Technical information
- Android.BackDoor.312
- Android.Backdoor.547.origin
- UDP(DNS) <Google DNS>
- TCP(GCM) <Google Host>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) j####.isix####.com:20000
- TCP(HTTP/1.1) j####.isix####.com:40000
- TCP(HTTP/1.1) rd.gdata####.net:80
- TCP(HTTP/1.1) cl.mo####.u####.com:80
- TCP(HTTP/1.1) j####.isix####.com:30000
- TCP(HTTP/1.1) pg.x####.com:80
- TCP(HTTP/1.1) i####.cn.com:80
- TCP(HTTP/1.1) cf.gdata####.net:80
- TCP(HTTP/1.1) 1####.196.40.71:9600
- TCP(HTTP/1.1) 1####.196.40.71:9500
- TCP(HTTP/1.1) res.icloudl####.com:80
- TCP(TLS/1.0) gv1.x####.com:443
- TCP 1####.168.66.254:38632
- TCP 1####.168.66.254:42369
- TCP 1####.207.140.190:8080
- a####.u####.com
- cf.gdata####.net
- cl.mo####.u####.com
- gv1.x####.com
- i####.cn.com
- j####.isix####.com
- j####.isix####.com
- j####.isix####.com
- j####.isix####.com
- pg.x####.com
- rd.gdata####.net
- res.icloudl####.com
- i####.cn.com/a/3521668acb8d3a1a04964513d0f7eb368
- res.icloudl####.com/ads/img/1e6f5939c5a54664923d435438aad226.png
- res.icloudl####.com/ads/img/24bae5abb30640a2a0889761ea2f2e29.png
- res.icloudl####.com/ads/img/2b396af3938d4ed9ad01e1fcf53a2c7c.png
- res.icloudl####.com/ads/img/2cd5ec31a1f84798a4920cb12a9710bb.png
- res.icloudl####.com/ads/img/5234512f80554c2c82a145427dbc4a1d.png
- res.icloudl####.com/ads/img/64f97c8a10284e03be8ed7130acb6e89.png
- res.icloudl####.com/ads/img/8237c9d203e845d5bd4d0750c9713744.png
- res.icloudl####.com/ads/img/d2187c73af9b4fdbab1209b57f4d9a92.png
- res.icloudl####.com/ads/img/d3aed35d46a94efab24046432b74c915.png
- res.icloudl####.com/ads/img/dee33b815eb440bfb27d13f7f6b1a15e.png
- res.icloudl####.com/ads/img/fdc728bc379c48e898e849ee936fbd5c.png
- res.icloudl####.com/ads/pri/1459226725432.slz
- res.icloudl####.com/ads/pri/56a45b0d725c41e3beb13e82297c9c86.apk
- res.icloudl####.com/ads/pri/b4844bf032ed438686c8edde6b5d989b.apk
- res.icloudl####.com/ads/pri/f4a47a64e5ce44d4aefa9b275734deef.apk
- cl.mo####.u####.com/show.aspx?Key=####
- j####.isix####.com:40000/
- pg.x####.com/api/q/a/3521668acb8d3a1a04964513d0f7eb368
- pg.x####.com/api/statis/3521668acb8d3a1a04964513d0f7eb368/game-D8B53C15C...
- rd.gdata####.net/config/update
- rd.gdata####.net/dc/sync_adr
- <Package Folder>/databases/MF_CFG-journal
- <Package Folder>/databases/cc.db
- <Package Folder>/databases/cc.db-journal
- <Package Folder>/databases/dataeye_database_8627E8C43709E88F1A9...0F2.db
- <Package Folder>/databases/dataeye_database_8627E8C43709E88F1A9...ournal
- <Package Folder>/databases/talkingdata_app.db-journal
- <Package Folder>/databases/ua.db
- <Package Folder>/databases/ua.db-journal
- <Package Folder>/databases/vi_db_pay-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/files/####/2d49d8d3-8a44-4a13-b2be-8dfe571e589a.zip
- <Package Folder>/files/####/46c0f3ee-b87c-47e5-a546-979287283b1c.zip
- <Package Folder>/files/####/67d378ad-7fdd-45a5-9eec-da25ef53ad7e.zip
- <Package Folder>/files/####/9ba942a3-be96-4014-80f4-b6579f2c92fd.zip
- <Package Folder>/files/####/a1d89822-e7d9-4f19-9fe0-c1982ce37ccd.zip
- <Package Folder>/files/####/exchangeIdentity.json
- <Package Folder>/files/.imprint
- <Package Folder>/files/exid.dat
- <Package Folder>/files/libexec.so
- <Package Folder>/files/look
- <Package Folder>/files/myfvu.jar
- <Package Folder>/files/paylib.jar
- <Package Folder>/files/talkingdata_app_process_preferences_file
- <Package Folder>/files/talkingdata_app_version_preferences_file
- <Package Folder>/files/umeng_it.cache
- <Package Folder>/shared_prefs/3521668acb8d3a1a04964513d0f7eb368...le.xml
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/Alvin2.xml
- <Package Folder>/shared_prefs/ContextData.xml
- <Package Folder>/shared_prefs/TD_app_pefercen_profile.xml
- <Package Folder>/shared_prefs/TD_app_pefercen_profile.xml.bak
- <Package Folder>/shared_prefs/dc.8627E8C43709E88F1A91592EE71700...es.xml
- <Package Folder>/shared_prefs/initdata.xml
- <Package Folder>/shared_prefs/pref_file.xml
- <Package Folder>/shared_prefs/pref_file.xml.bak
- <Package Folder>/shared_prefs/td_pefercen_profile.xml
- <Package Folder>/shared_prefs/td_pefercen_profile.xml.bak
- <Package Folder>/shared_prefs/tdid.xml
- <Package Folder>/shared_prefs/umeng_general_config.xml
- <Package Folder>/shared_prefs/umeng_general_config.xml.bak
- <Package Folder>/shared_prefs/unknown.xml
- <SD-Card>/.4d02db8e14/####/crash-2017-08-04-1501849360305.log
- <SD-Card>/.4d02db8e14/####/crash-2017-08-04-1501849382682.log
- <SD-Card>/.4d02db8e14/####/crash-2017-08-04-1501849391890.log
- <SD-Card>/.DataStorage/ContextData.xml
- <SD-Card>/.SystemService/####/uid
- <SD-Card>/.UTSystemConfig/####/Alvin2.xml
- <SD-Card>/.acterr
- <SD-Card>/.system_temp/.cfg
- <SD-Card>/.tcookieid
- <SD-Card>/Android/####/sysid.dat
- /system/bin/sh
- <Package Folder>/files/test <Package Folder>/files/ 77cb2f178f4a415bbca45b44e5174ec9
- cat /sys/block/mmcblk0/device/cid
- chmod -R 777 <Package Folder>/files/
- chmod -R 777 <Package Folder>/files/test
- chmod 777 <Package Folder>/files/look
- chmod 777 <Package Folder>/files/part
- getprop ro.product.cpu.abi
- ls -l /sbin/su
- ls -l /system/bin/su
- ls -l /system/sbin/su
- ls -l /system/xbin/su
- ls -l /vendor/bin/su
- sh
- cocos2dcpp
- libexec
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- DES-ECB-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- DES-ECB-NoPadding