Technical information
- Adware.Panda.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) oc.u####.com:80
- TCP(HTTP/1.1) www.pan####.net:8080
- TCP(HTTP/1.1) ap####.diy####.net:80
- TCP(HTTP/1.1) img.l####.b####.com:80
- TCP(TLS/1.0) 1####.217.168.238:443
- a####.u####.com
- ap####.diy####.net
- au.u####.co
- au.u####.com
- img.l####.b####.com
- mt####.go####.com
- oc.u####.com
- www.pan####.net
- ap####.diy####.net/app/getAppList.do?type=####&index=####&count=####&lan...
- ap####.diy####.net/banner/getBannerAdList.do?adPosition=####&lang=####
- ap####.diy####.net/conf/config.json
- ap####.diy####.net/resourcePackage/getPackageThemeList.do?pkgName=####&i...
- ap####.diy####.net/resourcePackage/getThemeList.do?type=####&index=####&...
- ap####.diy####.net/resourcePackageType/getThemeTypeList.do?lang=####
- img.l####.b####.com/upload_file/2016/09/09/TTI_0d816982-126f-4f86-a3e5-a...
- img.l####.b####.com/upload_file/2016/09/09/TTI_215ef77d-2626-4942-9aa1-1...
- img.l####.b####.com/upload_file/2016/09/09/TTI_360082c5-c40e-4675-b681-0...
- img.l####.b####.com/upload_file/2016/09/09/TTI_84bbca40-437e-48b7-9809-7...
- img.l####.b####.com/upload_file/2016/09/09/TTI_93c66d6e-a861-4361-81aa-9...
- img.l####.b####.com/upload_file/2016/10/27/TTI_a83120b8-6bf7-4ff3-bfa5-2...
- img.l####.b####.com/upload_file/2017/01/10/TI_3d835863-033c-48cb-8e68-4d...
- img.l####.b####.com/upload_file/2017/01/15/TI_5e920439-1a2c-4f76-853f-b5...
- img.l####.b####.com/upload_file/2017/01/15/TI_e5d504c3-d510-4be4-987b-d4...
- img.l####.b####.com/upload_file/t_TI/2017/01/20/3ed3c7b7-4edb-4d7f-adef-...
- img.l####.b####.com/upload_file/t_TI/2017/01/20/ee592feb-5039-4c8e-b8f1-...
- img.l####.b####.com/upload_file/t_TI/2017/01/21/387acd99-e2ef-4fe3-a6c0-...
- img.l####.b####.com/upload_file/t_TI/2017/01/21/a17ff5d7-0ba2-46c3-b6c4-...
- img.l####.b####.com/upload_file/t_TI/2017/01/21/b1d3435e-2b72-4a14-b26c-...
- img.l####.b####.com/upload_file/t_TI/2017/01/21/de96fd27-0f85-4759-aba4-...
- img.l####.b####.com/upload_file/t_TI/2017/01/22/11ed8116-f03c-4b35-aa5a-...
- img.l####.b####.com/upload_file/t_TI/2017/01/22/3304efab-5046-4d9e-8d60-...
- img.l####.b####.com/upload_file/t_TI/2017/01/22/5f9f2f86-2979-4bd8-9fb1-...
- img.l####.b####.com/upload_file/t_TI/2017/01/22/971f49e7-6358-45b4-8c8e-...
- img.l####.b####.com/upload_file/t_TI/2017/01/23/382a19b9-057d-4957-af89-...
- img.l####.b####.com/upload_file/t_TI/2017/01/23/ae1ea98c-dbbe-4228-81f0-...
- img.l####.b####.com/upload_file/t_TI/2017/01/25/7b9e09be-da48-4710-bbba-...
- img.l####.b####.com/upload_file/t_TI/2017/01/25/9e90af4e-5b81-449d-a150-...
- img.l####.b####.com/upload_file/t_TI/2017/01/25/b45acc19-11f9-4473-b815-...
- img.l####.b####.com/upload_file/t_TI/2017/01/25/c40a06b1-5f21-4048-9c28-...
- img.l####.b####.com/upload_file/t_TI/2017/01/25/ca8451c0-8e49-4a95-b31c-...
- img.l####.b####.com/upload_file/t_TI/2017/01/25/d9e6bd1f-c35e-4a73-9510-...
- img.l####.b####.com/upload_file/t_TI/2017/01/27/2b2bd50e-109b-40ff-972c-...
- img.l####.b####.com/upload_file/t_TI/2017/01/27/7a795b61-e13d-4df2-9f61-...
- a####.u####.com/app_logs
- oc.u####.com/check_config_update
- www.pan####.net:8080/Mini/req.action?
- www.pan####.net:8080/banner/req.action?
- www.pan####.net:8080/fview/req.action?
- www.pan####.net:8080/lscr/reqmore?
- www.pan####.net:8080/nlock/request?
- /data/data/####/.imprint
- /data/data/####/WORLD_SHARED.xml
- /data/data/####/cn.jpush.serverconfig.xml
- /data/data/####/com.jw.bdas.tejvt;GSID.xml
- /data/data/####/com.jw.bdas.tejvt_preferences.xml
- /data/data/####/com.jw.bdas.tejvt_preferences.xml.bak
- /data/data/####/com.jw.bdas.tejvt_preferences.xml.bak (deleted)
- /data/data/####/daemon
- /data/data/####/mobclick_agent_cached_com.jw.bdas.tejvt63
- /data/data/####/mobclick_agent_online_setting_com.jw.bdas.tejvt.xml
- /data/data/####/typeface.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/-1131239625.tmp
- /data/media/####/-146908427.tmp
- /data/media/####/-1862734389.tmp
- /data/media/####/-675842061.tmp
- /data/media/####/1463973513.tmp
- /data/media/####/1de9ee2f-4266-4a46-b08b-dd1dfc55553a_snapshot.tmp
- /data/media/####/1dfc8970-a423-4ce1-aea6-b789f859ff15_snapshot.tmp
- /data/media/####/22297be0-6a5a-4eae-894d-26fb82a5fde9_snapshot.tmp
- /data/media/####/26a8876a-3c97-4671-a6e6-060978ff8706_snapshot.tmp
- /data/media/####/4b8aca6e-fc6c-4678-86a1-32f2c537b07f_snapshot.tmp
- /data/media/####/621132d2a647dca55477d31b9badf9c0.zip
- /data/media/####/62925895.tmp
- /data/media/####/82bff697-a473-45bf-8212-da1995b80726_snapshot.tmp
- /data/media/####/8cbc9e4e-63f1-42e4-bd2b-d042dce1dbaa_snapshot.tmp
- /data/media/####/8cfcf304-0295-4c30-b745-f2e2a5359fbb_snapshot.tmp
- /data/media/####/a8aea6b0-28d2-4e0f-bf38-0e229eb28751_snapshot.tmp
- /data/media/####/cf3de4b1-c45b-430f-92a4-5890a7de723e_snapshot.tmp
- /data/media/####/config.json.tmp
- /data/media/####/d84632ab-c8af-4bfa-97a2-fac212faec2e_snapshot.tmp
- /data/media/####/dcf98ffd-3941-4c55-bb3e-135b6664d86a_snapshot.tmp
- /data/media/####/de3a1416-65b8-4c7c-8938-9538c63afb69_snapshot.tmp
- chmod 777 <Package Folder>/daemon
- dd if=<Package Folder>/lib/libdaemon.so of=<Package Folder>/daemon
- getprop ro.miui.ui.version.name
- sh
- bspatch
- jpush173
- AES-CBC-PKCS5Padding
- DES