Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) qin####.com.www.####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) a.appj####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5225
- 7j####.c####.z0.####.com
- a.appj####.com
- c####.g####.ig####.com
- c-h####.g####.com
- pub-####.qin####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- qin####.com.www.####.com/tdata_EDT369
- t####.c####.q####.####.com/tdata_SzD730
- t####.c####.q####.####.com/tdata_ZCi456
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- a.appj####.com/ad-service/ad/mark
- c-h####.g####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/9aec83737209
- /data/data/####/H5F09F603.xml
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/clientid_igexin.xml
- /data/data/####/gdaemon_20161017
- /data/data/####/gx_sp.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/jg_app_update_settings_random.xml
- /data/data/####/libjiagu.so
- /data/data/####/pdr.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/tdata_SzD730
- /data/data/####/tdata_SzD730.jar
- /data/data/####/tdata_ZCi456
- /data/data/####/tdata_ZCi456.jar
- /data/data/####/umeng_general_config.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/media/####/20190325.log
- /data/media/####/add-credit-card.html
- /data/media/####/app.db
- /data/media/####/app.js
- /data/media/####/article-best.html
- /data/media/####/article-department-class.html
- /data/media/####/article-department-list.html
- /data/media/####/article-detail-sub.html
- /data/media/####/article-detail.html
- /data/media/####/article-edit-mobile.html
- /data/media/####/article-edit-pc.html
- /data/media/####/article-home.html
- /data/media/####/article-in-department.html
- /data/media/####/article-myself.html
- /data/media/####/article-pc.jpg
- /data/media/####/article-select-deparment.html
- /data/media/####/article.jpg
- /data/media/####/avatar.png
- /data/media/####/base.js
- /data/media/####/certification.html
- /data/media/####/chart.min.js
- /data/media/####/cn.com.familydoctor.doctor.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/consults-sub.html
- /data/media/####/consults.html
- /data/media/####/content.css
- /data/media/####/department-list.html
- /data/media/####/doctor-bg.png
- /data/media/####/doctor-tools.html
- /data/media/####/doctor_app_logo.png
- /data/media/####/edit-tip.png
- /data/media/####/group-notice.html
- /data/media/####/group-own.html
- /data/media/####/home.html
- /data/media/####/home_banner.png
- /data/media/####/hospital-area.html
- /data/media/####/hospital-city.html
- /data/media/####/hospital-list.html
- /data/media/####/icon-my-say.gif
- /data/media/####/icon-my-say.png
- /data/media/####/icon-other-say.png
- /data/media/####/icon-others-say.gif
- /data/media/####/icon-success.png
- /data/media/####/index.html
- /data/media/####/login.html
- /data/media/####/manifest.json
- /data/media/####/member-detail.html
- /data/media/####/modify-email.html
- /data/media/####/modify-mobile.html
- /data/media/####/modify-password.html
- /data/media/####/modify-profiles.html
- /data/media/####/modify-project.html
- /data/media/####/modify-servers.html
- /data/media/####/mui.imageviewer.css
- /data/media/####/mui.min.css
- /data/media/####/mui.min.js
- /data/media/####/mui.previewimage.js
- /data/media/####/mui.ttf
- /data/media/####/mui.zoom.js
- /data/media/####/my-cards.html
- /data/media/####/notice.html
- /data/media/####/online-ask-sub.html
- /data/media/####/online-ask.html
- /data/media/####/online-person-msg.html
- /data/media/####/papers.html
- /data/media/####/password-reset-submit.html
- /data/media/####/password-reset-verify.html
- /data/media/####/patients-check-in.html
- /data/media/####/patients.html
- /data/media/####/pencil.png
- /data/media/####/photo-view.html
- /data/media/####/photo.png
- /data/media/####/profiles-doctor.html
- /data/media/####/profiles-user.html
- /data/media/####/project-title.html
- /data/media/####/qr-code.html
- /data/media/####/qrcode.min.js
- /data/media/####/questionnaire-best.html
- /data/media/####/questionnaire-edit.html
- /data/media/####/questionnaire-model-detail.html
- /data/media/####/questionnaire-myself.html
- /data/media/####/questionnaire-send-list.html
- /data/media/####/questionnaire-statics.html
- /data/media/####/questionnaire.html
- /data/media/####/re-visit-sub.html
- /data/media/####/re-visit.html
- /data/media/####/register-mobile.html
- /data/media/####/register-password.html
- /data/media/####/register-profiles.html
- /data/media/####/send-msg.html
- /data/media/####/send-patiens-list.html
- /data/media/####/servers.html
- /data/media/####/style.css
- /data/media/####/success.png
- /data/media/####/tag-add.html
- /data/media/####/tag-detail.html
- /data/media/####/tags.html
- /data/media/####/tbio_en.js
- /data/media/####/tbio_zh.js
- /data/media/####/tdata_SzD730
- /data/media/####/tdata_ZCi456
- /data/media/####/teaching-title.html
- /data/media/####/test.css
- /data/media/####/test.log
- /data/media/####/textboxio.css
- /data/media/####/textboxio.js
- /data/media/####/topic-add.html
- /data/media/####/topic-detail.html
- /data/media/####/topic-manage.html
- /data/media/####/topic-reply.html
- /data/media/####/wallet.html
- /data/media/####/withdraw-money.html
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 25610 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 25610 300 0
- getuiext2
- libjiagu
- RSA-NONE-OAEPWithSHA1AndMGF1Padding