Technical information
- Android.SmsSend.1867.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) t####.bonga####.com:80
- TCP(HTTP/1.1) m####.ads####.com:80
- TCP(HTTP/1.1) px####.peako####.com:80
- TCP(HTTP/1.1) trietha####.com:80
- TCP(HTTP/1.1) t####.bruce####.com:80
- TCP(HTTP/1.1) d.billyaf####.com:80
- TCP(HTTP/1.1) 1####.241.191.139:80
- TCP(HTTP/1.1) d.billypu####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) c####.amazing####.com:80
- TCP(HTTP/1.1) www.u####.com:80
- TCP(HTTP/1.1) bonga####.com:80
- TCP(HTTP/1.1) 2####.147.96.155:80
- TCP(HTTP/1.1) offer####.online:80
- TCP(HTTP/1.1) b.traff####.net:80
- TCP(HTTP/1.1) m####.a####.com:80
- TCP(HTTP/1.1) sax.perfon####.com:80
- TCP(HTTP/1.1) clk.apxadtr####.net:80
- TCP(HTTP/1.1) ald####.com:80
- TCP(HTTP/1.1) gl####.top####.com:9090
- TCP(HTTP/1.1) paland####.com:80
- TCP(HTTP/1.1) cpgnrot####.com:80
- TCP(HTTP/1.1) www.u####.com:7079
- TCP(TLS/1.0) d5nxst8####.cloudf####.net:443
- TCP(TLS/1.0) f####.gst####.com:443
- TCP(TLS/1.0) www.go####.com:443
- TCP(TLS/1.0) www.gst####.com:443
- TCP(TLS/1.0) s####.g.doublec####.net:443
- TCP(TLS/1.0) rum-st####.pin####.net:443
- TCP(TLS/1.0) b.query####.com:443
- TCP(TLS/1.0) nl.bonga####.com:443
- TCP(TLS/1.0) rum-col####.pin####.net:443
- TCP(TLS/1.0) i.bonga####.com:443
- TCP(TLS/1.0) s####.i8.bonga####.net:443
- TCP(TLS/1.0) d31qbv1####.cloudf####.net:443
- TCP(TLS/1.0) questio####.com:443
- TCP(TLS/1.0) www.google-####.com:443
- TCP(TLS/1.0) billmsc####.com:443
- TCP(TLS/1.0) bonga####.com:443
- TCP(TLS/1.0) s####.i9.bonga####.net:443
- ald####.com
- and####.b####.qq.com
- b.query####.com
- b.traff####.net
- billmsc####.com
- bonga####.com
- c####.amazing####.com
- clk.apxadtr####.net
- cpgnrot####.com
- d.billyaf####.com
- d.billypu####.com
- d31qbv1####.cloudf####.net
- d5nxst8####.cloudf####.net
- f####.gst####.com
- gl####.top####.com
- i.bonga####.com
- i1.bonga####.com
- i2.bonga####.com
- i3.bonga####.com
- kar####.com
- m####.a####.com
- m####.ads####.com
- nl.bonga####.com
- offer####.online
- paland####.com
- px####.peako####.com
- questio####.com
- rum-col####.pin####.net
- rum-col####.pin####.net
- rum-st####.pin####.net
- s####.g.doublec####.net
- sax.perfon####.com
- t####.bonga####.com
- t####.bruce####.com
- www.go####.com
- www.google-####.com
- www.gst####.com
- www.u####.com
- b.traff####.net/?aff=####&id=####&source=####&postbackid=####
- bonga####.com/track?c=####&subid2=####&subid=####
- c####.amazing####.com/?utm_medium=####&utm_campaign=####&1=####&2=####&c...
- c####.amazing####.com/?utm_term=####&clickverify=####
- c####.amazing####.com/proc.php?3bad918####
- m####.a####.com/redirect/index?type=####&to=aHR0####&data=aH####&action=...
- paland####.com/30u13/U1ZQ/XVJA/BR4VS-6Znu2Aebru4gNma2C_S5Y5LWeMwud38Zy7Z...
- t####.bruce####.com/ck_jump?id=cz00####&__if=####&__type=####&__ref=####
- www.u####.com/ru/findbutton0718.js
- www.u####.com/ru/processurl0718.js
- www.u####.com/ru/simulationClickYes0718.js
- and####.b####.qq.com/rqd/async
- www.u####.com:7079/jsdk/sd.action?b=####
- www.u####.com:7079/jsdk/sd.action?b=####&ca=####&ica=####&re=####
- <Package Folder>/app_jgu/<Package>.rm
- <Package Folder>/app_jgu/x.apk
- <Package Folder>/cache/####/data_0
- <Package Folder>/cache/####/data_1
- <Package Folder>/cache/####/data_2
- <Package Folder>/cache/####/data_3
- <Package Folder>/cache/####/f_000001
- <Package Folder>/cache/####/f_000002
- <Package Folder>/cache/####/f_000003
- <Package Folder>/cache/####/f_000004
- <Package Folder>/cache/####/f_000005
- <Package Folder>/cache/####/f_000006
- <Package Folder>/cache/####/f_000007
- <Package Folder>/cache/####/index
- <Package Folder>/databases/bugly_db_-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/files/local_crash_lock
- <Package Folder>/files/security_info
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/tip.xml
- <SD-Card>/commonsdk/findbutton0718.js
- <SD-Card>/commonsdk/processurl0718.js
- <SD-Card>/commonsdk/simulationClickYes0718.js
- /system/bin/sh -c getprop androVM.vbox_dpi
- /system/bin/sh -c getprop gsm.sim.state
- /system/bin/sh -c getprop gsm.sim.state2
- /system/bin/sh -c getprop qemu.sf.fake_camera
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.debuggable
- /system/bin/sh -c getprop ro.genymotion.version
- /system/bin/sh -c getprop ro.secure
- /system/bin/sh -c type su
- getprop androVM.vbox_dpi
- getprop gsm.sim.state
- getprop gsm.sim.state2
- getprop qemu.sf.fake_camera
- getprop ro.secure
- Bugly
- fish