Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) loc.map.b####.com:80
- TCP(HTTP/1.1) o####.map.b####.com:80
- TCP(HTTP/1.1) sdk.c####.g####.####.cn:80
- TCP(HTTP/1.1) cdn-sdk####.g####.com.####.cn:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) ts.91####.com:80
- TCP(HTTP/1.1) st####.91####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(TLS/1.0) rr2---s####.g####.com:443
- TCP(TLS/1.0) 1####.177.14.94:443
- TCP(TLS/1.0) digital####.google####.com:443
- TCP(TLS/1.0) rr14---####.g####.com:443
- TCP(TLS/1.0) rr12---####.g####.com:443
- TCP(TLS/1.0) rr5---s####.g####.com:443
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) f####.gst####.com:443
- TCP(TLS/1.0) a####.91####.com:443
- TCP(TLS/1.0) and####.cli####.go####.com:443
- TCP(TLS/1.0) gmscomp####.google####.com:443
- TCP(TLS/1.0) rr6---s####.g####.com:443
- TCP(TLS/1.2) 1####.194.73.102:443
- TCP(TLS/1.2) 1####.194.163.27:443
- TCP(TLS/1.2) and####.cli####.go####.com:443
- TCP(TLS/1.2) digital####.google####.com:443
- TCP cm-1####.g####.com:5224
- TCP sdk.o####.t####.####.com:5224
- UDP digital####.google####.com:443
- 7j####.c####.z0.####.com
- a####.91####.com
- and####.b####.qq.com
- and####.cli####.go####.com
- api.map.b####.com
- c-h####.g####.com
- cdn-sdk####.g####.com
- cm-1####.g####.com
- digital####.google####.com
- f####.gst####.com
- gmscomp####.google####.com
- loc.map.b####.com
- o####.map.b####.com
- pla####.googleu####.com
- rr12---####.g####.com
- rr14---####.g####.com
- rr2---s####.g####.com
- rr5---s####.g####.com
- rr6---s####.g####.com
- rr6---s####.g####.com
- sdk-ope####.g####.com
- sdk.c####.g####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- st####.91####.com
- ts.91####.com
- a####.91####.com:443/api/index/1.0/app_index_ad?chr=####&uid=####&client...
- a####.91####.com:443/api/index/1.0/mall_recommend?chr=####&uid=####&clie...
- a####.91####.com:443/api/index/1.0/validation_appver?chr=####&uid=####&a...
- a####.91####.com:443/api/user/1.0/user_notice?chr=####&uid=####&clientTy...
- cdn-sdk####.g####.com.####.cn/tdata_EDB102
- cdn-sdk####.g####.com.####.cn/tdata_svG098
- cdn-sdk####.g####.com.####.cn/tdata_zNZ623
- sdk.c####.g####.####.cn/config/hzv9.conf
- sdk.o####.p####.####.com/api/addr.htm
- st####.91####.com/mall-h5/build/www/shop/108528332e2afcadd1acf4e4a18128a...
- st####.91####.com/mall-h5/build/www/shop/1fa42f415a2b61b0f176d24fe887ea8...
- st####.91####.com/mall-h5/build/www/shop/3a6719a0f2a7320eada936ac945ba50...
- st####.91####.com/mall-h5/build/www/shop/3c3a3f7ea971aa7c57083f2fc8e1758...
- st####.91####.com/mall-h5/build/www/shop/5bec1fb00b54020420143287f836c45...
- st####.91####.com/mall-h5/build/www/shop/659b86075b71aefd207a56fdbe79e4f...
- st####.91####.com/mall-h5/build/www/shop/92e26879bfbce8b005a1147ad4b8290...
- st####.91####.com/mall-h5/build/www/shop/Sailer.js
- st####.91####.com/mall-h5/build/www/shop/Telescope.js
- st####.91####.com/mall-h5/build/www/shop/ae57b7fb0d5f35caa5ad320e04dd4f5...
- st####.91####.com/mall-h5/build/www/shop/app.css
- st####.91####.com/mall-h5/build/www/shop/app.css.map
- st####.91####.com/mall-h5/build/www/shop/app.ebbb07a08d7c353e7a94.js
- st####.91####.com/mall-h5/build/www/shop/cdde819fbd3431b04519c613b585f90...
- st####.91####.com/mall-h5/build/www/shop/config.json
- st####.91####.com/mall-h5/build/www/shop/d07ae162319c1d59de9d01fad49b389...
- st####.91####.com/mall-h5/build/www/shop/fcfa0eec15ebc4b915b805b8af0606a...
- st####.91####.com/mall-h5/build/www/shop/index.html
- st####.91####.com/mall-h5/build/www/shop/pingpp.js
- st####.91####.com/mall-h5/build/www/shop/runtime.f2d569ede22c1962fbad.js
- st####.91####.com/mall-h5/build/www/shop/trycatch.js
- st####.91####.com/mall-h5/build/www/shop/vendors.41907408fcdd9758651d.js
- a####.91####.com:443/api/appindex/1.0/md_appindex_banners
- a####.91####.com:443/api/appindex/1.0/md_appindex_body
- a####.91####.com:443/api/index/1.0/md_medical_index_v2
- and####.b####.qq.com/rqd/async?aid=####
- c-h####.g####.com/api.php?format=####&t=####
- loc.map.b####.com/sdk.php
- o####.map.b####.com/offline_loc
- sdk.o####.p####.####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####&d=####&k=####
- ts.91####.com/nspm
- /data/data/####/.jg.ic
- /data/data/####/03295a4d4e254b4ee502aaf4046af27c.png
- /data/data/####/1004
- /data/data/####/108528332e2afcadd1acf4e4a18128ab.jpg
- /data/data/####/1fa42f415a2b61b0f176d24fe887ea84.png
- /data/data/####/39415cdf93dd
- /data/data/####/3a6719a0f2a7320eada936ac945ba508.jpg
- /data/data/####/3c3a3f7ea971aa7c57083f2fc8e1758a.png
- /data/data/####/3fcbb88691945a4eca89e9fe53179021.png
- /data/data/####/5bec1fb00b54020420143287f836c450.jpg
- /data/data/####/659b86075b71aefd207a56fdbe79e4f9.png
- /data/data/####/87f75c18
- /data/data/####/92e26879bfbce8b005a1147ad4b82903.png
- /data/data/####/Sailer.js
- /data/data/####/Telescope.js
- /data/data/####/ae57b7fb0d5f35caa5ad320e04dd4f5b.png
- /data/data/####/app.css
- /data/data/####/app.css.map
- /data/data/####/app.ebbb07a08d7c353e7a94.js
- /data/data/####/authStatus_cn.dreamplus.wentang;remote.xml
- /data/data/####/b867c129388c1de33be6071c737cacd2.png
- /data/data/####/bugly_db_-journal
- /data/data/####/cdde819fbd3431b04519c613b585f901.jpg
- /data/data/####/classes.dex
- /data/data/####/classes.oat
- /data/data/####/classes2.dex
- /data/data/####/classes3.dex
- /data/data/####/crashrecord.xml
- /data/data/####/d07ae162319c1d59de9d01fad49b3893.png
- /data/data/####/dr.db_-1000-journal
- /data/data/####/fcfa0eec15ebc4b915b805b8af0606a0.gif
- /data/data/####/firll.dat
- /data/data/####/gal.db
- /data/data/####/gal.db-journal
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/im.db-journal
- /data/data/####/index.html
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/libjiagu.so
- /data/data/####/local_crash_lock
- /data/data/####/local_crash_lock (deleted)
- /data/data/####/mac.xml
- /data/data/####/native_record_lock
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/pingpp.js
- /data/data/####/proc_auxv
- /data/data/####/push.pid
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/runtime.f2d569ede22c1962fbad.js
- /data/data/####/security_info
- /data/data/####/spdata.xml
- /data/data/####/tdata_svG098
- /data/data/####/tdata_svG098.dex
- /data/data/####/tdata_svG098.dex.flock (deleted)
- /data/data/####/tdata_svG098.jar
- /data/data/####/tdata_zNZ623
- /data/data/####/tdata_zNZ623.dex
- /data/data/####/tdata_zNZ623.dex.flock (deleted)
- /data/data/####/tdata_zNZ623.jar
- /data/data/####/trycatch.js
- /data/data/####/vendors.41907408fcdd9758651d.js
- /data/media/####/.cuid2
- /data/media/####/1711927710516.txt
- /data/media/####/1711927710531.txt
- /data/media/####/1711927711898.txt
- /data/media/####/1711927711899.txt
- /data/media/####/app.db
- /data/media/####/cn.dreamplus.wentang.bin
- /data/media/####/cn.dreamplus.wentang.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/conlts.dat
- /data/media/####/gkt
- /data/media/####/gkt-journal
- /data/media/####/gktper (deleted)
- /data/media/####/journal
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/media/####/patient.apk
- /data/media/####/tdata_svG098
- /data/media/####/tdata_zNZ623
- /data/media/####/uuid.txt
- /data/media/####/yoh.dat
- /data/media/####/yol.dat
- /data/media/####/yom.dat
- /data/misc/####/primary.prof
- /system/bin/cat /proc/cpuinfo
- /system/bin/sh -c getprop
- /system/bin/sh -c type su
- cat /proc/self/cgroup
- cat /proc/uid_stat/10065/tcp_rcv
- cat /proc/uid_stat/10065/tcp_snd
- chmod 755 /data/user/0/<Package>/.jiagu/libjiagu.so
- getprop
- mount
- sh
- libBugly
- libgetuiext2
- libjiagu
- liblocSDK7
- libxwalkcore
- libxwalkdummy
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding