Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) nav.cn.ron####.com:80
- TCP(HTTP/1.1) i.t####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(TLS/1.0) j####.d####.com:443
- TCP(TLS/1.0) av1.x####.com:443
- TCP(TLS/1.0) c####.x####.com:443
- TCP(TLS/1.0) s####.cn.ron####.com:443
- TCP 1####.92.22.251:8626
- and####.b####.qq.com
- av1.x####.com
- c####.x####.com
- c####.x####.com
- i.t####.com
- j####.d####.com
- nav.cn.ron####.com
- s####.cn.ron####.com
- sdk.o####.p####.####.com
- i.t####.com/a/3c99d6d9a19c2699cbe29901bb0c04372
- and####.b####.qq.com/rqd/async?aid=####
- nav.cn.ron####.com/navipush.json
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.jg.ic
- /data/data/####/000001.dbtmp
- /data/data/####/000002.dbtmp
- /data/data/####/1004
- /data/data/####/1535721767081_2074
- /data/data/####/1535721768313_2074
- /data/data/####/1535721769574_2074
- /data/data/####/1535721769754_2139
- /data/data/####/1535721770368_2074
- /data/data/####/1535721770799_2074
- /data/data/####/1535721770842_2139
- /data/data/####/1535721771186_2139
- /data/data/####/1535721771187_2074
- /data/data/####/1535721771565_2139
- /data/data/####/1535721771588_2074
- /data/data/####/1535721771636_2160
- /data/data/####/1535721771637_2178
- /data/data/####/1535721771917_2160
- /data/data/####/1535721772125_2178
- /data/data/####/1535721772264_2160
- /data/data/####/1535721772439_2160
- /data/data/####/1535721773898_2074
- /data/data/####/1535721774195_2074
- /data/data/####/1535721777729_2139
- /data/data/####/1535721779664_2074
- /data/data/####/1535721779837_2074
- /data/data/####/1535721781824_2074
- /data/data/####/1535721786994_2074
- /data/data/####/1535721787185_2074
- /data/data/####/1535721787745_2074
- /data/data/####/1535721825058_2074
- /data/data/####/1535721825212_2074
- /data/data/####/1535721825755_2074
- /data/data/####/1535721825994_2074
- /data/data/####/1535721826778_2074
- /data/data/####/1535721827078_2074
- /data/data/####/1535721831876_2074
- /data/data/####/Archimedes_p4
- /data/data/####/Archimedes_p5
- /data/data/####/COUNTLY_STORE.xml
- /data/data/####/FwLog.xml
- /data/data/####/INSTALLATION
- /data/data/####/MANIFEST-000001
- /data/data/####/Pythagoras_phase.xml
- /data/data/####/RongPush.xml
- /data/data/####/RongPushAppConfig.xml
- /data/data/####/Statistics.xml
- /data/data/####/Statistics.xml.bak
- /data/data/####/TDCloudSettingsConfig463D49B5213A0224599EE7B475E1D593.xml
- /data/data/####/TD_app_pefercen_profile.xml
- /data/data/####/TDpref_cloudcontrol1.xml
- /data/data/####/TDpref_longtime.xml
- /data/data/####/TDpref_longtime0.xml
- /data/data/####/TDpref_shorttime.xml
- /data/data/####/TDpref_shorttime0.xml
- /data/data/####/add-city-list.69d08ebd9812879a3ded6a8d8b106adc.css
- /data/data/####/add-city-list.b3fa262d5d13c61814ce.js
- /data/data/####/add-city-list.html
- /data/data/####/add-other-cert.b0ff9d879bd32e271badb7ebdd6a479b.css
- /data/data/####/add-other-cert.b3fa262d5d13c61814ce.js
- /data/data/####/add-other-cert.html
- /data/data/####/addworkplace.9065b9693e1edcdf808b4d89d5b29f9b.css
- /data/data/####/addworkplace.b3fa262d5d13c61814ce.js
- /data/data/####/addworkplace.html
- /data/data/####/agreement.1c40f51aed1ae45c35db6cc5519422fd.css
- /data/data/####/agreement.b3fa262d5d13c61814ce.js
- /data/data/####/agreement.html
- /data/data/####/alipay-result.b3fa262d5d13c61814ce.js
- /data/data/####/alipay-result.e4eba7cc5d67bfb0f01b739d81d424d0.css
- /data/data/####/alipay-result.html
- /data/data/####/alipayinfo.7f715a17b5c01f962460be809515e618.css
- /data/data/####/alipayinfo.b3fa262d5d13c61814ce.js
- /data/data/####/alipayinfo.html
- /data/data/####/applydetail.68938705e7d45204e1ee7cceff58eee3.css
- /data/data/####/applydetail.b3fa262d5d13c61814ce.js
- /data/data/####/applydetail.html
- /data/data/####/applylist.b3fa262d5d13c61814ce.js
- /data/data/####/applylist.fbb246ac75f661a7894235b75402280f.css
- /data/data/####/applylist.html
- /data/data/####/auditing.b3fa262d5d13c61814ce.js
- /data/data/####/auditing.fa163b91ada075cc27cfa62d30f85b98.css
- /data/data/####/auditing.html
- /data/data/####/b_speed_icon.png
- /data/data/####/bg_status.png
- /data/data/####/bind-account.b3fa262d5d13c61814ce.js
- /data/data/####/bind-account.ca4a35fd71ddafb297ec661f3d6c4e19.css
- /data/data/####/bind-account.html
- /data/data/####/bind-phone-num.b3fa262d5d13c61814ce.js
- /data/data/####/bind-phone-num.c6bfd61b785b80b19d5a7399b1af0367.css
- /data/data/####/bind-phone-num.html
- /data/data/####/bugly_db_-journal
- /data/data/####/bundle.js
- /data/data/####/cache.manifest
- /data/data/####/cert-list.89d6769c9575ff3a99dedaa8c70d7792.css
- /data/data/####/cert-list.b3fa262d5d13c61814ce.js
- /data/data/####/cert-list.html
- /data/data/####/certifi_icon.png
- /data/data/####/certifi_pass_mask.png
- /data/data/####/city.371e0abf363bb7174e916a9155b3ff3e.css
- /data/data/####/city.b3fa262d5d13c61814ce.js
- /data/data/####/city.html
- /data/data/####/com.doumi.bclient_preferences.xml
- /data/data/####/common-language.8282a96f82192bd34e14c80d783f5215.css
- /data/data/####/common-language.b3fa262d5d13c61814ce.js
- /data/data/####/common-language.html
- /data/data/####/company-cert-detail.b3fa262d5d13c61814ce.js
- /data/data/####/company-cert-detail.c6cf3f22adb0c02e96b2c99d185ac58f.css
- /data/data/####/company-cert-detail.html
- /data/data/####/company-cert.56aacb8b7aa4c57ac8bab74f6686f0f8.css
- /data/data/####/company-cert.b3fa262d5d13c61814ce.js
- /data/data/####/company-cert.html
- /data/data/####/companyinfo-edit.a01db710f05627ff7ccea821493e23ba.css
- /data/data/####/companyinfo-edit.b3fa262d5d13c61814ce.js
- /data/data/####/companyinfo-edit.html
- /data/data/####/crashrecord.xml
- /data/data/####/crashrecord.xml (deleted)
- /data/data/####/deposit-detail.72722698fe4b88535f29724a0ced1d69.css
- /data/data/####/deposit-detail.b3fa262d5d13c61814ce.js
- /data/data/####/deposit-detail.html
- /data/data/####/deposit-info.871109f1a132a5cdbc2d0eb275185b85.css
- /data/data/####/deposit-info.b3fa262d5d13c61814ce.js
- /data/data/####/deposit-info.html
- /data/data/####/detail-hotpot.26f56f99a99eaa9b5b67502abf7b9a18.css
- /data/data/####/detail-hotpot.b3fa262d5d13c61814ce.js
- /data/data/####/detail-hotpot.html
- /data/data/####/detail.249a9fa662e999e8a5d6f27e884c9219.css
- /data/data/####/detail.b3fa262d5d13c61814ce.js
- /data/data/####/detail.html
- /data/data/####/dmdid
- /data/data/####/domSetting
- /data/data/####/enter1.png
- /data/data/####/enterprise-rank.071fa7437c9bc56c7233ac03f5b0a519.css
- /data/data/####/enterprise-rank.b3fa262d5d13c61814ce.js
- /data/data/####/enterprise-rank.html
- /data/data/####/evaluate.3ac9fbd78370a2e6dbbf30b84f5a8145.css
- /data/data/####/evaluate.b3fa262d5d13c61814ce.js
- /data/data/####/evaluate.html
- /data/data/####/everyday-task.52661c2bfe48d5c835b163f40ae29da2.css
- /data/data/####/everyday-task.b3fa262d5d13c61814ce.js
- /data/data/####/everyday-task.html
- /data/data/####/f1e5994e2a5f4dbe680c.worker.js
- /data/data/####/fe5312fdbe923e425eb3.worker.js
- /data/data/####/feedback.695bbbfd5adac44c0fca711ca11b85af.css
- /data/data/####/feedback.b3fa262d5d13c61814ce.js
- /data/data/####/feedback.html
- /data/data/####/forget-pwd.b38752f55526c8ec655f092930693bc9.css
- /data/data/####/forget-pwd.b3fa262d5d13c61814ce.js
- /data/data/####/forget-pwd.html
- /data/data/####/fulltimejob.98df4c7cf2af63858f7d56fabec59508.css
- /data/data/####/fulltimejob.b3fa262d5d13c61814ce.js
- /data/data/####/fulltimejob.html
- /data/data/####/getcaptchaway.abbac59518324660e45286975595ac19.css
- /data/data/####/getcaptchaway.b3fa262d5d13c61814ce.js
- /data/data/####/getcaptchaway.html
- /data/data/####/getui_sp.xml
- /data/data/####/ico_level.png
- /data/data/####/icon.png
- /data/data/####/icon_deliver.png
- /data/data/####/icon_detail.png
- /data/data/####/icon_form.png
- /data/data/####/icon_list.png
- /data/data/####/icon_merchant_v2.png
- /data/data/####/icon_type.png
- /data/data/####/imkit.db-journal
- /data/data/####/init_c1.pid
- /data/data/####/init_er.pid
- /data/data/####/integral.05e85e5884ae1d7353bc3a2addf3b448.css
- /data/data/####/integral.b3fa262d5d13c61814ce.js
- /data/data/####/integral.html
- /data/data/####/inv_icon.png
- /data/data/####/inv_prize.png
- /data/data/####/invite-prize.9f698e178344a98367ce36540551940d.css
- /data/data/####/invite-prize.b3fa262d5d13c61814ce.js
- /data/data/####/invite-prize.html
- /data/data/####/jianZhi.xml
- /data/data/####/job-status.055c497fa8ad04ff21f011e0b185934b.css
- /data/data/####/job-status.b3fa262d5d13c61814ce.js
- /data/data/####/job-status.html
- /data/data/####/jobdescription.b3fa262d5d13c61814ce.js
- /data/data/####/jobdescription.f25a3b2c4dcbb0d30823dd3486f4263e.css
- /data/data/####/jobdescription.html
- /data/data/####/joblist.b3fa262d5d13c61814ce.js
- /data/data/####/joblist.fc59ee4176bb4b7c8b179f1c4d12c2c3.css
- /data/data/####/joblist.html
- /data/data/####/ker.db-journal
- /data/data/####/leave-message.8282a96f82192bd34e14c80d783f5215.css
- /data/data/####/leave-message.b3fa262d5d13c61814ce.js
- /data/data/####/leave-message.html
- /data/data/####/libjiagu1769550344.so
- /data/data/####/local_crash_lock
- /data/data/####/login_guide_bg.png
- /data/data/####/logo_app.png
- /data/data/####/mPBE.xml
- /data/data/####/main.dek
- /data/data/####/manage_msg_icon.png
- /data/data/####/massmsg-detail.b3fa262d5d13c61814ce.js
- /data/data/####/massmsg-detail.c50158ca96a4e6cb8528afc39ad21b61.css
- /data/data/####/massmsg-detail.html
- /data/data/####/massmsg-list.b3fa262d5d13c61814ce.js
- /data/data/####/massmsg-list.c50158ca96a4e6cb8528afc39ad21b61.css
- /data/data/####/massmsg-list.html
- /data/data/####/massmsg-send.b3fa262d5d13c61814ce.js
- /data/data/####/massmsg-send.c50158ca96a4e6cb8528afc39ad21b61.css
- /data/data/####/massmsg-send.html
- /data/data/####/merchant.695bbbfd5adac44c0fca711ca11b85af.css
- /data/data/####/merchant.b3fa262d5d13c61814ce.js
- /data/data/####/merchant.html
- /data/data/####/message-detail.207ef3891340b1301c1fd2098a8988fb.css
- /data/data/####/message-detail.b3fa262d5d13c61814ce.js
- /data/data/####/message-detail.html
- /data/data/####/message-list.03270dda64fd5db1159ae91cf1044951.css
- /data/data/####/message-list.b3fa262d5d13c61814ce.js
- /data/data/####/message-list.html
- /data/data/####/modify-pay-price.9568085f1f3b3e18ab6a13477c23496d.css
- /data/data/####/modify-pay-price.b3fa262d5d13c61814ce.js
- /data/data/####/modify-pay-price.html
- /data/data/####/msg-sys-list.b3fa262d5d13c61814ce.js
- /data/data/####/msg-sys-list.cd2cfac27c226d337507de4baae37870.css
- /data/data/####/msg-sys-list.html
- /data/data/####/multidex.version.xml
- /data/data/####/my-message.8b32ee33c5c4e413eb4c5bf5611e1070.css
- /data/data/####/my-message.b3fa262d5d13c61814ce.js
- /data/data/####/my-message.html
- /data/data/####/my-wallet.b3c50cd81d3d7834715a5b9d03b42fff.css
- /data/data/####/my-wallet.b3fa262d5d13c61814ce.js
- /data/data/####/my-wallet.html
- /data/data/####/newbie-task.52661c2bfe48d5c835b163f40ae29da2.css
- /data/data/####/newbie-task.b3fa262d5d13c61814ce.js
- /data/data/####/newbie-task.html
- /data/data/####/noList.png
- /data/data/####/other-cert-type-list.b3fa262d5d13c61814ce.js
- /data/data/####/other-cert-type-list.c29e6d03e7163bcd58afc4189aa9f0a8.css
- /data/data/####/other-cert-type-list.html
- /data/data/####/other-cert.b3fa262d5d13c61814ce.js
- /data/data/####/other-cert.c7bcccfc058cce8f8a4968c61f51f2b8.css
- /data/data/####/other-cert.html
- /data/data/####/other_cert_bg.png
- /data/data/####/parttimejob.98df4c7cf2af63858f7d56fabec59508.css
- /data/data/####/parttimejob.b3fa262d5d13c61814ce.js
- /data/data/####/parttimejob.html
- /data/data/####/pay-balancesucc.b3fa262d5d13c61814ce.js
- /data/data/####/pay-balancesucc.c8833889a4b3a685bffaa1eccdda609f.css
- /data/data/####/pay-balancesucc.html
- /data/data/####/pay-depositsucc.871109f1a132a5cdbc2d0eb275185b85.css
- /data/data/####/pay-depositsucc.b3fa262d5d13c61814ce.js
- /data/data/####/pay-depositsucc.html
- /data/data/####/payconfirm.7f715a17b5c01f962460be809515e618.css
- /data/data/####/payconfirm.b3fa262d5d13c61814ce.js
- /data/data/####/payconfirm.html
- /data/data/####/paydetail.0bdb4fbf16b2f24ef55ffc71f2eb3579.css
- /data/data/####/paydetail.b3fa262d5d13c61814ce.js
- /data/data/####/paydetail.html
- /data/data/####/payhistory.b3fa262d5d13c61814ce.js
- /data/data/####/payhistory.c8833889a4b3a685bffaa1eccdda609f.css
- /data/data/####/payhistory.html
- /data/data/####/paylist.52335ada38a7d3c6b8c1abab05a49935.css
- /data/data/####/paylist.b3fa262d5d13c61814ce.js
- /data/data/####/paylist.html
- /data/data/####/payment_status.png
- /data/data/####/payrecorddetail.8970b665cc7d7c6afa78835325f0aeff.css
- /data/data/####/payrecorddetail.b3fa262d5d13c61814ce.js
- /data/data/####/payrecorddetail.html
- /data/data/####/personal-cert.75a4ba13faa6134445536776eca44ae9.css
- /data/data/####/personal-cert.b3fa262d5d13c61814ce.js
- /data/data/####/personal-cert.html
- /data/data/####/personal_center.png
- /data/data/####/personalinfo-edit.a01db710f05627ff7ccea821493e23ba.css
- /data/data/####/personalinfo-edit.b3fa262d5d13c61814ce.js
- /data/data/####/personalinfo-edit.html
- /data/data/####/personalnickname-edit.a01db710f05627ff7ccea821493e23ba.css
- /data/data/####/personalnickname-edit.b3fa262d5d13c61814ce.js
- /data/data/####/personalnickname-edit.html
- /data/data/####/privileged-task.52661c2bfe48d5c835b163f40ae29da2.css
- /data/data/####/privileged-task.b3fa262d5d13c61814ce.js
- /data/data/####/privileged-task.html
- /data/data/####/ptj_icons.png
- /data/data/####/pub-fulltime.11a506a6c1ed19cca2be611ed4a3f282.css
- /data/data/####/pub-fulltime.b3fa262d5d13c61814ce.js
- /data/data/####/pub-fulltime.html
- /data/data/####/pub-parttime.11a506a6c1ed19cca2be611ed4a3f282.css
- /data/data/####/pub-parttime.b3fa262d5d13c61814ce.js
- /data/data/####/pub-parttime.html
- /data/data/####/pub-success.28e286da06ef99ead73253ff063224c0.css
- /data/data/####/pub-success.b3fa262d5d13c61814ce.js
- /data/data/####/pub-success.html
- /data/data/####/pubjobtype.11a506a6c1ed19cca2be611ed4a3f282.css
- /data/data/####/pubjobtype.b3fa262d5d13c61814ce.js
- /data/data/####/pubjobtype.html
- /data/data/####/pwd-manage.8fd575e60b71ceb7ed23da695a9a7b07.css
- /data/data/####/pwd-manage.b3fa262d5d13c61814ce.js
- /data/data/####/pwd-manage.html
- /data/data/####/rank_bg.png
- /data/data/####/rank_list.png
- /data/data/####/recharge.b3fa262d5d13c61814ce.js
- /data/data/####/recharge.da57e6fa4c5ddaef7330bcb06b936c85.css
- /data/data/####/recharge.html
- /data/data/####/register.abbac59518324660e45286975595ac19.css
- /data/data/####/register.b3fa262d5d13c61814ce.js
- /data/data/####/register.html
- /data/data/####/resetpwd.a307296522da088bc28615caab235d2e.css
- /data/data/####/resetpwd.b3fa262d5d13c61814ce.js
- /data/data/####/resetpwd.html
- /data/data/####/returndeposucc.028b83ea122382f819d6a0a4d1969504.css
- /data/data/####/returndeposucc.b3fa262d5d13c61814ce.js
- /data/data/####/returndeposucc.html
- /data/data/####/revise-pwd.8fd575e60b71ceb7ed23da695a9a7b07.css
- /data/data/####/revise-pwd.b3fa262d5d13c61814ce.js
- /data/data/####/revise-pwd.html
- /data/data/####/rule-activity.01c654055ae13f21d5e29b789f631a2f.css
- /data/data/####/rule-activity.b3fa262d5d13c61814ce.js
- /data/data/####/rule-activity.html
- /data/data/####/security_info
- /data/data/####/select-supple-cert.9efeb9451d91656c3409063a7cf1e800.css
- /data/data/####/select-supple-cert.b3fa262d5d13c61814ce.js
- /data/data/####/select-supple-cert.html
- /data/data/####/sesame_logo.jpg
- /data/data/####/setting.8fd575e60b71ceb7ed23da695a9a7b07.css
- /data/data/####/setting.b3fa262d5d13c61814ce.js
- /data/data/####/setting.html
- /data/data/####/star.png
- /data/data/####/task_bn.png
- /data/data/####/task_bn1.png
- /data/data/####/task_icon.png
- /data/data/####/task_loading.png
- /data/data/####/task_progress_bg.png
- /data/data/####/tasklist.52661c2bfe48d5c835b163f40ae29da2.css
- /data/data/####/tasklist.b3fa262d5d13c61814ce.js
- /data/data/####/tasklist.html
- /data/data/####/tdid.xml
- /data/data/####/tel-cert.75a4ba13faa6134445536776eca44ae9.css
- /data/data/####/tel-cert.b3fa262d5d13c61814ce.js
- /data/data/####/tel-cert.html
- /data/data/####/tmp.zip
- /data/data/####/vendor.dll.js
- /data/data/####/walletdetail.b3fa262d5d13c61814ce.js
- /data/data/####/walletdetail.bce01bf044c20042c78fe31e7596fbab.css
- /data/data/####/walletdetail.html
- /data/data/####/webview.db-journal
- /data/data/####/weixin-login.a307296522da088bc28615caab235d2e.css
- /data/data/####/weixin-login.b3fa262d5d13c61814ce.js
- /data/data/####/weixin-login.html
- /data/data/####/worktime.89a0ef4effc07904c0f42292606048e1.css
- /data/data/####/worktime.b3fa262d5d13c61814ce.js
- /data/data/####/worktime.html
- /data/data/####/zm-cert.b3fa262d5d13c61814ce.js
- /data/data/####/zm-cert.c7bbd4dd23a2da8b139da5334a442f91.css
- /data/data/####/zm-cert.html
- /data/media/####/.nomedia
- /data/media/####/.tcookieid
- /data/media/####/BeLog_1535721773639.log
- /data/media/####/dmdid
- /data/media/####/domSetting
- /data/media/####/domSetting (deleted)
- /data/media/####/journal
- /data/media/####/journal.tmp
- /system/bin/sh -c getprop
- /system/bin/sh -c type su
- chmod 755 <Package Folder>/.jiagu/libjiagu1769550344.so
- getprop
- RongIMLib
- dek
- getuiext2
- kerdb
- kerkee_util
- libjiagu1769550344
- 010-57977077
- 010-57977077
- 010-57977077
- 010-57977077
- 010-57977077
- 010-57977077
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding
- DES-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding