Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) pub-####.qin####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) a####.exc.mob.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) a####.b####.qq.com:8012
- TCP(HTTP/1.1) a####.b####.qq.com:8011
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) api.app.v79.####.cn:80
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) o####.map.b####.com:443
- TCP(TLS/1.0) loc.map.b####.com:443
- TCP(TLS/1.0) tac-aic####.cos.ap-guan####.####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5227
- 7j####.c####.z0.####.com
- a####.b####.qq.com
- a####.exc.mob.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- api.app.v79.####.cn
- api.map.b####.com
- c####.g####.ig####.com
- c-h####.g####.com
- loc.map.b####.com
- o####.map.b####.com
- plb####.u####.com
- pub-####.qin####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- tac-aic####.cos.ap-guan####.####.com
- u####.u####.com
- pub-####.qin####.com/tdata_EDT356
- t####.c####.q####.####.com/tdata_bca864
- t####.c####.q####.####.com/tdata_fyR930
- a####.b####.qq.com:8011/rqd/async
- a####.b####.qq.com:8012/rqd/async
- a####.exc.mob.com/errconf
- and####.b####.qq.com/rqd/async
- and####.b####.qq.com/rqd/async?aid=####
- api.app.v79.####.cn/appAdv/getAdvInfo
- api.app.v79.####.cn/goods/query
- api.app.v79.####.cn/index/getIndexInfo
- api.app.v79.####.cn/oilCar/index
- api.app.v79.####.cn/service/search
- api.app.v79.####.cn/version/getVersion
- c-h####.g####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.duid
- /data/data/####/.imprint
- /data/data/####/.lock
- /data/data/####/.vpl_lock
- /data/data/####/1004
- /data/data/####/Hawk2.xml
- /data/data/####/MultiDex.lock
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/authStatus_com.hownew.lovetheowner.xml
- /data/data/####/authStatus_com.hownew.lovetheowner;pushservice.xml
- /data/data/####/authStatus_com.hownew.lovetheowner;remote.xml
- /data/data/####/bugly_db_-journal
- /data/data/####/bugly_db_legu-journal
- /data/data/####/com.hownew.lovetheowner_preferences.xml
- /data/data/####/crashrecord.xml
- /data/data/####/crypto.KEY_256.xml
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTM3NzQ0;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTMxMzYw;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTQ2MjIw;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTQxOTkw;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTU0MzE2;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTU2MDIx;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTU3NzQx;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTYwMjk3;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTYxNjk4;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTc5NzE4;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTg2NDU3;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTg5NTE3;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTgxMzI3;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTgzMDE3;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTk4NzI0;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTQ0MDA0OTkxMTM3;
- /data/data/####/db_default_job_manager-journal
- /data/data/####/disk_entries_list_LinJuImagePipelineCacheDefaul...54.xml
- /data/data/####/disk_entries_list_LinJuImagePipelineCacheSmall_...20.xml
- /data/data/####/domain_1
- /data/data/####/ecb6ac1d581d
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/firll.dat
- /data/data/####/gal.db
- /data/data/####/gal.db-journal
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/hst.db
- /data/data/####/hst.db-journal
- /data/data/####/i==1.2.0&&1.5.0.1130_1544004931394_envelope.log
- /data/data/####/i==1.2.0&&1.5.0.1130_1544004954371_envelope.log
- /data/data/####/i==1.2.0&&1.5.0.1130_1544004979811_envelope.log
- /data/data/####/info.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/libcuid.so
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.9.0.2.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/mix.dex
- /data/data/####/mob_commons_1
- /data/data/####/mob_sdk_exception_1
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/ofl.config
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/tdata_bca864
- /data/data/####/tdata_bca864.jar
- /data/data/####/tdata_fyR930
- /data/data/####/tdata_fyR930.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/umdat.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_common_location.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/-20596468161933660473
- /data/media/####/-7591768821622657774
- /data/media/####/.a.dat
- /data/media/####/.adfwe.dat
- /data/media/####/.artc_lock
- /data/media/####/.cca.dat
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.di
- /data/media/####/.dic_lock
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.im_lock
- /data/media/####/.lesd_lock
- /data/media/####/.mn_-1464060969
- /data/media/####/.nomedia
- /data/media/####/.pkg_lock
- /data/media/####/.pkgs_lock
- /data/media/####/.rc_lock
- /data/media/####/.slw
- /data/media/####/.ss_lock
- /data/media/####/.umm.dat
- /data/media/####/1776625739-1065562867
- /data/media/####/575458243-1336090476
- /data/media/####/5WXWjnGciALz-Jyuq6v_Y_LDDTA.1611217191.tmp
- /data/media/####/6593364601053356394
- /data/media/####/659336460818077596
- /data/media/####/8EoO6bFAzDeWbBlsIqJt3vvpG1c.-289811072.tmp
- /data/media/####/8ynFVrcZXwn_YbavtiDeCkTmo40.-1606120387.tmp
- /data/media/####/GOsLMopR8-GvcHh_uoBODTE6KuM.433032207.tmp
- /data/media/####/GuA_9l00_NbQto6zH_5ssbbj4lY.-5962568.tmp
- /data/media/####/IsdF6hSXmqdaHIzidbKZ96eECNE.1877791316.tmp
- /data/media/####/JKElqdMoohnETQd6KhGYJqVKVWk.-248034355.tmp
- /data/media/####/NWwhVm2n0TCjUNiVvl_ITeJQQOs.-48626507.tmp
- /data/media/####/Qqry7aQ61HMuNwxuAmoxPr-ETsM.1996654456.tmp
- /data/media/####/RrGesZdVIf4su-CogS6LFSFyjpk.-615413457.tmp
- /data/media/####/WwE3E5FBel_EHuPZcu5IWIoR3Ic.-857013112.tmp
- /data/media/####/_Ivnqyp5YSM97yTKVvxeip_ZtzQ.-1515268432.tmp
- /data/media/####/ad_logo.png
- /data/media/####/app.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.hownew.lovetheowner.bin
- /data/media/####/com.hownew.lovetheowner.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/conlts.dat
- /data/media/####/eDnPOaYtg7k23f-aUEviFLHjyEs.1204613196.tmp
- /data/media/####/fYYJujv5jLFTOy4sdnhe8_lR8hM.1394286707.tmp
- /data/media/####/fhyU2xu-heZZFHC4yw9nGIbgE_s.-1679241636.tmp
- /data/media/####/gxa4xslUuodgMXrCnKKt8WQGj9o.619461597.tmp
- /data/media/####/lEVfi3e-f3HVCJPJG57AiVav3os.349473038.tmp
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/media/####/m2W0yC6qPa-bgHDPJc6p5pRBEfI.-1152465055.tmp
- /data/media/####/noixyYuQ_aKuigsSySBTY0R59vc.1401306570.tmp
- /data/media/####/p7GI_bA3J30z1Bcr4myHepOS3bA.879290544.tmp
- /data/media/####/pHkr_y7SN7gp5F4QRt7VxPyG648.1717466747.tmp
- /data/media/####/sysid.dat
- /data/media/####/tdata_bca864
- /data/media/####/tdata_fyR930
- /data/media/####/test.log
- /data/media/####/yoh.dat
- /data/media/####/yol.dat
- /data/media/####/yom.dat
- /data/media/####/zxNqja6jqD-2iQ3ngAKDM1gMyzo.1317754097.tmp
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- /system/bin/sh -c getprop
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.getui.PushService 25389 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.0.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- ls /sys/class/thermal
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.getui.PushService 25389 300 0
- BaiduMapSDK_base_v5_1_0
- Bugly
- conceal
- getuiext3
- imagepipeline
- libnfix
- libshella-2.9.0.2
- libufix
- locSDK7b
- nfix
- ufix
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-NoPadding
- AES-GCM-NoPadding