Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) s####.s.360.cn:80
- TCP(HTTP/1.1) k####.b####.com:80
- TCP(HTTP/1.1) qin####.com.www.####.com:80
- TCP(HTTP/1.1) sdk.l####.360.cn:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) p.s.3####.cn:80
- TCP(HTTP/1.1) sh.wagbr####.aliyun####.com:80
- TCP(SSL/3.0) s1.ssl.q####.com:443
- TCP(TLS/1.0) api.app.b####.com:443
- TCP(TLS/1.0) s1.ssl.q####.com:443
- TCP(TLS/1.0) h5.b####.com:443
- TCP(TLS/1.0) res####.a####.com:443
- TCP(TLS/1.0) c####.b####.com:443
- TCP(TLS/1.0) p1.ssl.cdn.####.com:443
- TCP(TLS/1.0) p3.ssl.cdn.####.com:443
- TCP c####.g####.ig####.com:5226
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- amap####.cn-hang####.oss####.####.com
- and####.b####.qq.com
- api.app.b####.com
- api.b####.com
- c####.b####.com
- c####.g####.ig####.com
- c-h####.g####.com
- h5.b####.com
- k####.b####.com
- p.s.3####.cn
- p0.ssl.cdn.####.com
- p1.ssl.cdn.####.com
- p2.ssl.cdn.####.com
- p3.ssl.cdn.####.com
- p4.ssl.cdn.####.com
- pub-####.qin####.com
- res####.a####.com
- s####.s.360.cn
- s0.ssl.q####.com
- s1.ssl.q####.com
- s4.ssl.q####.com
- s5.ssl.q####.com
- sdk.c####.ig####.com
- sdk.l####.360.cn
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- k####.b####.com/
- qin####.com.www.####.com/tdata_EDT369
- s####.s.360.cn/ak/a0a080f42e6f13b3a2df133f073095dd.html?m2=####
- sdk.l####.360.cn/codec?model=####&pid=####&mid=####&ver=####&bid=####&sd...
- sh.wagbr####.aliyun####.com/sdkcoor/android/x86/libJni_wgs2gcj.so
- t####.c####.q####.####.com/tdata_Cta775
- t####.c####.q####.####.com/tdata_YYn966
- t####.c####.q####.####.com/tdata_lOE499
- t####.c####.q####.####.com/tdata_nmo636
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- and####.b####.qq.com/rqd/async
- c-h####.g####.com/api.php?format=####&t=####
- p.s.3####.cn/pstat/plog.php
- p.s.3####.cn/update/update.php?p=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####&d=####&k=####
- /data/data/####/024f6ecac5840558bd9e2da2d4e150026e880ba8c9fd42e....0.tmp
- /data/data/####/02ac789c703940217e814535d5708839
- /data/data/####/06f1db8981e02d63f8fede5ae288d9f6bf53036402462e3....0.tmp
- /data/data/####/08cf9eaed0adfc54e13c0224f29d9315
- /data/data/####/0af1ea89fe2a1b6763ff9b5615c5b86f9442b963ff87480....0.tmp
- /data/data/####/0b7d11897c893cc3b5c48031f5e84fd1
- /data/data/####/100ec186d3d68e9668a0674035808981
- /data/data/####/1049e5eba911123e5103552f383154f3
- /data/data/####/1499cdd3d9f951a95a5a710ad5cd6f01
- /data/data/####/186b2c65904feaef958c8eede815a04f
- /data/data/####/1e54b92d5babac0b00d1bb4e1672e187
- /data/data/####/20052d274fc375a9f21f9a44a949d58b82f24af1056394b....0.tmp
- /data/data/####/2190d647f9fea664ed17726c6b466a19d02d5005f7befbc....0.tmp
- /data/data/####/223aacde6cb0b6ff4292b58165c39be7
- /data/data/####/29009015c3256db8bd3298732df89a660203cf1952d83d2....0.tmp
- /data/data/####/2bfcbdb5dfc3e7b575bdddf1f01fc64430d1029ba0f5a82....0.tmp
- /data/data/####/2caba55284a89d39e271ce69622577423ed83f94b72de38....0.tmp
- /data/data/####/30939de9dbf0a326cdbfd3708c7c82f5
- /data/data/####/31e3f79c1adb1965f7717c36cede2d738778d0c86ca1150....0.tmp
- /data/data/####/34ccf9388bf74407663054afb5eb0d4ef22e58c7b524082....0.tmp
- /data/data/####/36015c7acf6c006c6e9abe35112c830ccf31f4100e0cc6b....0.tmp
- /data/data/####/3691256903606.0
- /data/data/####/36fa7f68674e6a494a60af3d33806c633c6e7c2c72925e6....0.tmp
- /data/data/####/380887f86a4dc637c198118e689b6a89
- /data/data/####/39941e9b8d628dfd5db1a51f39fc03729992e40bf359184....0.tmp
- /data/data/####/410b9a5ecc355de91a70e9da9974fe4201668976b0491e7....0.tmp
- /data/data/####/43b03888d0f6d6d93cbc97e1fa35943947b86a4f627fb4e....0.tmp
- /data/data/####/455bcc01cf703c798f4c2c855c4ca5c112a1a319136a1d1....0.tmp
- /data/data/####/4db390d4c479c44e1255df16495991c09ed64c68ec8ec67....0.tmp
- /data/data/####/4dba4c33bc1bf8610e9f01b01ead279237a7a267202c190....0.tmp
- /data/data/####/4e0605b27850c08bb7fc14e1097658bc
- /data/data/####/5088bcff844bf9076c560eda6a74071d3206bd9134e6370....0.tmp
- /data/data/####/52d987483b838f39241c5e9472711355e13d41446173fdb....0.tmp
- /data/data/####/5365edfb78a970bda1cb427cd0965cd2
- /data/data/####/55109df26473f592ab4b5013ee9861d2
- /data/data/####/5836c921407f87d51d10a5b876b9962108c6540df57c21b....0.tmp
- /data/data/####/5a23265f3e9806051b1cac066a6a2b2a
- /data/data/####/5ef3a7545c58a7b5982b4b60451f8aee1067a72b96342ff....0.tmp
- /data/data/####/61121389848135.0
- /data/data/####/61cd9472e3e26b27de0ba93e39bed99a488a57b0e1439f7....0.tmp
- /data/data/####/67b7a34225f2b0dd8463cc1e2ec9dd7f
- /data/data/####/70a1a6a4d41c8d2fc7111a029f82e39c068501485e76745....0.tmp
- /data/data/####/70a1a6a4d41c8d2fc7111a029f82e39c068501485e76745...aa81.0
- /data/data/####/71a8f9103428134537d43a19da1925ba
- /data/data/####/75d14b6df45f43bfe370410e09133a6c
- /data/data/####/780328d14f80911fc7efb1c369894aaf
- /data/data/####/7a7ade9fc7063caaa498fd5137348710
- /data/data/####/7f3de259226748c39e463c9765985283
- /data/data/####/85d52b0ab1f965b5b7c6aa38505f1869
- /data/data/####/86d76f1319ec
- /data/data/####/883c7b82fc82866e7ebb236bfbe3b3003ddde981f31ee24....0.tmp
- /data/data/####/8df889d19e171d26cd9743d13f364156
- /data/data/####/9121e7bd8d22dbd8dacaddad227702e0
- /data/data/####/92f324c7cd76998e6ce92e434650b199
- /data/data/####/97b462e5e93033a77088f5bf58f7044c469d50f0525cb3d....0.tmp
- /data/data/####/ApplicationCache.db-journal
- /data/data/####/QH_DeviceSDK.xml
- /data/data/####/QH_SDK_M2.xml
- /data/data/####/QH_SDK_UserDataa0a080f42e6f13b3a2df133f073095dd.xml
- /data/data/####/QH_SDK_sessionIDa0a080f42e6f13b3a2df133f073095dd.xml
- /data/data/####/RefactorNewsItemDbModel.realm
- /data/data/####/RefactorNewsItemDbModel.realm.lock
- /data/data/####/WalletPlugin.apk
- /data/data/####/Y29tLmJ0aW1lLmJqdGltZQ==.tick.lock
- /data/data/####/access_control.control.mx
- /data/data/####/access_control.write.mx
- /data/data/####/af78a73b5a1d2d47f432e2404c2a40c3
- /data/data/####/b72bbc6083da3421044c36e78e9bc5e04c89a9e6d5616d7....0.tmp
- /data/data/####/b7978e22862e315251e57142456b1f4a
- /data/data/####/be37e420fec646fedf90a3464a54347f6b95e48dbf2d09c....0.tmp
- /data/data/####/btime_multi_theme.xml
- /data/data/####/btime_netmode_debug.xml
- /data/data/####/bugly_db_legu-journal
- /data/data/####/c54d4c37a3ea3363aa72295e5f7773e7
- /data/data/####/c5eeefc851907f5b201f225a7f03cee9
- /data/data/####/c6cc3bbb055b3f11114b3e9256232939
- /data/data/####/c707cb01a75b9f9a075cad13278329d38aee4dffab4d271....0.tmp
- /data/data/####/caab7861a7d7ade6b6956ae4293a7099
- /data/data/####/cda44579db89aab995da8237bc5e7a5b547d2450ecc6453....0.tmp
- /data/data/####/cdee7c5fdb37aab6f6fd5e466ee1f3d2efedc2cd136e01b....0.tmp
- /data/data/####/d3de83ef9deee6fb37624063375a3f6f
- /data/data/####/d45f34356b51ece2a1d6bb0c830ca177
- /data/data/####/dafile.db
- /data/data/####/dafile.db-journal
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/ddca21fdd9352794cdebc48cc200088142863c983cc9b75....0.tmp
- /data/data/####/discovery_share_image.jpg
- /data/data/####/e513a800643b47235aa76de6d0227756
- /data/data/####/eb105e923c24fac1ded8783c10f598f6
- /data/data/####/ecd67cd9ad8b2dc38323ba8845786714f632a3075b8a1e4....0.tmp
- /data/data/####/ee7965711062f6e2f00be7bc32340463786410a3c46cd38....0.tmp
- /data/data/####/f0e0196c6b00524e1126e0bdc936dd1c
- /data/data/####/f3f05c6afcb91fd8bd6dce64f84a2e82
- /data/data/####/f5863c2c040d539fcabdb9b9214b74da
- /data/data/####/f6b3633f7ab07b1399b406971c7229c42f90aff7530cb80....0.tmp
- /data/data/####/fe614521901f132a273cd2ecbc3c1452
- /data/data/####/fe9aadb286cbc48c74ad4b82446b1054113d89b8750bd9c....0.tmp
- /data/data/####/feeb6ce58f000c7746c2eabba8133c67
- /data/data/####/ff9f5cd147957f8472d955d8cc2afa9b
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/gx_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.9.1.2.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/loctemp.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/mix.dex
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushk.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/tdata_Cta775
- /data/data/####/tdata_Cta775.jar
- /data/data/####/tdata_YYn966
- /data/data/####/tdata_YYn966.jar
- /data/data/####/tdata_lOE499
- /data/data/####/tdata_lOE499.jar
- /data/data/####/tdata_nmo636
- /data/data/####/tdata_nmo636.jar
- /data/data/####/tray.db-journal
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.deviceId
- /data/media/####/.iddata
- /data/media/####/LOn
- /data/media/####/LOn (deleted)
- /data/media/####/Y29tLmJ0aW1lLmJqdGltZQ==
- /data/media/####/Y29tLmJ0aW1lLmJqdGltZQ== (deleted)
- /data/media/####/a0a080f42e6f13b3a2df133f073095dd
- /data/media/####/alsn.db
- /data/media/####/alsn.db-journal
- /data/media/####/app.db
- /data/media/####/com.btime.bjtime.bin
- /data/media/####/com.btime.bjtime.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/data.lock
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/logs.txt
- /data/media/####/report.lock
- /data/media/####/tdata_Cta775
- /data/media/####/tdata_YYn966
- /data/media/####/tdata_lOE499
- /data/media/####/tdata_nmo636
- /data/media/####/test.log
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.btime.common.push.BTPushService 24575 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.1.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.btime.common.push.BTPushService 24575 300 0
- Bugly
- getuiext2
- libnfix
- libshella-2.9.1.2
- libufix
- nfix
- openh264
- publisher
- realm-jni
- transcore
- ufix
- viewer
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- desede-ECB-PKCS5Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding