Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) a.appj####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) yh.ey####.com:80
- TCP(TLS/1.0) 1####.217.20.110:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5224
- a.appj####.com
- c####.g####.ig####.com
- c.sz.gt.####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- yh.ey####.com
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- a.appj####.com/ad-service/ad/mark
- sdk.o####.p####.####.com/api.php?format=####&t=####
- yh.ey####.com/nurseapp/home/getworkcontext
- /data/data/####/.imei.txt
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/clientid_igexin.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/jg_app_update_settings_random.xml
- /data/data/####/libjiagu.so
- /data/data/####/nurse.yun.app.eyouhu.com.xml
- /data/data/####/nurse.yun.app.eyouhu.com_storages.xml
- /data/data/####/pdr.xml
- /data/data/####/push.pid
- /data/data/####/pushsdk.db-journal
- /data/data/####/qihoo_jiagu_crash_report.xml
- /data/data/####/run.pid
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/media/####/.imei.txt
- /data/media/####/1024X748.png
- /data/media/####/1024X768.png
- /data/media/####/1080X1882.png
- /data/media/####/1242X2208.png
- /data/media/####/1536x2008.png
- /data/media/####/1536x2048.png
- /data/media/####/20190314.log
- /data/media/####/2048x1496.png
- /data/media/####/2048x1536.png
- /data/media/####/2208X1242.png
- /data/media/####/240X282.png
- /data/media/####/320X442.png
- /data/media/####/320X480.png
- /data/media/####/480X762.png
- /data/media/####/620_420.jpg
- /data/media/####/640X1136.png
- /data/media/####/640X960.png
- /data/media/####/720X1242.png
- /data/media/####/750X1334.png
- /data/media/####/768X1004.png
- /data/media/####/768X1024.png
- /data/media/####/about.html
- /data/media/####/amap.html
- /data/media/####/amap.js
- /data/media/####/app.account.js
- /data/media/####/app.appoint.js
- /data/media/####/app.cart.js
- /data/media/####/app.css
- /data/media/####/app.data.js
- /data/media/####/app.db
- /data/media/####/app.js
- /data/media/####/app.knowledge.js
- /data/media/####/app.loadusermessagecount.js
- /data/media/####/app.map.js
- /data/media/####/app.news.js
- /data/media/####/app.notification.js
- /data/media/####/app.order.js
- /data/media/####/app.product.js
- /data/media/####/app.question.js
- /data/media/####/app.review.js
- /data/media/####/app.shipaddress.js
- /data/media/####/app.sms.js
- /data/media/####/app.stat.js
- /data/media/####/app.team.js
- /data/media/####/app.ucenter.js
- /data/media/####/app.update.js
- /data/media/####/app.uploader.js
- /data/media/####/app.views.bak.js
- /data/media/####/app.workcontext.js
- /data/media/####/appoint.html
- /data/media/####/appoint2.html
- /data/media/####/appoint_1.html
- /data/media/####/appoint_details.html
- /data/media/####/appoint_list.html
- /data/media/####/arttmpl.js
- /data/media/####/baozhang.jpg
- /data/media/####/base.css
- /data/media/####/benurse.html
- /data/media/####/benurse_add.html
- /data/media/####/benurse_details.html
- /data/media/####/benurselog.html
- /data/media/####/benurselog_details.html
- /data/media/####/benurselog_edit.html
- /data/media/####/biaoge.jpg
- /data/media/####/bj-bottom.jpg
- /data/media/####/bj-my.jpg
- /data/media/####/bj-my.png
- /data/media/####/calendar.css
- /data/media/####/calendar.html
- /data/media/####/calendar.js
- /data/media/####/calendarExt.css
- /data/media/####/calendarExt.js
- /data/media/####/calendarExt00.js
- /data/media/####/certificate.html
- /data/media/####/certificate_idcard.html
- /data/media/####/city.data-3.js
- /data/media/####/city.data.js
- /data/media/####/city.html
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/common.js
- /data/media/####/common.myStorageForPrivateBrowsing.js
- /data/media/####/complain.html
- /data/media/####/complain_detail.html
- /data/media/####/crash_1552556262915_2019-03-14-09-37-42.log
- /data/media/####/default_ad_90_90.jpg
- /data/media/####/default_pd_100_100.jpg
- /data/media/####/default_pd_110_110.jpg
- /data/media/####/default_pd_150_150.jpg
- /data/media/####/default_pd_170_170.jpg
- /data/media/####/default_pd_220_220.jpg
- /data/media/####/default_pd_80_80.jpg
- /data/media/####/doctordetail.html
- /data/media/####/edit_address.html
- /data/media/####/epurse.html
- /data/media/####/evaluate.html
- /data/media/####/evaluate.js
- /data/media/####/evaluate_single.html
- /data/media/####/fast1.png
- /data/media/####/fast2.png
- /data/media/####/fast3.png
- /data/media/####/feature_details.html
- /data/media/####/feature_teacher.html
- /data/media/####/feedback.css
- /data/media/####/feedback.html
- /data/media/####/feedback.js
- /data/media/####/forget_password.html
- /data/media/####/gojgmarkeorder.html
- /data/media/####/guide.html
- /data/media/####/guide1.png
- /data/media/####/guide2.png
- /data/media/####/guide3.png
- /data/media/####/header_default.jpg
- /data/media/####/healthprofile.html
- /data/media/####/help.html
- /data/media/####/help_details.html
- /data/media/####/iconfont-tianjia.png
- /data/media/####/iconfont.js
- /data/media/####/iconfont.ttf
- /data/media/####/icons-extra.css
- /data/media/####/imageviewer.css
- /data/media/####/immersed.js
- /data/media/####/in_feature.html
- /data/media/####/in_feature_00.jpg
- /data/media/####/in_feature_01.jpg
- /data/media/####/in_feature_02.jpg
- /data/media/####/in_feature_03.jpg
- /data/media/####/in_feature_04.jpg
- /data/media/####/in_feature_05.jpg
- /data/media/####/in_feature_head.jpg
- /data/media/####/in_home.html
- /data/media/####/in_home.jpg
- /data/media/####/in_home_head.jpg
- /data/media/####/in_hospital.html
- /data/media/####/in_hospital.jpg
- /data/media/####/in_hospital_head.jpg
- /data/media/####/in_order.html
- /data/media/####/index.html
- /data/media/####/index1.html
- /data/media/####/index2.html
- /data/media/####/jgmarkeorder.html
- /data/media/####/jgnurse_details.html
- /data/media/####/jgnurselist.html
- /data/media/####/join_us.html
- /data/media/####/jquery.min.js
- /data/media/####/kefu.gif
- /data/media/####/kefu.png
- /data/media/####/location-pointer.png
- /data/media/####/location.html
- /data/media/####/login.html
- /data/media/####/logo-white.png
- /data/media/####/logo.png
- /data/media/####/logof.png
- /data/media/####/manifest.json
- /data/media/####/map-submap.html
- /data/media/####/map.html
- /data/media/####/map.jpg
- /data/media/####/map.js
- /data/media/####/mark.png
- /data/media/####/mark_r.png
- /data/media/####/markeorder.html
- /data/media/####/mjs.js
- /data/media/####/msg.png
- /data/media/####/msg_1.png
- /data/media/####/msg_2.png
- /data/media/####/msg_3.png
- /data/media/####/msg_4.png
- /data/media/####/msg_no.png
- /data/media/####/mui-icons-extra.ttf
- /data/media/####/mui.css
- /data/media/####/mui.enterfocus.js
- /data/media/####/mui.extend.js
- /data/media/####/mui.indexedlist.css
- /data/media/####/mui.indexedlist.js
- /data/media/####/mui.js
- /data/media/####/mui.locker.js
- /data/media/####/mui.min.css
- /data/media/####/mui.min.js
- /data/media/####/mui.picker.js
- /data/media/####/mui.picker.min.css
- /data/media/####/mui.picker.min.js
- /data/media/####/mui.poppicker.css
- /data/media/####/mui.poppicker.js
- /data/media/####/mui.previewimage.js
- /data/media/####/mui.pullToRefresh.js
- /data/media/####/mui.pullToRefresh.material.js
- /data/media/####/mui.star.js
- /data/media/####/mui.ttf
- /data/media/####/mui.view.js
- /data/media/####/mui.zoom.js
- /data/media/####/my.html
- /data/media/####/my1.html
- /data/media/####/my_answer_detail.html
- /data/media/####/my_answer_list.html
- /data/media/####/my_appoint.html
- /data/media/####/my_avatar.html
- /data/media/####/my_bankcard.html
- /data/media/####/my_bankcard_add.html
- /data/media/####/my_collectservice.html
- /data/media/####/my_complain.html
- /data/media/####/my_complain_add.html
- /data/media/####/my_complain_detail.html
- /data/media/####/my_fav.html
- /data/media/####/my_follow.html
- /data/media/####/my_knowledge.html
- /data/media/####/my_knowledge_add.html
- /data/media/####/my_knowledge_detail.html
- /data/media/####/my_knowledge_selecttype.html
- /data/media/####/my_notification.html
- /data/media/####/my_orderdetail.html
- /data/media/####/my_orderlist.html
- /data/media/####/my_orderprogress.html
- /data/media/####/my_orderprojectdetail.html
- /data/media/####/my_projectrevieworder.html
- /data/media/####/my_purse.html
- /data/media/####/my_revieworder.html
- /data/media/####/nav.html
- /data/media/####/nav_input_baseinfo.html
- /data/media/####/nav_input_personalinfo.html
- /data/media/####/nav_input_specialcareinfo.html
- /data/media/####/nav_service.html
- /data/media/####/neworder.mp3
- /data/media/####/news.html
- /data/media/####/news_details.html
- /data/media/####/newslist.html
- /data/media/####/notification.png
- /data/media/####/notification_center.html
- /data/media/####/notification_indicator.html
- /data/media/####/nurse.yun.app.eyouhu.com.db
- /data/media/####/nurse_details.html
- /data/media/####/nurse_need_detail.html
- /data/media/####/nurse_need_list.html
- /data/media/####/nurse_need_true.html
- /data/media/####/nurselist.html
- /data/media/####/order_progress.html
- /data/media/####/orderdetail.html
- /data/media/####/orderlist.html
- /data/media/####/orderprojectdetail.html
- /data/media/####/palce_order.jpg
- /data/media/####/passed.png
- /data/media/####/payshow.html
- /data/media/####/postal.html
- /data/media/####/postlist.html
- /data/media/####/productdata.html
- /data/media/####/qihoo.png
- /data/media/####/qq.png
- /data/media/####/qrcodepay.html
- /data/media/####/question_detail.html
- /data/media/####/question_list.html
- /data/media/####/radio.svg
- /data/media/####/radio0.svg
- /data/media/####/radio1.svg
- /data/media/####/recharge.html
- /data/media/####/reg.html
- /data/media/####/reviewdetail.html
- /data/media/####/reviewlist.html
- /data/media/####/sc_text_01.jpg
- /data/media/####/sc_text_11.jpg
- /data/media/####/sc_text_12.jpg
- /data/media/####/sc_text_21.jpg
- /data/media/####/sc_text_22.jpg
- /data/media/####/second.html
- /data/media/####/select_benurseitem.html
- /data/media/####/select_dictionaryitem.html
- /data/media/####/select_hospital.html
- /data/media/####/select_language.html
- /data/media/####/select_location.html
- /data/media/####/select_project.html
- /data/media/####/select_radio_project.html
- /data/media/####/select_workplace.html
- /data/media/####/serve_datetime.html
- /data/media/####/setting.html
- /data/media/####/sever_cont.html
- /data/media/####/sinaweibo.png
- /data/media/####/specialdetail.html
- /data/media/####/speciallist.html
- /data/media/####/specialorder.html
- /data/media/####/specialorderdetail.html
- /data/media/####/specialorderlist.html
- /data/media/####/spend.html
- /data/media/####/tabbar.html
- /data/media/####/tabbar2.html
- /data/media/####/teacher_details.html
- /data/media/####/teacherappoint.html
- /data/media/####/teacherdata.html
- /data/media/####/teachermakeorder_nursedetails.html
- /data/media/####/teachermakeorder_nurselist.html
- /data/media/####/teachermakeorder_orderdetails.html
- /data/media/####/teacherorderdetail.html
- /data/media/####/teacherorderlist.html
- /data/media/####/teacherpayshow.html
- /data/media/####/team_invite.html
- /data/media/####/team_validation.html
- /data/media/####/teamlist.html
- /data/media/####/template-core.js
- /data/media/####/template.html
- /data/media/####/template.js
- /data/media/####/template0.html
- /data/media/####/template1.html
- /data/media/####/template2.html
- /data/media/####/template3.html
- /data/media/####/template4.html
- /data/media/####/template_sub0.html
- /data/media/####/template_sub1.html
- /data/media/####/template_sub2.html
- /data/media/####/template_sub3.html
- /data/media/####/template_sub4.html
- /data/media/####/time_choose.html
- /data/media/####/title_bj.jpg
- /data/media/####/update.html
- /data/media/####/updateordermobile.html
- /data/media/####/upload.jpg
- /data/media/####/user-photo.png
- /data/media/####/user_myAjax_Demo.js
- /data/media/####/utils.js
- /data/media/####/weeks.js
- /data/media/####/weeks0.js
- /data/media/####/weixin.png
- /data/media/####/workinfo_base.html
- /data/media/####/workinfo_personal.html
- /data/media/####/workinfo_personal_sub.html
- /data/media/####/workinfo_specialcare.html
- /data/media/####/workinfo_specialcare_sub.html
- /data/media/####/workinfo_teacher.html
- /data/media/####/workinfo_teacher_sub.html
- /data/media/####/youb_bj.jpg
- /data/media/####/youb_top.jpg
- /data/media/####/youbi1.html
- /data/media/####/youbi_bj.jpg
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- getuiext2
- libjiagu
- AES-CBC-PKCS5Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding