Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) d####.dushem####.com:80
- TCP(HTTP/1.1) c.d####.mob.com:80
- TCP(HTTP/1.1) api.s####.mob.com:80
- TCP(HTTP/1.1) m.d####.mob.com:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) d####.d####.mob.com:80
- TCP(HTTP/1.1) a####.exc.mob.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) rs.eas####.com:80
- TCP(HTTP/1.1) k####.eas####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) cd####.dushem####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8011
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8012
- TCP(HTTP/1.1) loc.map.b####.com:80
- TCP(HTTP/1.1) im####.dushem####.com.####.cn:80
- TCP(HTTP/1.1) qin####.com.www.####.com:80
- TCP(HTTP/1.1) s####.dushem####.com:80
- TCP(TLS/1.0) a####.eas####.com:443
- TCP(TLS/1.0) l####.cc:443
- TCP(TLS/1.0) api.map.b####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5225
- 7j####.c####.z0.####.com
- a####.b####.qq.com
- a####.eas####.com
- a####.exc.mob.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- api.map.b####.com
- api.s####.mob.com
- c####.g####.ig####.com
- c-h####.g####.com
- c.d####.mob.com
- cd####.dushem####.com
- d####.d####.mob.com
- d####.dushem####.com
- im####.dushem####.com
- k####.eas####.com
- l####.cc
- loc.map.b####.com
- m.d####.mob.com
- pub-####.qin####.com
- rs.eas####.com
- s####.dushem####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/ad/list_place_ads/1?sy...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/common/check_version/1...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/common/get_validate_ho...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/common/list_app_dictio...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/common/list_filter_wor...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/common/list_validate_t...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/daily-recmd/list-disco...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/daily_recmd/list_daily...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/daily_recmd/list_main_...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/movie/get_douban_analy...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/movie/get_movie_detail...
- cd####.dushem####.com/dsmovieapi/e78d375e67fa436f/movie_sheet/get_newest...
- im####.dushem####.com.####.cn/other/20160902/4a/ceb5839590f543cd828bbb6a...
- im####.dushem####.com.####.cn/other/20160902/57/ab2870547cdd4b1e8b283ab1...
- im####.dushem####.com.####.cn/other/20160902/5c/d45bfb182f1849718a265db1...
- im####.dushem####.com.####.cn/other/20160902/5d/7992a92aadc148fa9cc6e517...
- im####.dushem####.com.####.cn/other/20160902/8c/559ff522297f4b768130e940...
- im####.dushem####.com.####.cn/other/20160902/ba/969cc44f20d94e8caaa0f9ff...
- im####.dushem####.com.####.cn/other/20160902/bf/c27d25ed877a494f8d544482...
- im####.dushem####.com.####.cn/other/20160902/fd/ea90d87194ac4c1cb77e07cd...
- im####.dushem####.com.####.cn/other/20160903/88/ad40a4488b964336a90bdd85...
- im####.dushem####.com.####.cn/other/20160903/c6/b0898c75207e48308c7dc311...
- im####.dushem####.com.####.cn/other/20160913/23/4f838b0a56824f18970be4d1...
- im####.dushem####.com.####.cn/other/20161226/b1/b60d24ea10384b1e92461d75...
- im####.dushem####.com.####.cn/other/20170411/96/eb2aea64a30744a5a01efd2d...
- im####.dushem####.com.####.cn/other/20170622/39/ae67537ce0814243b0f2af93...
- im####.dushem####.com.####.cn/other/20170622/7a/068f8a3551bd49dbac74ae29...
- im####.dushem####.com.####.cn/other/20170911/a3/be5966fa90634c14aa0c40c6...
- im####.dushem####.com.####.cn/other/20170911/c3/4de0f48acbd14778a3b91a0f...
- im####.dushem####.com.####.cn/other/20170912/50/47cac852f45a477fb73f4b5b...
- im####.dushem####.com.####.cn/other/20171020/b8/46b9f9ee509e496e98e77393...
- im####.dushem####.com.####.cn/other/20171113/b5/6d2446d69aca40e3b3aefdc0...
- im####.dushem####.com.####.cn/other/20171118/bb/bcc715a5d9824f369bf11945...
- im####.dushem####.com.####.cn/other/20171121/30/837e213789944b709a6fba2d...
- im####.dushem####.com.####.cn/other/20171121/eb/773475ff172149c3a08a90af...
- im####.dushem####.com.####.cn/other/20171206/1a/1b2a4ef95afd4a0bb9646add...
- im####.dushem####.com.####.cn/other/20171206/54/a14d3b785ce947198b74df5b...
- im####.dushem####.com.####.cn/other/20171206/82/e10875187dca47029c34095b...
- im####.dushem####.com.####.cn/other/20171206/8a/32bdf9d53c684349945a8a39...
- im####.dushem####.com.####.cn/other/20171206/cd/961fc24f38794d00821552cb...
- im####.dushem####.com.####.cn/other/20180609/42/f9fa22e472904c85aa11fafd...
- im####.dushem####.com.####.cn/other/20181114/07/83968677460244198eb44868...
- im####.dushem####.com.####.cn/other/20181114/91/550b9d6101cd4bf0b97b420b...
- im####.dushem####.com.####.cn/other/20181114/c8/0b2c8c41c153428cb5257d85...
- im####.dushem####.com.####.cn/other/20181116/1555/5bee77d960bcb.jpg
- im####.dushem####.com.####.cn/other/20190107/ff/1540465755cd4beaa9ae8b3a...
- im####.dushem####.com.####.cn/other/20190122/00/4ab0ea1eecec4e2a99ba580a...
- im####.dushem####.com.####.cn/other/20190228/1041/5c774a5fbf3ab.jpg
- im####.dushem####.com.####.cn/other/20190318/1054/5c8f0859616b6.jpg
- im####.dushem####.com.####.cn/other/20190322/1127/5c94560c90df2.jpg
- im####.dushem####.com.####.cn/other/20190322/1156/5c945ce3488fd.jpg
- im####.dushem####.com.####.cn/other/20190323/1149/5c95acb927723.jpg
- im####.dushem####.com.####.cn/other/20190323/1648/5c95f2d5c1141.jpg
- im####.dushem####.com.####.cn/portrait/20170307/e7/23184bff41364474a9dd7...
- im####.dushem####.com.####.cn/portrait/20170328/26/c040536ead06471b88579...
- im####.dushem####.com.####.cn/portrait/20170401/3b/9bd58747a63945cfb634f...
- im####.dushem####.com.####.cn/portrait/20170601/bf/7516691dd06843f5b3d7a...
- im####.dushem####.com.####.cn/portrait/20171231/64/d2c38b0488fb4bf8ab60a...
- im####.dushem####.com.####.cn/portrait/20180805/5d/a4b493c35dc3416db3b14...
- im####.dushem####.com.####.cn/portrait/20190120/10/1d73412e2db3415c9e8a8...
- k####.eas####.com/v1/visitors/tenants/41744
- m.d####.mob.com/cconf?appkey=####&plat=####&apppkg=####&appver=####&netw...
- qin####.com.www.####.com/tdata_EDT369
- rs.eas####.com/easemob/server.json?sdk_version=####&app_key=####&file_ve...
- t####.c####.q####.####.com/tdata_JNg986
- t####.c####.q####.####.com/tdata_MkX219
- t####.c####.q####.####.com/tdata_iRz660
- t####.c####.q####.####.com/tdata_zzW503
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- a####.exc.mob.com/errconf
- aexcep####.b####.qq.com:8011/rqd/async
- aexcep####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- api.s####.mob.com/conf5
- api.s####.mob.com/conn
- api.s####.mob.com/data2
- api.s####.mob.com/log4
- c-h####.g####.com/api.php?format=####&t=####
- c.d####.mob.com/cdata
- d####.d####.mob.com/dinfo
- d####.d####.mob.com/dsign
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/account/report_push_tok...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/activity/new_user_gift/1
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/cinecism/list_summary_m...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/daily-recmd/list-inform...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/daily_recmd/list_daily_...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/group/list_movie_relati...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/movie/list_movie_dynami...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/movie/list_recommend_mo...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/movie_sheet/list_custom...
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/user/list_grade/1
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/user/sign_in/1
- d####.dushem####.com/dsmovieapi/e78d375e67fa436f/user_relation/get_unrea...
- loc.map.b####.com/sdk.php
- s####.dushem####.com/srapi/0c2641bbe60b6d2f/statistics/request_log/1
- s####.dushem####.com/srapi/0c2641bbe60b6d2f/statistics/stat_log/1
- sdk.o####.p####.####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####&d=####&k=####
- /data/data/####/.lock
- /data/data/####/.mrecord
- /data/data/####/.mrlock
- /data/data/####/.statistics
- /data/data/####/08c7adbc63868ec8225cd3a064dfa84281c80e3805601ad....0.tmp
- /data/data/####/12059971160dc8bc7fce8486ab7cb3dea00c9ed62c1837d....0.tmp
- /data/data/####/1216829df46bfeea1497a24dc459578cf7ed3c4977b2de4....0.tmp
- /data/data/####/13ceb34e3409acb38dcf59450b0110347c662f68ffefa20....0.tmp
- /data/data/####/14ebeb690271b5a2aba52eba4536ed805c907dea5269f1c....0.tmp
- /data/data/####/27c049b8b9ea78fdb0ea21cfdc7d598194f707c5f446712....0.tmp
- /data/data/####/29f9767dbe9a856221648c0c076564e789549be25a4f9c5....0.tmp
- /data/data/####/33b1661a0c46d9de4e38fc149a4e192d0a97f7327f3e07f....0.tmp
- /data/data/####/3adec21cd3a783963b1abdd433765f7a490996e44affd7f....0.tmp
- /data/data/####/3be2efac99ba3b83aef0ddf2daf2aff432c3fe0750557d8....0.tmp
- /data/data/####/4161d69a3cfd1bb48a7b2ba6c4c15ad10024e61d59b57ff....0.tmp
- /data/data/####/4244191abee04e25b49a315f0243f6707474b95ba87f177....0.tmp
- /data/data/####/4aa3b5ea04fc5f125c4ba141bb847b074b3bfa126a89dca....0.tmp
- /data/data/####/58207cc79d7f5ab6becafa2930342f950849da7155a5cc3....0.tmp
- /data/data/####/5901c9cd0b88674906412a406f6949793d2a26bbee079f3....0.tmp
- /data/data/####/5ee389972e62b985a00b4856d5a6f2f58b547acaf72fc69....0.tmp
- /data/data/####/666e7cc417de3c36024b7c19c1b58336d7a9a7b4a27614b....0.tmp
- /data/data/####/6b1194067e2896e8aae5ceab2d5fc03a0664c78bed7fd90....0.tmp
- /data/data/####/6bab49a21a5b6bda732a82770d894d876c25e8773bb4b55....0.tmp
- /data/data/####/7051ef9110af95f94fe2fe3cb3e9faaefc7660ca4ba87cc....0.tmp
- /data/data/####/7566025b0f2d5cabd44408638a1e15efe437bfcf5d87636....0.tmp
- /data/data/####/76b57ad5ce9b139cf6be43678f4f180f8ccc36968a5717a....0.tmp
- /data/data/####/791b1683365ec74813f54211501dc2b82e436a03d6d25a4....0.tmp
- /data/data/####/7b41b7eb50aa3bf5ac09dc15f6bb4e4726c036b7f09b69f....0.tmp
- /data/data/####/7fe3315ef471a4a7f411213bfcd3867ccf5815a0f126187....0.tmp
- /data/data/####/830b55837b93049ec5ee7d468d59850fcd7e12c54d944e7....0.tmp
- /data/data/####/8368084de574486cf9782db51d9552e61787aa9e5b7ba6a....0.tmp
- /data/data/####/8dfe1804f6cd6bad635e1c88b8b17e4dd9bbc2692847748....0.tmp
- /data/data/####/LKME_Server_Request_Queue.xml
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/aa0ae55f922ecc1ee8c1747919af7fa760a07f885d6ac5c....0.tmp
- /data/data/####/authStatus_com.dushe.movie;remote.xml
- /data/data/####/b1c230bb28bd0c1f32e7a5bc4bd65141b02f0db3d4355bf....0.tmp
- /data/data/####/b26da0c95dd5b77298c4cfd45568558bd8b605ec959af19....0.tmp
- /data/data/####/b7f311a48fb0a97ab65c5ca502d3fde0b9b5768354fdfe7....0.tmp
- /data/data/####/b7f311a48fb0a97ab65c5ca502d3fde0b9b5768354fdfe7...3069.0
- /data/data/####/bce966896645aeb9e14fb8d7fd2a8a0bc15aa643e3dcdc2....0.tmp
- /data/data/####/be5c4d6a754ed31aea97c562aacd1ef316094fa131c1f99....0.tmp
- /data/data/####/bugly_db_legu-journal
- /data/data/####/c38e6c303caeef2387dbf053186c253165a7c6b4254cc65....0.tmp
- /data/data/####/c76ba884a192e594826902dc6b89a7856bd4223d5af65e4....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.dushe.movie_preferences.xml
- /data/data/####/common_sp_0.xml
- /data/data/####/config.json
- /data/data/####/d9ee3570ddeca31f6835e73dc3f9ff0a67c2e4dbae4fdff....0.tmp
- /data/data/####/dc9e4e35c003a3ad1270d7a81d6bbdeb2012eebe319a523....0.tmp
- /data/data/####/device_id.xml.xml
- /data/data/####/e323a33732dab086f89c2579af14c224a6a79bc87db92ec....0.tmp
- /data/data/####/eb794efa28f8756958d1d26d5ef2eb1af4327610e564b0a....0.tmp
- /data/data/####/ed9bd25d8704578439c4194775708fa89331d0c41960623....0.tmp
- /data/data/####/f7f8f302a156dff7a16be602ef89ee48832f3d26ca83f38....0.tmp
- /data/data/####/fa8de8c8a840dc3f7ee0f65e8cfbc1270481d1fa79e31f2....0.tmp
- /data/data/####/firll.dat
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/gx_sp.xml
- /data/data/####/httpclient-req--505344409.cache
- /data/data/####/httpclient-req--505344409.cache (deleted)
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal.tmp
- /data/data/####/libcuid.so
- /data/data/####/libnfix.so
- /data/data/####/libshella-3.0.0.0.so
- /data/data/####/libufix.so
- /data/data/####/linkedme_referral_shared_pref.xml
- /data/data/####/local_crash_lock
- /data/data/####/local_crash_lock (deleted)
- /data/data/####/mix.dex
- /data/data/####/mob_commons_1.xml
- /data/data/####/mob_commons_1.xml.bak
- /data/data/####/mob_sdk_exception_1.xml
- /data/data/####/mobclick_agent_cached_com.dushe.movie50
- /data/data/####/movie0.db-journal
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/public_sp.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushk.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/server.json
- /data/data/####/share_sdk_1.xml
- /data/data/####/sharesdk.db-journal
- /data/data/####/tdata_JNg986
- /data/data/####/tdata_JNg986.jar
- /data/data/####/tdata_MkX219
- /data/data/####/tdata_MkX219.jar
- /data/data/####/tdata_iRz660
- /data/data/####/tdata_iRz660.jar
- /data/data/####/tdata_zzW503
- /data/data/####/tdata_zzW503.jar
- /data/data/####/umeng_general_config.xml
- /data/data/####/webview.db-journal
- /data/media/####/.al
- /data/media/####/.ccLock
- /data/media/####/.ccc
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.dh-journal
- /data/media/####/.dhlock
- /data/media/####/.dic_lock
- /data/media/####/.dk
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.lm_device_id
- /data/media/####/.nomedia
- /data/media/####/.nulal
- /data/media/####/.nulplt
- /data/media/####/.pkg_lock
- /data/media/####/.plst
- /data/media/####/.rc_lock
- /data/media/####/.usLock
- /data/media/####/app.db
- /data/media/####/com.dushe.movie.bin
- /data/media/####/com.dushe.movie.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/share_img.png
- /data/media/####/tdata_JNg986
- /data/media/####/tdata_MkX219
- /data/media/####/tdata_iRz660
- /data/media/####/tdata_zzW503
- /data/media/####/test.0
- /data/media/####/test.log
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.dushe.push.getui.GTPushService 24492 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-3.0.0.0.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- grep -E -v root|shell|system
- logcat -d -v threadtime
- mount
- sh
- top -d 0 -n 1
- Bugly
- genius_blur
- getuiext2
- hyphenate
- ijkffmpeg
- libnfix
- libshella-3.0.0.0
- libufix
- locSDK7
- neh
- nfix
- ufix
- AES
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding