Technical information
- Adware.Ysdk.1.origin
- Android.Backdoor.433.origin
- Android.DownLoader.3887
- Android.DownLoader.3887
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.0) tcms-a####.wan####.ta####.com:80
- TCP(HTTP/1.0) tcms-a####.wan####.ta####.com:443
- TCP(HTTP/1.1) p.dos####.me:6088
- TCP(HTTP/1.1) na61-####.wagbr####.ali####.####.com:80
- TCP(HTTP/1.1) hk.wagbr####.non####.####.com:80
- TCP(HTTP/1.1) d.shahe####.com:80
- TCP(HTTP/1.1) p.sportno####.com:6088
- TCP(HTTP/1.1) ap####.wodewe####.com:80
- TCP(HTTP/1.1) a####.m.ta####.com:80
- TCP(HTTP/1.1) 60.2####.114.66:9001
- TCP(HTTP/1.1) w####.wodewe####.com:80
- TCP(TLS/1.0) cp####.b####.com.####.com:443
- TCP(TLS/1.0) publish####.b####.com.####.com:443
- TCP(TLS/1.0) cpu.b####.com:443
- TCP(TLS/1.0) fex.bdst####.com:443
- TCP(TLS/1.0) 2####.58.211.110:443
- TCP(TLS/1.0) hpd.b####.com:443
- TCP(TLS/1.0) cac####.b####.com:443
- TCP(TLS/1.0) g####.b####.com:443
- TCP(TLS/1.0) hm.b####.com:443
- TCP i####.wan####.ta####.com:443
- a####.m.ta####.com
- ap####.wodewe####.com
- cac####.b####.com
- cp####.b####.com
- cpu.b####.com
- d.shahe####.com
- fad.d####.cn
- fc-####.cdn.bc####.com
- fex.bdst####.com
- g####.b####.com
- hm.b####.com
- hotp####.wan####.ta####.com
- hpd.b####.com
- i####.wan####.ta####.com
- m.fruitno####.com
- mo####.b####.com
- p.dos####.me
- p.sportno####.com
- publish####.b####.com
- tcms-a####.wan####.ta####.com
- w####.wodewe####.com
- wb.110.ta####.com
- y####.al####.com
- d.shahe####.com/n/s_160
- hk.wagbr####.non####.####.com/m/um.htm?c={"ser####
- p.dos####.me:6088/c/1557550598474
- tcms-a####.wan####.ta####.com:443/imlogingw/tcp60login?devid=####&ver=####
- w####.wodewe####.com/mu/app/mu_android_0.2.14.apk
- a####.m.ta####.com/rest/gc?dd=####&nsgs=####&ak=####&av=####&c=####&v=##...
- a####.m.ta####.com/rest/sur?ak=####&av=####&c=####&v=####&s=####&d=####&...
- ap####.wodewe####.com/mu/remote/loginService
- hk.wagbr####.non####.####.com/saveWb.json
- na61-####.wagbr####.ali####.####.com/api/update.do
- p.dos####.me:6088/p/1557550599065
- p.dos####.me:6088/t/1557550609432
- p.dos####.me:6088/t/1557550613461
- p.dos####.me:6088/t/1557550637414
- p.dos####.me:6088/t/1557550643041
- p.dos####.me:6088/t/1557550643266
- p.dos####.me:6088/t/1557550648366
- p.dos####.me:6088/t/1557550648675
- p.sportno####.com:6088/s/
- /data/data/####/.jg.ic
- /data/data/####/0a231bd8575dcf72.txt
- /data/data/####/1d77ea041509fe06.lock
- /data/data/####/246B03FCE7648F9DA4E90F1F7C002C99.jar.tmp
- /data/data/####/49814c4f5ac2f2f9.lock
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/JPushSA_Config.xml
- /data/data/####/SGMANAGER_DATA.xml
- /data/data/####/UTCommon.xml
- /data/data/####/UTMCConf-1369071460.xml
- /data/data/####/UTMCLog-1369071460.xml
- /data/data/####/__x_adsdk_agent_header__.xml
- /data/data/####/__xadsdk__remote__final__builtin__.jar
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.baidu.mobads.loader.xml
- /data/data/####/com.mu.future.xml
- /data/data/####/com.mu.future_2305
- /data/data/####/com.mu.future_TcmsService_2345
- /data/data/####/com.mu.future_preferences.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/device_id.xml.xml
- /data/data/####/download_file.db-journal
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/f_00000f
- /data/data/####/f_000010
- /data/data/####/f_000011
- /data/data/####/f_000012
- /data/data/####/index
- /data/data/####/jpush_stat_cache.json
- /data/data/####/libjiagu.so
- /data/data/####/libsecuritysdkx-3.1.27.so.tmp
- /data/data/####/mobclick_agent_cached_com.mu.future25
- /data/data/####/multidex.version.xml
- /data/data/####/qcznvz
- /data/data/####/sp.lock
- /data/data/####/tcms_setting_sp.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromium.db-journal (deleted)
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/data/####/ywAccount.xml
- /data/media/####/0FD0803C8191DAA3111728247A37E7EC.tmp
- /data/media/####/2_20190511_r
- /data/media/####/362EA202ABD46D8F5C1399B4D5FED62C.tmp
- /data/media/####/499F29BC17F57F466DB3C1A479B70273.tmp
- /data/media/####/4A60CFF27801AC8F2C6A8E92E9B0D12A.tmp
- /data/media/####/4D7EE96A744F6E65F45100C2D3E244FF.tmp
- /data/media/####/55EFFD1C066B29E057739A9319DA3DA2.tmp
- /data/media/####/6c709c11d2d46a7b
- /data/media/####/9929927ADF3BC6E9D4EAB3AC893387BA.tmp
- /data/media/####/Alvin2.xml
- /data/media/####/B6F0792F57556B069C9B3A8329FFF703.tmp
- /data/media/####/CB21C688F408E0E1723DF10CF611BD78.tmp
- /data/media/####/CFE4AD22F6482446B6ADA51C289B1F54.tmp
- /data/media/####/ContextData.xml
- /data/media/####/D74335F57F7FF29A945145DD2618F9DE.tmp
- /data/media/####/adv
- /data/media/####/config
- /data/media/####/dd7893586a493dc3
- /data/media/####/deviceId
- /data/media/####/journal.tmp
- /data/media/####/master
- /data/media/####/master.lock
- /data/media/####/mu_android_0.2.14.apk.temp
- cat /proc/cpuinfo | grep Serial
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- getprop ro.product.cpu.abi
- ls -l /system/xbin/su
- inet.2.0
- libjiagu
- securitysdk-3.1
- AES
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS5Padding
- DES-CBC-PKCS5Padding
- RSA-NONE-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-ECB-NoPadding
- AES-ECB-PKCS5Padding
- DES
- DES-CBC-PKCS5Padding