318d7a1561415ba40.0.tmp
/data/media/####/4081ce84a7f2c8e318d7a1561415ba40.1.tmp
/data/media/####/40c7763661d8b253a7c5a2d4fe68cde9.0.tmp
/data/media/####/40c7763661d8b253a7c5a2d4fe68cde9.1.tmp
/data/media/####/4128073cb1952c7f1daeda02f71d9c18.0.tmp
/data/media/####/4128073cb1952c7f1daeda02f71d9c18.1.tmp
/data/media/####/42f7b13f5250d89ec5b32b82bca21008.0.tmp
/data/media/####/42f7b13f5250d89ec5b32b82bca21008.1.tmp
/data/media/####/448591c729e32293a528ef765f8c4e1f.0.tmp
/data/media/####/448591c729e32293a528ef765f8c4e1f.1.tmp
/data/media/####/44b3e93bc6b8a007d5081fcb7229d00c.0.tmp
/data/media/####/44b3e93bc6b8a007d5081fcb7229d00c.1.tmp
/data/media/####/46613715e6aa50a10fee875883c0b57e.0.tmp
/data/media/####/46613715e6aa50a10fee875883c0b57e.1.tmp
/data/media/####/4678d41786b7c4bef0bd16433255efb4.0.tmp
/data/media/####/4678d41786b7c4bef0bd16433255efb4.1.tmp
/data/media/####/4855831881c7fa6fe729894873ff8e48.0.tmp
/data/media/####/4855831881c7fa6fe729894873ff8e48.1.tmp
/data/media/####/4e6e1f3ab79293387065f1f5816c6fb6.0.tmp
/data/media/####/4e6e1f3ab79293387065f1f5816c6fb6.1.tmp
/data/media/####/4f49a41afd1a174b3476eb5a861e70c8.0.tmp
/data/media/####/4f49a41afd1a174b3476eb5a861e70c8.1.tmp
/data/media/####/4nho7ewnt32jvb9pfhtvbie65.0.tmp
/data/media/####/501284a0695d0586c8165cafc842ad58.0.tmp
/data/media/####/501284a0695d0586c8165cafc842ad58.1.tmp
/data/media/####/51444ad69e4065bfe1a36007f5fdcec3.0.tmp
/data/media/####/51444ad69e4065bfe1a36007f5fdcec3.1.tmp
/data/media/####/526355e93554f53a13e249be6406e30c.0.tmp
/data/media/####/526355e93554f53a13e249be6406e30c.1.tmp
/data/media/####/548feb7665bfb0a93e1c5fcc02707ac4.0.tmp
/data/media/####/548feb7665bfb0a93e1c5fcc02707ac4.1.tmp
/data/media/####/54e92c051b3861f781fa90fe7d787c7d.0.tmp
/data/media/####/54e92c051b3861f781fa90fe7d787c7d.1.tmp
/data/media/####/54ng5dcny83cb5t166uyb8ind.0.tmp
/data/media/####/5512vtmh7dn4vcwmbbxccoyfi.0.tmp
/data/media/####/59c1f64ca5575ba3d0742b0e0dcadbd2.0.tmp
/data/media/####/59c1f64ca5575ba3d0742b0e0dcadbd2.1.tmp
/data/media/####/59d8def61624ace6b1f86843b7896291.0.tmp
/data/media/####/59d8def61624ace6b1f86843b7896291.1.tmp
/data/media/####/59de40e69a1278838f7d73d34d3bd22d.0.tmp
/data/media/####/59de40e69a1278838f7d73d34d3bd22d.1.tmp
/data/media/####/5aa8a36be816e6ce2b6bc988c026933f.0.tmp
/data/media/####/5aa8a36be816e6ce2b6bc988c026933f.1.tmp
/data/media/####/5b962652d2dc03966ca644455663e7ff.0.tmp
/data/media/####/5b962652d2dc03966ca644455663e7ff.1.tmp
/data/media/####/5c5baa5a46627f62b92a3f18a014fd80.0.tmp
/data/media/####/5c5baa5a46627f62b92a3f18a014fd80.1.tmp
/data/media/####/5d5afa60dbaf69990e45110f279dca0e.0.tmp
/data/media/####/5d5afa60dbaf69990e45110f279dca0e.1.tmp
/data/media/####/5f721d4c05cc2dc0587bfd863cf5ee97.0.tmp
/data/media/####/5f721d4c05cc2dc0587bfd863cf5ee97.1.tmp
/data/media/####/5fcaa8ce21f497d5415140b53718170a.0.tmp
/data/media/####/5fcaa8ce21f497d5415140b53718170a.1.tmp
/data/media/####/5pthgddacbuqpxha88la91yxo.0.tmp
/data/media/####/61fca35e172a7bee1474f0705d920056.0.tmp
/data/media/####/61fca35e172a7bee1474f0705d920056.1.tmp
/data/media/####/63c75786ab2e01a73948ad8b5f29bbfa.0.tmp
/data/media/####/63c75786ab2e01a73948ad8b5f29bbfa.1.tmp
/data/media/####/64548d4116508b0a8be74a48a182967d.0.tmp
/data/media/####/64548d4116508b0a8be74a48a182967d.1.tmp
/data/media/####/6b12e94caea598048e72a5a851d33fa9.0.tmp
/data/media/####/6b12e94caea598048e72a5a851d33fa9.1.tmp
/data/media/####/6b9htrllj12figi36onm1ew7k.0.tmp
/data/media/####/6btud7svrs8nydqiwwnzcl4l5.0.tmp
/data/media/####/6c0402a0af449d768dcee8051e24916e.0.tmp
/data/media/####/6c0402a0af449d768dcee8051e24916e.1.tmp
/data/media/####/6c13fe8d012b42b211fb24c944df9306.0.tmp
/data/media/####/6c13fe8d012b42b211fb24c944df9306.1.tmp
/data/media/####/6lffgvw06u0dg65bt581wbta2.0.tmp
/data/media/####/6liukb6yu4lqqgzaeslvvmyot.0.tmp
/data/media/####/71kzgqd4a22j5lb887mlckrei.0.tmp
/data/media/####/7267fbd6072e284abc9f58cf5a7f73bd.0.tmp
/data/media/####/7267fbd6072e284abc9f58cf5a7f73bd.1.tmp
/data/media/####/768f556f0ac55638799d3cab5e84e060.0.tmp
/data/media/####/768f556f0ac55638799d3cab5e84e060.1.tmp
/data/media/####/791529c8c9ac19408e2725a9163d187a.0.tmp
/data/media/####/791529c8c9ac19408e2725a9163d187a.1.tmp
/data/media/####/7a2a385811a43bfa2646b8ed8b637ccd.0.tmp
/data/media/####/7a2a385811a43bfa2646b8ed8b637ccd.1.tmp
/data/media/####/7a4352d06cdcd4fdcaa8be02f7ae043c.0.tmp
/data/media/####/7a4352d06cdcd4fdcaa8be02f7ae043c.1.tmp
/data/media/####/7b06abc9cc61ca9c587c123dc705329a.0.tmp
/data/media/####/7b06abc9cc61ca9c587c123dc705329a.1.tmp
/data/media/####/7b9ae478e5cb8184775dbd20c32c5b9c.0.tmp
/data/media/####/7b9ae478e5cb8184775dbd20c32c5b9c.1.tmp
/data/media/####/7d5d097d1e56ec54a773db474c3dbda5.0.tmp
/data/media/####/7d5d097d1e56ec54a773db474c3dbda5.1.tmp
/data/media/####/7eecc932700e092110939b3bd8211549.0.tmp
/data/media/####/7eecc932700e092110939b3bd8211549.1.tmp
/data/media/####/8012fba3e5b06f0a4ac48ae64cb4446e.0.tmp
/data/media/####/8012fba3e5b06f0a4ac48ae64cb4446e.1.tmp
/data/media/####/8017d8069cd27abf19976592850887d5.0.tmp
/data/media/####/8017d8069cd27abf19976592850887d5.1.tmp
/data/media/####/8163581b4de20d3d040a4c5ee0a1434b.0.tmp
/data/media/####/8163581b4de20d3d040a4c5ee0a1434b.1.tmp
/data/media/####/818d981f855922cc9d70ed62268bc4b2.0.tmp
/data/media/####/818d981f855922cc9d70ed62268bc4b2.1.tmp
/data/media/####/81de678b663f2508b9368ce61c67f7fe.0.tmp
/data/media/####/81de678b663f2508b9368ce61c67f7fe.1.tmp
/data/media/####/83096a96f427c417f1f0ae2eff6c72aa.0.tmp
/data/media/####/83096a96f427c417f1f0ae2eff6c72aa.1.tmp
/data/media/####/86bfe8ed4a5dfcfe951403aaccc522ba.0.tmp
/data/media/####/86bfe8ed4a5dfcfe951403aaccc522ba.1.tmp
/data/media/####/86d71e65fe441c8896a8c4294b89f4f1.0.tmp
/data/media/####/86d71e65fe441c8896a8c4294b89f4f1.1.tmp
/data/media/####/882a6172992807db7a625251a0d40f16.0.tmp
/data/media/####/882a6172992807db7a625251a0d40f16.1.tmp
/data/media/####/8d53b38d85e498e1c7608e1f96d1ebaa.0.tmp
/data/media/####/8d53b38d85e498e1c7608e1f96d1ebaa.1.tmp
/data/media/####/8db6b864c0d4084115b0ebf19cc3229b.0.tmp
/data/media/####/8db6b864c0d4084115b0ebf19cc3229b.1.tmp
/data/media/####/90a870948db06768ae839d9e3a730e1e.0.tmp
/data/media/####/90a870948db06768ae839d9e3a730e1e.1.tmp
/data/media/####/90de8c5b2a7057221ecab0e45231c20f.0.tmp
/data/media/####/90de8c5b2a7057221ecab0e45231c20f.1.tmp
/data/media/####/91ae75cb19d41b447b5c91bfdcab2bc2.0.tmp
/data/media/####/91ae75cb19d41b447b5c91bfdcab2bc2.1.tmp
/data/media/####/964547744b3782548536e1af962fc114.0.tmp
/data/media/####/964547744b3782548536e1af962fc114.1.tmp
/data/media/####/96fab7f7391e29e1d347bf6d3323c228.0.tmp
/data/media/####/96fab7f7391e29e1d347bf6d3323c228.1.tmp
/data/media/####/9a344784e597a30a336f700a1bb9c2cc.0.tmp
/data/media/####/9a344784e597a30a336f700a1bb9c2cc.1.tmp
/data/media/####/9de235ca36ae63f0fba1868c9c36fe63.0.tmp
/data/media/####/9de235ca36ae63f0fba1868c9c36fe63.1.tmp
/data/media/####/9e8618e017e70904a4f53f1834959309.0.tmp
/data/media/####/9e8618e017e70904a4f53f1834959309.1.tmp
/data/media/####/9ef48760f8bc0d2b92aeb7d30561d3f0.0.tmp
/data/media/####/9ef48760f8bc0d2b92aeb7d30561d3f0.1.tmp
/data/media/####/9f871824f5be33be4dc716ec126427e7.0.tmp
/data/media/####/9f871824f5be33be4dc716ec126427e7.1.tmp
/data/media/####/9f8a8c7337224926607754f70c766d0d.0.tmp
/data/media/####/9f8a8c7337224926607754f70c766d0d.1.tmp
/data/media/####/Alvin2.xml
/data/media/####/ContextData.xml
/data/media/####/a2348ad7c58acae277639408ee3fb707.0.tmp
/data/media/####/a2348ad7c58acae277639408ee3fb707.1.tmp
/data/media/####/a32deeb298dc006d7222721ba2ae83f2.0.tmp
/data/media/####/a32deeb298dc006d7222721ba2ae83f2.1.tmp
/data/media/####/a416922f720a620bd23e7b39d3415c6b.0.tmp
/data/media/####/a416922f720a620bd23e7b39d3415c6b.1.tmp
/data/media/####/a42a8f6578da4fcd887d332c23ba234f.0.tmp
/data/media/####/a42a8f6578da4fcd887d332c23ba234f.1.tmp
/data/media/####/a4e48df460478c164957bf61a5ed612b.0.tmp
/data/media/####/a4e48df460478c164957bf61a5ed612b.1.tmp
/data/media/####/a6a710e965f9c77c8fde144eae74c35b.0.tmp
/data/media/####/a6a710e965f9c77c8fde144eae74c35b.1.tmp
/data/media/####/a82a29fc017bdfc23b65c771efa2f8d1.0.tmp
/data/media/####/a82a29fc017bdfc23b65c771efa2f8d1.1.tmp
/data/media/####/aabc0cbc5beef9d50715b23dd8d639be.0.tmp
/data/media/####/aabc0cbc5beef9d50715b23dd8d639be.1.tmp
/data/media/####/ab2b24bf6ae5cae7968f8a8c41e3d70e.0.tmp
/data/media/####/ab2b24bf6ae5cae7968f8a8c41e3d70e.1.tmp
/data/media/####/abe0d43070a9f21bc330cbe790f5d1a0.0.tmp
/data/media/####/abe0d43070a9f21bc330cbe790f5d1a0.1.tmp
/data/media/####/aced66bffa28a4767bfa1c6b79e9077c.0.tmp
/data/media/####/aced66bffa28a4767bfa1c6b79e9077c.1.tmp
/data/media/####/ad14c52efd885a3240deacdacb86c911.0.tmp
/data/media/####/ad14c52efd885a3240deacdacb86c911.1.tmp
/data/media/####/ae4bad2b8b19c40307f4f68dfc5b3354.0.tmp
/data/media/####/ae4bad2b8b19c40307f4f68dfc5b3354.1.tmp
/data/media/####/af25585c513790af23cb778a99ff033e.0.tmp
/data/media/####/af25585c513790af23cb778a99ff033e.1.tmp
/data/media/####/b46d84b243c6015756391e2c9fae31d6.0.tmp
/data/media/####/b46d84b243c6015756391e2c9fae31d6.1.tmp
/data/media/####/b8cf997e150683b878bbd0f64b227083.0.tmp
/data/media/####/b8cf997e150683b878bbd0f64b227083.1.tmp
/data/media/####/bb937cd5e1219bdd36aff94f22461c55.0.tmp
/data/media/####/bb937cd5e1219bdd36aff94f22461c55.1.tmp
/data/media/####/bc9487010ba164cd05bafa376a7aafd2.0.tmp
/data/media/####/bc9487010ba164cd05bafa376a7aafd2.1.tmp
/data/media/####/bcb210ba44e01f0f7435c81156575065.0.tmp
/data/media/####/bcb210ba44e01f0f7435c81156575065.1.tmp
/data/media/####/bfd005ca78dd8b6284631f0761bd5305.0.tmp
/data/media/####/bfd005ca78dd8b6284631f0761bd5305.1.tmp
/data/media/####/c1a14d5ef7d150f4b044e0ce0fea2145.0.tmp
/data/media/####/c1a14d5ef7d150f4b044e0ce0fea2145.1.tmp
/data/media/####/c339441a10ad70c83a7d82f27c78ab32.0.tmp
/data/media/####/c339441a10ad70c83a7d82f27c78ab32.1.tmp
/data/media/####/c416dc4c947fd48c925aa961713924b1.0.tmp
/data/media/####/c416dc4c947fd48c925aa961713924b1.1.tmp
/data/media/####/c54b042cb3f903daad075281cf9d209c.0.tmp
/data/media/####/c54b042cb3f903daad075281cf9d209c.1.tmp
/data/media/####/c5cc6e348875dcf02d80985a54d2fb7d.0.tmp
/data/media/####/c5cc6e348875dcf02d80985a54d2fb7d.1.tmp
/data/media/####/cab874ec40720755f707c96352e68a15.0.tmp
/data/media/####/cab874ec40720755f707c96352e68a15.1.tmp
/data/media/####/cc0f186b5b67e0a57004e742b0958cdb.0.tmp
/data/media/####/cc0f186b5b67e0a57004e742b0958cdb.1.tmp
/data/media/####/conlts.dat
/data/media/####/d1ca58bd6dfc575f97dffc0556f8b9d0.0.tmp
/data/media/####/d1ca58bd6dfc575f97dffc0556f8b9d0.1.tmp
/data/media/####/d5abea8b758d99ac7b0d38bb7adcbd54.0.tmp
/data/media/####/d5abea8b758d99ac7b0d38bb7adcbd54.1.tmp
/data/media/####/d5de6dc617713bf5857f79e7f7f9eaf8.0.tmp
/data/media/####/d5de6dc617713bf5857f79e7f7f9eaf8.1.tmp
/data/media/####/d5feb7077aaef13231a243fab2277066.0.tmp
/data/media/####/d5feb7077aaef13231a243fab2277066.1.tmp
/data/media/####/d9a11c219255f1d2dc22f2912b52579f.0.tmp
/data/media/####/d9a11c219255f1d2dc22f2912b52579f.1.tmp
/data/media/####/dabe56d70d924d17e52b409ec699839d.0.tmp
/data/media/####/dabe56d70d924d17e52b409ec699839d.1.tmp
/data/media/####/dc48b6ad847fdeeccb3c534f96540097.0.tmp
/data/media/####/dc48b6ad847fdeeccb3c534f96540097.1.tmp
/data/media/####/df34680db0829a0ae9d8aace5fff3c9a.0.tmp
/data/media/####/df34680db0829a0ae9d8aace5fff3c9a.1.tmp
/data/media/####/e05417746d995ea4ba1d453444b83ab4.0.tmp
/data/media/####/e05417746d995ea4ba1d453444b83ab4.1.tmp
/data/media/####/e09f70807ecb509aa795085943553fc8.0.tmp
/data/media/####/e09f70807ecb509aa795085943553fc8.1.tmp
/data/media/####/e2950e88d59c42a1320841a1ac987719.0.tmp
/data/media/####/e2950e88d59c42a1320841a1ac987719.1.tmp
/data/media/####/e3a66e7aba2224044ada1ef22978aa5f.0.tmp
/data/media/####/e3a66e7aba2224044ada1ef22978aa5f.1.tmp
/data/media/####/e6d9260c2f1842434ee2392daa840f44.0.tmp
/data/media/####/e6d9260c2f1842434ee2392daa840f44.1.tmp
/data/media/####/e85ccd8486808aded5bb15087906bba2.0.tmp
/data/media/####/e85ccd8486808aded5bb15087906bba2.1.tmp
/data/media/####/ea0cfe90baa22b267db912ffd46f7373.0.tmp
/data/media/####/ea0cfe90baa22b267db912ffd46f7373.1.tmp
/data/media/####/ea3a96983300b5c429961c7212112f33.0.tmp
/data/media/####/ea3a96983300b5c429961c7212112f33.1.tmp
/data/media/####/ebc5df30b7de56fa21916a34477a5f4d.0.tmp
/data/media/####/ebc5df30b7de56fa21916a34477a5f4d.1.tmp
/data/media/####/ebddb3cc412cf438bc768b067a9e5531.0.tmp
/data/media/####/ebddb3cc412cf438bc768b067a9e5531.1.tmp
/data/media/####/ebe8d35342fb8668f9803f346e07c4ae.0.tmp
/data/media/####/ebe8d35342fb8668f9803f346e07c4ae.1.tmp
/data/media/####/ebf2040ba24eb751ee98d1086cac3dec.0.tmp
/data/media/####/ebf2040ba24eb751ee98d1086cac3dec.1.tmp
/data/media/####/ef03045392c4b35a3f1736f4518ce658.0.tmp
/data/media/####/ef03045392c4b35a3f1736f4518ce658.1.tmp
/data/media/####/ef33ec457b1a6ffe6276c542e5218be6.0.tmp
/data/media/####/ef33ec457b1a6ffe6276c542e5218be6.1.tmp
/data/media/####/f0681762049daf3df9026266a4ae4ea7.0.tmp
/data/media/####/f0681762049daf3df9026266a4ae4ea7.1.tmp
/data/media/####/f17ed9b84a41cd442894489cb4891232.0.tmp
/data/media/####/f17ed9b84a41cd442894489cb4891232.1.tmp
/data/media/####/f2561f89e5392c09910b1ed526ffb1c6.0.tmp
/data/media/####/f2561f89e5392c09910b1ed526ffb1c6.1.tmp
/data/media/####/f2d7d2e5f465382f32b6afa18dbbf06a.0.tmp
/data/media/####/f2d7d2e5f465382f32b6afa18dbbf06a.1.tmp
/data/media/####/f42fc70178cce4982f685daa3890f8e3.0.tmp
/data/media/####/f42fc70178cce4982f685daa3890f8e3.1.tmp
/data/media/####/f72334fdcab350c6d02499ecd934831f.0.tmp
/data/media/####/f72334fdcab350c6d02499ecd934831f.1.tmp
/data/media/####/f78593cea4c98ccd2c05150f43aa8e52.0.tmp
/data/media/####/f78593cea4c98ccd2c05150f43aa8e52.1.tmp
/data/media/####/fe28f888a5345ead9595b5effea082c0.0.tmp
/data/media/####/fe28f888a5345ead9595b5effea082c0.1.tmp
/data/media/####/fefa6c2c8a42094b044bcbbb99b5b2b5.0.tmp
/data/media/####/fefa6c2c8a42094b044bcbbb99b5b2b5.1.tmp
/data/media/####/journal
/data/media/####/journal.tmp
/data/media/####/l8qmlvojo6qbiv714aghix0k.0.tmp
/data/media/####/ls.db
/data/media/####/ls.db-journal
/data/media/####/mjv69sl0d0dvhsn1kc5wwalo.0.tmp
/data/media/####/oj2c1rrq410a5w7y4ks2rkkk.0.tmp
/data/media/####/si6uwcwbw168s5r0zhxox631.0.tmp
/data/media/####/sysid.dat
/data/media/####/yoh.dat
/data/media/####/yol.dat
/data/media/####/yom.dat

Miscellaneous:

Executes the following shell scripts:

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
cat /sys/class/net/wlan0/address
getprop ro.build.display.id
getprop ro.build.version.emui
getprop ro.miui.ui.version.name
getprop ro.rom.different.version
getprop ro.vivo.os.name
ls /sys/class/thermal

Loads the following dynamic libraries:

libjiagu-826918854
locSDK7b
tpnsSecurity
weibosdkcore

Uses the following algorithms to encrypt data:

AES-CBC-PKCS5Padding
AES-CBC-PKCS7Padding
DES-CBC-PKCS5Padding
RSA-ECB-PKCS1Padding

Uses the following algorithms to decrypt data:

AES-CBC-PKCS5Padding
AES-CBC-PKCS7Padding
DES-ECB-PKCS5Padding

Uses special library to hide executable bytecode.

Gets information about location.

Gets information about network.

Gets information about phone status (number, IMEI, etc.).

Gets information about APN settings.

Gets information about installed apps.

Gets information about accounts associated with the device (Google, Facebook, etc.).

Adds tasks to the system scheduler.

Displays its own windows over windows of other apps.

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

Technical information

Curing recommendations

Free trial