Technical information
- Adware.Waps.5.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(HTTP/1.1) p3.q####.com:80
- TCP(HTTP/1.1) e####.com:80
- TCP(HTTP/1.1) www.36####.com:80
- TCP(HTTP/1.1) p0.q####.com:80
- TCP(TLS/1.0) ssl.gst####.com:443
- TCP(TLS/1.0) www.go####.com:443
- TCP(TLS/1.0) www.go####.nl:443
- TCP(TLS/1.0) 2####.58.211.110:443
- TCP(TLS/1.0) www.gst####.com:443
- TCP(TLS/1.0) adser####.go####.com:443
- TCP e####.com:8888
- a####.u####.com
- adser####.go####.com
- e####.com
- l####.tbs.qq.com
- p0.q####.com
- p3.q####.com
- p5.q####.com
- p8.q####.com
- p9.q####.com
- ssl.gst####.com
- www.36####.com
- www.go####.com
- www.go####.nl
- www.gst####.com
- e####.com/uuyingshi//nymz.txt
- e####.com/uuyingshi//peizhi.txt
- e####.com/uuyingshi//sb.txt
- p0.q####.com/t016d389e50ad5d462d.jpg
- p0.q####.com/t01794ef2151fe8a90f.jpg
- p0.q####.com/t017cc748788eb1dd9e.jpg
- p0.q####.com/t01a02b0e9ac491628b.jpg
- p0.q####.com/t01bf7de485dd3e03d3.jpg
- p0.q####.com/t01c1267d1730a33a54.jpg
- p0.q####.com/t01e29ca6f56ef54eda.jpg
- p3.q####.com/d/dy_3b50c319bf4f3c627fa770da03044e6b.jpg
- p3.q####.com/d/dy_5a282193070e2f5b987a6fa008a432bb.jpg
- p3.q####.com/d/dy_a88e7daeba7004652f52b48b5556fed7.jpg
- p3.q####.com/d/dy_c42f8f2d78926f3df6fbcbe3387a68ff.jpg
- p3.q####.com/t01ba3df783f49ff5bf.jpg
- www.36####.com/dianying/list
- a####.u####.com/app_logs
- l####.tbs.qq.com/ajax?c=####&k=####
- /data/anr/traces.txt
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/WebpageIcons.db-journal
- /data/data/####/core_info
- /data/data/####/debug.conf
- /data/data/####/libjiagu2053190082.so
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbs_load_stat_flag.xml
- /data/data/####/tbs_report_lock.txt
- /data/data/####/tbslock.txt
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/webview.db-journal
- /data/media/####/.nomedia
- /data/media/####/1xtgp21wsytz13buil0iwiwbc.tmp
- /data/media/####/2q7iwu3zwvan8zyujdj8aug90.tmp
- /data/media/####/4d5fm2jvxjr8tgmljuwujl1f3.tmp
- /data/media/####/4ikf8z8otrxjjc72clfrwppd6.tmp
- /data/media/####/4n9a7fsb2gr78n5jzaethsx2b.tmp
- /data/media/####/4t5dvwj4yoow3z2vivd8nooqy.tmp
- /data/media/####/6pykyumtkx9newp8vmf6ziqqd.tmp
- /data/media/####/6q96y6w6gqsg0gf9f9ync5nl4.tmp
- /data/media/####/6rbxi9ro1mew05zfuykdorh1.tmp
- /data/media/####/6uhhxs3sdm4zd6dgafc1ofpv0.tmp
- /data/media/####/940sr77j6nso38mjbcffk5hn.tmp
- /data/media/####/Mxz.db
- /data/media/####/Mxz.db-journal
- /data/media/####/tbslog.txt
- /data/media/####/zoc6mtf3qa63b76bzggtweqc.tmp
- chmod 755 <Package Folder>/.jiagu/libjiagu2053190082.so
- libjiagu2053190082
- RSA-ECB-NoPadding