Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) qin####.com.www.####.com:80
- TCP(HTTP/1.1) sdk-ope####.g####.com:80
- TCP(HTTP/1.1) sh####.360t####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) www.quanmin####.com:80
- TCP(HTTP/1.1) s.3####.cn:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) gd.a.s####.com:80
- TCP(HTTP/1.1) ope####.mob####.360.cn:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) sh.wagbr####.aliyun####.com:80
- TCP(TLS/1.0) 1####.217.168.238:443
- TCP(TLS/1.0) res####.a####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5225
- 7j####.c####.z0.####.com
- a####.u####.com
- amap####.cn-hang####.oss####.####.com
- and####.b####.qq.com
- c####.g####.ig####.com
- c-h####.g####.com
- ope####.mob####.360.cn
- pub-####.qin####.com
- pv.s####.com
- res####.a####.com
- s.3####.cn
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- sh####.360t####.com
- www.quanmin####.com
- gd.a.s####.com/cityjson/?ie=####
- ope####.mob####.360.cn/index/upgrade?package=####&version=####&apk_versi...
- qin####.com.www.####.com/tdata_EDT369
- s.3####.cn/appstore/info.htm?package=####&apkversion=####&apk_version=##...
- sh####.360t####.com/160422/57b92647917cce029e2634ba82d77e69/libpatch.so
- sh####.360t####.com/160422/7bcec7e7c45683a01b4ffc5c68c66f94/libpatch1.so
- sh.wagbr####.aliyun####.com/sdkcoor/android/x86/libJni_wgs2gcj.so
- t####.c####.q####.####.com/config/hz-hzv6.conf
- t####.c####.q####.####.com/tdata_RSQ274
- t####.c####.q####.####.com/tdata_qHR433
- t####.c####.q####.####.com/tdata_xwL307
- www.quanmin####.com/"/photo/shanghu/b_1487749128945.jpg/"
- www.quanmin####.com/"/photo/shanghu/b_1487749129490.jpg/"
- www.quanmin####.com/"/photo/shanghu/b_1487749130862.jpg/"
- www.quanmin####.com/"/photo/shanghu/b_1487749132123.jpg/"
- www.quanmin####.com/"/photo/shanghu/b_1487749134793.jpg/"
- www.quanmin####.com/app20/bianminfuwu.php?bs=####&id=####&openid=####
- www.quanmin####.com/app20/bianminfuwu.php?bs=####&openid=####&shanghuid=...
- www.quanmin####.com/m/asset/css/app.css
- www.quanmin####.com/m/asset/css/mui.min.css
- www.quanmin####.com/m/asset/image/512.png
- www.quanmin####.com/m/asset/image/logo_time.png
- www.quanmin####.com/m/asset/image/no_comment.png
- www.quanmin####.com/m/asset/image/renzs_sex0.png
- www.quanmin####.com/m/asset/image/renzs_shop.png
- www.quanmin####.com/m/asset/js/common.js
- www.quanmin####.com/m/asset/js/jquery-1.10.1.min.js
- www.quanmin####.com/m/asset/js/mui.min.js
- www.quanmin####.com/m/asset/js/pullToRefresh/dropload.css
- www.quanmin####.com/m/asset/js/pullToRefresh/dropload.js
- www.quanmin####.com/m/asset/js/rem.js
- www.quanmin####.com/m/servicedetailsnew.html?src=####&id=####
- www.quanmin####.com/photo/fuwu/1488443117368.jpg
- www.quanmin####.com/photo/leibie/s_59c8de2e5d63b.png
- www.quanmin####.com/photo/leibie/s_59c8dec70a54c.png
- www.quanmin####.com/photo/leibie/s_59c8ded683361.png
- www.quanmin####.com/photo/leibie/s_59c8e00a0b6e1.png
- www.quanmin####.com/photo/shanghu/1502072449101.jpg
- www.quanmin####.com/photo/shanghu/b_1487749128945.jpg
- www.quanmin####.com/photo/shanghu/b_1487749129490.jpg
- www.quanmin####.com/photo/shanghu/b_1487749130862.jpg
- www.quanmin####.com/photo/shanghu/b_1487749132123.jpg
- www.quanmin####.com/photo/shanghu/b_1487749134793.jpg
- www.quanmin####.com/photo/xinxianshi/m_20171002195123_904.jpg
- www.quanmin####.com/photo/xinxianshi/m_20171002195124_962.jpg
- www.quanmin####.com/photo/zhiyezhao/s_1487749420242.jpg
- a####.u####.com/app_logs
- and####.b####.qq.com/rqd/async?aid=####
- c-h####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####&d=####&k=####
- www.quanmin####.com/app20/bianminfuwu.php
- www.quanmin####.com/app203/bianminfuwu.php
- www.quanmin####.com/app203/shequ.php
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/009e21858adf
- /data/data/####/0111686096690.0
- /data/data/####/1004
- /data/data/####/1552717032
- /data/data/####/1899867155
- /data/data/####/1918780084
- /data/data/####/195391317
- /data/data/####/2088400712
- /data/data/####/30111675496550.0
- /data/data/####/98494
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/ParseOfflineStore
- /data/data/####/ParseOfflineStore-journal
- /data/data/####/app_info.xml
- /data/data/####/applicationId
- /data/data/####/bugly_db_-journal
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.qinlin.lebang_preferences.xml
- /data/data/####/crashrecord.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/gdaemon_20161017
- /data/data/####/gkt-journal
- /data/data/####/gx_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/lebang-journal
- /data/data/####/libjiagu.so
- /data/data/####/libpatch
- /data/data/####/libpatch.so
- /data/data/####/libpatch1
- /data/data/####/libpatch1.so
- /data/data/####/local_crash_lock
- /data/data/####/loctemp.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/share_data_updatesdk.xml
- /data/data/####/tdata_RSQ274
- /data/data/####/tdata_RSQ274.jar
- /data/data/####/tdata_qHR433
- /data/data/####/tdata_qHR433.jar
- /data/data/####/tdata_xwL307
- /data/data/####/tdata_xwL307.jar
- /data/data/####/temp.tmp~
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/update.qh
- /data/data/####/user_info.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/xhrxzq-journal
- /data/media/####/.nomedia
- /data/media/####/000.html
- /data/media/####/01dfe72f989f754f051c5128f89925b8b6abededf54aea....0.tmp
- /data/media/####/5ca3f24e8c31d4d38d8e19803585dc49fbcc3afcfb0a9a....0.tmp
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/acef077850eac6648467318c6b640722a39202af38e6c2....0.tmp
- /data/media/####/als.db
- /data/media/####/als.db-journal
- /data/media/####/app.db
- /data/media/####/c466fa63a56435421322975720c8b409c2cf5ec80f9be5....0.tmp
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.qinlin.lebang.db
- /data/media/####/e96175ac47119a79b2a14b258a3843521c1d097f38179c....0.tmp
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/journal.tmp
- /data/media/####/tdata_RSQ274
- /data/media/####/tdata_qHR433
- /data/media/####/tdata_xwL307
- /data/media/####/test.log
- /system/bin/sh -c getprop androVM.vbox_dpi
- /system/bin/sh -c getprop gsm.sim.state
- /system/bin/sh -c getprop gsm.sim.state2
- /system/bin/sh -c getprop qemu.sf.fake_camera
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.debuggable
- /system/bin/sh -c getprop ro.genymotion.version
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.secure
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 24679 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- chmod 755 <Package Folder>/cache/360Download
- getprop androVM.vbox_dpi
- getprop gsm.sim.state
- getprop gsm.sim.state2
- getprop qemu.sf.fake_camera
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.debuggable
- getprop ro.genymotion.version
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.secure
- getprop ro.vivo.os.build.display.id
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 24679 300 0
- Bugly
- getuiext2
- libjiagu
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding