Technical information
- Adware.Gexin.3.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) marke####.et####.cn:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) www.z####.cn:80
- TCP(HTTP/1.1) oth.eve.mdt.####.com:8080
- TCP(HTTP/1.1) s3.ps####.com:80
- TCP(HTTP/1.1) api.f####.so:80
- TCP(HTTP/1.1) log####.suishe####.cn:80
- TCP(HTTP/1.1) s0.ps####.com:80
- TCP(HTTP/1.1) 65a4####.cdn.uc####.####.cn:80
- TCP(HTTP/1.1) oth.str.mdt.####.com:8080
- TCP(HTTP/1.1) z####.cn:80
- TCP(HTTP/1.1) hm.b####.com:80
- TCP(HTTP/1.1) client####.suishe####.cn:80
- TCP(HTTP/1.1) cea7####.cdn.uc####.####.cn:80
- TCP(HTTP/1.1) clien####.r####.cn.####.com:80
- TCP(TLS/1.0) 65a4####.cdn.uc####.####.cn:443
- TCP(TLS/1.0) qzones####.g####.cn.####.com:443
- TCP(TLS/1.0) s####.tc.qq.com:443
- a####.u####.com
- api.f####.so
- cdn-pan####.suishe####.cn
- cl####.z####.cn
- clien####.r####.cn
- client####.suishe####.cn
- hm.b####.com
- log####.suishe####.cn
- marke####.et####.cn
- oth.eve.mdt.####.com
- oth.str.mdt.####.com
- qzones####.g####.cn
- r####.wx.qq.com
- s0.ps####.com
- s3.ps####.com
- st####.et####.cn
- v2-st####.et####.cn
- www.z####.cn
- z####.cn
- zhwn####.et####.cn
- 65a4####.cdn.uc####.####.cn/apis/domain_settting.js
- 65a4####.cdn.uc####.####.cn/imgs/upload/1491961158.8176.png
- 65a4####.cdn.uc####.####.cn/imgs/upload/1552315328.4701.jpg
- 65a4####.cdn.uc####.####.cn/imgs/upload/1552315388.2545.jpg
- 65a4####.cdn.uc####.####.cn/static-lib/dist/js/suishen.tshare.min.js
- 65a4####.cdn.uc####.####.cn/static-lib/js/third/zepto.min.js
- cea7####.cdn.uc####.####.cn/dmp-pandora/api/trace/list?city_key=####&app...
- clien####.r####.cn.####.com/Ecalender/api/city?city_key=####&foreign=###...
- clien####.r####.cn.####.com/Ecalender/api/query/fortune?birthTime=####&n...
- clien####.r####.cn.####.com/lizhi/api/client-config/get?city_key=####&de...
- clien####.r####.cn.####.com/lizhi/api/fortune/relationship?city_key=####...
- clien####.r####.cn.####.com/lizhi/api/life/day_pics?local_svc_version=##...
- clien####.r####.cn.####.com/lizhi/api/plistenV2?city_key=####&app_ts=###...
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&et=####&ja=#...
- hm.b####.com/hm.js?08b9f72####
- s0.ps####.com/adstatic/resource/landing_log/dist/1.1.15/static/js/toutia...
- s3.ps####.com/inapp/toutiao.js
- www.z####.cn/
- www.z####.cn/css/page/style.css
- www.z####.cn/favicon.ico
- www.z####.cn/static/mobile/css/index1.css
- www.z####.cn/static/mobile/css/swiper.min.css
- www.z####.cn/static/mobile/img/index/bg_1.jpg
- www.z####.cn/static/mobile/img/index/bg_2.jpg
- www.z####.cn/static/mobile/img/index/bg_3.jpg
- www.z####.cn/static/mobile/img/index/bg_4.jpg
- www.z####.cn/static/mobile/img/index/bg_5.jpg
- www.z####.cn/static/mobile/img/index/bg_6.jpg
- www.z####.cn/static/mobile/img/index/logo_hor.png
- www.z####.cn/static/mobile/img/index/logo_main.png
- www.z####.cn/static/mobile/img/index/logo_sm.png
- www.z####.cn/static/mobile/img/index/page_1_btn.png
- www.z####.cn/static/mobile/img/index/page_1_desc.png
- www.z####.cn/static/mobile/img/index/page_2_btn.png
- www.z####.cn/static/mobile/img/index/page_2_desc.png
- www.z####.cn/static/mobile/img/index/page_3_desc.png
- www.z####.cn/static/mobile/img/index/page_4_desc.png
- www.z####.cn/static/mobile/img/index/page_5_desc.png
- www.z####.cn/static/mobile/img/permanent_free.png
- www.z####.cn/static/mobile/img/shu.png
- www.z####.cn/static/mobile/img/topone.png
- www.z####.cn/static/mobile/index.html
- www.z####.cn/static/mobile/js/downLoad.js
- www.z####.cn/static/mobile/js/swiper.min.js
- z####.cn/
- z####.cn/wx/jsapi/token?app=####&url=####&callback=####
- a####.u####.com/app_logs
- api.f####.so/
- client####.suishe####.cn/ssy-dmp/api/app/feedback
- log####.suishe####.cn/collect/ce/log
- log####.suishe####.cn/collect/event/log
- marke####.et####.cn/api/client
- oth.eve.mdt.####.com:8080/analytics/upload?rid=####&sid=####
- oth.str.mdt.####.com:8080/analytics/upload
- oth.str.mdt.####.com:8080/analytics/upload?sid=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/1833828043-841753385
- /data/data/####/Beacon_sig_1.lock
- /data/data/####/DENGTA_META.xml
- /data/data/####/DownloadMarket.db-journal
- /data/data/####/ECalendarPreferences.xml
- /data/data/####/Evoke.db.xml
- /data/data/####/GuidePreferences.xml
- /data/data/####/PreSettings-journal
- /data/data/####/SuishenAd_prf.xml
- /data/data/####/SuishenExitPageSDK_v90.apk
- /data/data/####/Umeng.xml
- /data/data/####/Update.db.xml
- /data/data/####/beacon_db-journal
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/daemon
- /data/data/####/eCalendar.db-journal
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/history_cache.db-journal
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/libjiagu1648079278.so
- /data/data/####/linkedme_referral_shared_pref.xml
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/multidex.version.xml
- /data/data/####/mySP.xml
- /data/data/####/serverData.db-journal
- /data/data/####/suishen_ad.db-journal
- /data/data/####/suishen_ad_pramas.xml
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/webview.db-journal
- /data/media/####/._etouch_ecalendar.db
- /data/media/####/02eecccbfa1186a18625ed2cebb9e03f_temp
- /data/media/####/8e382ad9a1a647a4013521e88bb90beb_temp
- /data/media/####/ECSettingsV2.db-journal
- /data/media/####/a76107b78ad05ed71aeaaff449d95ee9_temp
- /data/media/####/alsn.db
- /data/media/####/alsn.db-journal
- /data/media/####/blank.png
- /data/media/####/btn_nav_bg.9.png
- /data/media/####/btn_nav_sel.9.png
- /data/media/####/dialog_details_bg.9.png
- /data/media/####/dialog_dismiss.png
- /data/media/####/dialog_dismiss_sel.png
- /data/media/####/download_btn_normal.9.png
- /data/media/####/etouch_ecalendar.db
- /data/media/####/etouch_ecalendar.db-journal
- /data/media/####/fes_type_sel.9.png
- /data/media/####/grid_bg.9.png
- /data/media/####/grid_sel.9.png
- /data/media/####/ic_btn_down.png
- /data/media/####/ic_default.png
- /data/media/####/info
- /data/media/####/list_bg_sel.png
- /data/media/####/meta.dat
- /data/media/####/top_btn_normal.9.png
- /data/media/####/top_btn_selected.9.png
- /data/media/####/update_btn_normal.9.png
- /system/bin/cat /proc/cpuinfo
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/sh -c getprop ro.build.fingerprint
- chmod 700 <Package Folder>/app_bin/daemon
- chmod 755 <Package Folder>/.jiagu/libjiagu1648079278.so
- getprop ro.build.fingerprint
- EcalendarLib
- libjiagu1648079278
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- DESede
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- DESede