Technical information
- Android.Backdoor.623.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) n.qik####.com.####.com:80
- TCP(HTTP/1.1) s####.s.360.cn:80
- TCP(HTTP/1.1) app####.3####.com:80
- TCP(TLS/1.0) api.os.q####.com:443
- api.os.q####.com
- app####.3####.com
- n.qik####.com
- s####.s.360.cn
- n.qik####.com.####.com/t/1ge5bbb074ff241448nn7e.jpg
- n.qik####.com.####.com/t/1qafaac83db57728022mau.bvg
- s####.s.360.cn/ak/a532400ed62e772b9dc0b86f46e583ff.html?m2=####
- app####.3####.com/sdk/upgrade.do
- /data/data/####/.old_file_converted
- /data/data/####/Data.zip
- /data/data/####/QH_SDK_M2.xml
- /data/data/####/QH_SDK_UserData.xml
- /data/data/####/QH_SDK_UserData.xml (deleted)
- /data/data/####/QH_SDK_UserData.xml.bak
- /data/data/####/QH_SDK_UserData.xml.bak (deleted)
- /data/data/####/QK_AService.zip
- /data/data/####/QK_AService.zip (deleted)
- /data/data/####/QK_AService.zip.bvg
- /data/data/####/QK_AService.zip.bvg (deleted)
- /data/data/####/TQHStatAgentEx.dex
- /data/data/####/Tconfigcenterproxy-api.1.0.5.dex
- /data/data/####/adflag.png
- /data/data/####/back.png
- /data/data/####/classes.dex
- /data/data/####/close.png
- /data/data/####/com.android.giftbox.xml
- /data/data/####/com.android.giftbox.xml.bak
- /data/data/####/dynamic.apk
- /data/data/####/filedownloader.db-journal
- /data/data/####/magaizne_ad_bg_default.png
- /data/data/####/qkas_upload.xml
- /data/data/####/qkas_upload.xml (deleted)
- /data/data/####/qksdkapp.xml
- /data/data/####/refrush.png
- /data/data/####/shortcut.xml
- /data/data/####/tv_link_icon.png
- /data/data/####/usage.xml
- /data/data/####/user_desc.xml
- /data/data/####/user_desc.xml (deleted)
- /data/data/####/user_desc.xml.bak
- /data/data/####/zookongsdkapp.xml
- /data/media/####/.nomedia
- /data/media/####/961f0e3da87a30929cff64eef602deef.0
- /data/media/####/KWW
- /data/media/####/KWW (deleted)
- /data/media/####/LpZ
- /data/media/####/LpZ (deleted)
- /data/media/####/bXv
- /data/media/####/bXv (deleted)
- /data/media/####/journal.tmp
- /data/media/####/sdo
- /data/media/####/sdo (deleted)
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS5Padding