Technical information
- Android.Backdoor.657.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) amdc####.m.ta####.com:80
- TCP(HTTP/1.1) api.e####.cn:80
- TCP(HTTP/1.1) a.appj####.com:80
- TCP(HTTP/1.1) c.appj####.com:80
- TCP(HTTP/1.1) ax.admo####.top:80
- TCP(HTTP/1.1) pic.e####.cn:80
- TCP(TLS/1.0) rr3---s####.g####.com:443
- TCP(TLS/1.0) rr5---s####.g####.com:443
- TCP(TLS/1.0) gmscomp####.google####.com:443
- TCP(TLS/1.0) al####.u####.com:443
- TCP(TLS/1.0) plb####.u####.com:443
- TCP(TLS/1.0) www.google####.com:443
- TCP(TLS/1.0) 1####.251.36.46:443
- TCP(TLS/1.0) pic.e####.cn:443
- TCP(TLS/1.0) api.e####.cn:443
- TCP(TLS/1.0) p####.google####.com:443
- TCP(TLS/1.2) 1####.251.39.99:443
- TCP(TLS/1.2) www.google####.com:443
- UDP rr3---s####.g####.com:443
- UDP www.google####.com:443
- UDP p####.google####.com:443
- UDP rr5---s####.g####.com:443
- UDP rr1---s####.g####.com:443
- TCP zb-cent####.m.ta####.com:80
- TCP zb-cent####.m.ta####.com:443
- a.appj####.com
- a.e####.cn
- amdc####.m.ta####.com
- api.e####.cn
- ax.admo####.top
- c.appj####.com
- gmscomp####.google####.com
- p####.google####.com
- pic.e####.cn
- plb####.u####.com
- rr1---s####.g####.com
- rr3---s####.g####.com
- rr5---s####.g####.com
- u####.u####.com
- umen####.m.ta####.com
- umengj####.m.ta####.com
- www.google####.com
- api.e####.cn/public/getSecondaryHomeData.shtml?app=####&machine=####&app...
- api.e####.cn/public/getSecondaryHomeData.shtml?machine=####&appid=####&t...
- api.e####.cn:443/public/getAllInterest.shtml?machine=####&appid=####&ter...
- api.e####.cn:443/public/getInterest.shtml?machine=####&appid=####&termin...
- ax.admo####.top/favicon.ico
- ax.admo####.top/public/getClickUrlList.shtml?screenwidth=####&os=####&ln...
- ax.admo####.top/public/getInformationAd.shtml?screenwidth=####&os=####&l...
- ax.admo####.top/public/getStartUpImage.shtml?os=####&appversion=####&ims...
- ax.admo####.top/public/rab.shtml?id=####&network=####&machine=####
- ax.admo####.top/public/setMachineUa.shtml?screenwidth=####&os=####&lng=#...
- ax.admo####.top/public/showUrlVisit.shtml?os=####&osversion=####&appvers...
- pic.e####.cn/web/258794635.jpg
- pic.e####.cn:443/web/248710150.jpg!s4
- pic.e####.cn:443/web/262636210.jpg!m720
- pic.e####.cn:443/web/263540185.jpg!m720
- pic.e####.cn:443/web/264924853.jpg!m720
- pic.e####.cn:443/web/265161062.jpg!m720
- pic.e####.cn:443/web/265289445.jpg!m480
- a.appj####.com/jiagu/check/upgrade
- al####.u####.com:443/unify_logs
- amdc####.m.ta####.com/amdc/mobileDispatch?appkey=####&deviceId=####&plat...
- api.e####.cn:443/public/checkMachine.shtml
- api.e####.cn:443/public/getAdForAndroid.shtml
- api.e####.cn:443/public/getAdImageList.shtml
- api.e####.cn:443/public/getDifferentdataList.shtml
- api.e####.cn:443/public/getMallUrl.shtml
- api.e####.cn:443/public/getPublicValueForKey.shtml
- api.e####.cn:443/public/getSystemStartParameter.shtml
- c.appj####.com/ad/splash/stats.html
- plb####.u####.com:443/umpx_internal
- plb####.u####.com:443/umpx_push_launch
- plb####.u####.com:443/umpx_push_register
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/37c94fbf0ef77a2f_0
- /data/data/####/ACCS_BINDumeng;59aa5e16e88bad2aff001a84.xml
- /data/data/####/ACCS_SDK.xml
- /data/data/####/ACCS_SDK_CHANNEL.xml
- /data/data/####/AGOO_BIND.xml
- /data/data/####/AdloadStore.xml
- /data/data/####/Agoo_AppStore.xml
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/Cookies-journal
- /data/data/####/Ji.xml
- /data/data/####/MessageStore.db-journal
- /data/data/####/MsgLogStore.db-journal
- /data/data/####/UM_PROBE_DATA.xml
- /data/data/####/UserAgent.xml
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/a==7.3.1&&1.2.6_1651769602231_envelope.log
- /data/data/####/accs.db-journal
- /data/data/####/ad_show_time.xml
- /data/data/####/agoo.pid
- /data/data/####/classes.dex
- /data/data/####/classes.oat
- /data/data/####/classes2.dex
- /data/data/####/classes3.dex
- /data/data/####/cn.ecook.xml
- /data/data/####/cn.ecookxuezuofan_preferences.xml
- /data/data/####/collectiondatabase
- /data/data/####/collectiondatabase-journal
- /data/data/####/d==7.3.1&&1.2.6_1651769605324_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769606735_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769608560_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769609142_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769611155_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769613096_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769616345_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769618018_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769621675_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769622424_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769624212_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769625019_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769628473_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769631859_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769632570_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769633385_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769634946_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769637545_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769640611_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769642129_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769644372_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769646215_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769647719_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769652036_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769653949_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769654756_envelope.log
- /data/data/####/d==7.3.1&&1.2.6_1651769656273_envelope.log
- /data/data/####/dW1weF9pbnRlcm5hbF8xNjUxNzY5NjAwNjU0;
- /data/data/####/dW1weF9wdXNoX2xhdW5jaF8xNjUxNzY5NjIxOTk0;
- /data/data/####/dW1weF9wdXNoX3JlZ2lzdGVyXzE2NTE3Njk2MDI0MTI=;
- /data/data/####/e34edded50eecbf8_0
- /data/data/####/ecookdatabase
- /data/data/####/ecookdatabase-journal
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f9236e6975e22d2b_0
- /data/data/####/index
- /data/data/####/info.xml
- /data/data/####/jg_app_update_settings_random.xml
- /data/data/####/libjiagu.so
- /data/data/####/lonLat.xml
- /data/data/####/message_accs_db
- /data/data/####/message_accs_db-journal
- /data/data/####/metrics_guid
- /data/data/####/p==3.3.0&&1.2.6_1651769605788_envelope.log
- /data/data/####/proc_auxv
- /data/data/####/the-real-index
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_general_config.xml.bak
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_message_state.xml
- /data/media/####/0c61135c2fdcd71f15ad7297245abe44
- /data/media/####/23sxd09hugbdupvl3vbjjrayc
- /data/media/####/2ysq58vng69v991ssfe4hngfv.tmp
- /data/media/####/3t3lf06syf2qn4qcnwdu07fsk.tmp
- /data/media/####/5em92xculfcz7fq227296w1nn.tmp
- /data/media/####/5y5x1aryb3ojmg9qq0vgwyx9u.tmp
- /data/media/####/6c50da7c691a42b1a1895ae418e856cf
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/b428f6b40f5e4e12a036edd359b30396
- /data/media/####/collgred2vvcyacurny69aky.tmp
- /data/media/####/deviceToken
- /data/media/####/e190fe250776479e94b70f5423e40590
- /data/media/####/e95026f2dcea4aacacddddfbc2447a2f
- /data/media/####/inapp_20220505.log
- /data/media/####/w1dicd7sxrpkukbszw0j3fgi
- /data/misc/####/primary.prof
- chmod 755 /data/user/0/<Package>/.jiagu/libjiagu.so
- ls /
- ls /sys/class/thermal
- libjiagu
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- RSA
- RSA-ECB-NoPadding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding