Technical information
- Adware.Plague.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) www.iz####.com:80
- TCP(HTTP/1.1) aserver####.m.ta####.com:80
- TCP(HTTP/1.1) wzsh####.com:80
- TCP(HTTP/1.1) api.iz####.com:80
- TCP(HTTP/1.1) api.24k####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(TLS/1.0) yt.mm####.com:443
- TCP(TLS/1.0) ipm.atm.y####.com:443
- TCP(TLS/1.0) vt####.y####.com:443
- TCP(TLS/1.0) shp.q####.cn:443
- TCP(TLS/1.0) st####.y####.com:443
- TCP(TLS/1.0) itea####.qq.com.####.com:443
- TCP(TLS/1.0) pco####.y####.com:443
- TCP(TLS/1.0) af.al####.com:443
- TCP(TLS/1.0) gm.mm####.com:443
- TCP(TLS/1.0) co####.ad####.cn:443
- TCP(TLS/1.0) 2####.58.212.238:443
- TCP(TLS/1.0) d.sin####.cn.####.net:443
- TCP(TLS/1.0) weiboi####.g####.sina####.com:443
- TCP(TLS/1.0) g.al####.com:443
- TCP(TLS/1.0) aserver####.m.ta####.com:443
- TCP(TLS/1.0) log.mm####.com:443
- TCP(TLS/1.0) wild####.al####.com.####.net:443
- a####.u####.com
- aeu.al####.com
- af.al####.com
- api.24k####.com
- api.iz####.com
- api.y####.com
- bsv.atm.y####.com
- co####.ad####.cn
- ems.y####.com
- g.al####.com
- gm.mm####.com
- ipm.atm.y####.com
- itea####.qq.com
- log.mm####.com
- m####.y####.com
- m.y####.com
- mf.atm.y####.com
- p####.dj####.com
- p####.dj####.com
- p####.dj####.com
- pco####.y####.com
- pl####.y####.com
- r.sin####.cn
- shp.q####.cn
- st####.api.3g.####.com
- st####.y####.com
- ups.y####.com
- vt####.y####.com
- www.iz####.com
- wx1.sin####.cn
- wzsh####.com
- yt.mm####.com
- api.iz####.com/game/articlelist-1000-1.html?=####
- api.iz####.com/game/articlelist-1001-1.html?=####
- api.iz####.com/game/artistlist-1.html?=####
- api.iz####.com/game/artistvideolist-1-1.html?=####
- api.iz####.com/game/artistvideolist-2-1.html?=####
- aserver####.m.ta####.com/imp?e=####&pid=####&htch=####&r_=####
- www.iz####.com/Js/jquery.min.js
- www.iz####.com/game/7796310.html
- www.iz####.com/game/detailimagejson-7796310.html
- wzsh####.com/d/file/201712/230b2e98ed0ba9fba221bfb2dab17aa7.jpg
- wzsh####.com/d/file/201801/13264f19fe3c36eb8cfa2766b4c17758.jpg
- wzsh####.com/d/file/201801/24733d0eb53823bff65e9d0d85674b48.jpg
- wzsh####.com/d/file/201801/4564480be2c09524b14f7e060e7d56cb.jpg
- wzsh####.com/d/file/201801/5abb4a84fb0a502e47186038499fb494.jpg
- wzsh####.com/d/file/201801/86fb3096a022ed7548f51b310a43f5bd.jpg
- wzsh####.com/d/file/201801/a2094a7947248a14ff848bd801c81b2f.jpg
- wzsh####.com/d/file/201801/e7532f0f201fd8ae242d44dda739fab5.jpg
- wzsh####.com/img/remote1/20180102112709.jpg
- a####.u####.com/app_logs
- api.24k####.com/zsjh/granddream/<Package>
- /data/data/####/.imprint
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/classes.jar
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dbtdr-journal
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/fzbkt
- /data/data/####/index
- /data/data/####/multidex.version.xml
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.nomedia
- /data/media/####/16llgovmx7mvm2bmiceufv9uz0.tmp
- /data/media/####/180a0roxh4nb1xi1tlv6xxcxb0.tmp
- /data/media/####/1ctre4ny5k9koyg21x5ynf3ml0.tmp
- /data/media/####/1qnan4ho2f7wghf35fkde0ffg0.tmp
- /data/media/####/2mz6gxq6nkaecmdaxikcq6o2m0.tmp
- /data/media/####/2pm6jgr9kzx0qy43colqzmtma0.tmp
- /data/media/####/2v8y8wcn25jwu1vzljyatxpk70.tmp
- /data/media/####/3pqwdffnisft89zpdq2fodmjo0.tmp
- /data/media/####/4u6hl3ilx2dbxqukkl8kql64e0.tmp
- /data/media/####/54zorwc90dgfl8coag1a4vfgf0.tmp
- /data/media/####/5ulgtgx6a4qzj92gtvo2mzwho0.tmp
- /data/media/####/5zr3p621ghp63yawesui4yp9n0.tmp
- /data/media/####/a7yw4oke8ybvu5iev68ln3xj0.tmp
- /data/media/####/journal
- /data/media/####/journal.tmp
- /data/media/####/o5q85cqu6imouhzooa4goaqt0.tmp
- /data/media/####/pzmgtatafxfryrlyb5qlmxej0.tmp
- /data/media/####/w3ro8z1cv2zrnc02z0xbj24i0.tmp
- /data/media/####/zkkdobfa368jsevd6xnm94m60.tmp
- AES-CBC-PKCS7Padding
- DES-ECB-PKCS5Padding
- AES-CBC-PKCS7Padding