Technical information
- Adware.Plague.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.0) th.pen####.com:80
- TCP(HTTP/1.1) adf####.b0.a####.com:80
- TCP(TLS/1.0) de####.mixp####.com:443
- TCP(TLS/1.0) sett####.crashly####.com:443
- TCP(TLS/1.0) ssl.google-####.com:443
- TCP(TLS/1.0) pag####.googlea####.com:443
- TCP(TLS/1.0) googl####.g.doublec####.net:443
- api.mixp####.com
- de####.mixp####.com
- googl####.g.doublec####.net
- pag####.googlea####.com
- s.pen####.com
- sett####.crashly####.com
- ssl.google-####.com
- th.pen####.com
- adf####.b0.a####.com/1470216330340.png
- adf####.b0.a####.com/1492487703964.png
- adf####.b0.a####.com/1501667756496.png
- adf####.b0.a####.com/1501668177364.png
- adf####.b0.a####.com/1512542113669.png
- adf####.b0.a####.com/1515145151887.png
- adf####.b0.a####.com/1517995636965.png
- adf####.b0.a####.com/1521795484983.png
- adf####.b0.a####.com/1526032856632.png
- adf####.b0.a####.com/1529482048743.apk
- th.pen####.com/a
- th.pen####.com/b
- /data/data/####/5B2A695E012F-0001-0815-9E365713118FBeginSession.cls_temp
- /data/data/####/5B2A695E012F-0001-0815-9E365713118FSessionApp.cls_temp
- /data/data/####/5B2A695E012F-0001-0815-9E365713118FSessionDevice.cls_temp
- /data/data/####/5B2A695E012F-0001-0815-9E365713118FSessionOS.cls_temp
- /data/data/####/ApplicationCache.db-journal
- /data/data/####/Preference.xml
- /data/data/####/TwitterAdvertisingInfoPreferences.xml
- /data/data/####/admob.xml
- /data/data/####/ads-1233464334.jar
- /data/data/####/app_wewclasses.jar
- /data/data/####/com.crashlytics.prefs.xml
- /data/data/####/com.crashlytics.sdk.android;answers;settings.xml
- /data/data/####/com.crashlytics.settings.json
- /data/data/####/com.google.android.gms.analytics.prefs.xml
- /data/data/####/com.mixpanel.android.mpmetrics.MixpanelAPI_9601...a1.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dbfedj-journal
- /data/data/####/f_000001
- /data/data/####/gaClientId
- /data/data/####/google_analytics_v4.db-journal
- /data/data/####/https_googleads.g.doubleclick.net_0.localstorage-journal
- /data/data/####/index
- /data/data/####/initialization_marker
- /data/data/####/io.fabric.sdk.android;fabric;a.a.a.a.u.xml
- /data/data/####/mixpanel
- /data/data/####/mixpanel-journal
- /data/data/####/mixpanel.viewcrawler.changes9601f1ddc56023a0993...a1.xml
- /data/data/####/onzzv
- /data/data/####/sa_018a99e3-e72f-475d-a715-f5992ec7c605_1529506142371.tap
- /data/data/####/session_analytics.tap
- /data/data/####/session_analytics.tap.tmp
- /data/data/####/tw.nicky.xhr56r_preferences.xml
- /data/data/####/tw.nicky.xhr56r_preferences.xml.bak
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/1470216330340.png.dat
- /data/media/####/1492487703964.png.dat
- /data/media/####/1501667756496.png.dat
- /data/media/####/1501668177364.png.dat
- /data/media/####/1512542113669.png.dat
- /data/media/####/1515145151887.png.dat
- /data/media/####/1517995636965.png.dat
- /data/media/####/1521795484983.png.dat
- /data/media/####/1526032856632.png.dat
- /data/media/####/1529482048743.apk.dat
- ydz
- AES-ECB-PKCS7Padding
- DES-ECB-PKCS5Padding
- AES-CBC-PKCS5Padding