Technical information
- Adware.Panda.5.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) www.md####.cn:80
- TCP(HTTP/1.1) hk.wagbr####.non####.####.com:80
- TCP(HTTP/1.1) 2####.151.212.169:80
- TCP(HTTP/1.1) 1####.205.160.63:80
- TCP(HTTP/1.1) ada####.m.ta####.com:80
- TCP(HTTP/1.1) ad####.m.ta####.com:80
- TCP(HTTP/1.1) 2####.151.212.88:80
- TCP(HTTP/1.1) cdn.zs####.cn.####.cn:8080
- TCP(HTTP/1.1) 2####.107.1.1:80
- TCP(TLS/1.0) msg.umengc####.com:443
- TCP(TLS/1.0) 1####.217.168.206:443
- TCP openj####.m.ta####.com:80
- TCP 1####.205.160.76:443
- a####.u####.co
- a####.u####.com
- ad####.m.ta####.com
- ada####.m.ta####.com
- ag####.m.ta####.com
- cdn.zs####.cn
- msg.umengc####.com
- umengj####.m.ta####.com
- www.md####.cn
- y####.al####.com
- ad####.m.ta####.com/rest/gc2?ak=####&av=####&c=####&d=####&sv=####&t=###...
- cdn.zs####.cn.####.cn:8080/resource/gis/45
- a####.u####.com/app_logs
- ada####.m.ta####.com/rest/sur?ak=####&av=####&c=####&v=####&s=####&d=###...
- hk.wagbr####.non####.####.com/saveWb.json
- www.md####.cn/pservers/loadip
- /data/data/####/0a231bd8575dcf72.txt
- /data/data/####/1d77ea041509fe06.lock
- /data/data/####/21c22f492aba3de8.lock
- /data/data/####/930a31b34bd52c08.lock
- /data/data/####/ACCS_BIND.xml
- /data/data/####/ACCS_SDK.xml
- /data/data/####/ACCS_SDK_CHANNEL.xml
- /data/data/####/APP_FLAG.xml
- /data/data/####/Agoo_AppStore.xml
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/DaemonServer
- /data/data/####/MessageStore.db-journal
- /data/data/####/MsgLogStore.db-journal
- /data/data/####/SETTING.xml
- /data/data/####/SGMANAGER_DATA2.tmp
- /data/data/####/UTCommon.xml
- /data/data/####/_UserInfoLayout_USER_CONF
- /data/data/####/accs.db-journal
- /data/data/####/agoo.pid
- /data/data/####/ap.Lock
- /data/data/####/bgw.zip
- /data/data/####/com.tadsdgu.vkjtdf_preferences.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/libsgmainso-5.1.81.so.tmp
- /data/data/####/lock.lock
- /data/data/####/message.zip
- /data/data/####/message_accs_db
- /data/data/####/message_accs_db-journal
- /data/data/####/multidex.version.xml
- /data/data/####/sp.lock
- /data/data/####/tadu
- /data/data/####/tadu-journal
- /data/data/####/tadu-shm (deleted)
- /data/data/####/tadu-wal
- /data/data/####/tk
- /data/data/####/um_cache_1551450314609.env
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/ut.db
- /data/data/####/ut.db-journal
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal (deleted)
- /data/media/####/.nomedia
- /data/media/####/00fb822cbe05f3c9daaa9d52229e671c
- /data/media/####/043e3783cf9e21e69dfe487680d6b86b
- /data/media/####/05eb5b085f642ecdd91f0937c9d4cf01
- /data/media/####/0797eed672c26dce1c75afacb19a29b8
- /data/media/####/088763005fb9bcdf9743fa4686620695
- /data/media/####/08c6bcccfb68ea3ffd7df1c3d9bca25b
- /data/media/####/09ab1298b9b510806208807ba1f506ba
- /data/media/####/0a2b0a5e404ec0efe82d89b5eeca62e5
- /data/media/####/10deabcff38870f0f9549a95cbe51a13
- /data/media/####/1508c352f41307a0cdf0147350f2b5fb
- /data/media/####/1551450317284.tar
- /data/media/####/1551450317284.tar.gz
- /data/media/####/16e1bf0c9102c2df0192be3e73dde32d
- /data/media/####/1daaedd2de8f23f1ca830fcdd1f8e4b0
- /data/media/####/1dd848bb317e694dd3175dd3277629f7
- /data/media/####/2
- /data/media/####/20190301_356507059351895
- /data/media/####/2487fa3d0d8f5861b36957095660f47e
- /data/media/####/254f40a42461f91e451001fb055f60df
- /data/media/####/2569363530818ae52603a006ef8b6154
- /data/media/####/2591b58fc5514fabaeb2a8d072afd12a
- /data/media/####/2a17e792fa194318d5eb55edb7eb6981
- /data/media/####/2a9ae100339d2cc0a29b73da11881d14
- /data/media/####/2adfc8d996667a974975a068b03d3310
- /data/media/####/3
- /data/media/####/3614de514681b74251d0c1a7e8942cd6
- /data/media/####/383630cc6f7d4eedb3a52b7a8fca2b39
- /data/media/####/38f4e11dee9b8609b92090d7e9431dc0
- /data/media/####/3aab3fe3679485483be6537bcb3fd853
- /data/media/####/3adadafa76f9532c6e65cc416c7d10c1
- /data/media/####/3bfc8d99721587a50b0968de8def21a6
- /data/media/####/42b23f80ce21452c4a8103c66500789e
- /data/media/####/465816_1.TDZ
- /data/media/####/465816_10.TDZ
- /data/media/####/465816_2.TDZ
- /data/media/####/465816_3.TDZ
- /data/media/####/465816_4.TDZ
- /data/media/####/465816_5.TDZ
- /data/media/####/465816_6.TDZ
- /data/media/####/465816_7.TDZ
- /data/media/####/465816_8.TDZ
- /data/media/####/465816_9.TDZ
- /data/media/####/466358_1.TDZ
- /data/media/####/466358_10.TDZ
- /data/media/####/466358_2.TDZ
- /data/media/####/466358_3.TDZ
- /data/media/####/466358_4.TDZ
- /data/media/####/466358_5.TDZ
- /data/media/####/466358_6.TDZ
- /data/media/####/466358_7.TDZ
- /data/media/####/466358_8.TDZ
- /data/media/####/466358_9.TDZ
- /data/media/####/46ce611b56631a36cf55d5abf95d5adf
- /data/media/####/471082_1.TDZ
- /data/media/####/471082_10.TDZ
- /data/media/####/471082_2.TDZ
- /data/media/####/471082_3.TDZ
- /data/media/####/471082_4.TDZ
- /data/media/####/471082_5.TDZ
- /data/media/####/471082_6.TDZ
- /data/media/####/471082_7.TDZ
- /data/media/####/471082_8.TDZ
- /data/media/####/471082_9.TDZ
- /data/media/####/486f26010c932b74fc15bb9727e387e9
- /data/media/####/4a50c5b1ab32405aa8668e91e5ed02ab
- /data/media/####/54e1081bb6c6fd9afec4cd5b872d092a
- /data/media/####/550bd2e48493291f5e938b431134a01d
- /data/media/####/57458efddaef6b8645b6c7a2e564f02a
- /data/media/####/5a99d586635364c4eec6031a865e5774
- /data/media/####/5e964264f3874a6d1f040cd061a850e6
- /data/media/####/5f7c4feacc3e4575960f63b699543b65_248_180.jpg
- /data/media/####/60396fbaf918a006f282028e9b7d7fdb
- /data/media/####/6164efbc255aa96a1238e5b2c830f9e0
- /data/media/####/62cc8e622b2de7c00d7ab53d3028ef78
- /data/media/####/68516abee6b342ef88411dff34613cee_248_180.jpg
- /data/media/####/6c709c11d2d46a7b
- /data/media/####/7005bbe96faf2a75fbbd0c736791fcc0
- /data/media/####/7484ef76f5323f1a4d3192052ff68643
- /data/media/####/7a10890c7fce3a6b0729ec119e45cc37
- /data/media/####/81d1dfd749d7b58a7157a5077c334944
- /data/media/####/83dd533c85022c65d71cd64aac12ff09
- /data/media/####/8509cfde22194083810e42b5eb95fcea_248_180.jpg
- /data/media/####/8e26aee70dc98f171a44598982f08df1
- /data/media/####/8ec0977648991f52b2b1ae2e9ae2f095
- /data/media/####/8fcb8bd7ff1172004cb60144289d2729
- /data/media/####/9033ec76573eb87b046779fffe4a717b
- /data/media/####/9be7d7cabc83cf51a4c162d7db654e7d
- /data/media/####/9e859dd1ee4f6a9639dd25d90a7cfa94
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/a2ef79aafb41adcedfb4354894f77362
- /data/media/####/a98de15ac29925bdf86ac9efd91c1c5c
- /data/media/####/accs_election
- /data/media/####/b22da296f81eb455e6c3a31ca138bda2
- /data/media/####/bd52486fe5a136841f60b0957ce20079
- /data/media/####/bd7ef2ea1aa162c4fc3859c1ed1acb49
- /data/media/####/bdbbf357deb7336d56c44a5dbfa69a5a
- /data/media/####/be4f5c6347d276bde93b15dff925f470
- /data/media/####/build_in_res.zip
- /data/media/####/c1482e8746b172abdcb5206008b09195
- /data/media/####/c40ac4c05b71ed477c5fe01373b5b7a7
- /data/media/####/cac11360473fd66d93f93518cb01fa3a
- /data/media/####/ce6ddde555dc091db609cc135bc0bbe4
- /data/media/####/d80cf1e8d1a2678d0dda7780c05a37a5
- /data/media/####/dd7893586a493dc3
- /data/media/####/e10e67366bf43f1288626ffcd4df5e92
- /data/media/####/e1d4e710c59cf90841321115283df3d5
- /data/media/####/e2ce61d3138f064d1be72f0b4cd4af3d
- /data/media/####/e321dc8289c8fed6fd343b62f16fafd8
- /data/media/####/e3beac7eaded76cdf9feb8a068a069de
- /data/media/####/e6a6d07b96fcef59c8c5bdabe0ac2c8b
- /data/media/####/e6d994d4772e891841aa425504fe00a3
- /data/media/####/ee6d653b551e6c53c2fc774b582acb15
- /data/media/####/hid.dat
- /data/media/####/log
- /data/media/####/logCache
- /data/media/####/tab_0.html
- /data/media/####/tab_1.html
- /data/media/####/tab_2.html
- /data/media/####/tab_3.html
- /data/media/####/tab_4.html
- /system/bin/cat /proc/cpuinfo
- <Package Folder>/files/DaemonServer -s <Package Folder>/lib/ -n runServer -p startservice -n <Package>/com.taobao.accs.ChannelService --user 0 -f <Package Folder> -t 600 -c agoo.pid -P <Package Folder> -K 1009527 -U tb_accs_eudemon_1.1.3 -L http://agoodm.m.taobao.com/agoo/report -D {"package":"<Package>","appKey":"umeng:585b8df2310c936340001247","utdid":"XHlAyEj5c8sDAGdzx1EOUS+A","sdkVersion":"212"} -I agoodm.m.taobao.com -O 80 -T -Z
- chmod 500 <Package Folder>/files/DaemonServer
- sh
- sgmainso-5.1
- tnet-3.1
- ut_c_api
- AES
- AES-CBC-PKCS5Padding
- DES-ECB-PKCS5Padding
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- DES-ECB-PKCS5Padding