Technical information
- Adware.Plague.1.origin
- Adware.Plague.3
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) a.dia####.com:80
- TCP(HTTP/1.1) fast####.dia####.com.####.com:80
- TCP(HTTP/1.1) p####.tc.qq.com:80
- TCP(HTTP/1.1) so.i####.com:80
- TCP(HTTP/1.1) oc.u####.com:80
- TCP(HTTP/1.1) s####.e.qq.com:80
- TCP(HTTP/1.1) qzones####.g####.cn.####.com:80
- TCP(HTTP/1.1) v.g####.qq.com:80
- TCP(HTTP/1.1) mi.g####.qq.com:80
- TCP(HTTP/1.1) s####.tc.qq.com:80
- TCP(TLS/1.0) 1####.177.126.113:443
- TCP(TLS/1.0) ipv6-as####.m.ta####.com:443
- a####.u####.com
- a.dia####.com
- ap.ga####.com
- ap1.ga####.com
- ap2.ga####.com
- api.appgen####.com
- c.dia####.com
- fast####.dia####.com
- feed####.u####.com
- imgc####.qq.com
- int.d####.s####.####.cn
- mi.g####.qq.com
- oc.u####.com
- ope####.y####.com
- p####.ugd####.com
- qzones####.g####.cn
- s####.e.qq.com
- so.i####.com
- v.g####.qq.com
- a.dia####.com/dev/api/adlist/adlist.php?device_id=####&imsi=####&device_...
- a.dia####.com/dev/api/adlist/css/style.css?0####
- a.dia####.com/dev/api/adlist/js/android.js?0####
- a.dia####.com/dev/api/adlist/task.php?device_id=####&imsi=####&device_na...
- fast####.dia####.com.####.com/dev/api/adlist/images/android/arrow.png
- fast####.dia####.com.####.com/dev/api/adlist/images/android/coin.png
- fast####.dia####.com.####.com/dev/api/adlist/images/android/unload.png
- mi.g####.qq.com/gdt_mview.fcg?posw=####&posh=####&count=####&r=####&data...
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/ad_logo.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/banner_close_b...
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/bannerbg02.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/bannerbg03.jpg
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/bannerbg07.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/close02.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/close03.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/download_icon....
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/download_icon_...
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/gdt_logo_black...
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/icon-ad.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/sdk_bg.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/tc-gdt-sdk-ope...
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/tsa_ad_logo.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/images/tsa_logo.png
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/js-release/20170821/b...
- p####.tc.qq.com/qzone/biz/gdt/mob/sdk/v2/android01/js/lib/require.js
- p####.tc.qq.com/qzone/biz/gdt/mod/android/AndroidAllInOne/proguard/his/r...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/banner.a...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/banner.h...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/b...
- qzones####.g####.cn.####.com/qzone/biz/gdt/mob/sdk/v2/android01/images/t...
- s####.tc.qq.com/gdt/0/EAAGTJ3ABIABIAAAAopBcIfrXCQDtTRqL.jpg/0?ck=####
- so.i####.com/so/q_东宫_ctg__t_0_page_1_p_1_qc_0_rd__site_iqiyi_m_1_bitrate...
- a####.u####.com/app_logs
- a.dia####.com/dev/api/adxp/popadinfo.php?device_id=####&imsi=####&device...
- a.dia####.com/dev/api/connect.php?device_id=####&imsi=####&device_name=#...
- a.dia####.com/dev/api/give.php?device_id=####&imsi=####&device_name=####...
- a.dia####.com/dev/api/spend.php?device_id=####&imsi=####&device_name=###...
- a.dia####.com/dev/api/user_account.php?device_id=####&imsi=####&device_n...
- oc.u####.com/check_config_update
- s####.e.qq.com/activate
- v.g####.qq.com/gdt_stats.fcg
- /data/data/####/.imprint
- /data/data/####/.lock
- /data/data/####/.md5
- /data/data/####/.sec_version
- /data/data/####/GDTSDK.db
- /data/data/####/GDTSDK.db-journal
- /data/data/####/YPlayer.db
- /data/data/####/YPlayer.db-journal
- /data/data/####/afinal.db-journal
- /data/data/####/classes.dex
- /data/data/####/classes.jar
- /data/data/####/container.apk
- /data/data/####/core_etc.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_2 (deleted)
- /data/data/####/data_3
- /data/data/####/data_3 (deleted)
- /data/data/####/dbytf-journal
- /data/data/####/devCloudSetting.cfg
- /data/data/####/devCloudSetting.sig
- /data/data/####/device_id.xml.xml
- /data/data/####/dletcCore.xml
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/gdt_plugin.jar
- /data/data/####/gdt_plugin.jar.sig
- /data/data/####/gdt_plugin.tmp
- /data/data/####/gdt_plugin.tmp.sig
- /data/data/####/gdt_suid
- /data/data/####/index
- /data/data/####/libarm.so
- /data/data/####/libcpu
- /data/data/####/libsecexe.x86.so
- /data/data/####/libsecmain.x86.so
- /data/data/####/libsecpreload.x86.so
- /data/data/####/mobclick_agent_cached_wnspbfq.app.ggplayer26
- /data/data/####/mobclick_agent_online_setting_wnspbfq.app.ggplayer.xml
- /data/data/####/preferences.xml
- /data/data/####/sdkCloudSetting.cfg
- /data/data/####/sdkCloudSetting.sig
- /data/data/####/system_et.xml
- /data/data/####/umeng_feedback_conversations.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/update_lc
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/wnspbfq.app.ggplayer
- /data/data/####/wnspbfq.app.ggplayer.art
- /data/data/####/wnspbfq.app.ggplayer.art.20
- /data/data/####/wnspbfq.app.ggplayer_preferences.xml
- /data/media/####/ApplicationCache.db-journal
- /data/media/####/djaof.dll
- <Package> <Package> -1837061352 0 /data/app/<Package>-1.apk 41 <Package> 48 50 1 0
- chmod 755 <Package Folder>/.cache/<Package>
- chmod 755 <Package Folder>/.cache/<Package>.art
- chmod 755 <Package Folder>/.cache/<Package>.art.20
- chmod 775 <Package Folder>/app_nneomodule/libcpu
- getprop ro.product.cpu.abi
- ln -s <Package Folder>/app_bangcleplugin <Package Folder>/app_nneomodule
- sh -c <Package Folder>/app_nneomodule/libcpu /storage/emulated/0/.678edebe-8ae3-33f5-800a-1a52aa20c208 18 1 <Package>
- sh -c chmod 775 <Package Folder>/app_nneomodule/libcpu
- sh -c ln -s <Package Folder>/app_bangcleplugin <Package Folder>/app_nneomodule
- libsecexe.x86
- vinit
- AES-ECB-PKCS7Padding
- DES-CBC-PKCS5Padding
- DES-ECB-PKCS5Padding
- AES-ECB-PKCS7Padding
- RSA-ECB-PKCS1Padding