DLA UŻYTKOWNIKÓW

Zamknij

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum
Profile

PL

RU CN DE EN ES FR IT JP KZ UZ PL BY
Zamknij
Support services
Scanners
Dr.Web vxCube
Trial
VCI investigations
Virus library
Knowledge base

Technologies

Terminology

Training and education

Myths

News

Adware.Gexin.23093

Added to the Dr.Web virus database: 2022-07-21

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Adware.Gexin.2.origin
Network activity:
Connects to:
  • UDP(DNS) 8####.8.4.4:53
  • TCP(HTTP/1.1) sdk.c####.g####.####.cn:80
  • TCP(HTTP/1.1) c.appj####.com:80
  • TCP(HTTP/1.1) a####.u####.com:80
  • TCP(HTTP/1.1) a.appj####.com:80
  • TCP(TLS/1.0) and####.a####.go####.com:443
  • TCP(TLS/1.0) p####.google####.com:443
  • TCP(TLS/1.0) app-mea####.com:443
  • TCP(TLS/1.0) 1####.194.222.101:443
  • TCP(TLS/1.0) gmscomp####.google####.com:443
  • TCP(TLS/1.2) 74.1####.205.95:443
  • TCP(TLS/1.2) 1####.250.150.94:443
  • TCP cm-1####.g####.com:5225
  • TCP sdk.o####.t####.####.com:5224
  • UDP rr2---s####.g####.com:443
  • UDP p####.google####.com:443
DNS requests:
  • a####.u####.com
  • a.appj####.com
  • and####.a####.go####.com
  • and####.google####.com
  • app-mea####.com
  • c.appj####.com
  • cm-1####.g####.com
  • gmscomp####.google####.com
  • m####.go####.com
  • p####.google####.com
  • rr2---s####.g####.com
  • sdk.c####.g####.com
  • sdk.o####.t####.####.com
  • sdk.o####.t####.####.com
  • sdk.o####.t####.####.net
HTTP GET requests:
  • sdk.c####.g####.####.cn/config/hzv9.conf
HTTP POST requests:
  • a####.u####.com/app_logs
  • a.appj####.com/jiagu/check/upgrade
  • c.appj####.com/ad/splash/stats.html
File system changes:
Creates the following files:
  • /data/anr/traces.txt
  • /data/data/####/.imprint
  • /data/data/####/.jg.ic
  • /data/data/####/60x60.gif
  • /data/data/####/Alvin2.xml
  • /data/data/####/ContextData.xml
  • /data/data/####/Cookies-journal
  • /data/data/####/H56A293B4.xml
  • /data/data/####/H56A293B4.xml.bak
  • /data/data/####/Oval.png
  • /data/data/####/WebViewChromiumPrefs.xml
  • /data/data/####/about.html
  • /data/data/####/about_me.html
  • /data/data/####/accept-cash-bill-details.html
  • /data/data/####/accept-cash-bill-list.html
  • /data/data/####/acceptCashBillDetails.js
  • /data/data/####/acceptCashBillList.js
  • /data/data/####/ad_show_time.xml
  • /data/data/####/add-house.html
  • /data/data/####/add-room.html
  • /data/data/####/add_custom.html
  • /data/data/####/add_custom.js
  • /data/data/####/add_describe.html
  • /data/data/####/add_describe.js
  • /data/data/####/add_edit_house.html
  • /data/data/####/add_edit_house.js
  • /data/data/####/add_first_bill.html
  • /data/data/####/add_first_bill.js
  • /data/data/####/add_house.js
  • /data/data/####/add_house_pic.html
  • /data/data/####/add_house_pic.js
  • /data/data/####/add_material.html
  • /data/data/####/add_material.js
  • /data/data/####/add_yezhu_info.html
  • /data/data/####/add_yezhu_info.js
  • /data/data/####/add_zuwu_bill.html
  • /data/data/####/add_zuwu_bill.js
  • /data/data/####/agreement.html
  • /data/data/####/api_rest.js
  • /data/data/####/api_rest_keep.js
  • /data/data/####/api_rest_submodule.js
  • /data/data/####/app.css
  • /data/data/####/app.js
  • /data/data/####/arttmpl-helper.js
  • /data/data/####/arttmpl.js
  • /data/data/####/bangdinList.js
  • /data/data/####/bangdin_list.html
  • /data/data/####/bankcard_choose.html
  • /data/data/####/bankcard_choose.js
  • /data/data/####/bankcard_choose_two.html
  • /data/data/####/bankcard_choose_two.js
  • /data/data/####/bankcard_info.html
  • /data/data/####/bankcard_info.js
  • /data/data/####/base64.js
  • /data/data/####/bgcolor.png
  • /data/data/####/bill_detail.html
  • /data/data/####/bill_detail.js
  • /data/data/####/bill_list.html
  • /data/data/####/bill_list.js
  • /data/data/####/bill_pay_keyboard.js
  • /data/data/####/bill_payment.js
  • /data/data/####/bill_send_zuke_tip.html
  • /data/data/####/bill_send_zuke_tip.js
  • /data/data/####/bill_type_page.html
  • /data/data/####/bill_type_page.js
  • /data/data/####/bind_backcard.js
  • /data/data/####/bind_bankcard.html
  • /data/data/####/blankbg1.png
  • /data/data/####/blankbg2.png
  • /data/data/####/box.gif
  • /data/data/####/building_houses_manage.html
  • /data/data/####/building_houses_manage.js
  • /data/data/####/building_search.html
  • /data/data/####/building_search_content.html
  • /data/data/####/business_stats.html
  • /data/data/####/business_stats.js
  • /data/data/####/business_stats_list.html
  • /data/data/####/business_stats_list.js
  • /data/data/####/business_stats_sub.html
  • /data/data/####/business_stats_sub.js
  • /data/data/####/button.css
  • /data/data/####/cash-bill-details.html
  • /data/data/####/cash-summary-list.html
  • /data/data/####/cashBillDetails.js
  • /data/data/####/cashSummaryList.js
  • /data/data/####/cash_reserve_sucess.html
  • /data/data/####/cash_reserve_sucess.js
  • /data/data/####/cc.db
  • /data/data/####/cc.db-journal
  • /data/data/####/chexiao-no.png
  • /data/data/####/chexiao.png
  • /data/data/####/classes.dex
  • /data/data/####/classes.oat
  • /data/data/####/classes2.dex
  • /data/data/####/collection_bill_detail.html
  • /data/data/####/collection_bill_detail.js
  • /data/data/####/comm.css
  • /data/data/####/contact_me.html
  • /data/data/####/contract_detail.html
  • /data/data/####/contract_detail.js
  • /data/data/####/contract_list.html
  • /data/data/####/contract_list.js
  • /data/data/####/contract_reminder.html
  • /data/data/####/contract_reminder.js
  • /data/data/####/cuishou_tags.html
  • /data/data/####/cuishou_tags.js
  • /data/data/####/cuishou_tags_two.js
  • /data/data/####/cunri.png
  • /data/data/####/custom_bill_add.html
  • /data/data/####/custom_bill_add.js
  • /data/data/####/custom_bill_detail.html
  • /data/data/####/custom_bill_detail.js
  • /data/data/####/custom_bill_edit.html
  • /data/data/####/custom_bill_item_fee.html
  • /data/data/####/custom_bill_item_fee.js
  • /data/data/####/custom_bill_list.html
  • /data/data/####/custom_bill_list.js
  • /data/data/####/customerDetails.js
  • /data/data/####/customerList.js
  • /data/data/####/customer_details.html
  • /data/data/####/customer_list.html
  • /data/data/####/customer_suggest_search.html
  • /data/data/####/customer_suggest_search.js
  • /data/data/####/customer_suggest_search_content.html
  • /data/data/####/daichuzu-no.png
  • /data/data/####/daichuzu.png
  • /data/data/####/dateUtils.js
  • /data/data/####/deal_details.html
  • /data/data/####/deal_details.js
  • /data/data/####/deal_house.html
  • /data/data/####/deal_house.js
  • /data/data/####/deposit_key.html
  • /data/data/####/deposit_key.js
  • /data/data/####/dianhua.png
  • /data/data/####/dingzhi.png
  • /data/data/####/dispatch_order.html
  • /data/data/####/dispatch_order.js
  • /data/data/####/dwx.png
  • /data/data/####/dynamic_introduce.html
  • /data/data/####/dynamics_home_page.html
  • /data/data/####/dynamics_home_page.js
  • /data/data/####/echarts-all.js
  • /data/data/####/echarts.js
  • /data/data/####/edit_bill.html
  • /data/data/####/edit_bill.js
  • /data/data/####/edit_bill_item.html
  • /data/data/####/edit_bill_item.js
  • /data/data/####/edit_chaobiao.html
  • /data/data/####/edit_chaobiao.js
  • /data/data/####/edit_contract.html
  • /data/data/####/edit_contract.js
  • /data/data/####/eighteenfive_collection_history.html
  • /data/data/####/eighteenfive_collection_history.js
  • /data/data/####/eighteenfive_collection_label.html
  • /data/data/####/eighteenfive_collection_label.js
  • /data/data/####/eighteenfive_collection_management.html
  • /data/data/####/eighteenfive_collection_management.js
  • /data/data/####/eighteenfive_off_reminde_rent.html
  • /data/data/####/eighteenfive_off_reminde_rent.js
  • /data/data/####/eighteenfive_on_reminde_zuwu.html
  • /data/data/####/eighteenfive_on_reminde_zuwu.js
  • /data/data/####/eighteenfive_select_house.html
  • /data/data/####/eighteenfive_select_house.js
  • /data/data/####/eighteenfive_upload_credentials.html
  • /data/data/####/eighteenfive_upload_credentials.js
  • /data/data/####/eighteenfour_listings.html
  • /data/data/####/eighteenfour_listtings.js
  • /data/data/####/eighteenfour_statistics.html
  • /data/data/####/eighteenfour_statistics.js
  • /data/data/####/exchangeIdentity.json
  • /data/data/####/fangyuuan-no.png
  • /data/data/####/fangyuuan.png
  • /data/data/####/finance_manage_new.html
  • /data/data/####/finance_manage_new.js
  • /data/data/####/finance_stats.html
  • /data/data/####/finance_stats.js
  • /data/data/####/forget-pwd.html
  • /data/data/####/forget_pwd.js
  • /data/data/####/form_validator.js
  • /data/data/####/fu.png
  • /data/data/####/fzhuli_bill_stat.html
  • /data/data/####/fzhuli_bill_stat.js
  • /data/data/####/fzhuli_cuishou_bills.html
  • /data/data/####/fzhuli_cuishou_bills.js
  • /data/data/####/getui_sp.xml
  • /data/data/####/github-light.css
  • /data/data/####/guide.html
  • /data/data/####/hetong-no.png
  • /data/data/####/hetong.png
  • /data/data/####/hetongwx1.png
  • /data/data/####/hetongwx2.png
  • /data/data/####/house_detail_browse.html
  • /data/data/####/house_detail_browse.js
  • /data/data/####/house_list_profit_or_lost_stats.html
  • /data/data/####/house_list_profit_or_lost_stats.js
  • /data/data/####/house_management.png
  • /data/data/####/house_profile.html
  • /data/data/####/house_profile.js
  • /data/data/####/house_profit_or_lost_stats.html
  • /data/data/####/house_profit_or_lost_stats.js
  • /data/data/####/house_qr.html
  • /data/data/####/house_qr.js
  • /data/data/####/house_reserve_history.html
  • /data/data/####/house_reserve_history.js
  • /data/data/####/house_search.html
  • /data/data/####/house_search_content.html
  • /data/data/####/house_titles.html
  • /data/data/####/house_titles.js
  • /data/data/####/house_yaoqing_zuke.html
  • /data/data/####/house_yaoqing_zuke.js
  • /data/data/####/houses_manage.html
  • /data/data/####/houses_manage.js
  • /data/data/####/houses_manage2.html
  • /data/data/####/icon_chenggong.png
  • /data/data/####/icon_cuishou.png
  • /data/data/####/icon_daiding.png
  • /data/data/####/icon_dingdan.png
  • /data/data/####/icon_hetongdaoqi.png
  • /data/data/####/icon_jiedantongji.png
  • /data/data/####/icon_kehu.png
  • /data/data/####/icon_shouxianjin.png
  • /data/data/####/icon_shuidian.png
  • /data/data/####/icon_xinzeng.png
  • /data/data/####/icon_yaoshi.png
  • /data/data/####/icon_zhanweitu.png
  • /data/data/####/icon_zuqianshiwu.png
  • /data/data/####/icon_zuwutongji.png
  • /data/data/####/iconfont.ttf
  • /data/data/####/iconfont2.ttf
  • /data/data/####/icons-extra.css
  • /data/data/####/income_expenditure_detail.html
  • /data/data/####/income_expenditure_detail.js
  • /data/data/####/income_expenditure_detail_sub.html
  • /data/data/####/index
  • /data/data/####/index.html
  • /data/data/####/init.pid
  • /data/data/####/init_c1.pid
  • /data/data/####/invate3.png
  • /data/data/####/invate4.png
  • /data/data/####/invate5.png
  • /data/data/####/invate6.png
  • /data/data/####/invate7.png
  • /data/data/####/invate_ma.png
  • /data/data/####/inventory.html
  • /data/data/####/inventory.js
  • /data/data/####/investStatistics.js
  • /data/data/####/invest_details.html
  • /data/data/####/invest_details.js
  • /data/data/####/invest_statistics_list.html
  • /data/data/####/invite_tenant.html
  • /data/data/####/invite_tenant.js
  • /data/data/####/jg_app_update_settings_random.xml
  • /data/data/####/jiantou.png
  • /data/data/####/jquery.media.js
  • /data/data/####/jquery.min.js
  • /data/data/####/keep-add-house.html
  • /data/data/####/keep_add_house.js
  • /data/data/####/keep_zhuwu.css
  • /data/data/####/keeper_list.html
  • /data/data/####/keeper_list.js
  • /data/data/####/key.css
  • /data/data/####/key1.png
  • /data/data/####/key2.png
  • /data/data/####/key3.png
  • /data/data/####/key4.png
  • /data/data/####/key5.png
  • /data/data/####/key6.png
  • /data/data/####/key7.png
  • /data/data/####/keyDepositList.js
  • /data/data/####/keyDetails.js
  • /data/data/####/keyHistoryList.js
  • /data/data/####/keyList.js
  • /data/data/####/keyUsedList.js
  • /data/data/####/key_deposit_list.html
  • /data/data/####/key_details.html
  • /data/data/####/key_history_list.html
  • /data/data/####/key_list.html
  • /data/data/####/key_ma_moren.png
  • /data/data/####/key_saoma.html
  • /data/data/####/key_saoma.js
  • /data/data/####/key_suggest_search.html
  • /data/data/####/key_suggest_search.js
  • /data/data/####/key_suggest_search_content.html
  • /data/data/####/key_tip.html
  • /data/data/####/key_tip.js
  • /data/data/####/key_tip_detail.html
  • /data/data/####/key_tip_detail.js
  • /data/data/####/key_used_list.html
  • /data/data/####/lainjie.png
  • /data/data/####/latefee_bill.html
  • /data/data/####/latefee_bill.js
  • /data/data/####/lease_renewal.html
  • /data/data/####/lease_renewal.js
  • /data/data/####/lianjie1.png
  • /data/data/####/libjiagu.so
  • /data/data/####/life_fee_bill.html
  • /data/data/####/life_fee_bill.js
  • /data/data/####/loanStatistics.js
  • /data/data/####/loanStatistics2.js
  • /data/data/####/loan_statistics_list.html
  • /data/data/####/loan_statistics_list2.html
  • /data/data/####/log.html
  • /data/data/####/log.js
  • /data/data/####/login.html
  • /data/data/####/login.js
  • /data/data/####/login1.png
  • /data/data/####/logo.png
  • /data/data/####/m1.png
  • /data/data/####/m2.png
  • /data/data/####/m3.png
  • /data/data/####/m4.png
  • /data/data/####/m5.png
  • /data/data/####/m6.png
  • /data/data/####/m7.png
  • /data/data/####/m8.png
  • /data/data/####/m9.png
  • /data/data/####/m9_1.png
  • /data/data/####/main.html
  • /data/data/####/main.js
  • /data/data/####/main_pic.png
  • /data/data/####/managed.png
  • /data/data/####/manifest.json
  • /data/data/####/md5.js
  • /data/data/####/media.css
  • /data/data/####/message_board.html
  • /data/data/####/message_board.js
  • /data/data/####/metrics_guid
  • /data/data/####/miju.flexible.js
  • /data/data/####/miju.keyboard.js
  • /data/data/####/mjui.bpicker.js
  • /data/data/####/mjui.dialog.css
  • /data/data/####/mjui.dialog.js
  • /data/data/####/mjui.dialog2.js
  • /data/data/####/mjui.dialog3.js
  • /data/data/####/mjui.dialog_fabu.js
  • /data/data/####/mjui.dialog_hebing.js
  • /data/data/####/moren.png
  • /data/data/####/mui-icons-extra.ttf
  • /data/data/####/mui.css
  • /data/data/####/mui.dtpicker.js
  • /data/data/####/mui.indexedlist.css
  • /data/data/####/mui.min.css
  • /data/data/####/mui.min.js
  • /data/data/####/mui.picker.css
  • /data/data/####/mui.picker.js
  • /data/data/####/mui.picker.min.css
  • /data/data/####/mui.picker.min.js
  • /data/data/####/mui.poppicker.css
  • /data/data/####/mui.poppicker.js
  • /data/data/####/mui.previewimage.js
  • /data/data/####/mui.pullToRefresh.js
  • /data/data/####/mui.pullToRefresh.material.js
  • /data/data/####/mui.ttf
  • /data/data/####/mui.view.js
  • /data/data/####/mui.zoom.js
  • /data/data/####/muoren.png
  • /data/data/####/my_balance_info.html
  • /data/data/####/my_balance_info.js
  • /data/data/####/net.miju.android.renthousekeeper_preferences.xml
  • /data/data/####/new_search_building.html
  • /data/data/####/new_search_building.js
  • /data/data/####/new_search_pty.html
  • /data/data/####/new_search_pty.js
  • /data/data/####/new_user_list.html
  • /data/data/####/new_user_list.js
  • /data/data/####/nodata.png
  • /data/data/####/nodata2.png
  • /data/data/####/nongye.png
  • /data/data/####/offline_closing_pay.js
  • /data/data/####/online_reserve_sucess.html
  • /data/data/####/online_reserve_sucess.js
  • /data/data/####/order-list.html
  • /data/data/####/orderDetails.js
  • /data/data/####/orderList.js
  • /data/data/####/order_details.html
  • /data/data/####/overdue_browse.html
  • /data/data/####/overdue_browse.js
  • /data/data/####/page_about.css
  • /data/data/####/page_account.css
  • /data/data/####/page_account_add.css
  • /data/data/####/page_add.css
  • /data/data/####/page_add_cost.css
  • /data/data/####/page_add_house.css
  • /data/data/####/page_add_house2.css
  • /data/data/####/page_back_bill.css
  • /data/data/####/page_bill_detail.css
  • /data/data/####/page_bill_detail_zuwu.css
  • /data/data/####/page_bill_paid.css
  • /data/data/####/page_cancel_lease.css
  • /data/data/####/page_chenjiao.css
  • /data/data/####/page_choice_dialog.css
  • /data/data/####/page_choose.css
  • /data/data/####/page_chose_blankcard.css
  • /data/data/####/page_chose_rent_modal.css
  • /data/data/####/page_color.css
  • /data/data/####/page_contact_me.css
  • /data/data/####/page_contract-info.css
  • /data/data/####/page_contract.css
  • /data/data/####/page_contractInfo.css
  • /data/data/####/page_contract_details.css
  • /data/data/####/page_contract_reminder.css
  • /data/data/####/page_contranct_set.css
  • /data/data/####/page_detail.css
  • /data/data/####/page_dialog.css
  • /data/data/####/page_dialog_wx.css
  • /data/data/####/page_dynamic_main.css
  • /data/data/####/page_editor.css
  • /data/data/####/page_editor_bill.css
  • /data/data/####/page_eight_newlist.css
  • /data/data/####/page_eighteen_download.css
  • /data/data/####/page_eighteenfive_collection_history.css
  • /data/data/####/page_eighteenfive_collection_management.css
  • /data/data/####/page_eighteenfive_off_reminde.css
  • /data/data/####/page_eighteenfive_on_reminde.css
  • /data/data/####/page_eighteenfive_select_listings.css
  • /data/data/####/page_eighteenfive_upload_credentials.css
  • /data/data/####/page_eighteenfour_listings.css
  • /data/data/####/page_eighteenfour_statistics.css
  • /data/data/####/page_eighteenseven_statement_list.css
  • /data/data/####/page_eighteensix_expiration.css
  • /data/data/####/page_entrance.css
  • /data/data/####/page_fifteen_add_task.css
  • /data/data/####/page_fifteen_new_task.css
  • /data/data/####/page_fifteen_renovation.css
  • /data/data/####/page_fifteen_title.css
  • /data/data/####/page_fifteen_todo_list.css
  • /data/data/####/page_finance_management.css
  • /data/data/####/page_for_dialog.css
  • /data/data/####/page_forget_pwd.css
  • /data/data/####/page_fuzhi.css
  • /data/data/####/page_guanlifei.css
  • /data/data/####/page_header_public.css
  • /data/data/####/page_home_service.css
  • /data/data/####/page_house_details_zuwu.css
  • /data/data/####/page_house_info.css
  • /data/data/####/page_house_info_view.css
  • /data/data/####/page_house_manage.css
  • /data/data/####/page_house_management-two.css
  • /data/data/####/page_house_management.css
  • /data/data/####/page_house_record.css
  • /data/data/####/page_house_type.css
  • /data/data/####/page_house_upload.css
  • /data/data/####/page_hydropower.css
  • /data/data/####/page_info_list.css
  • /data/data/####/page_input_tell_pwd.css
  • /data/data/####/page_intransfer.css
  • /data/data/####/page_invate.css
  • /data/data/####/page_key.css
  • /data/data/####/page_key_details.css
  • /data/data/####/page_liuchen.css
  • /data/data/####/page_loan_statistics.css
  • /data/data/####/page_loan_statistics_two.css
  • /data/data/####/page_login.css
  • /data/data/####/page_main.css
  • /data/data/####/page_managed.css
  • /data/data/####/page_managed_key_details.css
  • /data/data/####/page_me.css
  • /data/data/####/page_money_for.css
  • /data/data/####/page_new_main.css
  • /data/data/####/page_no_add.css
  • /data/data/####/page_nodata.css
  • /data/data/####/page_note.css
  • /data/data/####/page_note2.css
  • /data/data/####/page_notice.css
  • /data/data/####/page_original_house.css
  • /data/data/####/page_overdue_detail.css
  • /data/data/####/page_pay_prompt.css
  • /data/data/####/page_paybill_dialog.css
  • /data/data/####/page_promp_dialog.css
  • /data/data/####/page_promt.css
  • /data/data/####/page_refresh.css
  • /data/data/####/page_register.css
  • /data/data/####/page_register2.css
  • /data/data/####/page_renewal.css
  • /data/data/####/page_renewal_details.css
  • /data/data/####/page_rentChange_dialog.css
  • /data/data/####/page_rent_detail.css
  • /data/data/####/page_rent_dialog.css
  • /data/data/####/page_room_assistant.css
  • /data/data/####/page_room_details.css
  • /data/data/####/page_room_list.css
  • /data/data/####/page_saoma.css
  • /data/data/####/page_select_add.css
  • /data/data/####/page_select_billing.css
  • /data/data/####/page_serach_house.css
  • /data/data/####/page_service.css
  • /data/data/####/page_set_pwd_number.css
  • /data/data/####/page_sixteen_record.css
  • /data/data/####/page_sixteen_saoma_key.css
  • /data/data/####/page_sousuo.css
  • /data/data/####/page_state_statistics.css
  • /data/data/####/page_thirteen_detail.css
  • /data/data/####/page_throw_lease.css
  • /data/data/####/page_tixian.css
  • /data/data/####/page_transfe.css
  • /data/data/####/page_undercarriage_dialog.css
  • /data/data/####/page_user_bankcard_list.css
  • /data/data/####/page_user_center.css
  • /data/data/####/page_user_info.css
  • /data/data/####/page_user_inviting.css
  • /data/data/####/page_user_pwd_modify.css
  • /data/data/####/page_view.css
  • /data/data/####/page_yuding_details.css
  • /data/data/####/page_yuding_old.css
  • /data/data/####/page_zhangdan_list.css
  • /data/data/####/page_zhuwu.css
  • /data/data/####/partner_list_profit_or_lost_stats.html
  • /data/data/####/partner_list_profit_or_lost_stats.js
  • /data/data/####/partner_profit_or_lost_stats.html
  • /data/data/####/partner_profit_or_lost_stats.js
  • /data/data/####/pay_history.html
  • /data/data/####/pay_history.js
  • /data/data/####/pay_util.js
  • /data/data/####/payment.js
  • /data/data/####/payment_pwd.html
  • /data/data/####/payment_pwd.js
  • /data/data/####/paypwd_check.html
  • /data/data/####/paypwd_check.js
  • /data/data/####/pdr.xml
  • /data/data/####/peason4.png
  • /data/data/####/person1.png
  • /data/data/####/person2.png
  • /data/data/####/person3.png
  • /data/data/####/pic_Backgroun.png
  • /data/data/####/pic_di.png
  • /data/data/####/pic_di2.png
  • /data/data/####/pic_fangyuan.png
  • /data/data/####/pic_jiaojiefangyuan.png
  • /data/data/####/pic_jietu.png
  • /data/data/####/pic_jilu.png
  • /data/data/####/pic_photo.png
  • /data/data/####/pic_photo1.png
  • /data/data/####/pic_photo2.png
  • /data/data/####/pic_shanxingtu.png
  • /data/data/####/pic_shinei.png
  • /data/data/####/pic_tinajia.png
  • /data/data/####/pic_util.js
  • /data/data/####/pic_weixin.png
  • /data/data/####/pic_weixin90.png
  • /data/data/####/pic_wufangyuan.png
  • /data/data/####/pic_wuhetong.png
  • /data/data/####/pic_wujilu.png
  • /data/data/####/pic_wujilu1.png
  • /data/data/####/pic_wujilu2.png
  • /data/data/####/pic_wushuju.png
  • /data/data/####/pic_xian1.png
  • /data/data/####/pic_xian2.png
  • /data/data/####/pic_yaoshi.png
  • /data/data/####/pic_yaoshi02.png
  • /data/data/####/pic_yunying.png
  • /data/data/####/pic_zanwushuju.png
  • /data/data/####/pic_zhangdan.png
  • /data/data/####/pic_zhangdanjilu.png
  • /data/data/####/pic_zhanweitu.png
  • /data/data/####/pic_zhaopian.png
  • /data/data/####/pic_zuke.png
  • /data/data/####/pre_add_house.html
  • /data/data/####/pre_add_house.js
  • /data/data/####/prepare_suggest_search.html
  • /data/data/####/prepare_suggest_search.js
  • /data/data/####/print_android.html
  • /data/data/####/print_android.js
  • /data/data/####/print_util.js
  • /data/data/####/proc_auxv
  • /data/data/####/process_add_task.html
  • /data/data/####/process_add_task.js
  • /data/data/####/process_detail.html
  • /data/data/####/process_detail_two.html
  • /data/data/####/process_detail_two.js
  • /data/data/####/process_details.js
  • /data/data/####/process_details_two.js
  • /data/data/####/process_manage.html
  • /data/data/####/process_manage.js
  • /data/data/####/process_manage_two.html
  • /data/data/####/process_manage_two.js
  • /data/data/####/process_new_task.html
  • /data/data/####/process_new_task.js
  • /data/data/####/process_notice.html
  • /data/data/####/process_notice.js
  • /data/data/####/process_todo_list.html
  • /data/data/####/process_view.html
  • /data/data/####/process_view.js
  • /data/data/####/process_view_two.html
  • /data/data/####/process_view_two.js
  • /data/data/####/profit_or_lost_stats.html
  • /data/data/####/profit_or_lost_stats.js
  • /data/data/####/pty_search.html
  • /data/data/####/pty_search_content.html
  • /data/data/####/push.pid
  • /data/data/####/pushsdk.db-journal
  • /data/data/####/quxiao.png
  • /data/data/####/r1.png
  • /data/data/####/r2.png
  • /data/data/####/recharge.html
  • /data/data/####/refund-order-list.html
  • /data/data/####/refundOrderList.js
  • /data/data/####/register.html
  • /data/data/####/register.js
  • /data/data/####/renewal_browse.html
  • /data/data/####/renewal_browse.js
  • /data/data/####/rent_bill.html
  • /data/data/####/rent_bill.js
  • /data/data/####/renter_list.html
  • /data/data/####/renter_list.js
  • /data/data/####/reserveDetails.js
  • /data/data/####/reserve_back.html
  • /data/data/####/reserve_back.js
  • /data/data/####/reserve_details.html
  • /data/data/####/reserve_details_no_edit.html
  • /data/data/####/reserve_details_no_edit.js
  • /data/data/####/room-list.html
  • /data/data/####/room_list.js
  • /data/data/####/room_search.html
  • /data/data/####/room_search_content.html
  • /data/data/####/room_select.html
  • /data/data/####/room_select.js
  • /data/data/####/run.pid
  • /data/data/####/ruzhu_jiaojie.html
  • /data/data/####/ruzhu_jiaojie.js
  • /data/data/####/ruzhu_jiaojie_list.html
  • /data/data/####/ruzhu_jiaojie_list.js
  • /data/data/####/saoma_moren.png
  • /data/data/####/scan_qr.html
  • /data/data/####/scan_qr.js
  • /data/data/####/select_contract_list.html
  • /data/data/####/select_contract_list.js
  • /data/data/####/select_contract_type.html
  • /data/data/####/select_contract_type.js
  • /data/data/####/select_house_list.html
  • /data/data/####/select_house_list.js
  • /data/data/####/select_latefee_bill_list.html
  • /data/data/####/select_latefee_bill_list.js
  • /data/data/####/select_look_houses.html
  • /data/data/####/select_look_houses.js
  • /data/data/####/select_withdraw_type.html
  • /data/data/####/select_withdraw_type.js
  • /data/data/####/service-assembl-list.html
  • /data/data/####/service.html
  • /data/data/####/serviceAssemblList.js
  • /data/data/####/setting.html
  • /data/data/####/settlement_list.html
  • /data/data/####/settlement_list.js
  • /data/data/####/shangchuan_pingzheng.html
  • /data/data/####/shangchuan_pingzheng.js
  • /data/data/####/shangchuan_pingzheng_two.js
  • /data/data/####/share_util.js
  • /data/data/####/shoufang_jiaojie.html
  • /data/data/####/shoufang_jiaojie.js
  • /data/data/####/shuidian_chaobiao.html
  • /data/data/####/shuidian_chaobiao.js
  • /data/data/####/shuidian_chaobiao_edit.html
  • /data/data/####/shuidian_chaobiao_edit.js
  • /data/data/####/shuidian_chaobiao_edit_popview.js
  • /data/data/####/shuidian_chaobiao_filter_popview.js
  • /data/data/####/sousuo.png
  • /data/data/####/stickyheaders.js
  • /data/data/####/stickyheaders.min.css
  • /data/data/####/stickyheaders.min.js
  • /data/data/####/stream_permission.xml
  • /data/data/####/stylesheet.css
  • /data/data/####/suggest-cash-bill.html
  • /data/data/####/suggest-customer.html
  • /data/data/####/suggestCashBill.js
  • /data/data/####/suggestKey.js
  • /data/data/####/suggest_contract.html
  • /data/data/####/suggest_contract_content.html
  • /data/data/####/suggest_key.html
  • /data/data/####/suggestcustomer.js
  • /data/data/####/template-native.js
  • /data/data/####/tenancy.html
  • /data/data/####/tenancy.js
  • /data/data/####/the-real-index
  • /data/data/####/tip_contract.html
  • /data/data/####/tip_contract.js
  • /data/data/####/tixing_cuishou_detail.html
  • /data/data/####/tixing_cuishou_detail.js
  • /data/data/####/tixing_list.html
  • /data/data/####/tixing_list.js
  • /data/data/####/touxinag.png
  • /data/data/####/trust_key_add.html
  • /data/data/####/trust_key_add.js
  • /data/data/####/trust_key_printer.html
  • /data/data/####/trust_key_printer.js
  • /data/data/####/tuizu-no.png
  • /data/data/####/tuizu.png
  • /data/data/####/tuizu_jiaojie_list.html
  • /data/data/####/tuizu_jiaojie_list.js
  • /data/data/####/twx.png
  • /data/data/####/tx.png
  • /data/data/####/umeng_general_config.xml
  • /data/data/####/umeng_general_config.xml.bak
  • /data/data/####/umeng_general_config.xml.bak (deleted)
  • /data/data/####/umeng_it.cache
  • /data/data/####/update_app.js
  • /data/data/####/user-center-icon-1.png
  • /data/data/####/user-server-log.html
  • /data/data/####/userServerLog.js
  • /data/data/####/user_bankcard_list.html
  • /data/data/####/user_bankcard_list.js
  • /data/data/####/user_center.html
  • /data/data/####/user_center.js
  • /data/data/####/user_info.html
  • /data/data/####/user_info.js
  • /data/data/####/user_info_invited.html
  • /data/data/####/user_info_invited.js
  • /data/data/####/user_list_inviting.html
  • /data/data/####/user_list_inviting.js
  • /data/data/####/user_paypwd_set.html
  • /data/data/####/user_paypwd_set.js
  • /data/data/####/user_pwd_modify.html
  • /data/data/####/user_pwd_set.html
  • /data/data/####/user_pwd_set.js
  • /data/data/####/user_setting.html
  • /data/data/####/user_setting.js
  • /data/data/####/user_wallet.html
  • /data/data/####/utils.js
  • /data/data/####/weixin-url.png
  • /data/data/####/withdraw.html
  • /data/data/####/withdraw.js
  • /data/data/####/withdraw_result.html
  • /data/data/####/wizard_mjui.js
  • /data/data/####/workOrder.js
  • /data/data/####/work_order.html
  • /data/data/####/wx_withdraw1.html
  • /data/data/####/wx_withdraw1.js
  • /data/data/####/wx_withdraw2.html
  • /data/data/####/wx_withdraw2.js
  • /data/data/####/xiajia-no.png
  • /data/data/####/xiajia.png
  • /data/data/####/xiangzi_tip.html
  • /data/data/####/xiangzi_tip.js
  • /data/data/####/xuzu-no.png
  • /data/data/####/xuzu.png
  • /data/data/####/yichuzu-no.png
  • /data/data/####/yichuzu.png
  • /data/data/####/zepto.min.js
  • /data/data/####/zepto.pwd.js
  • /data/data/####/zhangdan-no.png
  • /data/data/####/zhangdan.png
  • /data/data/####/zhankai.png
  • /data/data/####/zhankai1.png
  • /data/data/####/zhaoshang.png
  • /data/data/####/zs.png
  • /data/data/####/zuwuStatistics.js
  • /data/data/####/zuwu_history_bills.html
  • /data/data/####/zuwu_history_bills.js
  • /data/data/####/zuwu_statistics.html
  • /data/media/####/Alvin2.xml
  • /data/media/####/ContextData.xml
  • /data/media/####/net.miju.android.renthousekeeper.bin
  • /data/media/####/temp.arm
  • /data/misc/####/primary.prof
Miscellaneous:
Executes the following shell scripts:
  • chmod 755 /data/user/0/<Package>/.jiagu/libjiagu.so
Loads the following dynamic libraries:
  • libgetuiext2
  • libjiagu
Uses the following algorithms to encrypt data:
  • AES-CBC-PKCS5Padding
  • RSA
  • RSA-ECB-NoPadding
  • RSA-NONE-OAEPWithSHA1AndMGF1Padding
Uses special library to hide executable bytecode.
Gets information about network.
Gets information about phone status (number, IMEI, etc.).

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play