Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) pub.idq####.com.####.com:80
- TCP(HTTP/1.1) t####.qq.com:14000
- TCP(HTTP/1.1) a####.qq.com:80
- TCP(HTTP/1.1) api.52####.com:80
- TCP(HTTP/1.1) c.isds####.qq.com:80
- TCP(HTTP/1.1) p####.tc.qq.com:80
- TCP(HTTP/1.1) openmo####.qq.com:80
- TCP(HTTP/1.1) pin####.qq.com:80
- TCP(HTTP/1.1) t####.qq.com:443
- TCP(HTTP/1.1) appsup####.qq.com:80
- TCP(HTTP/1.1) cgi.con####.qq.com:80
- TCP(HTTP/1.1) pi####.qq.com:80
- TCP(HTTP/1.1) 3####.tc.qq.com:80
- TCP(TLS/1.0) api.map.b####.com:443
- TCP t####.qq.com:443
- TCP t####.qq.com:14000
- a####.qq.com
- a####.qq.com
- api.52####.com
- api.map.b####.com
- appsup####.qq.com
- c.isds####.qq.com
- cgi.con####.qq.com
- i####.dd.qq.com
- i.g####.cn
- openmo####.qq.com
- pi####.qq.com
- pin####.qq.com
- pub.idq####.com
- q####.qq.com
- qzones####.g####.cn
- t####.qq.com
- 3####.tc.qq.com/16891/62034C5405473DA5F5A0E873FB77093D.apk?fsname=####&c...
- 3####.tc.qq.com/imtt.dd.qq.com/16891/62034C5405473DA5F5A0E873FB77093D.ap...
- a####.qq.com/detail/com.tencent.mobileqq?autodownload=####&norecommend=#...
- appsup####.qq.com/cgi-bin/appstage/mstats_report?report_type=####&platfo...
- c.isds####.qq.com/code.cgi?domain=####&cgi=####&type=####&code=####&time...
- cgi.con####.qq.com/qqconnectopen/openapi/policy_conf?sdkv=####&appid=###...
- openmo####.qq.com/oauth2.0/m_authorize?status_userip=####&scope=####&red...
- p####.tc.qq.com/c/=/open/mobile/login/js/login_browser_jump.js
- p####.tc.qq.com/open/mobile/login/qzsjump.html?status_userip=####&scope=...
- p####.tc.qq.com/open_proj/qqconnect/h5login/css/jump2.css?t=####
- p####.tc.qq.com/open_proj/qqconnect/h5login/css/sprite/jump2.png?max_age...
- pin####.qq.com/
- pin####.qq.com/?s=####&k=####
- pub.idq####.com.####.com/qconn/widget/mobile/login/images/loading.gif?ma...
- api.52####.com/app/getConfig
- api.52####.com/app/getUpgrade
- api.52####.com/push/getTag
- api.52####.com/push/updateToken
- appsup####.qq.com/cgi-bin/appstage/mstats_batch_report
- pi####.qq.com/mstat/report/?index=####
- pin####.qq.com/?s=####&k=####
- t####.qq.com:14000/203.205.211.75:14000/
- t####.qq.com:443/203.205.211.75:443/
- /data/data/####/-2063382505141149181
- /data/data/####/-620750058-569746145
- /data/data/####/.com.kuaiyu.mimo;xg_service_v2.xg.stat..xml
- /data/data/####/.jg.ic
- /data/data/####/.tpns.xml.xml
- /data/data/####/.tpush_mta.xml
- /data/data/####/1364306934-1517670903
- /data/data/####/4596518961328184720
- /data/data/####/MultiDex.lock
- /data/data/####/QALConfigStore.dat
- /data/data/####/TLS_DEVICE_INFO.xml
- /data/data/####/WLOGIN_DEVICE_INFO.xml
- /data/data/####/authStatus_com.kuaiyu.mimo.xml
- /data/data/####/com.kuaiyu.mimo_preferences.xml
- /data/data/####/com.mimo.preference.xml
- /data/data/####/com.tencent.open.config.json.1105377083
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/device_id.xml
- /data/data/####/disk_entries_list_image_cache_1010609892.xml
- /data/data/####/index
- /data/data/####/libcuid.so
- /data/data/####/libjiagu.so
- /data/data/####/mm.db
- /data/data/####/multidex.version.xml
- /data/data/####/preference_push.xml
- /data/data/####/pri_tencent_analysis.db_com.kuaiyu.mimo-journal
- /data/data/####/qal_monitor.db-journal
- /data/data/####/qalimid
- /data/data/####/qihoo_jiagu_crash_report.xml
- /data/data/####/report_v5.msgstore-journal
- /data/data/####/sdk_report.db
- /data/data/####/sdk_report.db-journal
- /data/data/####/tencent_analysis.db_com.kuaiyu.mimo-journal
- /data/data/####/tls_device.dat
- /data/data/####/tpush.shareprefs.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/wlogin_device.dat
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.mid.txt
- /data/media/####/.nomedia
- /data/media/####/app.19.02.12.18.log
- /data/media/####/com.tencent.mobileqq_7.9.8_999.apk
- /data/media/####/com.tencent.mobileqq_connectSdk.19.02.12.18.log
- /data/media/####/imsdk_20190212.log
- /data/media/####/log_app_02_12.txt
- /data/media/####/log_receivers_02_12.txt
- /data/media/####/sdk.19.02.12.18.log
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- <Package Folder>/lib/libxguardian.so <Package>,2100206280;<Package>,2100206280; 55961 203.205.128.130 [{"idx":0,"ts":%d,"et":2000,"si":0,"ui":"<IMEI>","ky":"Axg%lu","mid":"80181b7c2099387d5930527c9888deafb8caa4af","ev":{"ov":"18","sr":"600*752","md":"<System Property>","lg":"en","sv":"2.46","mf":"unknown","apn":"%s"}}] 0 18
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- sh <Package Folder>/lib/libxguardian.so <Package>,2100206280;<Package>,2100206280; 55961 203.205.128.130 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : 80181b7c2099387d5930527c9888deafb8caa4af , ev :{ ov : 18 , sr : 600*752 , md : <System Property> , lg : en , sv : 2.46 , mf : unknown , apn : %s }}] 0 18
- BaiduMapSDK_base_v4_3_2
- MtaNativeCrash
- _imcore_jni_gyp
- libjiagu
- libwtcrypto
- qalcodecwrapper
- qalmsfboot
- tpnsSecurity
- AES-CBC-PKCS5Padding
- AES-CFB8-NoPadding
- DES-CBC-PKCS5Padding
- RSA-ECB-PKCS1PADDING
- AES-CBC-PKCS5Padding
- AES-CFB8-NoPadding