Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) wx.q####.cn:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8012
- TCP(HTTP/1.1) q.q####.cn:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) thi####.q####.cn:80
- TCP(HTTP/1.1) app.luobosh####.com:80
- TCP(HTTP/1.1) q####.a####.com:80
- TCP(TLS/1.0) 2####.58.212.174:443
- TCP(TLS/1.0) img1-do####.b0.a####.com:443
- TCP(TLS/1.0) i####.doub####.com:443
- TCP(TLS/1.0) api.feeli####.com:443
- a####.u####.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- api.feeli####.com
- app.luobosh####.com
- i####.doub####.com
- i####.doub####.com
- i####.luobosh####.com
- q.q####.cn
- thi####.q####.cn
- thi####.q####.cn
- wx.q####.cn
- q####.a####.com/578e4003e4b0a743964a8a89/149667315147761.jpg
- q####.a####.com/58288821e4b04124f4f91af9/152529921542651.jpg
- q####.a####.com/58319250e4b04d7562607526/147971521867702.jpg
- q####.a####.com/5831bc8be4b04d756261664e/155585510516731.jpg
- q####.a####.com/586f4cd7e4b07fa822bb9251/154086242074495.jpg
- q####.a####.com/5874feeae4b07fa822c99870/152099873794401.jpg
- q####.a####.com/588b3898e4b0ca4f94985a0a/148552131226424.jpg
- q####.a####.com/5904af9ce4b03248a06676f2/155516724258215.jpg
- q####.a####.com/5993128ce4b028d6aa2624df/150330909685315.jpg
- q####.a####.com/59b7d505e4b0273735a13b9c/153285454845273.jpg
- q####.a####.com/59bf4c46e4b0b0b5cae9431a/154600048729474.jpg
- q####.a####.com/59ebd167e4b0a8f1695f8dc5/153570193619010.jpg
- q####.a####.com/59ef6307e4b0a8f16966bb96/153482230586451.jpg
- q####.a####.com/5a064fb2e4b0ec13347fb610/151036313042352.jpg
- q####.a####.com/5aa356bee4b006c4947f0aee/152518309343762.jpg
- q####.a####.com/5ad9ed5ce4b062ec8a030801/154381275368396.jpg
- q####.a####.com/5b59db29e4b0507a8eba79da/154919969021431.jpg
- q####.a####.com/5bea183be4b0c0c7ef6e3c71/154229770635553.jpg
- q####.a####.com/5c386f7ae4b0e19faf7478ea/154942828205464.jpg
- q####.a####.com/5c4078a9e4b0dcf57f5c6ad2/154886275522379.jpg
- q####.a####.com/5c7e3b6de4b0fb9597fc6689/155505258152725.jpg
- q####.a####.com/5cb84945e4b0f02e980b38cf/155618906945002.jpg
- q####.a####.com/luobooms/longArticle/15495267692023.jpg
- q####.a####.com/luobooms/longArticle/154952684758588.jpg
- q####.a####.com/luobooms/longArticle/155244520457753.jpg
- q####.a####.com/luobooms/longArticle/155313078303131.jpg
- q####.a####.com/luobooms/longArticle/155349087289850.jpg
- q####.a####.com/luobooms/longArticle/155471817098074.jpg
- q####.a####.com/luobooms/longArticle/155555881117828.jpg
- q####.a####.com/luobooms/longArticle/155603069729515.jpg
- q####.a####.com/luobooms/longArticle/155603071481311.jpg
- q####.a####.com/splashAd/1056/hdpi
- q.q####.cn/qqapp/1104888272/E3467B5584DABB200B23BC5C6D84832D/100
- q.q####.cn/qqapp/1104888272/EEC7B77180C543E301E46736CBB0DE65/100
- thi####.q####.cn/g?b=####&k=####&s=####
- thi####.q####.cn/mmopen/vi_32/Q0j4TwGTfTJ3TyRm5FrBNKy3UfAoeKKkxiaEzyBQua...
- thi####.q####.cn/mmopen/vi_32/zH7a2UcMP9TK8jobF0vqxX1NglIoVRpK1CSz1UJUmV...
- thi####.q####.cn/qqapp/1104888272/53137F5F4DF2F6EAAEED826D24978C83/100
- thi####.q####.cn/qqapp/1104888272/FAFC3AA70A9F11D02E2313FB05E91B0E/100
- wx.q####.cn/mmhead/Q3auHgzwzM4QCbBRHfBFY1759k9OzHpM3oib4fGQwCSacWlosG8l1...
- wx.q####.cn/mmopen/PiajxSqBRaEJW2LHV1hXpbOANZaDic3SpRykptyfjAW4GZxLTM7tB...
- a####.u####.com/app_logs
- aexcep####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- app.luobosh####.com/luoboserver/discover/list
- app.luobosh####.com/luoboserver/excerpt/bgBlockList
- app.luobosh####.com/luoboserver/excerpt/select
- app.luobosh####.com/luoboserver/excerpt/unlockBG
- app.luobosh####.com/luoboserver/parameter/list
- app.luobosh####.com/luoboserver/recommend/bookSet
- app.luobosh####.com/luoboserver/user/activate
- /data/data/####/-1490355015
- /data/data/####/-2015697543
- /data/data/####/-2141744983
- /data/data/####/.imprint
- /data/data/####/1056642461
- /data/data/####/832993036
- /data/data/####/947181164
- /data/data/####/APP_GAOSHOU_KEY.xml
- /data/data/####/BLOOMLIFE.xml
- /data/data/####/bugly_db_legu-journal
- /data/data/####/exchangeIdentity.json
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.10.4.1.so
- /data/data/####/local_crash_lock
- /data/data/####/luobo-journal
- /data/data/####/mix.dex
- /data/data/####/multidex.version.xml
- /data/data/####/security_info
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/.nomedia
- /data/media/####/10v8x1egamha5c8e4iwcqvu0.tmp
- /data/media/####/19-04-25.html
- /data/media/####/19tljvq64ib6qlxiqahfg9frq.tmp
- /data/media/####/1efh7anrjnjajayeu58oefyam.tmp
- /data/media/####/1jjco70xk9s9v1l4ajvrjl9t6.tmp
- /data/media/####/1jjzlyjfbefmruznvchisbjea.tmp
- /data/media/####/1kxbov9rw3o61sb4ymipnxnel.tmp
- /data/media/####/1n5xjeqvv3siojr7l9jrie2h1.tmp
- /data/media/####/1smypu3wwmv8pv5zf0njsi3ye.tmp
- /data/media/####/1uwbp0zedwf4x461uemksmmtv.tmp
- /data/media/####/1vh0e21u3x294fo1xrz3y2klq.tmp
- /data/media/####/1wf54lfg9n76gl1uja1lzuv7n.tmp
- /data/media/####/2101wxhzf9mdn4zm664n1ibm9.tmp
- /data/media/####/22wskagtev3zuiwhqnj81sy3u.tmp
- /data/media/####/25fprnwj92v7m7ji43xtfajsg.tmp
- /data/media/####/2a2bvhrmumtk5ivv097xkm35c.tmp
- /data/media/####/2ouwwym29eiqsb2c87ujqn3xs.tmp
- /data/media/####/2vt0xsnvp2h4lptppxylrhumk.tmp
- /data/media/####/2zcjyfcwld70jktpvky4pzlmj.tmp
- /data/media/####/31dy5wwv4pwg7ambc19tuzokh.tmp
- /data/media/####/35f34q31wqazuqiem76lr87sw.tmp
- /data/media/####/36mu5w7knvtnzj7jh2b2c8zyj.tmp
- /data/media/####/38cub2tg3eswldwhj454daqh5.tmp
- /data/media/####/3h1et9hprom0ysv549x8agksu.tmp
- /data/media/####/3lqrmyifp58dcukki5lmqwvip.tmp
- /data/media/####/3qfnaessp884afi7wrgdb1kqy.tmp
- /data/media/####/3vv9qf2r2r7wfx9dosc4ypva8.tmp
- /data/media/####/45lsksnmtmvctmbac6ia27hco.tmp
- /data/media/####/48lguymrxvsyw8fl3cv7wy9cp.tmp
- /data/media/####/4d7psdcgqahfnhr2shy2cync4.tmp
- /data/media/####/4pbxs56bth4plvbue33bzfsan.tmp
- /data/media/####/4sh0k29b00yrvsszwvj6ooe53.tmp
- /data/media/####/4yukxgbwz1hxu3w51ffdye6lp.tmp
- /data/media/####/51s357uq2d3qnls9hntkt546u.tmp
- /data/media/####/568usjsq2hht0rjlbp7w5iwt0.tmp
- /data/media/####/5n30o6u31qwq25hivdzq4757c.tmp
- /data/media/####/5ob97td2bwfu9j6yy8mkqk4jz.tmp
- /data/media/####/5pfj934z8i109feyy9ukeyncp.tmp
- /data/media/####/5qqhywc5i5hiq4gmjz62rlujb.tmp
- /data/media/####/61odj6w7lckevaq83rxboby5m.tmp
- /data/media/####/66wgwohelukgs1b6lhzjjzhr3.tmp
- /data/media/####/68fuox03snoyuxiylj1ap7b9w.tmp
- /data/media/####/69cuhtc88m88343fpp85pebpo.tmp
- /data/media/####/6pmpyuxase9ifdlu4idfk76dd.tmp
- /data/media/####/6qhxobhv3oonq0y1n4mhf9mb.tmp
- /data/media/####/6sjacanld382fpp7adkcz4xz.tmp
- /data/media/####/6xy5vj4muwjb9zvw2pzc1iu0l.tmp
- /data/media/####/6y0pn418p9ayb4oypftomd54m.tmp
- /data/media/####/78cj6596nama6ws4l92wfz9wz.tmp
- /data/media/####/anm5hi8be8rzfmry5maivbgl.tmp
- /data/media/####/asnpau35tv1vv1tb0u1xtrad.tmp
- /data/media/####/bnkyb71x1zznc85y5b1a4554.tmp
- /data/media/####/eop10xv7yqpjeqjq1b1w0i1e.tmp
- /data/media/####/kyk7q6nsbat1aa9kazsvuuyv.tmp
- /data/media/####/p4cuthha1m4i19bf4sdaqtc3.tmp
- /data/media/####/pv1yyngcb0m84yqobw5zivyg.tmp
- /data/media/####/v8n6xgpnmzywvbbnth4e91mp.tmp
- /data/media/####/zocm9q7wifo8xuud88mtoyql.tmp
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.10.4.1.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- Bugly
- hyphenate
- libnfix
- libshella-2.10.4.1
- libufix
- nfix
- ufix
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- AES-GCM-NoPadding