Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) qin####.com.www.####.com:80
- TCP(HTTP/1.1) sh.wagbr####.aliyun####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) 1####.77.9.24:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) app.gdyu####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) res####.a####.com:80
- TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) app.gdyu####.com:443
- TCP(TLS/1.0) res####.a####.com:443
- TCP(TLS/1.0) open####.cc:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5224
- 7j####.c####.z0.####.com
- a####.u####.com
- amap####.cn-hang####.oss####.####.com
- app.gdyu####.com
- c####.g####.ig####.com
- c-h####.g####.com
- log.u####.com
- open####.cc
- pub-####.qin####.com
- res####.a####.com
- s####.u####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- app.gdyu####.com/userfiles/ueditor/admin/image/20170114/1484383470955074...
- qin####.com.www.####.com/tdata_EDT369
- sh.wagbr####.aliyun####.com/sdkcoor/android/x86/libJni_wgs2gcj.so
- t####.c####.q####.####.com/tdata_RSQ274
- t####.c####.q####.####.com/tdata_RbW195
- t####.c####.q####.####.com/tdata_qHR433
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- a####.u####.com/app_logs
- c-h####.g####.com/api.php?format=####&t=####
- res####.a####.com/v3/weather/weatherInfo
- sdk.o####.p####.####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####&d=####&k=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/0917694ecf2ec0f77590b9636a6d84bfe0edb57d15ed6b8....0.tmp
- /data/data/####/1553622829225.log
- /data/data/####/1b04a0b5457b6e083aa17b2cb91b3bd270a54f33c6c28f0....0.tmp
- /data/data/####/1d149f10ade404bbbdd7e1108a0644559495818f35a9f1d....0.tmp
- /data/data/####/327831a385c57108775ee2c4e293a98eed117e11c8843d5....0.tmp
- /data/data/####/3c37df44c188f7814f306a2e5bf77a3262ede5b4051a457....0.tmp
- /data/data/####/45462d14dc40e2f6637dcbabe8a89ba761e9f4bfc880f78....0.tmp
- /data/data/####/49de721b2dd43e0a649cb4067d61b2bc559afdf670d3794....0.tmp
- /data/data/####/5280275937733.0
- /data/data/####/55a721c730ad4d8872c9e64e1749c9b4104ec9f9261f1c9....0.tmp
- /data/data/####/56769af840efc589c4684b4b47ab2a6c6d2a3ee86b2e098....0.tmp
- /data/data/####/57d80b40258c
- /data/data/####/59f3c717e4805652162e2b6b05690e6bc79f8a1902e2103....0.tmp
- /data/data/####/5d4cc0721e87d4ae0eb9a596094efcb302d78832478f86e....0.tmp
- /data/data/####/6980346667225.0
- /data/data/####/6ca50ecbe75411c5ad7b14203748d8f7076f496f318e681....0.tmp
- /data/data/####/7056f108b1955997ae36e7ed7e2458b4f814213e1a8d2fe....0.tmp
- /data/data/####/753de100077d625ec8e6747065ff823f6347af31f629972....0.tmp
- /data/data/####/8043a5a8cc2b4bb10069c2dfc564054845a51129a3cc18b....0.tmp
- /data/data/####/8569fcff18e9e342f3930a959b7167027da8475245d0665....0.tmp
- /data/data/####/8a36f1646f46f419e3eff7a6002f10f52858de2aa9c4141....0.tmp
- /data/data/####/923bb71928a7979d01a27527d8bc752636472ab6983b9b1....0.tmp
- /data/data/####/9e7913346f53f2490e9da03f0bc336028530530c7b550ea....0.tmp
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/FM_config.xml
- /data/data/####/b02ac76e38b1c8d2f3d8c140a04737490d5366f5e4dbd32....0.tmp
- /data/data/####/b3aae6be721b04b73c655d59b0f5558616b69c4c4bd529a....0.tmp
- /data/data/####/b3bda703ba0d7fa1e480a3bd8b43288213b0145c9161f47....0.tmp
- /data/data/####/b4588369919b179a993528ee05da5be44cbac155cf1eb74....0.tmp
- /data/data/####/c84f6dd2da5b7980cb0092228abe23b5201446f5131f751....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/d324a977ceef090c45c5ac0be9a23f03cd316a7b783ebcf....0.tmp
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/db4b97c98cb261693843ac6424c7dd03f46b91da2248294....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f_000001
- /data/data/####/gdaemon_20161017
- /data/data/####/gkt-journal
- /data/data/####/gx_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/libjiagu.so
- /data/data/####/loctemp.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/tdata_RSQ274
- /data/data/####/tdata_RSQ274.jar
- /data/data/####/tdata_RbW195
- /data/data/####/tdata_RbW195.jar
- /data/data/####/tdata_qHR433
- /data/data/####/tdata_qHR433.jar
- /data/data/####/tray.db-journal
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_socialize.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/xUtils_http_cookie.db
- /data/data/####/xUtils_http_cookie.db-journal
- /data/data/####/yueyun_config.xml
- /data/data/####/yueyun_myinfo.xml
- /data/data/####/yueyun_versions.xml
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/als.db
- /data/media/####/als.db-journal
- /data/media/####/app.db
- /data/media/####/com.dhcfaster.yueyun.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/tdata_RSQ274
- /data/media/####/tdata_RbW195
- /data/media/####/tdata_qHR433
- /data/media/####/test.log
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 25046 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 25046 300 0
- getuiext2
- libjiagu
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding