Technical information
- Android.Triada.477.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) q####.c####.l####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) sdk-ope####.g####.com:80
- TCP(HTTP/1.1) api.sdk.f####.cn:80
- TCP(HTTP/1.1) adv.patrick####.com.cn:80
- TCP(HTTP/1.1) api.htp.hubc####.####.cn:45600
- TCP(HTTP/1.1) adv.99y####.com:80
- TCP(HTTP/1.1) j####.lie####.cn:80
- TCP(HTTP/1.1) r####.hubc####.com.####.net:80
- TCP(HTTP/1.1) ser####.dc####.net.cn:80
- TCP(HTTP/1.1) ttl.educl####.cn:2122
- TCP(TLS/1.0) api.voic####.cn:443
- TCP(TLS/1.0) ser####.dc####.net.cn:443
- TCP(TLS/1.0) log####.ifl####.com:443
- TCP(TLS/1.0) p####.ou####.com:4433
- TCP(TLS/1.0) abc.abcdse####.com:8888
- TCP sdk.o####.t####.####.com:5224
- TCP cm-1####.ig####.com:5227
- abc.abcdse####.com
- adv.99y####.com
- adv.mali####.com
- adv.patrick####.com.cn
- adv.reading####.com.cn
- api.htp.hubc####.####.cn
- api.sdk.f####.cn
- api.v2.sdk.####.cn
- api.voic####.cn
- c-h####.g####.com
- cm-1####.ig####.com
- j####.lie####.cn
- log####.ifl####.com
- p####.ou####.com
- pub-####.qin####.com
- r####.hubc####.com.cn
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- ser####.dc####.net.cn
- st####.dc####.net.cn
- ttl.educl####.cn
- www.dc####.io
- api.htp.hubc####.####.cn:45600/mb/external/pkg?platform=####&appid=####&...
- api.sdk.f####.cn/v2/initUrl?appId=####
- q####.c####.l####.####.com/config/hz-hzv6.conf
- q####.c####.l####.####.com/tdata_EDT356
- r####.hubc####.com.####.net/map/sdk/external/20190505
- ser####.dc####.net.cn/urd.json?v=####
- ttl.educl####.cn:2122/download/banner/fudao.png
- ttl.educl####.cn:2122/download/banner/wenda.png
- ttl.educl####.cn:2122/download/banner/xiu.png
- ttl.educl####.cn:2122/uploadPath/2019-07-13/1563015095532_1563015205868_...
- ttl.educl####.cn:2122/uploadPath/2019-07-14/1563113774594_1563113863904_...
- ttl.educl####.cn:2122/uploadPath/2019-07-15/1563153781638_1563153864498_...
- ttl.educl####.cn:2122/uploadPath/2019-07-15/1563153929309_1563153957490_...
- ttl.educl####.cn:2122/uploadPath/2019-07-28/1564292902420_1564292946851_...
- ttl.educl####.cn:2122/uploadPath/2019-07-29/1564378054886_1564378090794_...
- ttl.educl####.cn:2122/uploadPath/2019-08-01/1564639195507_1564639299056_...
- ttl.educl####.cn:2122/uploadPath/2019-08-01/1564639334369_1564639416821_...
- ttl.educl####.cn:2122/uploadPath/2019-08-03/1564788377177_1564788432900_...
- ttl.educl####.cn:2122/uploadPath/2019-08-03/1564829512568_1564829558504_...
- ttl.educl####.cn:2122/uploadPath/2019-08-03/1564831951806_1564832004682_...
- ttl.educl####.cn:2122/uploadPath/2019-08-04/1564910474787_1564910532833_...
- ttl.educl####.cn:2122/uploadPath/2019-08-07/1565172718680_1565172779772_...
- ttl.educl####.cn:2122/uploadPath/2019-08-11/1565499473664_1565499552563_...
- ttl.educl####.cn:2122/uploadPath/2019-08-11/1565515288227_1565515415545_...
- ttl.educl####.cn:2122/uploadPath/2019-08-12/1565603376875_1565603412132_...
- adv.99y####.com/adv/pluginReq
- adv.patrick####.com.cn/adv/pluginReq
- api.htp.hubc####.####.cn:45600/mb/sdk/heartbeat/v1
- api.htp.hubc####.####.cn:45600/mb/sdk0
- c-h####.g####.com/api.php?format=####&t=####
- j####.lie####.cn/v2/cp?appId=####
- sdk-ope####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####&d=####&k=####
- ttl.educl####.cn:2122/ask/listQuestion
- ttl.educl####.cn:2122/public/getAdvert
- ttl.educl####.cn:2122/terminal/terminalUpdate
- ttl.educl####.cn:2122/user/getParentsCenter
- /data/data/####/.imei.txt
- /data/data/####/1557054675.jar
- /data/data/####/2086810806.jar
- /data/data/####/6c1235cecfa1
- /data/data/####/AdDex.4.0.1.dex
- /data/data/####/FLY_AD_SHARED.xml
- /data/data/####/H5EB611E7.xml
- /data/data/####/LY_AD_KEY.xml
- /data/data/####/MultiDex.lock
- /data/data/####/_adio.dcloud.feature.ad.a.a.xml
- /data/data/####/adhubsdk_config.xml
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/clientid_igexin.xml
- /data/data/####/com.lzlz.sxttl_dna.xml
- /data/data/####/com.lzlz.sxttl_preferences.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_1 (deleted)
- /data/data/####/data_2
- /data/data/####/data_2 (deleted)
- /data/data/####/data_3
- /data/data/####/data_3 (deleted)
- /data/data/####/dc_ad_type_key.xml
- /data/data/####/ehd4t3.lock
- /data/data/####/eje3cnc
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/f_00000f
- /data/data/####/f_000010
- /data/data/####/f_000011
- /data/data/####/file__0.localstorage-journal
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/html5Geo.xml
- /data/data/####/iflytek_collect_state.xml
- /data/data/####/iflytek_device_info.zip
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/init_urls.xml
- /data/data/####/multidex.version.xml
- /data/data/####/pdr.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/start_statistics_data.xml
- /data/data/####/stream_permission.xml
- /data/data/####/test_app
- /data/data/####/tmp-com.lzlz.sxttl-1.apk.classes1935617354.zip
- /data/data/####/umeng_general_config.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/media/####/.imei.txt
- /data/media/####/.nomedia
- /data/media/####/AdEnable.dat
- /data/media/####/app.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.lzlz.sxttl.db
- /data/media/####/fab51a2f3d9f32473a5b0d41db0393bf.xml
- /data/media/####/test.log
- /system/bin/cat /proc/cpuinfo
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 24446 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- ls -l /system/bin/su
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 24446 300 0
- ehd4t3
- getuiext3
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- DES-CBC-PKCS5Padding
- Des-ECB-NoPadding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- ARCFOUR
- Des-ECB-NoPadding