Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) oss.lanlan####.com:80
- TCP(HTTP/1.1) x####.r####.com:8808
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) gd2.al####.com:80
- TCP(HTTP/1.1) ada####.m.ta####.com:80
- TCP(HTTP/1.1) ad####.m.ta####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8012
- TCP(HTTP/1.1) na61-####.wagbr####.non####.####.com:80
- TCP(HTTP/1.1) wild####.al####.com.####.net:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) o####.lanlan####.com:80
- TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) and####.cli####.go####.com:443
- TCP(TLS/1.0) nbsdk-b####.al####.com:443
- TCP(TLS/1.0) 1####.217.20.110:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5226
- 7j####.c####.z0.####.com
- a####.u####.com
- ad####.m.ta####.com
- ada####.m.ta####.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- and####.cli####.go####.com
- banner####.xiao####.com
- c####.g####.ig####.com
- c-h####.g####.com
- gd2.al####.com
- img.al####.com
- log.u####.com
- nbsdk-b####.al####.com
- o####.lanlan####.com
- o####.lanlan####.com
- o####.lanlan####.com
- oss.lanlan####.com
- pub-####.qin####.com
- s####.u####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- x####.r####.com
- y####.al####.com
- ad####.m.ta####.com/rest/gc2?ak=####&av=####&c=####&d=####&sv=####&t=###...
- gd2.al####.com/imgextra/i4/2778553945/O1CN011f0qwLJuOSkIJkq_!!2778553945...
- o####.lanlan####.com/09001b18232f2e1202022544eaa5dcd0!0_750x750.jpg
- o####.lanlan####.com/1fbb5a8ffb388c33f6f068e8d3c26766_549x612.jpg@!1-500...
- o####.lanlan####.com/2382609631246a87fae59ec5d29433ed!0_750x750.jpg
- o####.lanlan####.com/26424a08358dae06d798a6b3f95e2117!0_569x750.jpg
- o####.lanlan####.com/4ace064d3efb62550d0032c6e24ee698!0_347x750.jpg
- o####.lanlan####.com/5b159ae4bb4eb02d544946992160ab52!0_750x750.jpg
- o####.lanlan####.com/5b1fd67af380801c1f1c4ca463d16dbb!0_750x750.jpg
- o####.lanlan####.com/60b9635f0e87045e248f645d3ea4bcdf!0_750x750.jpg
- o####.lanlan####.com/6497c79043677d16d30320cacab5f799!0_750x750.jpg
- o####.lanlan####.com/7b701711c73bb29a11fc26d849154858!0_299x750.jpg
- o####.lanlan####.com/8d9d306f5e23ad17a04fbef45e794dd8_750x750.jpg
- o####.lanlan####.com/94421879b16febe3b1c3c099b6019689!0_444x750.jpg
- o####.lanlan####.com/9973c86565c4310783497c9c7e0bc8ad!0_750x750.jpg
- o####.lanlan####.com/9a459e9ccf0f2a44c5469e633438695f!0_750x750.jpg
- o####.lanlan####.com/aaed11ab204acf7315cee46c4fdfc0ec!0_750x750.jpg
- o####.lanlan####.com/be9e19685c126f9cdf35d6b5d950f46d!0_750x750.jpg
- o####.lanlan####.com/c414c90fbf01cd07767c9b980fea6a04_800x800.jpg
- o####.lanlan####.com/d049d21df1aef7307405b096df0b56d5!0_750x750.jpg
- o####.lanlan####.com/e40d57d080f2d1bc048a35c001f67061_750x750.jpg
- o####.lanlan####.com/e7c763445a91061bb84bcfa77311c903_750x750.jpg
- o####.lanlan####.com/e8dd0ebb79290e5fd46c8e5ad7bb9257_750x750.jpg
- o####.lanlan####.com/e96304a4068f985df1f6d9f42645f947!0_750x750.jpg
- o####.lanlan####.com/e97f23bb9b2e6b969fd9240745b7bf84!0_750x750.jpg
- o####.lanlan####.com/ed22958d108e540160ef7bd130ab6c50!0_750x750.jpg
- o####.lanlan####.com/f7b5ae3baaa230c9aeecd4b23aa174ea!0_750x750.jpg
- o####.lanlan####.com/fb02c4bc8da85f86dc76a636a0f3de81!0_750x750.jpg
- oss.lanlan####.com/120d75e76406af0534178f08efe93772!0_750x750.jpg
- oss.lanlan####.com/125f7e510f343c524465edf56a56d68c!0_750x750.jpg
- oss.lanlan####.com/31936d7ea16cfc054484ba7c063fc424!0_750x750.jpg
- oss.lanlan####.com/58a2da7ff51a5c7b868a2a279884471e!0_750x750.jpg
- oss.lanlan####.com/768b084ce74c3be98e8ac1101c6b16cc!0_750x750.jpg
- oss.lanlan####.com/87715061d31cfc775d54c5320dd79aa6!0_560x750.jpg
- oss.lanlan####.com/aa2e8e88de58bdf28a26289561a2b6eb!0_422x750.jpg
- oss.lanlan####.com/b2900c4c8ba5108df64e1ad052e53632!0_750x750.jpg
- t####.c####.q####.####.com/tdata_Soq141
- t####.c####.q####.####.com/tdata_ntt510
- ti####.c####.l####.####.com/1543995851670.png
- ti####.c####.l####.####.com/1543995865197.png
- ti####.c####.l####.####.com/1544059572748.png
- ti####.c####.l####.####.com/1544060019906.png
- wild####.al####.com.####.net/i4/1034921830/TB2goBMdAvoK1RjSZPfXXXPKFXa_!...
- wild####.al####.com.####.net/imgextra///img.alicdn.com/imgextra/i1/30879...
- wild####.al####.com.####.net/imgextra///img.alicdn.com/imgextra/i4/32783...
- wild####.al####.com.####.net/imgextra/i1/725677994/TB2yHU9AFOWBuNjy0FiXX...
- wild####.al####.com.####.net/imgextra/i2/2378443470/O1CN011bVInw16QpWMab...
- wild####.al####.com.####.net/imgextra/i2/381699112/O1CN012HBLQWrAnvKJxeB...
- wild####.al####.com.####.net/imgextra/i2/744441794/O1CN011P7h0tmuuPcGU9v...
- wild####.al####.com.####.net/imgextra/i4/1072905416/O1CN01qv8bhe1psZZWzT...
- a####.u####.com/app_logs
- ada####.m.ta####.com/rest/sur?ak=####&av=####&c=####&v=####&s=####&d=###...
- aexcep####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- c-h####.g####.com/api.php?format=####&t=####
- na61-####.wagbr####.non####.####.com/saveWb.json
- sdk.o####.p####.####.com/api.php?format=####&t=####
- x####.r####.com:8808/banner/getBanneNoticeV1
- x####.r####.com:8808/banner/getBannerByKeyV2
- x####.r####.com:8808/banner/getMenuBanner
- x####.r####.com:8808/banner/getModelBannerV2
- x####.r####.com:8808/banner/getSlideBanner
- x####.r####.com:8808/category/getCategory
- x####.r####.com:8808/category/getCategoryItemForIndex
- x####.r####.com:8808/product/getHotProductListByCid
- x####.r####.com:8808/product/getProductList
- x####.r####.com:8808/productV2/findCouponByPid
- x####.r####.com:8808/productV2/findProductById
- x####.r####.com:8808/productV2/findRecommend
- x####.r####.com:8808/system/checkVersion
- /data/data/####/.imprint
- /data/data/####/0a231bd8575dcf72.txt
- /data/data/####/13a32dc973c526cc904dc54eb077641a59d3642d0f3d762....0.tmp
- /data/data/####/1544434193728.log
- /data/data/####/1544434193728.log.bak
- /data/data/####/1ad6144ab9d36b18b60ad6236148620e45645569abfe036....0.tmp
- /data/data/####/21c22f492aba3de8.lock
- /data/data/####/2900fd63992d9a2bda0ee09f016b5f4a68a3f3eca81dfba....0.tmp
- /data/data/####/308fc281ec3b7f2181044bc05d08780253f6ab2fc7a8521....0.tmp
- /data/data/####/3883c303d776563f5caa3022a1e524e8e73544d93709122....0.tmp
- /data/data/####/4127dfad2c28664dc03f5af3270fd5a6ae0428560626f9d....0.tmp
- /data/data/####/52d7a1c7b8ff08deb53a967e464a6629b9f708df5d6c5cb....0.tmp
- /data/data/####/746936702
- /data/data/####/79aa941dc8934dadfe11ed51d2d08345a34e32d1392a054....0.tmp
- /data/data/####/7d80a8037464c53d96bea47e1597a44978ed9e308a28cef....0.tmp
- /data/data/####/8ef9c457b3bbb403.lock
- /data/data/####/930a31b34bd52c08.lock
- /data/data/####/9356d0877042dd5b544c4c3ce6ec474ff831b40712896d4....0.tmp
- /data/data/####/94bb6ef717e0be36b7a1910da27528e1442234b40c0033a....0.tmp
- /data/data/####/AlibcLinkPartner.xml
- /data/data/####/AlibcLinkPartner.xml (deleted)
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/MEMBER_IM.xml
- /data/data/####/Q0VSVC5SU0EK.txt8e4
- /data/data/####/SGMANAGER_DATA2.tmp
- /data/data/####/UTCommon.xml
- /data/data/####/a2a5ee9cdda42e4d6d6cd565902233b75cd664a31b67ec9....0.tmp
- /data/data/####/aliTradeConfigSP.xml
- /data/data/####/ap.Lock
- /data/data/####/auth_sdk_device.xml
- /data/data/####/bugly_db_legu-journal
- /data/data/####/c9a6480f5aee280b243496a1cfeb7da3e667ff4e09a3779....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.fzh.xylm_preferences.xml
- /data/data/####/d3f56105545bb1453f7224617d2892c5c6e14ae3000765e....0.tmp
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dc22368da4ab1f7cc8d8e732c96a6d113d12529cb33100b....0.tmp
- /data/data/####/e0ab66251e5c401ede7d054d64e34717171aecbe78140fc....0.tmp
- /data/data/####/e15fd3f68918d6518249f05356d681e19a3c6837ff163e6....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f47af77a5d9252087723cef83230006e8c0dffa9affc13a....0.tmp
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/f_00000f
- /data/data/####/f_000010
- /data/data/####/f_000011
- /data/data/####/f_000012
- /data/data/####/f_000013
- /data/data/####/f_000014
- /data/data/####/f_000015
- /data/data/####/f_000016
- /data/data/####/f_000017
- /data/data/####/f_000018
- /data/data/####/f_000019
- /data/data/####/f_00001a
- /data/data/####/f_00001b
- /data/data/####/f_00001c
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal.tmp
- /data/data/####/libnfix.so
- /data/data/####/libsgmainso-5.1.96.so.tmp
- /data/data/####/libsgsecuritybodyso-5.1.25.so
- /data/data/####/libshella-2.9.0.2.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/lock.lock
- /data/data/####/mix.dex
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/sp.lock
- /data/data/####/tdata_Soq141
- /data/data/####/tdata_Soq141.jar
- /data/data/####/tdata_ntt510
- /data/data/####/tdata_ntt510.jar
- /data/data/####/timestamp
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_socialize.xml
- /data/data/####/umeng_socialize.xml.bak
- /data/data/####/ut.db
- /data/data/####/ut.db-journal
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/6c709c11d2d46a7b
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/app.db
- /data/media/####/com.fzh.xylm.bin
- /data/media/####/com.fzh.xylm.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/dd7893586a493dc3
- /data/media/####/hid.dat
- /data/media/####/tdata_Soq141
- /data/media/####/tdata_ntt510
- /data/media/####/test.log
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.service.GeTuiPushService 24197 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.0.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- mount
- Bugly
- getuiext2
- libnfix
- libshella-2.9.0.2
- libufix
- nfix
- sgmainso-5.1
- sgsecuritybodyso-5.1
- ufix
- ut_c_api
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding