Technical information
- Adware.Gexin.2.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) q####.c####.l####.####.com:80
- TCP(HTTP/1.1) cdn-sdk####.g####.com.####.com:80
- TCP(HTTP/1.1) norma-e####.m####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(TLS/1.0) api.quanxia####.net:443
- TCP(TLS/1.0) img.quanxia####.net.####.com:443
- TCP(TLS/1.0) p####.google####.com:443
- TCP(TLS/1.0) 1####.217.218.138:443
- TCP(TLS/1.0) and####.google####.com:443
- TCP(TLS/1.0) 1####.217.20.74:443
- TCP(TLS/1.2) 1####.177.126.94:443
- TCP(TLS/1.2) 1####.217.20.74:443
- TCP(TLS/1.2) 1####.217.218.138:443
- TCP sdk.o####.t####.####.com:5224
- TCP cm-1####.ig####.com:5225
- 7j####.c####.z0.####.com
- and####.google####.com
- api.quanxia####.net
- c-h####.g####.com
- cdn-sdk####.g####.com
- cm-1####.ig####.com
- img.quanxia####.net
- m####.go####.com
- norma-e####.m####.com
- oss-cn-####.aliy####.com
- p####.google####.com
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- cdn-sdk####.g####.com.####.com/tdata_Qna477
- cdn-sdk####.g####.com.####.com/tdata_trp703
- cdn-sdk####.g####.com.####.com/tdata_xEA084
- norma-e####.m####.com/android/exchange/getpublickey.do
- q####.c####.l####.####.com/config/hz-hzv6.conf
- q####.c####.l####.####.com/tdata_LRe817
- sdk.o####.p####.####.com/api/addr.htm
- c-h####.g####.com/api.php?format=####&t=####
- norma-e####.m####.com/push/android/external/add.do
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.cl
- /data/data/####/.jg.ic
- /data/data/####/.jg.store.report_cf
- /data/data/####/.jgck
- /data/data/####/0143826d5f856b8bf5fcd132b5f779cc76757856360c204....0.tmp
- /data/data/####/26c053e92869291e9910faa148d7ec2e919b76176e3e7e9....0.tmp
- /data/data/####/380fec2f09d30b0d07f60a7e4b7e5d0c4228ab27b0d8fe6....0.tmp
- /data/data/####/3bb3d055478d8be68349d4be5808a6d260c6b3bc92dc617....0.tmp
- /data/data/####/48032fc4eab1398d4df0e3c2a542aae67f65b1abf498168....0.tmp
- /data/data/####/5d500d70b6bf8f5b03a489a9877dd5994d799e909e58280....0.tmp
- /data/data/####/6102fd95789c7e9e703082fc8730b555da8202fc39afefb....0.tmp
- /data/data/####/811ccfb4407d783b04daa997f186eb929ad5472be6c9ed7....0.tmp
- /data/data/####/8d375da9f286ea83a80dc79fc0e72a4bcae5658cba656b4....0.tmp
- /data/data/####/92e5d01c8331715381e2b546ffe137d08db4a76cc76adc6....0.tmp
- /data/data/####/KFPushClient.xml
- /data/data/####/SP_AROUTER_CACHE.xml
- /data/data/####/a7b942cba107c5d73d73cb28e068fdce21b4ab49814e673....0.tmp
- /data/data/####/af7dd7e0b48e09dc2e0a5fd7d410d6de10bba77282ce16f....0.tmp
- /data/data/####/bad559f848e0749ede114ad6ac20d662e155f8ec9703a2f....0.tmp
- /data/data/####/bd9ec07494fed7677bd30a06bb2d94c1ab96b2031ddf2eb....0.tmp
- /data/data/####/c8b664b3c2e97260653f7167347f9e2e065435179bf4e2c....0.tmp
- /data/data/####/c961fc65300734666766150d20d759dca26b2f173b5d91f....0.tmp
- /data/data/####/cart.db-journal
- /data/data/####/cd9d576614cd753de9e01ec273b1d860879d416659f3e2f....0.tmp
- /data/data/####/classes.dex
- /data/data/####/classes.dex;classes2.dex
- /data/data/####/classes.dex;classes3.dex
- /data/data/####/classes.dex;classes4.dex
- /data/data/####/com.x.y.1.xml
- /data/data/####/com.x.y.1.xml.bak
- /data/data/####/com.x.y.2.xml
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/imKit.db-journal
- /data/data/####/im_shared_txt.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal.tmp
- /data/data/####/libjiagu.so
- /data/data/####/loginHistory.db-journal
- /data/data/####/mz_push_preference.xml
- /data/data/####/postDraft.db-journal
- /data/data/####/postEnvy.db-journal
- /data/data/####/proc_auxv
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/pushservice_umeng_common_config.xml
- /data/data/####/pushservice_umeng_common_config.xml.bak
- /data/data/####/run.pid
- /data/data/####/tdata_Qna477
- /data/data/####/tdata_Qna477.dex
- /data/data/####/tdata_Qna477.dex.flock (deleted)
- /data/data/####/tdata_Qna477.jar
- /data/data/####/tdata_trp703
- /data/data/####/tdata_trp703.dex
- /data/data/####/tdata_trp703.dex.flock (deleted)
- /data/data/####/tdata_trp703.jar
- /data/data/####/tdata_xEA084
- /data/data/####/tdata_xEA084.dex
- /data/data/####/tdata_xEA084.dex.flock (deleted)
- /data/data/####/tdata_xEA084.jar
- /data/data/####/umeng_common_config.xml
- /data/data/####/yyg.ini.xml
- /data/data/####/yyg.ini.xml.bak
- /data/media/####/2020-04-22.log.txt
- /data/media/####/app.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/com.qxq.mobile.bin
- /data/media/####/com.qxq.mobile.db
- /data/media/####/deviceInfo.data
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/logs.csv
- /data/media/####/tdata_Qna477
- /data/media/####/tdata_trp703
- /data/media/####/tdata_xEA084
- /data/media/####/test.log
- /data/misc/####/primary.prof
- /system/bin/dex2oat --instruction-set=x86 --dex-file=<Package Folder>/.jiagu/classes.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes2.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes3.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes4.dex --oat-file=<Package Folder>/.jiagu/classes.oat --inline-depth-limit=0 --compiler-filter=speed
- /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/tdata_Qna477.jar --oat-fd=60 --oat-location=/data/user/0/<Package>/files/tdata_Qna477.dex --compiler-filter=speed
- /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/tdata_trp703.jar --oat-fd=56 --oat-location=/data/user/0/<Package>/files/tdata_trp703.dex --compiler-filter=speed
- /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/files/tdata_xEA084.jar --oat-fd=51 --oat-location=/data/user/0/<Package>/files/tdata_xEA084.dex --compiler-filter=speed
- AES
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-ECB-PKCS5Padding
- DES-ECB-PKCS5Padding