Technical information
- Adware.MyFolder.1.origin
- UDP(DNS) <Google DNS>
- UDP(DNS) 1####.114.114.114:53
- TCP(HTTP/1.1) z####.4g.jx####.####.com:80
- TCP(HTTP/1.1) 2####.243.236.22:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) 1####.40.143.134:80
- TCP(HTTP/1.1) et2-na6####.wagbr####.ali####.####.com:80
- TCP(HTTP/1.1) pic.4g.jx####.####.com:80
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) loc.map.b####.com:443
- TCP(TLS/1.0) o####.map.b####.com:443
- TCP(TLS/1.0) s####.j####.cn:443
- UDP s.j####.cn:19000
- TCP 43.2####.88.90:7008
- TCP maa####.chinane####.com:6666
- and####.b####.qq.com
- api.map.b####.com
- loc.map.b####.com
- log.u####.com
- maa####.chinane####.com
- o####.map.b####.com
- pic.4g.jx####.####.cn
- s####.j####.cn
- s####.u####.com
- s.j####.cn
- up####.sdk.jig####.cn
- z####.4g.jx####.####.cn
- et2-na6####.wagbr####.ali####.####.com/bar/get/52aecd0856240b400518c322/...
- pic.4g.jx####.####.com/v4/M00/36/FA/rBAVFFtsHJiAIKC0AABEu0iNYzI505.jpg.w...
- pic.4g.jx####.####.com/v4/M00/73/BC/rBAVFFxvsT2ACZvcAAHNa5fptiw815.jpg
- pic.4g.jx####.####.com/v4/M00/74/70/rBAVFFxzF7SAfCQbAAAT2BETIgE813.jpg
- pic.4g.jx####.####.com/v4/M00/74/D9/rBAVFFxzv-CAMSBSAAFyp9IxpPE114.jpg
- pic.4g.jx####.####.com/v4/M00/74/D9/rBAVFFxzv8OAYGGkAAFrzYF-Tv8595.jpg
- pic.4g.jx####.####.com/v4/M00/74/D9/rBAVFFxzv9GAZLXsAAFhbfqnzA8590.jpg
- pic.4g.jx####.####.com/v4/M00/74/DC/rBAVFFxzx4CASUf8AACqJNZ9vaA453.jpg
- pic.4g.jx####.####.com/v4/M00/74/FF/rBAVFFx0YteAIMy4AAAW5JFqJew895.jpg
- pic.4g.jx####.####.com/v4/M00/75/00/rBAVFFx0bu6Ae7hjAAAmFdIcskE906.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/00/rBAVFFx0buyAPaSTAAAvhnx445k110.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/00/rBAVFFx0bvGAGTLFAAAqsNUYUt4164.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/00/rBAVFFx0cmyAJf7aAAutt9_d04s172.png
- pic.4g.jx####.####.com/v4/M00/75/00/rBAVFFx0cnKAOdmwAAvB9XMDXqc109.png
- pic.4g.jx####.####.com/v4/M00/75/02/rBAVFFx0ef2ACNrKAABGStbHjLo778.jpg
- pic.4g.jx####.####.com/v4/M00/75/03/rBAVFFx0fXKAVUbPAADyR4onyX0849.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/05/rBAVFFx0gmyAc2fBAADRi7h1F38401.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/33/rBAVFFx0r5iAU1abAAEAvRaG4DE802.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/53/rBAVFFx04wqAd5PSAAAU-4F_frs063.jpg
- pic.4g.jx####.####.com/v4/M00/75/73/rBAVFFx0_gKAec1SAAAYp0yQJIE283.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/76/rBAVFFx1AH6AJI5vAAAWged1wOE112.jpg.w...
- pic.4g.jx####.####.com/v4/M00/75/78/rBAVFFx1BEqAF47tAABLHDonpGU993.jpg.w...
- pic.4g.jx####.####.com/v5/index.php?c=####&m=####&siteid=####&time=####&...
- z####.4g.jx####.####.com/v5/index.php?c=####&m=####&siteid=####&time=###...
- and####.b####.qq.com/rqd/async?aid=####
- pic.4g.jx####.####.com/v5/index.php?c=####&m=####&siteid=####&time=####&...
- z####.4g.jx####.####.com/v5/index.php?c=####&m=####&siteid=####&time=###...
- /data/data/####/-1381424092
- /data/data/####/-599871594
- /data/data/####/.jg.ic
- /data/data/####/00120b29c2bb4e3582b371245626ade9a80305d50b27532....0.tmp
- /data/data/####/065cd3930ef44033a350471b605b06b5abe84d26cf5cfc2....0.tmp
- /data/data/####/1004
- /data/data/####/1551185828817.log
- /data/data/####/37f5cff838ff1ef45177a80617f14d8836a122d7248495e....0.tmp
- /data/data/####/4573ffc384b684455561d3890adb9fa50edd7ef6e836c5a....0.tmp
- /data/data/####/46730449
- /data/data/####/5014a815133832cf25ded2b81e49b34bed253aed2299117....0.tmp
- /data/data/####/73ca87d2769024af8f05829b1884016b736f912cba58dd1....0.tmp
- /data/data/####/7a31253dff9114e756fe86335e6cf13daab16d3205494ce....0.tmp
- /data/data/####/7c139b2e1037f2b01d4e0149475c229b2bd1e57916f4aec....0.tmp
- /data/data/####/7deaa9e1e8d8f6353707a2623b939a88126f24f28a5f675....0.tmp
- /data/data/####/82c806c86733965603376d845ef1051abd27dc675c83da2....0.tmp
- /data/data/####/9665e0f9abfa3a4f45751906e8d3bb9790f61678e84fe45....0.tmp
- /data/data/####/9c9a0c5bdd5b6f8b3f4531500e017546ae6e6e118483ec7....0.tmp
- /data/data/####/JPushSA_Config.xml
- /data/data/####/NewsDjw2.sp.xml
- /data/data/####/_andfix_.xml
- /data/data/####/a51c82862f312bf473c2aa82b1c688d629fcf53919d57b3....0.tmp
- /data/data/####/ab798d2260adef75ad0c334bd46e2085d7f1be0a7a1f67c....0.tmp
- /data/data/####/appPackageNames_v2
- /data/data/####/authStatus_com.xdtech.news.greatriver;remote.xml
- /data/data/####/b0d475aa06371cac56e3dee11795807f778bc55a54e0638....0.tmp
- /data/data/####/b7f1b2061603eebb1908ff684d0a6c24c569a1cf5618964....0.tmp
- /data/data/####/bugly_db_-journal
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/cn.jpush.android.user.profile.xml
- /data/data/####/cn.jpush.preferences.v2.rid.xml
- /data/data/####/cn.jpush.preferences.v2.xml
- /data/data/####/crashrecord.xml
- /data/data/####/d564f3cc73eda61d51fa1dcd0dc7baa8fe1dbb763a32009....0.tmp
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/e652b29e3b3931c664725b19c4d0ac341731bb25131e44a....0.tmp
- /data/data/####/ee96f07feb4454636710cd1d969c239a878855a8343d43b....0.tmp
- /data/data/####/event_com.xdtech.news.greatriver.log
- /data/data/####/event_com.xdtech.news.greatriver;remote.log
- /data/data/####/firll.dat
- /data/data/####/gal.db
- /data/data/####/gal.db-journal
- /data/data/####/hst.db
- /data/data/####/hst.db-journal
- /data/data/####/index
- /data/data/####/index.sp.xml
- /data/data/####/journal.tmp
- /data/data/####/jpush_device_info.xml
- /data/data/####/jpush_local_notification.db
- /data/data/####/jpush_local_notification.db-journal
- /data/data/####/jpush_local_notification.db-wal
- /data/data/####/jpush_stat_cache.json
- /data/data/####/jpush_stat_cache_history.json
- /data/data/####/jpush_statistics.db
- /data/data/####/jpush_statistics.db-journal
- /data/data/####/jpush_statistics.db-shm (deleted)
- /data/data/####/jpush_statistics.db-wal
- /data/data/####/libcuid.so
- /data/data/####/libjiagu-552672345.so
- /data/data/####/local_crash_lock
- /data/data/####/location.sp.xml
- /data/data/####/lock.tmp
- /data/data/####/matosdk_preference.xml
- /data/data/####/matosdk_preference_remote.xml
- /data/data/####/mobclick_agent_cached_com.xdtech.news.greatriver38
- /data/data/####/native_record_lock
- /data/data/####/newsdjw.db-journal
- /data/data/####/ofl.config
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/security_info
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_socialize.xml
- /data/data/####/wakeup_cache.json
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/wspx
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.push_deviceid
- /data/media/####/conlts.dat
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/media/####/yoh.dat
- /data/media/####/yol.dat
- /data/media/####/yom.dat
- /system/bin/sh -c getprop
- /system/bin/sh -c type su
- Bugly
- andfix
- com.maa
- jcore119
- libjiagu-552672345
- locSDK7a
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-ECB-NoPadding
- AES-GCM-NoPadding