Technical information
- Adware.Appsad.11.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) cdn.offline####.net:80
- TCP(HTTP/1.1) lh6.g####.com:80
- TCP(HTTP/1.1) u####.b####.com:80
- TCP(HTTP/1.1) stra####.l####.net:80
- TCP(HTTP/1.1) pl####.mob####.b####.com:80
- TCP(HTTP/1.1) adv.offline####.net:80
- TCP(TLS/1.0) safebro####.google####.com:443
- TCP(TLS/1.0) 64.2####.165.95:443
- TCP(TLS/1.0) 64.2####.164.95:443
- TCP(TLS/1.2) 64.2####.165.95:443
- TCP(TLS/1.2) 2####.85.233.138:443
- TCP(TLS/1.2) 1####.194.73.94:443
- adv.offline####.net
- api.alt####.com
- api.alt####.com.####.8
- api.mob####.b####.####.8
- api.mob####.b####.com
- cdn.offline####.net
- lh6.g####.com
- m####.go####.com
- pl####.mob####.b####.com
- s####.mob####.b####.####.8
- s####.mob####.b####.com
- safebro####.google####.com
- sdk.api.alt####.####.8
- sdk.api.alt####.com
- stra####.l####.net
- u####.b####.com
- up.offline####.net
- up.offline####.net.####.8
- adv.offline####.net/stat/v2/imp?aff_id=####&ak_id=####&local=####&channe...
- adv.offline####.net/stat/v2/request?aff_id=####&ak_id=####&local=####&ch...
- cdn.offline####.net/appstore/richmedia/20160418/qq6dlhhqteh0xibidt9cjwzp...
- lh6.g####.com/K9czCJMDj3G4AUonnuDi6yYgbQ37vgIcRygRzzF36r79nfitFFBIrYdMxi...
- u####.b####.com/setting/grobal_strategy?p=####&hp=####&l=####&c=####&pro...
- adv.offline####.net/native/v2/recommend
- pl####.mob####.b####.com/test_ad_app_dex.php
- stra####.l####.net/config
- /data/data/####/-536790363-1592737165
- /data/data/####/921942903-927616174
- /data/data/####/AdsBusiness-data.xml
- /data/data/####/AdsBusiness-data.xml.bak
- /data/data/####/Datebase-journal
- /data/data/####/L-mbt-1611143808358-1166691219.log
- /data/data/####/L-mbt-1611143810730-1931187284.log
- /data/data/####/L-mbt-1611143815783-1739317223.log
- /data/data/####/L-mbt-1611143816049-2050963832.log
- /data/data/####/L-mbt-1611143825706-1711663108.log
- /data/data/####/L-mbt-1611143826417-2072027109.log
- /data/data/####/L-mbt-1611143831220-1862809283.log
- /data/data/####/L-mbt-1611143831396-932619951.log
- /data/data/####/L-mbt-1611143831427-1010691407.log
- /data/data/####/L-mbt-1611143831451-1919703114.log
- /data/data/####/L-mbt-1611143831455-667787354.log
- /data/data/####/L-mbt-1611143831519-1115272878.log
- /data/data/####/L-mbt-1611143831560-1181245290.log
- /data/data/####/L-mbt-1611143831620-445617227.log
- /data/data/####/L-mbt-1611143831665-2121480571.log
- /data/data/####/L-mbt-1611143842080-606403671.log
- /data/data/####/L-mbt-1611143887144-224893196.log
- /data/data/####/L-mbt-1611143902170-2083193126.log
- /data/data/####/L-mbv-1611143862927-909507099.log
- /data/data/####/L-mbv-1611143877538-378575316.log
- /data/data/####/L-mbv-1611143922537-861700755.log
- /data/data/####/L-msl-1611143808369-908139958.log
- /data/data/####/L-msl-1611143817320-1902346440.log
- /data/data/####/L-msl-1611143832084-1796059895.log
- /data/data/####/L-msl-1611143832132-1374836054.log
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/altamob_ads
- /data/data/####/altamob_ads-journal
- /data/data/####/altamob_device
- /data/data/####/altamob_log_new_cache
- /data/data/####/altamob_sp_sdk.xml
- /data/data/####/altamob_sp_sdk.xml.bak
- /data/data/####/aps.xml
- /data/data/####/apscomm.xml
- /data/data/####/batsdk_crash_switch.xml
- /data/data/####/caller_sdk.xml
- /data/data/####/classes.dex
- /data/data/####/classes.dex.flock (deleted)
- /data/data/####/classes.zip
- /data/data/####/com.powercleaner_ls_global_configs_sp.xml
- /data/data/####/com.powercleaner_pref.xml
- /data/data/####/com.powercleaner_preferences.xml
- /data/data/####/daemon
- /data/data/####/ls_sp_date.xml
- /data/data/####/metrics_guid
- /data/data/####/proc_auxv
- /data/data/####/sharepreference_common_record.xml
- /data/data/####/sharepreference_common_record.xml.bak
- /data/data/####/sharepreference_url_param.xml
- /data/media/####/.cuid
- /data/media/####/journal
- /data/media/####/journal.tmp
- /data/misc/####/primary.prof
- /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/.mbj/dex/classes.zip --oat-fd=35 --oat-location=/data/user/0/<Package>/.mbj/opt/classes.dex --compiler-filter=speed
- /system/bin/dex2oat --runtime-arg -classpath --runtime-arg & --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2,-lock_add,popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --dex-file=/data/user/0/<Package>/.mbj/dex/classes.zip --oat-fd=46 --oat-location=/data/user/0/<Package>/.mbj/opt/classes.dex --compiler-filter=speed
- /system/lib/arm/houdini /data/user/0/<Package>/app_bin/daemon mars_d -p <Package> -s powercleaner.monitor.Service2 -p1r 33 -p1w 34 -p2r 36 -p2w 37
- /system/lib/arm/houdini /data/user/0/<Package>/app_bin/daemon mars_d -p <Package> -s powercleaner.monitor.Service2 -p1r 33 -p1w 35 -p2r 36 -p2w 37
- app_process /system/bin com.android.commands.am.Am startservice --user 0 -n <Package>/powercleaner.monitor.Service2
- chmod 700 /data/user/0/<Package>/app_bin/daemon
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-ECB-NoPadding
- DES-CBC-PKCS5Padding