Technical information
- Adware.Gexin.3.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) et2-na6####.wagbr####.ali####.####.com:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) pi####.qq.com:80
- TCP(HTTP/1.1) s####.tc.qq.com:80
- TCP(HTTP/1.1) p####.tc.qq.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) pin####.qq.com:80
- TCP(HTTP/1.1) s####.e.qq.com:80
- TCP(HTTP/1.1) sc.g####.qq.com:80
- TCP(HTTP/1.1) v.g####.qq.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8011
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8012
- TCP(HTTP/1.1) 3####.tc.qq.com:80
- TCP(HTTP/1.1) mi.g####.qq.com:80
- TCP(TLS/1.0) av1.x####.com:443
- TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) c####.x####.com:443
- TCP(TLS/1.0) adt.x####.com:443
- TCP(TLS/1.0) and####.xing####.cn:443
- TCP(TLS/1.0) i####.xing####.cn:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5224
- a####.b####.qq.com
- adt.x####.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- and####.xing####.cn
- av1.x####.com
- c####.g####.ig####.com
- c####.x####.com
- c####.x####.com
- c-h####.g####.com
- c.g####.qq.com
- dd.m####.com
- i####.xing####.cn
- i####.xing####.cn
- imgc####.qq.com
- log.u####.com
- mi.g####.qq.com
- p####.ugd####.com
- pi####.qq.com
- pin####.qq.com
- plb####.u####.com
- pp.m####.com
- qzones####.g####.cn
- s####.e.qq.com
- sc.g####.qq.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- u####.u####.com
- v.g####.qq.com
- 3####.tc.qq.com/16891/943223ECDCE4FD75D42C92B6F75A156F.apk?fsname=####&_...
- et2-na6####.wagbr####.ali####.####.com/bar/get/5b67b501a40fa33d25000013/...
- mi.g####.qq.com/gdt_mview.fcg?actual_width=####&count=####&r=####&templa...
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android03/js-release/1.1.0/nati...
- p####.tc.qq.com/qzone/biz/gdt/mod/android/AndroidAllInOne/proguard/his/r...
- s####.tc.qq.com/gdt/0/DAAbPIyAUAALQABVBb987zBWCB09K_.jpg/0?ck=####
- s####.tc.qq.com/gdt/0/e0630102e32b808c011491561e48e5c3.JPG/0?ck=####
- s####.tc.qq.com/ma_icon/0/icon_42262294_1554410249/256
- sc.g####.qq.com/gdt_mclick.fcg?viewid=####&jtype=####&i=####&os=####&asi...
- sc.g####.qq.com/gdt_trace_a.fcg?actionid=####&targettype=####&tagetid=##...
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- aexcep####.b####.qq.com:8011/rqd/async
- aexcep####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- c-h####.g####.com/api.php?format=####&t=####
- pi####.qq.com/mstat/report/?index=####
- pin####.qq.com/request
- s####.e.qq.com/activate
- s####.e.qq.com/click
- s####.e.qq.com/msg
- sdk.o####.p####.####.com/api.php?format=####&t=####
- v.g####.qq.com/gdt_stats.fcg
- /data/data/####/.imprint
- /data/data/####/05940bbf95802dcde928b077df487e93f674f94839a8cb1....0.tmp
- /data/data/####/1554547291531_2290
- /data/data/####/1554547291898_2290
- /data/data/####/1554547292035_2290
- /data/data/####/1554547292157_2290
- /data/data/####/1554547292209_2290
- /data/data/####/1554547292442_2290
- /data/data/####/1554547292468_2290
- /data/data/####/1554547294257_2290
- /data/data/####/1554547294261_2290
- /data/data/####/1554547294556_2290
- /data/data/####/1554547294698_2290
- /data/data/####/1554547303487_2290
- /data/data/####/1554547303586_2290
- /data/data/####/1554547305987_2290
- /data/data/####/1554547306438_2290
- /data/data/####/1554547309829_2577
- /data/data/####/1554547309952_2577
- /data/data/####/1554547310083_2577
- /data/data/####/1554547312149_2577
- /data/data/####/1554547312153_2577
- /data/data/####/1554547315312_2290
- /data/data/####/1554547315361_2290
- /data/data/####/1554547316878_2290
- /data/data/####/1554547319451_2290
- /data/data/####/1554547319494_2290
- /data/data/####/1554547319995_2290
- /data/data/####/1554547323906_2290
- /data/data/####/1554547323989_2290
- /data/data/####/1554547324360_2290
- /data/data/####/1554547335654_2290
- /data/data/####/1554547335718_2290
- /data/data/####/1554547336214_2290
- /data/data/####/1554547356965_2290
- /data/data/####/1955aca4254dd7e258e59090e09da39fc0ce0a1899e5c37....0.tmp
- /data/data/####/1a93b63c77d1765fb23ad52c40b0ae95ea6782522d4da70....0.tmp
- /data/data/####/1a93b63c77d1765fb23ad52c40b0ae95ea6782522d4da70...d8b7.0
- /data/data/####/2290.yaqcookie
- /data/data/####/2e567d12329ce642029aa78d9f2b67a089653be2811cd5e....0.tmp
- /data/data/####/2fb39c593bc9a3f8124c7676b33a0f8dfe87ce7de3e1b93....0.tmp
- /data/data/####/34ef5617993fdff54027e5045773b233ccd3647e34f1d97....0.tmp
- /data/data/####/3e13a9d09b060363bb63e26211153f3a9c34307d03766ec....0.tmp
- /data/data/####/45d0f6c3cf8fa86f4f56e0b6aea40d04f91482513314bf0....0.tmp
- /data/data/####/4bf99d3c6960ba93207b102857918087972cf77523c5587....0.tmp
- /data/data/####/4ecdd0e7dd51ad4fdfc76799460c1a395140c1e0b967a1e....0.tmp
- /data/data/####/5a1a6884d829f32727c4042cfe827ac39e10d6886a2fc79....0.tmp
- /data/data/####/629dd925c190e266c0ea0a44125e0574fabb8df1c853f6a....0.tmp
- /data/data/####/70cf2a75f6d6d1e3c69aa293656ce5852c2ae700f62b0c4....0.tmp
- /data/data/####/7291f1adde4760a80f99b3b6dcf61c6875dd108caff5203....0.tmp
- /data/data/####/7aab6fc96bcb966f7a089f7433a57ecda79ad0f54736b91....0.tmp
- /data/data/####/81ef8a8b2716d9652375acf9b54f345bb19dc6237b6f412....0.tmp
- /data/data/####/865525c63a34525cf8c69f812abf58ae2bc8d8557168751....0.tmp
- /data/data/####/8797225eca0499c48c82b39c12d85a507494505b055edad....0.tmp
- /data/data/####/99fe913a1b399cd3057bdbf061b83b6e9dad6e9258a9129....0.tmp
- /data/data/####/Archimedes_p1
- /data/data/####/Archimedes_p2
- /data/data/####/Archimedes_p3
- /data/data/####/Archimedes_p4
- /data/data/####/Archimedes_p5
- /data/data/####/BuglySdkInfos.xml
- /data/data/####/GDTSDK.db
- /data/data/####/GDTSDK.db-journal
- /data/data/####/MiscDATA.xml
- /data/data/####/MultiDex.lock
- /data/data/####/TDCloudSettingsConfigF027E88952234A098C94BEA915CF51D7.xml
- /data/data/####/TD_app_pefercen_profile.xml
- /data/data/####/TDpref_cloudcontrol1.xml
- /data/data/####/TDpref_cloudcontrol2.xml
- /data/data/####/TDpref_longtime.xml
- /data/data/####/TDpref_longtime0.xml
- /data/data/####/TDpref_longtime1.xml
- /data/data/####/TDpref_shorttime.xml
- /data/data/####/TDpref_shorttime0.xml
- /data/data/####/TDpref_shorttime1.xml
- /data/data/####/TalingDataConfigF027E88952234A098C94BEA915CF51D7.xml
- /data/data/####/UM_PROBE_DATA.xml
- /data/data/####/UserDATA.xml
- /data/data/####/a==7.5.4&&3.6.2_1554547296987_envelope.log
- /data/data/####/acd0365891745fd2bd9fd587b690eabd0e31871094a3750....0.tmp
- /data/data/####/af370c4fb8a62ef4a5a710001fd60217ac61a241d579ca2....0.tmp
- /data/data/####/b6a3e3fe66766fb207f45bbec8f756acc41d81bb9d64185....0.tmp
- /data/data/####/b70ce4de37acece33e5a5ce0bb1163149af57b231e1f6e6....0.tmp
- /data/data/####/b83798e230a36630c66a49dd3b614ff52a7d6440b3ea1ed....0.tmp
- /data/data/####/baea77d847e77fd4ccc7b63488aab76cb3b078168061012....0.tmp
- /data/data/####/bdb7bc5ba0edbc2c0c24a406e133d4b9c284978a90fb5b3....0.tmp
- /data/data/####/bugly_db_legu-journal
- /data/data/####/c0bfac7dec72f7c43c1e8e28ae1421871d21b2e3933f309....0.tmp
- /data/data/####/c756117adf6b910e56a6bba6bc0ee8db13ba037ce53bbb9....0.tmp
- /data/data/####/c845adbe94c357049bb07e83ec0144cdecfb35851899eba....0.tmp
- /data/data/####/ccd7d00da1937179e7089604be0dc3243b2ebdbbf2ca283....0.tmp
- /data/data/####/cn.xingread.free.mid.world.ro.xml
- /data/data/####/cn.xingread.free_preferences.xml
- /data/data/####/collect_config_file.xml
- /data/data/####/d54eb38eb5e6329e0f8ca7ee379ca27e33d7211e00089c6....0.tmp
- /data/data/####/d964aeb9ca48dd9279cbc5901b0993242628c0749861808....0.tmp
- /data/data/####/dW1weF9pbnRlcm5hbF8xNTU0NTQ3Mjg5ODQ1;
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/devCloudSetting.cfg
- /data/data/####/devCloudSetting.sig
- /data/data/####/dexMethod.28020090.dat
- /data/data/####/df71aadb77ce30d029c91d0088b9b37e4024f50cdcc6a8f....0.tmp
- /data/data/####/e4f00e52ba02a4315a455bb58b7b215cdb4c5a99f4f4a2e....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f5ce86e388a8ab5bc66e5870b95f66ae229d4ec1384a531....0.tmp
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/first_install_time.xml
- /data/data/####/fistInstall.xml
- /data/data/####/gdaemon_20161017
- /data/data/####/gdt_ad_info.xml
- /data/data/####/gdt_config.cfg
- /data/data/####/gdt_first_install_file.xml
- /data/data/####/gdt_plugin.jar
- /data/data/####/gdt_plugin.jar.sig
- /data/data/####/gdt_plugin.tmp
- /data/data/####/gdt_plugin.tmp.sig
- /data/data/####/gdt_suid
- /data/data/####/getui_sp.xml
- /data/data/####/gx_sp.xml
- /data/data/####/hong.db-journal
- /data/data/####/hsfirstopen.xml
- /data/data/####/i==1.2.0&&3.6.2_1554547289803_envelope.log
- /data/data/####/index
- /data/data/####/info.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/iv
- /data/data/####/journal.tmp
- /data/data/####/legu_tencent_analysis.db_cn.xingread.free-journal
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.9.0.2.so
- /data/data/####/libufix.so
- /data/data/####/libyaqbasic.28020090.so
- /data/data/####/libyaqpro.28020090.so
- /data/data/####/local_crash_lock
- /data/data/####/mix.dex
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/pop_config_file.xml
- /data/data/####/pri_legu_tencent_analysis.db_cn.xingread.free-journal
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/salt
- /data/data/####/sdkCloudSetting.cfg
- /data/data/####/sdkCloudSetting.sig
- /data/data/####/security_info
- /data/data/####/select_class_id_file.xml
- /data/data/####/tdid.xml
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/umdat.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_common_location.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_socialize.xml
- /data/data/####/update_lc
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/yaqsdkcookie
- /data/media/####/-1471325777
- /data/media/####/-560253799
- /data/media/####/-927843996
- /data/media/####/.a.dat
- /data/media/####/.adfwe.dat
- /data/media/####/.cca.dat
- /data/media/####/.mid.txt
- /data/media/####/.mid.txt1000001
- /data/media/####/.nomedia
- /data/media/####/.umm.dat
- /data/media/####/101397.sht
- /data/media/####/101399.sht
- /data/media/####/101401.sht
- /data/media/####/101403.sht
- /data/media/####/101405.sht
- /data/media/####/101407.sht
- /data/media/####/101409.sht
- /data/media/####/101411.sht
- /data/media/####/101413.sht
- /data/media/####/101415.sht
- /data/media/####/1895312081
- /data/media/####/1927509108
- /data/media/####/2115169188
- /data/media/####/275767772
- /data/media/####/307964799
- /data/media/####/311480.sht
- /data/media/####/311481.sht
- /data/media/####/311482.sht
- /data/media/####/311483.sht
- /data/media/####/311484.sht
- /data/media/####/311485.sht
- /data/media/####/311486.sht
- /data/media/####/311487.sht
- /data/media/####/311488.sht
- /data/media/####/311489.sht
- /data/media/####/591679.sht
- /data/media/####/591680.sht
- /data/media/####/591681.sht
- /data/media/####/591682.sht
- /data/media/####/591683.sht
- /data/media/####/591684.sht
- /data/media/####/591685.sht
- /data/media/####/591686.sht
- /data/media/####/591687.sht
- /data/media/####/591688.sht
- /data/media/####/62890.sht
- /data/media/####/62891.sht
- /data/media/####/62892.sht
- /data/media/####/62893.sht
- /data/media/####/62894.sht
- /data/media/####/62895.sht
- /data/media/####/62896.sht
- /data/media/####/62897.sht
- /data/media/####/62898.sht
- /data/media/####/62899.sht
- /data/media/####/app.db
- /data/media/####/bb86256d6ad62ef47cfbec695774437f
- /data/media/####/cn.xingread.free.bin
- /data/media/####/cn.xingread.free.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/test.log
- /data/media/####/updata.apk
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.PushService 24569 300 0
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.0.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- ls /
- ls /sys/class/thermal
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.PushService 24569 300 0
- Bugly
- MtaNativeCrash
- getuiext2
- libnfix
- libshella-2.9.0.2
- libufix
- libyaqbasic.28020090
- libyaqpro.28020090
- nfix
- ufix
- AES
- AES-CBC-NoPadding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- RSA-NONE-PKCS1PADDING
- AES
- AES-CBC-NoPadding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding