Technical information
- Android.HiddenAds.455
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) uswild####.al####.com.####.net:80
- TCP(HTTP/1.1) 1####.adsl####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) gear####.com.edg####.net:80
- TCP(HTTP/1.1) sax.peakon####.com:80
- TCP(HTTP/1.1) www.ai####.com:80
- TCP(HTTP/1.1) cdn.ad####.com:80
- TCP(HTTP/1.1) verak####.com:80
- TCP(HTTP/1.1) pop####.net:80
- TCP(HTTP/1.1) s####.hotl####.com:80
- TCP(HTTP/1.1) g####.peak-se####.com:80
- TCP(HTTP/1.1) sp.pop####.net:80
- TCP(TLS/1.0) eu####.al####.com.####.net:443
- TCP(TLS/1.0) gear####.com.edg####.net:443
- TCP(TLS/1.0) amp-err####.app####.com:443
- TCP(TLS/1.0) gw.al####.com:443
- TCP(TLS/1.0) pcooki####.ta####.com:443
- TCP(TLS/1.0) p####.mm####.com:443
- TCP(TLS/1.0) gj.mm####.com:443
- TCP(TLS/1.0) eu-aebr####.aliexp####.com:443
- TCP(TLS/1.0) cdn.amppro####.org:443
- TCP(TLS/1.0) www.google-####.com:443
- TCP(TLS/1.0) w####.a####.us:443
- TCP(TLS/1.0) popm####.com:443
- TCP(TLS/1.0) eu.i.aliexp####.####.net:443
- TCP(TLS/1.0) wild####.al####.com.####.net:443
- 1####.adsl####.com
- a####.al####.com
- a####.al####.com
- aeprodu####.al####.com
- aeu.al####.com
- all####.mobi
- amp-err####.app####.com
- and####.b####.qq.com
- as####.al####.com
- cdn.ad####.com
- cdn.amppro####.org
- g####.peak-se####.com
- gj.mm####.com
- gpsf####.aliexp####.com
- gw.al####.com
- i.al####.com
- m####.aliexp####.com
- m.aliexp####.com
- p####.mm####.com
- pco####.aliexp####.com
- pop####.net
- popm####.com
- s####.hotl####.com
- s.c####.aliexp####.com
- sax.peakon####.com
- sp.pop####.net
- verak####.com
- w####.a####.us
- www.ai####.com
- www.gear####.com
- www.google-####.com
- 1####.adsl####.com/d.php?campaing=####&link_id=####&source=####
- 1####.adsl####.com/feed/serv.php
- cdn.ad####.com/redirect.css
- g####.peak-se####.com/?&id=####&tid=####&sr=####&filter=####&ftype=####&...
- gear####.com.edg####.net/?lkid=####&cid=####
- pop####.net/world/go/142/426236
- s####.hotl####.com/index3.php?o=####&action=####&chanel=####&package=###...
- s####.hotl####.com/index3.php?o=o&action=event&state=click&num=75&id=2&t...
- s####.hotl####.com/index3.php?o=o&action=event&state=impression&num=75&i...
- sax.peakon####.com/pops/dlink.php?pid=####&format=####&cid=####&subid=####
- sax.peakon####.com/pops/filter.php?rd=####&sr=####&id=####&tid=####
- sp.pop####.net/go/142/426236
- sp.pop####.net/sgo/ad?p=####&w=####&t=####&r=####&vw=####&vh=####
- uswild####.al####.com.####.net/e/bDFeM7lQ
- verak####.com/B65KI/_cu2/88-m/q4Pzvtv26FQZpu8x8J91NJdN7E7D2Aho8ye6OCn-lh...
- www.ai####.com/rc/79971c7567?affclick=####&pubid=####
- and####.b####.qq.com/rqd/async
- /data/data/####/Prefs.xml
- /data/data/####/bugly_db_legu-journal
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dev_id.xml.xml
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/f_00000f
- /data/data/####/f_000010
- /data/data/####/f_000011
- /data/data/####/f_000012
- /data/data/####/f_000013
- /data/data/####/f_000014
- /data/data/####/f_000015
- /data/data/####/f_000016
- /data/data/####/f_000017
- /data/data/####/f_000018
- /data/data/####/f_000019
- /data/data/####/f_00001a
- /data/data/####/f_00001b
- /data/data/####/f_00001c
- /data/data/####/f_00001d
- /data/data/####/f_00001e
- /data/data/####/f_00001f
- /data/data/####/f_000020
- /data/data/####/f_000021
- /data/data/####/f_000022
- /data/data/####/index
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.8.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/mix.dex
- /data/data/####/native_record_lock
- /data/data/####/security_info
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/com.amelia.lambert.dev_id.txt
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.8.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- ps monroe
- sh
- Bugly
- libnfix
- libshella-2.8
- libufix
- nfix
- ufix
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
- AES-GCM-NoPadding