Technical information
- Adware.Gexin.2.origin
- Adware.Gexin.347
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(HTTP/1.1) t####.qq.com:14000
- TCP(HTTP/1.1) sh.wagbr####.aliyun####.com:80
- TCP(HTTP/1.1) csi.budeb####.com:80
- TCP(HTTP/1.1) p####.tc.qq.com:80
- TCP(HTTP/1.1) s####.e.qq.com:80
- TCP(HTTP/1.1) api.budeb####.com:80
- TCP(HTTP/1.1) et2-na6####.wagbr####.ali####.####.com:80
- TCP(HTTP/1.1) t####.qq.com:80
- TCP(HTTP/1.1) mi.g####.qq.com:80
- TCP(HTTP/1.1) s####.tc.qq.com:80
- TCP(HTTP/1.1) i1.budeb####.com:80
- TCP(HTTP/1.1) pi####.qq.com:80
- TCP(HTTP/1.1) 1####.254.116.117:80
- TCP(TLS/1.0) hotfix####.aliy####.com:443
- TCP t####.qq.com:14000
- TCP cloudco####.mta.qq.com:4002
- TCP t####.qq.com:443
- a####.man.aliy####.com
- api.budeb####.com
- cloudco####.mta.qq.com
- csi.budeb####.com
- hotfix####.aliy####.com
- i1.budeb####.com
- imgc####.qq.com
- l####.tbs.qq.com
- log.u####.com
- mi.g####.qq.com
- p####.ugd####.com
- pi####.qq.com
- s####.e.qq.com
- t####.qq.com
- api.budeb####.com/api/articlefeed/rmdlist?typeids=####&lastids=####&hot_...
- api.budeb####.com/members/task/task_center?&token=####
- api.budeb####.com/members/task/task_center_data?m_id=####&sign=####&toke...
- api.budeb####.com/members/tasks/task33?token=####
- csi.budeb####.com/app_config/apk/bdbk2.3.6.apk
- csi.budeb####.com/app_config/app_main_tab_config.json
- csi.budeb####.com/app_config/app_update.json
- csi.budeb####.com/app_config/images/main_tab/dt_center_icon2.png
- csi.budeb####.com/app_config/images/main_tab/task_center_icon.png
- csi.budeb####.com/app_config/index_tab.json
- csi.budeb####.com/csi/theme1/css/main.css?v=####
- csi.budeb####.com/csi/theme1/images/icon_10.png
- csi.budeb####.com/csi/theme1/images/icon_18.png
- csi.budeb####.com/csi/theme1/images/icon_23.png
- csi.budeb####.com/csi/theme1/images/icon_24.png
- csi.budeb####.com/csi/theme1/images/icon_27.png
- csi.budeb####.com/csi/theme1/images/icon_28.png
- csi.budeb####.com/csi/theme1/images/img_08.jpg
- csi.budeb####.com/csi/theme1/images/img_157.png
- csi.budeb####.com/csi/theme1/images/img_158.png
- csi.budeb####.com/csi/theme1/images/img_22.png
- csi.budeb####.com/csi/theme1/images/img_28.jpg
- csi.budeb####.com/csi/theme1/images/img_50.png
- csi.budeb####.com/csi/theme1/images/img_52.png
- csi.budeb####.com/csi/theme1/js/common.js?v=####
- csi.budeb####.com/csi/theme1/js/jquery-1.11.1.min.js
- csi.budeb####.com/csi/theme1/js/resize-font.js
- csi.budeb####.com/csi/theme1/js/vue.min.js
- et2-na6####.wagbr####.ali####.####.com/bar/get/5a5587c4a40fa360940000ed/...
- i1.budeb####.com/piclist/2018-02/06/1517890480.jpg!200x130
- i1.budeb####.com/piclist/2018-02/06/1517890481.jpg!200x130
- i1.budeb####.com/piclist/2018-02/06/1517890482.jpg!200x130
- i1.budeb####.com/piclist/2018-02/06/1517891598.jpg!200x130
- i1.budeb####.com/piclist/2018-02/06/1517891599.jpg!200x130
- i1.budeb####.com/piclist/2018-02/06/1517891600.jpg!200x130
- i1.budeb####.com/piclist/2018-03/08/15204874250.jpg!200x130
- i1.budeb####.com/piclist/2018-03/20/15215263310.jpg!200x130
- i1.budeb####.com/piclist/2018-03/20/15215263366.jpg!200x130
- i1.budeb####.com/piclist/2018-03/20/15215263377.jpg!200x130
- i1.budeb####.com/piclist/2018-03/20/15215263480.jpg!200x130
- i1.budeb####.com/piclist/2018-03/20/15215263526.jpg!200x130
- i1.budeb####.com/piclist/2018-03/20/15215263527.jpg!200x130
- mi.g####.qq.com/gdt_mview.fcg?posw=####&posh=####&count=####&r=####&data...
- p####.tc.qq.com/qzone/biz/gdt/mod/android/AndroidAllInOne/proguard/his/r...
- s####.tc.qq.com/gdt/0/transformer_15446209484893714260_1543816021_80.jpg...
- l####.tbs.qq.com/ajax?c=####&k=####
- l####.tbs.qq.com/ajax?c=####&v=####&k=####
- pi####.qq.com/mstat/report/?index=####
- s####.e.qq.com/activate
- s####.e.qq.com/msg
- sh.wagbr####.aliyun####.com/man/api?ak=####&s=####
- t####.qq.com/203.205.211.75:80/
- t####.qq.com:14000/203.205.146.122:14000/
- /data/data/####/.com.quxiu.bdbk.android;xg_service_v3.xg.stat..xml
- /data/data/####/.tpns.service.xml.xml
- /data/data/####/.tpns.settings.xml.xml
- /data/data/####/.tpush_mta.xml
- /data/data/####/1a8efc4c5185394bfec03aa55c12504e3c191c9e53d89da....0.tmp
- /data/data/####/1e9229c7900acde1b4e4231a48d779f63639927f7bb661a....0.tmp
- /data/data/####/20181207095916.v1.crash
- /data/data/####/201812070959293.v1.crash
- /data/data/####/201812070959660.v1.crash
- /data/data/####/454920121c737de6f7bb04c38136f090.temp
- /data/data/####/4d21c357b1ba19679792df69c5aed5f1c80d23ad71a9ab8....0.tmp
- /data/data/####/5a596085f4d099c5c5682974f455cdc5831c2674c8789d6....0.tmp
- /data/data/####/5df2070f29131e1af7c69cc1927c335fa30d5e8f5c50d1d....0.tmp
- /data/data/####/6a6078d5a00cdaed2def120dcd8a110e8648fd6c455d670....0.tmp
- /data/data/####/86d34422a810b2e7bbc79b8ad0b2201f9ca616eafe3a4d3....0.tmp
- /data/data/####/8da22216d29f58fa18b5bb3d2b02660c1b3f7da2414653b....0.tmp
- /data/data/####/Alvin2.xml
- /data/data/####/BuglySdkInfos.xml
- /data/data/####/ContextData.xml
- /data/data/####/GDTSDK.db
- /data/data/####/GDTSDK.db-journal
- /data/data/####/StatisticsData.xml
- /data/data/####/a9f896343878a122a280bec280a08872a75c4fd32f9ca02....0.tmp
- /data/data/####/ad87adad0dd181b27d4ec20e545e778eb8354e00dbe1809....0.tmp
- /data/data/####/bc3689d7afb93c0baf7900bfd03d695c02dddd72702c3d8....0.tmp
- /data/data/####/bdbkPreferences.xml
- /data/data/####/c8369399bce729fa2760dd9cd2801989ba5894dbc561687....0.tmp
- /data/data/####/com.quxiu.bdbk.android.mid.world.ro.xml
- /data/data/####/com.quxiu.bdbk.android_preferences.xml
- /data/data/####/core_info
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/ddb561c325fed2d7f18f14d34ae15ce31c9a19ccf08177e....0.tmp
- /data/data/####/debug.conf
- /data/data/####/devCloudSetting.cfg
- /data/data/####/devCloudSetting.sig
- /data/data/####/device_id.xml
- /data/data/####/e281ae6d754787e98d48c93ae08b04bad0c89442edee990....0.tmp
- /data/data/####/f6d2b083a68e237bc140783d6ddcdc0f59261ddb7c1099f....0.tmp
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/gdt_plugin.jar
- /data/data/####/gdt_plugin.jar.sig
- /data/data/####/gdt_plugin.tmp
- /data/data/####/gdt_plugin.tmp.sig
- /data/data/####/gdt_suid
- /data/data/####/index
- /data/data/####/info.xml
- /data/data/####/journal.tmp
- /data/data/####/libjiagu335055771.so
- /data/data/####/lock.lock
- /data/data/####/multidex.version.xml
- /data/data/####/pri_tencent_analysis.db_com.quxiu.bdbk.android-journal
- /data/data/####/pri_tencent_analysis.db_com.quxiu.bdbk.android;...ice_v3
- /data/data/####/pri_tencent_analysis.db_com.quxiu.bdbk.android;...ournal
- /data/data/####/sdkCloudSetting.cfg
- /data/data/####/sdkCloudSetting.sig
- /data/data/####/sp_sophix.xml
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/tencent_analysis.db_com.quxiu.bdbk.android-journal
- /data/data/####/tencent_analysis.db_com.quxiu.bdbk.android;xg_s...ournal
- /data/data/####/tencent_analysis.db_com.quxiu.bdbk.android;xg_service_v3
- /data/data/####/tpush.shareprefs.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_socialize.xml
- /data/data/####/update_lc
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/bdbk2.1.2.apk
- /data/media/####/tbslog.txt
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- chmod 755 <Package Folder>/.jiagu/libjiagu335055771.so
- echo <Package>,2100275879; 55877 203.205.128.130 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : 0 , ev :{ ov : 18 , sr : 600*752 , md : <System Property> , lg : en , sv : 3.2 , mf : unknown , apn : %s }}] 0 18
- echo <Package>,2100275879; 55877 203.205.128.130 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : 2a8ec4f5f21372454d30b3915c765cf7eb4844c2 , ev :{ ov : 18 , sr : 600*752 , md : <System Property> , lg : en , sv : 3.2 , mf : unknown , apn : %s }}] 0 18
- getprop ro.product.cpu.abi
- logcat -c
- logcat -d -v time
- ls /sys/class/thermal
- MtaNativeCrash_v2
- libjiagu335055771
- tpnsSecurity
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS7Padding
- DESede-ECB-PKCS5Padding
- RSA-ECB-NoPadding
- AES-CBC-NoPadding
- AES-ECB-PKCS7Padding
- DES-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding