Technical information
- Adware.Plague.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) ad.zdw####.com:80
- TCP(HTTP/1.1) co####.zdw####.com:80
- TCP(HTTP/1.1) net.ray####.com:80
- TCP(HTTP/1.1) act.box.zdw####.com:80
- TCP(HTTP/1.1) box.s####.zdw####.com:80
- TCP(TLS/1.0) fu-7fab####.upaly####.com:443
- a####.u####.com
- a.api.ad-l####.com
- act.box.zdw####.com
- ad.zdw####.com
- box.s####.zdw####.com
- co####.zdw####.com
- e.anzhua####.com
- e1.anzhua####.com
- e2.anzhua####.com
- fu-7fab####.upaly####.com
- net.ray####.com
- network####.zdw####.com
- ad.zdw####.com/ad/get?platform=####&sid=####&last_modified=####&sys=####...
- co####.zdw####.com/params/2001?platform=####&sid=####&last_modified=####...
- net.ray####.com/appwall/setting?app_id=####&sign=####&platform=####&os_v...
- net.ray####.com/setting?app_id=####&sign=####&platform=####&os_version=#...
- act.box.zdw####.com/api
- box.s####.zdw####.com/get_online_config
- <Package Folder>/app_mxnbd/classes.jar
- <Package Folder>/cache/ads788331187.jar
- <Package Folder>/databases/GetJarDBApplicationKey-journal
- <Package Folder>/databases/authCache-journal
- <Package Folder>/databases/dbkecem-journal
- <Package Folder>/databases/mobvista.msdk.db-journal
- <Package Folder>/databases/toolbox-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/files/####/1510833320247
- <Package Folder>/files/####/1510833320277
- <Package Folder>/files/splash_config
- <Package Folder>/files/umeng_it.cache
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/<Package>session.xml
- <Package Folder>/shared_prefs/GetJarClientPrefs.xml
- <Package Folder>/shared_prefs/JsonReportPrefs.xml
- <Package Folder>/shared_prefs/MonitoringServicesPrefs.xml
- <Package Folder>/shared_prefs/mobvista.xml
- <Package Folder>/shared_prefs/splash_pref.xml
- <Package Folder>/shared_prefs/umeng_general_config.xml
- <Package Folder>/shared_prefs/zda_agent_online_setting_<Package>.xml
- <SD-Card>/.zdworks/####/channel.txt
- AES-CBC-PKCS5Padding
- DES-ECB-PKCS5Padding
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding