Technical information
- Adware.Dowgin.3.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) 1####.213.69.195:80
- TCP(HTTP/1.1) s.wagbr####.alibaba####.com:80
- TCP(HTTP/1.1) an.ca.15####.cn:80
- TCP(HTTP/1.1) apilo####.a####.com:80
- TCP(HTTP/1.1) oc.u####.com:80
- TCP(HTTP/1.1) ap####.map.qq.com:80
- TCP(HTTP/1.1) mps.a####.com:80
- TCP(HTTP/1.1) traffi####.auto####.com:8888
- TCP(HTTP/1.1) res####.a####.com:80
- TCP(HTTP/1.1) dn.dd.15####.####.net:80
- a####.u####.com
- an.ca.15####.cn
- ap####.map.qq.com
- api####.a####.com
- au.u####.co
- au.u####.com
- dn.dd.15####.cn
- feed####.u####.com
- mm.a####.com
- oc.u####.com
- res####.a####.com
- traffi####.auto####.com
- ap####.map.qq.com/mkey/index.php/mkey/check?output=####&pf=####&key=####...
- dn.dd.15####.####.net/apk/20170705/201707051157602.png
- dn.dd.15####.####.net/apk/20171020/201710201050746.apk
- mps.a####.com/amapsrv/MPS?t=####&cp=####&mesh=####
- mps.a####.com/amapsrv/MPS?t=####&mesh=####
- a####.u####.com/app_logs
- an.ca.15####.cn//24201587/zia
- an.ca.15####.cn//24201587/zib
- an.ca.15####.cn//24201587/zic
- an.ca.15####.cn//24201587/zid
- apilo####.a####.com/v3/log/init
- oc.u####.com/check_config_update
- res####.a####.com/v3/bus/linename
- res####.a####.com/v3/config/resource
- s.wagbr####.alibaba####.com/api/check_app_update
- traffi####.auto####.com:8888/RouteStatusService/Handle.do?cmdtype=####&u...
- /data/data/####/.jiagu.ls
- /data/data/####/GPSLOCATION.xml
- /data/data/####/GPSLocationq.jar
- /data/data/####/_acnGPSLocationz.xml
- /data/data/####/_acnGPSLocationz.xml.bak
- /data/data/####/_gcnGPSLocations.xml
- /data/data/####/autonavi_Resource1_1_0.jar
- /data/data/####/com.iflytek.msc.xml
- /data/data/####/gps.db
- /data/data/####/gps.db-journal
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/last_know_location.xml
- /data/data/####/libjiagu.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/mobclick_agent_header_cn.goldfish.GPSLocation.xml
- /data/data/####/mobclick_agent_online_setting_cn.goldfish.GPSLocation.xml
- /data/data/####/mobclick_agent_state_cn.goldfish.GPSLocation.xml
- /data/data/####/umeng_feedback_conversations.xml
- /data/data/####/uscn.db-journal
- /data/media/####/103.dat
- /data/media/####/103.ind
- /data/media/####/201707051157602#png
- /data/media/####/201707051157602#png (deleted)
- /data/media/####/egnaro_etceles_egap_d
- /data/media/####/egnaro_gbntb_d
- /data/media/####/ehcac_ntb_mottob
- /data/media/####/elcric_cs_d
- /data/media/####/enil_efas
- /data/media/####/enil_efas_d
- /data/media/####/enil_jt_d
- /data/media/####/erahs_ntb_mottob
- /data/media/####/eulb_gbntb_d
- /data/media/####/gb_datuctrohs_d
- /data/media/####/gb_gmi
- /data/media/####/gb_gmi_d
- /data/media/####/gb_mottob
- /data/media/####/gb_pot
- /data/media/####/gb_pot_d
- /data/media/####/gb_sdrowda
- /data/media/####/gb_tluafed_d
- /data/media/####/iflyworkdir_test
- /data/media/####/journal
- /data/media/####/journal.tmp
- /data/media/####/kcab_pop
- /data/media/####/kcab_pop_d
- /data/media/####/lecnac_ntb_mottob_d
- /data/media/####/llatsni_ntb
- /data/media/####/llatsni_ntb_d
- /data/media/####/llatsni_ntb_mottob
- /data/media/####/lomron_egap_d
- /data/media/####/models.dat
- /data/media/####/models.ind
- /data/media/####/n_kcehcp
- /data/media/####/na_csppa_d
- /data/media/####/neerg_gbntb_d
- /data/media/####/noci_efas
- /data/media/####/noci_efas_d
- /data/media/####/ntb_erom_pc_d
- /data/media/####/ntb_meti
- /data/media/####/ntb_mottob_pop
- /data/media/####/ntb_mottob_pop_d
- /data/media/####/ntb_rehto_pc_d
- /data/media/####/ntbesolc_pot_x
- /data/media/####/ntbesolc_potd_d
- /data/media/####/nwod_worra
- /data/media/####/nwod_worra_d
- /data/media/####/p_kcehcp
- /data/media/####/pot_ntbseolc_d
- /data/media/####/pu_worra
- /data/media/####/pu_worra_d
- /data/media/####/rats_m
- /data/media/####/sti.dat
- /data/media/####/sti.ind
- /data/media/####/tnetnocppa
- /data/media/####/wolley_gbntb_d
- amapv304
- amapv304ex
- bspatch
- libjiagu
- msc
- tbt
- wtbt
- AES-ECB-PKCS5Padding
- DES
- RSA-ECB-PKCS1Padding