Technical information
- Adware.Dowgin.14.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) m####.a####.com:80
- TCP(HTTP/1.1) culp####.com:80
- TCP(HTTP/1.1) oc.u####.com:80
- TCP(HTTP/1.1) dts.startap####.com:80
- TCP(HTTP/1.1) traveli####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) www.traveli####.com:80
- TCP(HTTP/1.1) hi.fi.ah####.com:80
- TCP(HTTP/1.1) star####.edges####.net:80
- TCP(HTTP/1.1) dsa.startap####.edg####.net:80
- TCP(HTTP/???) dsa.startap####.edg####.net:80
- TCP(TLS/1.0) s####.adke####.com:443
- TCP(TLS/1.0) a.company####.com:443
- TCP(TLS/1.0) cm.revcon####.com:443
- TCP(TLS/1.0) st####.cr####.net:443
- TCP(TLS/1.0) cdn.revcon####.com:443
- TCP(TLS/1.0) googl####.g.doublec####.net:443
- TCP(TLS/1.0) sb.scoreca####.com.####.net:443
- TCP(TLS/1.0) tpc.googles####.com:443
- TCP(TLS/1.0) img.revcon####.com:443
- TCP(TLS/1.0) a3.chartb####.com:443
- TCP(TLS/1.0) c####.cloudf####.com:443
- TCP(TLS/1.0) bi####.cr####.com:443
- TCP(TLS/1.0) www.go####.com:443
- TCP(TLS/1.0) pixel-e####.p####.quants####.net:443
- TCP(TLS/1.0) s####.g.doublec####.net:443
- TCP(TLS/1.0) x.bidsw####.net:443
- TCP(TLS/1.0) tr####.revcon####.com:443
- TCP(TLS/1.0) cer####.alexame####.com:443
- TCP(TLS/1.0) adser####.go####.nl:443
- TCP(TLS/1.0) traveli####.com:443
- TCP(TLS/1.0) akamai-####.quants####.com.####.net:443
- TCP(TLS/1.0) g.cw####.com:443
- TCP(TLS/1.0) pag####.googles####.com:443
- TCP(TLS/1.0) d31qbv1####.cloudf####.net:443
- TCP(TLS/1.0) www.google-####.com:443
- TCP(TLS/1.0) www.traveli####.com:443
- TCP(TLS/1.0) l####.chartb####.com:443
- TCP(TLS/1.0) r####.quantc####.com:443
- TCP(TLS/1.0) adser####.go####.com:443
- TCP(TLS/1.0) srv.imo####.com:443
- a####.u####.com
- a.company####.com
- a3.chartb####.com
- adser####.go####.com
- adser####.go####.nl
- bi####.cr####.com
- c####.cloudf####.com
- c####.startap####.com
- cdn.revcon####.com
- cer####.alexame####.com
- cm.revcon####.com
- culp####.com
- d31qbv1####.cloudf####.net
- dts.startap####.com
- g.cw####.com
- googl####.g.doublec####.net
- hi.fi.ah####.com
- im####.startap####.com
- img.revcon####.com
- imp.startap####.com
- l####.chartb####.com
- m####.a####.com
- oc.u####.com
- p####.quants####.com
- pag####.googles####.com
- r####.quantc####.com
- s####.adke####.com
- s####.g.doublec####.net
- sb.scoreca####.com
- se####.quants####.com
- srv.imo####.com
- st####.cr####.net
- tpc.googles####.com
- tr####.revcon####.com
- traveli####.com
- www.go####.com
- www.google-####.com
- www.startap####.com
- www.traveli####.com
- x.bidsw####.net
- culp####.com/path/lp.php?trvid=####&trvx=####&appid=####&devid=####&crea...
- dsa.startap####.edg####.net/tracking/adClick?d=IAAAAAAgAAA6X1tPSEVGXFhbU...
- dsa.startap####.edg####.net/tracking/adImpression?d=####
- dsa.startap####.edg####.net/tracking/adImpression?d=####&position=####
- dts.startap####.com/image/fetch/f_auto,q_80,w_124,h_124/http://static.ak...
- dts.startap####.com/static/images/close-btn-infra.png
- dts.startap####.com/styles/compressed/fullpage_3d_spinning_cube_infra.20...
- hi.fi.ah####.com/m3
- m####.a####.com/sdk-core-v40.js
- star####.edges####.net/1.3/getadsmetadata?publisherId=####&productId=###...
- star####.edges####.net/1.3/gethtmlad?publisherId=####&productId=####&os=...
- traveli####.com/how-to-pick-the-best-flight-credit-card/?utm_source=####...
- www.traveli####.com/how-to-pick-the-best-flight-credit-card/?utm_source=...
- www.traveli####.com/wp-content/uploads/2018/01/forwebsite-e1517752588746...
- a####.u####.com/app_logs
- oc.u####.com/check_config_update
- /data/data/####/0113217c.jar
- /data/data/####/0134253c.jar
- /data/data/####/a3.chartboost.com.443
- /data/data/####/ads-418370197.jar
- /data/data/####/com.medicalgamestudio.icemotozl_preferences.xml
- /data/data/####/com.startapp.android.publish.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/e7679.xml
- /data/data/####/exit.html
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/http_media.admob.com_0.localstorage-journal
- /data/data/####/index
- /data/data/####/live.chartboost.com.443
- /data/data/####/mobclick_agent_cached_com.medicalgamestudio.icemotozl
- /data/data/####/mobclick_agent_header_com.medicalgamestudio.icemotozl.xml
- /data/data/####/mobclick_agent_online_setting_com.medicalgamest...zl.xml
- /data/data/####/mobclick_agent_state_com.medicalgamestudio.icemotozl.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.nomedia
- /data/media/####/7e265867124e773e7ee5144c9e05b36f20fe43bc.png
- /data/media/####/80350644de42bf683e322f67b038573934013ca2.png
- /data/media/####/a3bf3e9859b3cbad5560e72c736c82ed3a1eb4fa.png
- MedicalGame
- DES
- AES-CBC-PKCS5Padding
- DES