Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) i####.yilianb####.cn:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) h####.api.oka####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(TLS/1.0) api.yilianb####.cn:443
- TCP(TLS/1.0) res####.a####.com:443
- TCP c####.g####.ig####.com:5226
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- api.yilianb####.cn
- c####.g####.ig####.com
- c####.g####.ig####.com
- c-h####.g####.com
- h####.api.oka####.com
- i####.yilianb####.cn
- li.yilianb####.cn
- res####.a####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- h####.api.oka####.com/?s=####&model_name=####&id=####&app_key=####&sign=...
- i####.yilianb####.cn/consumer/banner/1.png
- i####.yilianb####.cn/consumer/banner/2.png
- i####.yilianb####.cn/consumer/banner/3.png
- i####.yilianb####.cn/consumer/banner/5.png
- i####.yilianb####.cn/consumer/banner/8.png
- i####.yilianb####.cn/consumer/banner/best_goods_201919.png
- i####.yilianb####.cn/consumer/banner/new_goods_201919.png
- i####.yilianb####.cn/consumer/goods/1538115640487.jpg
- i####.yilianb####.cn/consumer/goods/1538389222591.jpg
- i####.yilianb####.cn/consumer/goods/1539490522213.jpg
- i####.yilianb####.cn/consumer/goods/1540092083747.jpg
- i####.yilianb####.cn/consumer/goods/1540179221197.jpg
- i####.yilianb####.cn/consumer/goods/1540434909160.jpg
- i####.yilianb####.cn/consumer/upload/store/110/2017/10/06/a383adb7-ba78-...
- i####.yilianb####.cn/consumer/upload/store/110/2017/11/27/f92e4c8e-a9a4-...
- i####.yilianb####.cn/consumer/upload/store/110/2018/06/08/4e8563ec-c43e-...
- i####.yilianb####.cn/consumer/upload/store/110/2018/06/25/691d437c-4a54-...
- i####.yilianb####.cn/consumer/upload/store/110/2018/07/06/ff25a9fc-0854-...
- i####.yilianb####.cn/consumer/upload/store/110/2018/09/13/56346533-2e50-...
- i####.yilianb####.cn/consumer/upload/store/110/2018/09/25/33a4808a-a3d0-...
- i####.yilianb####.cn/consumer/upload/store/110/2018/11/28/0bbb8361-8e31-...
- i####.yilianb####.cn/consumer/upload/store/110/2018/11/28/cbb53e02-a595-...
- i####.yilianb####.cn/consumer/upload/store/110/2019/01/08/69c84fcf-1cfe-...
- i####.yilianb####.cn/consumer/upload/store/110/2019/01/10/592ed0ce-9abf-...
- i####.yilianb####.cn/consumer/upload/store/110/2019/01/10/7fc984e3-abee-...
- i####.yilianb####.cn/consumer/upload/store/110/2019/01/10/d43efd3d-40f5-...
- i####.yilianb####.cn/consumer/upload/store/110/2019/01/10/f2ebc8df-54d5-...
- t####.c####.q####.####.com/config/hz-hzv3.conf
- t####.c####.q####.####.com/tdata_bca864
- t####.c####.q####.####.com/tdata_fyR930
- c-h####.g####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.jg.ic
- /data/data/####/020a902ab8972ac720a9d1df357bea44fea2630a1a455ec....0.tmp
- /data/data/####/09b929cbdf32ec2cab95bdc9cd95d87c3fd748910072aee....0.tmp
- /data/data/####/0f2e4a93fc4cdccbc77fe6b2f5f193938e858827c3032ec....0.tmp
- /data/data/####/164ad1511f2afbf6c40800bc6412cef848ab2d0523eaf3f....0.tmp
- /data/data/####/17a6024c200c718a623460453857ebe2d44816acc395a01....0.tmp
- /data/data/####/1b3216097618704c40f325cfc777aee48c213d74e231d05....0.tmp
- /data/data/####/1d2b904cbeadfb72ed9546111a231c85.0
- /data/data/####/21e78af0a3ce5ccd0bc52902deeca3c423592d3e6c4d25e....0.tmp
- /data/data/####/36abe323d836501f90ee2fd68388b4545865b6c846470d5....0.tmp
- /data/data/####/43f8060542dd4e0acfcbacee364c951ccde4a01712605b3....0.tmp
- /data/data/####/45ed33e49a09ff540838b752c3941e1dece336722076fac....0.tmp
- /data/data/####/47dd6c789b9cb786b16f0558e8a5e0fede24e3a1907d7db....0.tmp
- /data/data/####/4a3a36b863f5c7a89feec469ec33b0ce92e91b33ab26f65....0.tmp
- /data/data/####/4d09c2a2f6563fc520781b6be431e63ee4f683341f32ff8....0.tmp
- /data/data/####/5c74549cc4861c09ba9f7e2201aec3f1a558c955e631965....0.tmp
- /data/data/####/5d5ae53d9f62b790b6c03ecace38b0c8aa740bcdc8ae873....0.tmp
- /data/data/####/63defe862e45b46929d00d1825e6c8f34de3835490176a1....0.tmp
- /data/data/####/678e4d0fe35ae033850197e6e9e6322729bd1a19a64a645....0.tmp
- /data/data/####/6a5d3b981ddd4b7949a3aa03569c0013e407521dca90d1b....0.tmp
- /data/data/####/6ea1efca934ce3ed2ff86fc58683f0d24ff88044cb9335b....0.tmp
- /data/data/####/8107f8acc16057a9fbc79a4a18cbdd4ef1865ea196aa826....0.tmp
- /data/data/####/824a5688530356ebffbe0cea860c020ed4635e7f925dd2a....0.tmp
- /data/data/####/93be0e8f2b0a23be17b41d7cc78ed9b2511b47a06c0e46c....0.tmp
- /data/data/####/9d8ef1a5709b829075baecf68cab6e07f39800e757288d2....0.tmp
- /data/data/####/MultiDex.lock
- /data/data/####/a3ab027843a412e30de9998fce6bfaad134802354201a63....0.tmp
- /data/data/####/b41be8a942c557d8a65ec512efe19f010835a3814ccfd7a...4f25.0
- /data/data/####/b5aad369e39dfcde59f39cc0eb5431759fb757a8d0d323a....0.tmp
- /data/data/####/c0586a10777146560765a69231d89beb.xml
- /data/data/####/ca8f2b2917111ba26bd06d01932c3ca926c22db510c6844....0.tmp
- /data/data/####/eb832e9812f18226ff82131a5c73b2288c0d60fa84c81f4....0.tmp
- /data/data/####/ec010ec84c36ac0f4132943eb3cd1b2444fcd77636cd869....0.tmp
- /data/data/####/f13e0138431d3ab375cec5b71c5b42ef4d4943c1d8b106e....0.tmp
- /data/data/####/f14204ae59162a4bc8b21015c0dcb710efd0abe122932f8....0.tmp
- /data/data/####/fcc66702a2a33bbca814b2a7b34f633bd4f3accb023ded9....0.tmp
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/k.store
- /data/data/####/libjiagu-1020479799.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/multidex.version.xml
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/tdata_bca864
- /data/data/####/tdata_bca864.jar
- /data/data/####/tdata_fyR930
- /data/data/####/tdata_fyR930.jar
- /data/data/####/ylbh.xml
- /data/media/####/.nomedia
- /data/media/####/1547152380422.db
- /data/media/####/alsn20170807.db
- /data/media/####/alsn20170807.db-journal
- /data/media/####/app.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.ylbh.app.bin
- /data/media/####/com.ylbh.app.db
- /data/media/####/tdata_bca864
- /data/media/####/tdata_fyR930
- /data/media/####/test.log
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.other.PushService 24163 300 0
- chmod 700 <Package Folder>/files/gdaemon_20161017
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.other.PushService 24163 300 0
- getuiext3
- libjiagu-1020479799
- AES-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding