Technical information
- Adware.SalmonAds.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) dispat####.camer####.com:80
- TCP(HTTP/1.1) gj.ap####.uc.cn:80
- TCP(HTTP/1.1) m.d####.mob.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) a####.exc.mob.com:80
- TCP(HTTP/1.1) fk-old-####.ray####.com:80
- TCP(HTTP/1.1) c.d####.mob.com:80
- TCP(HTTP/1.1) ask.sta####.cn:2610
- TCP(HTTP/1.1) art####.camer####.com:80
- TCP(HTTP/1.1) cd####.md####.cn.####.cn:80
- TCP(HTTP/1.1) api.s####.mob.com:80
- TCP(HTTP/1.1) adma####.u####.u####.com:80
- TCP(HTTP/1.1) dispat####.3####.com:80
- TCP(HTTP/1.1) d####.d####.mob.com:80
- TCP(TLS/1.0) 1####.217.17.78:443
- TCP(TLS/1.0) s####.ml####.cc:443
- TCP(TLS/1.0) t####.growi####.com:443
- TCP(TLS/1.0) t.appsf####.com:443
- a####.exc.mob.com
- a####.u####.com
- adma####.u####.u####.com
- api.s####.mob.com
- art####.camer####.com
- ask.sta####.cn
- c.d####.mob.com
- cd####.md####.cn
- d####.d####.mob.com
- dispat####.3####.com
- dispat####.camer####.com
- gj.ap####.uc.cn
- m.d####.mob.com
- s####.ml####.cc
- set####.ray####.com
- smallap####.3####.com
- t####.growi####.com
- t.appsf####.com
- art####.camer####.com/api/art/auth?platform=####&mcc=####&appVersionCode...
- cd####.md####.cn.####.cn/resource/gis/46
- dispat####.3####.com/api/ad/incent?platform=####&mcc=####&appVersionCode...
- dispat####.3####.com/api/v1/list?platform=####&mcc=####&appVersionCode=#...
- dispat####.camer####.com/api/report/parserErr?platform=####&mcc=####&app...
- fk-old-####.ray####.com/appwall/setting?app_id=####&sign=####&platform=#...
- fk-old-####.ray####.com/setting?app_id=####&sign=####&platform=####&os_v...
- m.d####.mob.com/cconf?appkey=####&plat=####&apppkg=####&appver=####&netw...
- a####.exc.mob.com/errconf
- a####.u####.com/app_logs
- adma####.u####.u####.com/usetting/v1/fetch_config
- api.s####.mob.com/conf5
- api.s####.mob.com/conn
- api.s####.mob.com/log4
- api.s####.mob.com/snsconf
- ask.sta####.cn:2610/pservers/loadgis
- c.d####.mob.com/v2/cdata
- d####.d####.mob.com/dinfo
- d####.d####.mob.com/dsign
- gj.ap####.uc.cn/collect?zip=####&pf=####&pn=####&ve=####&vc=####&sdk_ve=...
- /data/data/####/-11443039471983236293
- /data/data/####/-1784322081240269976
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.lock
- /data/data/####/.mrecord
- /data/data/####/.mrlock
- /data/data/####/.statistics
- /data/data/####/9efd406713c950151eba042e6161ac5800c8eed3359a37d....0.tmp
- /data/data/####/ECPMD-2293-1554112004610
- /data/data/####/ECPMD-2596-1554112026976
- /data/data/####/ECPMD-2783-1554112038707
- /data/data/####/PBUD-2293-1554112004608
- /data/data/####/PBUD-2596-1554112026967
- /data/data/####/PBUD-2783-1554112038705
- /data/data/####/SMDus.pinguo.speyt.xml
- /data/data/####/ThrowalbeLog.db
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/ad_pref.xml
- /data/data/####/appsflyer-data.xml
- /data/data/####/artfilter_data.xml
- /data/data/####/bd.properties
- /data/data/####/bd_1554112006948.log
- /data/data/####/bd_1554112029644.log
- /data/data/####/bd_1554112038987.log
- /data/data/####/bd_lock.txt
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.google.android.gcm.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml
- /data/data/####/device_id.xml.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/growing.db
- /data/data/####/growing.db-journal
- /data/data/####/growing_profile.xml
- /data/data/####/growing_server_pref.xml
- /data/data/####/growingio_diagnose.xml
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/libjiagu1293505519.so
- /data/data/####/mob_commons_1.xml
- /data/data/####/mob_commons_1.xml.bak (deleted)
- /data/data/####/mob_sdk_exception_1.xml
- /data/data/####/mobvista.msdk.db
- /data/data/####/mobvista.msdk.db-journal
- /data/data/####/mobvista.xml
- /data/data/####/multidex.version.xml
- /data/data/####/mwsdk_analytics.db
- /data/data/####/mwsdk_analytics.db-journal
- /data/data/####/persistent_data.xml
- /data/data/####/qihoo_jiagu_crash_report.xml
- /data/data/####/share_sdk_1.xml
- /data/data/####/sharesdk.db
- /data/data/####/sharesdk.db-journal
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/us.pinguo.speyt.dex
- /data/data/####/us.pinguo.speyt.zip
- /data/data/####/us.pinguo.speyt_preferences.xml
- /data/media/####/.al
- /data/media/####/.ccLock
- /data/media/####/.ccc
- /data/media/####/.dh
- /data/media/####/.dh-journal
- /data/media/####/.dhlock
- /data/media/####/.dic_lock
- /data/media/####/.dk
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.nulal
- /data/media/####/.nulplt
- /data/media/####/.pkg_lock
- /data/media/####/.plst
- /data/media/####/.rcTag
- /data/media/####/.rc_lock
- /data/media/####/crash2019_04_01_09_47_03.dump
- /data/media/####/crash2019_04_01_09_47_15.dump
- /data/media/####/crash2019_04_01_09_47_41.dump
- /data/media/####/journal
- /data/media/####/journal.tmp
- /system/bin/cat /proc/cpuinfo
- app_process /system/bin com.android.commands.pm.Pm list packages
- grep -E -v root|shell|system
- pm list packages
- sh
- top -d 0 -n 1
- libjiagu1293505519
- neh
- AES
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS7Padding
- AES-CBC-PKCS7Padding
- AES-ECB-NoPadding