Technical information
- Android.Backdoor.203.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) nav.cn.ron####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) 59.53.1####.240:443
- TCP(HTTP/1.1) 1####.50.65.111:443
- TCP(HTTP/1.1) 35.2####.137.38:443
- TCP(HTTP/1.1) s####.cn.ron####.com:80
- TCP(HTTP/1.1) 1####.75.109.31:443
- TCP(HTTP/1.1) 1####.198.14.47:443
- TCP(HTTP/1.1) 47.2####.48.204:443
- TCP(HTTP/1.1) 1####.50.40.203:443
- TCP(TLS/1.0) sticker####.ron####.com:443
- TCP(TLS/1.0) c####.cp####.net:443
- TCP(TLS/1.0) 35.2####.137.38:443
- TCP(TLS/1.0) 47.2####.48.204:443
- TCP(TLS/1.0) md####.google####.com:443
- TCP(TLS/1.0) 1####.75.109.31:443
- TCP(TLS/1.0) 1####.50.40.203:443
- TCP(TLS/1.0) ap.cp####.net:443
- TCP(TLS/1.0) 59.53.1####.240:443
- TCP(TLS/1.0) 1####.198.14.47:443
- TCP(TLS/1.0) 74.1####.143.95:443
- TCP(TLS/1.2) 1####.177.127.94:443
- TCP(TLS/1.2) 74.1####.143.95:443
- TCP(TLS/1.2) 1####.217.218.102:443
- UDP md####.google####.com:443
- TCP 1####.50.17.153:8000
- TCP 1####.75.26.141:443
- UDP 74.1####.143.95:443
- and####.b####.qq.com
- ap.cp####.net
- c####.cp####.net
- cn-n1-p####.leanc####.cn
- f####.52t####.com
- l####.xi####.net
- l####.xi####.net
- md####.google####.com
- nav.cn.ron####.com
- s####.cn.ron####.com
- sticker####.ron####.com
- 1####.50.40.203:443/emoticonservice/emopkgs
- 1####.50.65.111:443/
- 47.2####.48.204:443/api/v1/sc_stations?timestamp=####&sign=####
- 59.53.1####.240:443/kfnmLIx8RMQBd8nAsob8kzMJU2UH6Yxo/Stations_app.json
- 1####.198.14.47:443/configcloud/rest/sdk/match
- 1####.75.109.31:443/active.json
- 35.2####.137.38:443/u/a/v1/ad4297b4
- 47.2####.48.204:443/api/graphql/
- and####.b####.qq.com/rqd/async?aid=####
- nav.cn.ron####.com/navipush.json
- s####.cn.ron####.com/setandroidpushtoken.json
- /data/data/####/.cl
- /data/data/####/.jg.ic
- /data/data/####/1004
- /data/data/####/1630077161736_3758
- /data/data/####/1630077162068_3897
- /data/data/####/1630077162231_3803
- /data/data/####/1630077164862_3803
- /data/data/####/1630077165476_3897
- /data/data/####/1630077165497_3758
- /data/data/####/1630077166520_3758
- /data/data/####/1630077169894_3803
- /data/data/####/1630077169942_3803
- /data/data/####/1630077170119_3758
- /data/data/####/1630077170160_3758
- /data/data/####/1630077170301_3897
- /data/data/####/1630077170338_3897
- /data/data/####/1630077170779_3803
- /data/data/####/4Paj7MSbinstallation
- /data/data/####/AV_PUSH_SERVICE_APP_DATA.xml
- /data/data/####/Archimedes_p1
- /data/data/####/Archimedes_p2
- /data/data/####/Archimedes_p3
- /data/data/####/Archimedes_p4
- /data/data/####/Archimedes_p5
- /data/data/####/COUNTLY_STORE.xml
- /data/data/####/RongPush.xml
- /data/data/####/RongPushAppConfig.xml
- /data/data/####/Statistics.xml
- /data/data/####/Statistics.xml.bak
- /data/data/####/TD_IP_CACHE.xml
- /data/data/####/TD_app_pefercen_profile.xml
- /data/data/####/TD_app_pefercen_profile.xml.bak
- /data/data/####/TDpref_cloudcontrol1.xml
- /data/data/####/TDpref_longtime.xml
- /data/data/####/TDpref_longtime.xml (deleted)
- /data/data/####/TDpref_longtime.xml.bak (deleted)
- /data/data/####/TDpref_longtime0.xml
- /data/data/####/TDpref_shorttime.xml
- /data/data/####/androidx.work.workdb-journal
- /data/data/####/app_db-journal (deleted)
- /data/data/####/bugly_db_-journal
- /data/data/####/classes.dex
- /data/data/####/classes.dex;classes2.dex
- /data/data/####/classes.dex;classes3.dex
- /data/data/####/classes.dex;classes4.dex
- /data/data/####/classes.dex;classes5.dex
- /data/data/####/classes.dex;classes6.dex
- /data/data/####/classes.oat
- /data/data/####/com.avos.push.router.server.cache4Paj7MSbcOPWbU...sz.xml
- /data/data/####/crashrecord.xml
- /data/data/####/data.preferences_pb
- /data/data/####/dso_deps
- /data/data/####/dso_lock
- /data/data/####/dso_manifest
- /data/data/####/dso_state
- /data/data/####/iv
- /data/data/####/libjiagu.so
- /data/data/####/local_crash_lock
- /data/data/####/locale.config.xml
- /data/data/####/native_record_lock
- /data/data/####/proc_auxv
- /data/data/####/rlogs.db-journal (deleted)
- /data/data/####/salt
- /data/data/####/security_info
- /data/data/####/tdid.xml
- /data/misc/####/primary.prof
- /data/user_de/####/move_to_de_records.xml
- getprop
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- RC4-ECB-NoPadding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding