Technical information
- Adware.SalmonAds.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) mo####.aw####.bsh####.com:80
- TCP(HTTP/1.1) cdn.app####.foto####.####.net:80
- TCP(HTTP/1.1) waws-pr####.vip.azurewe####.####.net:80
- TCP(HTTP/1.1) t####.mob####.com:80
- TCP(HTTP/1.1) ad.c####.kaf####.com:80
- TCP(HTTP/1.1) ad.lead####.net:80
- TCP(HTTP/1.1) api.lead####.net:80
- TCP(HTTP/1.1) cdn.foto####.com.####.net:80
- TCP(HTTP/1.1) rts.mo####.sdk.####.com:80
- TCP(HTTP/1.1) fot####.traffic####.net:80
- TCP(HTTP/1.1) a####.mdc.akama####.net:80
- TCP(HTTP/1.1) d####.mdc.akama####.net:80
- TCP(HTTP/1.1) cdn.a####.foto####.####.net:80
- TCP(HTTP/1.1) cdn.o####.foto####.####.net:80
- TCP(HTTP/1.1) api.alt####.com:80
- TCP(HTTP/1.1) sdk.api.alt####.com:80
- TCP(HTTP/1.1) cdn.dl.foto####.####.net:80
- TCP(TLS/1.0) f####.gst####.com:443
- TCP(TLS/1.0) lh3.googleu####.com:443
- TCP(TLS/1.0) ad.a####.fm:443
- TCP(TLS/1.0) 1####.217.19.206:443
- TCP(TLS/1.0) googl####.g.doublec####.net:443
- TCP(TLS/1.0) tpc.googles####.com:443
- TCP(TLS/1.0) e.crashly####.com:443
- TCP(TLS/1.0) sett####.crashly####.com:443
- TCP(TLS/1.0) pag####.googles####.com:443
- TCP(TLS/1.0) lh5.googleu####.com:443
- TCP(TLS/1.0) rep####.crashly####.com:443
- TCP(TLS/1.0) ssl.google-####.com:443
- TCP(TLS/1.0) waws-pr####.vip.azurewe####.####.net:443
- TCP(TLS/1.0) ads.doucl####.com:443
- TCP(TLS/1.0) api.face####.com:443
- TCP(TLS/1.0) f####.google####.com:443
- TCP(TLS/1.0) g####.s####.dogl####.####.net:443
- TCP(TLS/1.0) p####.go####.com:443
- TCP(TLS/1.0) d####.fl####.com:443
- a####.mdc.akama####.net
- ad.a####.fm
- ad.c####.kaf####.com
- ad.lead####.net
- adapi-a####.foto####.net
- ads.doucl####.com
- analy####.foto####.net
- api.alt####.com
- api.foto####.com
- api.lead####.net
- api.mo####.sdk.####.com
- cdn.a####.foto####.net
- cdn.ads.foto####.net
- cdn.api.foto####.com
- cdn.api.foto####.net
- cdn.app####.foto####.net
- cdn.foto####.com
- cdn.o####.foto####.net
- d####.fl####.com
- d####.mdc.akama####.net
- e.crashly####.com
- f####.google####.com
- f####.gst####.com
- fot####.foto####.com
- g####.face####.com
- g####.foto####.net
- g####.s####.dogl####.net
- googl####.g.doublec####.net
- lh3.googleu####.com
- lh5.googleu####.com
- p####.go####.com
- pag####.googles####.com
- q####.mdc.akama####.net
- re####.foto####.net
- rep####.crashly####.com
- rts.mo####.sdk.####.com
- sdk.api.alt####.com
- sett####.crashly####.com
- ssl.google-####.com
- t####.mob####.com
- tpc.googles####.com
- a####.mdc.akama####.net/cr/baidu/com.upst.hayu/
- a####.mdc.akama####.net/cr/baidu/eu.coolblue.shop/
- ad.c####.kaf####.com/v1/click?type=####&p1=####&p8=####&p9=####&p13=####...
- ad.lead####.net/applnk/826227844?src_section_id=####
- ad.lead####.net/nat_clk/429598926/12271244?devad_id=####&gid=####&gid_ca...
- api.alt####.com/v1/sdk4/upload/clk?type=####&p1=####&p8=####&p9=####&p13...
- api.alt####.com/v1/sdk4/upload/imp?type=####&p1=####&p8=####&p9=####&p13...
- api.lead####.net/nat_clk/429598926/12271244?devad_id=####&gid=####&gid_c...
- cdn.a####.foto####.####.net/conf/?country=####&source=####
- cdn.a####.foto####.####.net/pos/v1/?os=####&appid=####&ver=####
- cdn.a####.foto####.####.net/web/oav1?appid=####&os=####&ver=####
- cdn.app####.foto####.####.net/cr/baidu/com.fiverr.fiverr/
- cdn.dl.foto####.####.net/Advertise/ads/v4/?os=####&appid=####&enableapi=...
- cdn.dl.foto####.####.net/advertise/recommend/v1/?os=####&appid=####&ver=...
- cdn.dl.foto####.####.net/conf/?country=####&source=####
- cdn.dl.foto####.####.net/material/Adfocus/getData?os=####&appid=####&ver...
- cdn.dl.foto####.####.net/material/prisma/getGroups/?os=####&appid=####&v...
- cdn.foto####.com.####.net/ads/237e33a4d1d725ad20dac0207c4d9a9e.webp
- cdn.foto####.com.####.net/ads/3f0210dc38133308452badc4f40ffd79.webp
- cdn.foto####.com.####.net/ads/464f541d7cd9479a81c557295fb6c0c0.webp
- cdn.foto####.com.####.net/ads/51abf29b93b363c7a8a914d157a70b19.webp
- cdn.foto####.com.####.net/ads/944dbd53f4d56ad83d45c34a4add10e5.webp
- cdn.foto####.com.####.net/ads/a17baef06e6fe829f55d3e86c47dee25.webp
- cdn.foto####.com.####.net/materials/abfb407233e95acf936e933bb554d43e.png
- cdn.o####.foto####.####.net/v2/<Package>/android/NL
- cdn.o####.foto####.####.net/v2/<Package>/android/US
- d####.mdc.akama####.net/conf/?country=####&source=####
- fot####.traffic####.net/user/group/v1/?openuuid=####&appid=####&os=####&...
- mo####.aw####.bsh####.com/adunion/slot/getDlAd?h=####&w=####&model=####&...
- mo####.aw####.bsh####.com/adunion/slot/getSrcPrio?h=####&w=####&model=##...
- t####.mob####.com/mobclick/track.do/43586005639915?aff_id=####&offer_id=...
- t####.mob####.com/mobclick/track.do/45586005639963?aff_id=####&offer_id=...
- waws-pr####.vip.azurewe####.####.net/
- waws-pr####.vip.azurewe####.####.net/adv?action=####&channel=####&adid=#...
- api.alt####.com/adserver/v1/promote/ads/sdk/v4
- api.alt####.com/adserver/v1/sdk/norefferclick
- rts.mo####.sdk.####.com/orts/rpb?h=####&w=####&model=####&vendor=####&sd...
- sdk.api.alt####.com/v4/<Package>/aps.php
- sdk.api.alt####.com/v4/<Package>/config.php
- waws-pr####.vip.azurewe####.####.net/pushregist/
- waws-pr####.vip.azurewe####.####.net/regist/
- /data/data/####/-1097969700
- /data/data/####/-515249652-975763097
- /data/data/####/.YFlurrySenderIndex.info.AnalyticsData_B4TCVNZZ...R9_216
- /data/data/####/.YFlurrySenderIndex.info.AnalyticsMain
- /data/data/####/.yflurrydatasenderblock.7d67bb1e-0d38-45be-a00e...ebdfcc
- /data/data/####/.yflurrydatasenderblock.8d339d70-d5c8-472e-99a8...b876ee
- /data/data/####/.yflurrydatasenderblock.b7b8a1c8-bbdd-4709-a3ea...c260fa
- /data/data/####/.yflurrydatasenderblock.c10871ac-b37a-49fa-b6fa...35ddcc
- /data/data/####/.yflurrydatasenderblock.e6851b4c-4c92-431d-a82d...a2dcad
- /data/data/####/.yflurrydatasenderblock.ee9ceba3-cbcd-4e7b-8b6b...aa684a
- /data/data/####/.yflurryreport.67542d28487bf198
- /data/data/####/1460683162801.dex
- /data/data/####/1460683162801.jar
- /data/data/####/1460683162801.tmp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5.cls_temp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5BeginSession.cls_temp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5SessionApp.cls_temp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5SessionCrash.cls_temp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5SessionDevice.cls_temp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5SessionEvent...s_temp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5SessionOS.cls_temp
- /data/data/####/5C4D550702E3-0001-08F7-F85E3BB604B5SessionUser.cls_temp
- /data/data/####/5C4D5513010D-0002-08F7-F85E3BB604B5BeginSession.cls_temp
- /data/data/####/5C4D5513010D-0002-08F7-F85E3BB604B5SessionApp.cls_temp
- /data/data/####/5C4D5513010D-0002-08F7-F85E3BB604B5SessionDevice.cls_temp
- /data/data/####/5C4D5513010D-0002-08F7-F85E3BB604B5SessionOS.cls_temp
- /data/data/####/5C4D5513010D-0002-08F7-F85E3BB604B5SessionUser.cls_temp
- /data/data/####/5C4D551402CD-0001-0A32-F85E3BB604B5BeginSession.cls_temp
- /data/data/####/5C4D551402CD-0001-0A32-F85E3BB604B5SessionApp.cls_temp
- /data/data/####/5C4D551402CD-0001-0A32-F85E3BB604B5SessionDevice.cls_temp
- /data/data/####/5C4D551402CD-0001-0A32-F85E3BB604B5SessionEvent...s_temp
- /data/data/####/5C4D551402CD-0001-0A32-F85E3BB604B5SessionOS.cls_temp
- /data/data/####/ApplicationCache.db-journal
- /data/data/####/ApplicationCache.db-journal (deleted)
- /data/data/####/DeviceTestSharedPreferences.xml
- /data/data/####/FBAdPrefs.xml
- /data/data/####/FBNativeInfo.xml
- /data/data/####/FEncoureageLimited.xml
- /data/data/####/FLURRY_SHARED_PREFERENCES.xml
- /data/data/####/FotoAdMediationDB.xml
- /data/data/####/FotoAdStrategy.xml
- /data/data/####/FotoCustomReportSet.xml
- /data/data/####/FullScreenSharedPrefrence.xml
- /data/data/####/KApplicationPref.xml
- /data/data/####/PrismaMainActivity.xml
- /data/data/####/RECOMMEND_SAHREPREFRENCE.xml
- /data/data/####/SDKIDFA.xml
- /data/data/####/SharePrefFlurryEvent.xml
- /data/data/####/TPhotoAdPromoteManager.xml
- /data/data/####/TwitterAdvertisingInfoPreferences.xml
- /data/data/####/YTAdFactory.xml
- /data/data/####/_toolbox_prefs.xml
- /data/data/####/altamob_ads-journal
- /data/data/####/altamob_device
- /data/data/####/altamob_sp_sdk.xml
- /data/data/####/battery_setting.xml
- /data/data/####/camera_basic_info.xml
- /data/data/####/com.crashlytics.prefs.xml
- /data/data/####/com.crashlytics.sdk.android;answers;settings.xml
- /data/data/####/com.crashlytics.settings.json
- /data/data/####/com.facebook.ads.FEATURE_CONFIG.xml
- /data/data/####/com.fotoable.paintlab_preferences.xml
- /data/data/####/com.google.android.gms.analytics.prefs.xml
- /data/data/####/com.google.android.gms.appid-no-backup
- /data/data/####/com.google.android.gms.appid.xml
- /data/data/####/com.wantu.android.WantuSetting.xml
- /data/data/####/crash_marker
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/device_id.xml.xml
- /data/data/####/du_ad_cache.db-journal
- /data/data/####/du_ad_ts.db-journal
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/gaClientId
- /data/data/####/gonggong_shareprefsname.xml
- /data/data/####/google_analytics_v4.db-journal
- /data/data/####/https_googleads.g.doubleclick.net_0.localstorage-journal
- /data/data/####/index
- /data/data/####/initialization_marker
- /data/data/####/io.fabric.sdk.android;fabric;ahx.xml
- /data/data/####/libjiagu.so
- /data/data/####/multidex.version.xml
- /data/data/####/recommend_archive_main
- /data/data/####/recommend_archive_save
- /data/data/####/sa_818908b1-aa9e-4aff-b36d-5dfcfe88b065_1548571911979.tap
- /data/data/####/sa_9384a9b9-8354-4f60-a2a0-0a92a1072a64_1548571921445.tap
- /data/data/####/sa_98495080-6aea-445a-b029-60edcec75f95_1548571917053.tap
- /data/data/####/sa_a2c3cf33-b9f2-4237-9039-12c53c155001_1548571979107.tap
- /data/data/####/sa_e5ce1445-886b-43a6-8e50-45886967759d_1548571919649.tap
- /data/data/####/sa_f60eff5b-8e28-471e-9b32-e618d1d726c2_1548571934257.tap
- /data/data/####/session_analytics.tap
- /data/data/####/session_analytics.tap.tmp
- /data/data/####/signOfIcon.xml
- /data/data/####/sysconfig.xml
- /data/data/####/sysconfigTEMP.xml
- /data/data/####/uploadAdUserInfos.xml
- /data/data/####/wantu_localpush.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCache.db
- /data/data/####/webviewCache.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.nomedia
- /data/media/####/0cde2c55115d8e3ec5b885a718b5847f.0
- /data/media/####/23615.webp
- /data/media/####/23961.webp
- /data/media/####/23963.webp
- /data/media/####/24433.webp
- /data/media/####/24661.webp
- /data/media/####/24811.webp
- /data/media/####/7628683a6a1500ca3548f4050ea4b125.0
- /data/media/####/7d1add1791146e24fad6ca545b9dd5f6.0
- /data/media/####/acf980b7573812bd74ca14e3a16bd633.0
- /data/media/####/b5a270deee23db7bfdc43c19b8a3720f.0
- /data/media/####/c7214f9745e4feca9c404dd402bb0cd9.0
- /data/media/####/f9c19d1d7fec7eb41464e3549cdb9a03.0
- /data/media/####/journal
- /data/media/####/journal.tmp
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- crashlytics
- fotobeautyengine
- libjiagu
- localpushservice
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS7Padding