Technical information
- Adware.Dowgin.3.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) cd.md.c####.####.net:80
- TCP(HTTP/1.1) hm.bd.5####.net:80
- TCP(TLS/1.0) api.face####.com:443
- TCP(TLS/1.0) 1####.217.19.206:443
- TCP(TLS/1.0) sett####.crashly####.com:443
- TCP(TLS/1.0) ssl.google-####.com:443
- api.sambar####.co
- cd.md.c####.cn
- g####.face####.com
- hm.bd.5####.net
- sett####.crashly####.com
- ssl.google-####.com
- cd.md.c####.####.net/offer/20190304/201903041754730.apk
- cd.md.c####.####.net/offer/20190304/201903041818738.png
- hm.bd.5####.net//e9c
- hm.bd.5####.net//w9c
- hm.bd.5####.net/5dgrtse/d655/e9c
- hm.bd.5####.net/5dgrtse/d655/p9c
- hm.bd.5####.net/5dgrtse/d655/q9c
- hm.bd.5####.net/5dgrtse/d655/r9c
- hm.bd.5####.net/5dgrtse/d655/t9c
- hm.bd.5####.net/5dgrtse/d655/u9c
- hm.bd.5####.net/5dgrtse/d655/w9c
- /data/data/####/5C98819500CC-0001-08EA-D99FE232D162.cls_temp
- /data/data/####/5C98819500CC-0001-08EA-D99FE232D162BeginSession.cls_temp
- /data/data/####/5C98819500CC-0001-08EA-D99FE232D162SessionApp.cls_temp
- /data/data/####/5C98819500CC-0001-08EA-D99FE232D162SessionCrash.cls_temp
- /data/data/####/5C98819500CC-0001-08EA-D99FE232D162SessionDevice.cls_temp
- /data/data/####/5C98819500CC-0001-08EA-D99FE232D162SessionOS.cls_temp
- /data/data/####/5C98819500CC-0001-08EA-D99FE232D162SessionUser.cls_temp
- /data/data/####/5C9881CA0199-0002-08EA-D99FE232D162BeginSession.cls_temp
- /data/data/####/5C9881CA0199-0002-08EA-D99FE232D162SessionApp.cls_temp
- /data/data/####/5C9881CA0199-0002-08EA-D99FE232D162SessionDevice.cls_temp
- /data/data/####/5C9881CA0199-0002-08EA-D99FE232D162SessionOS.cls_temp
- /data/data/####/_mgestrgd_r.xml
- /data/data/####/_mhestrgdqs.xml
- /data/data/####/_mjtestrgdp.xml
- /data/data/####/applicationId
- /data/data/####/com.crashlytics.android.internal.D.xml
- /data/data/####/com.crashlytics.prefs.xml
- /data/data/####/com.crashlytics.settings.json
- /data/data/####/commments.db-journal
- /data/data/####/crash_marker
- /data/data/####/gaClientId
- /data/data/####/google_analytics_v2.db-journal
- /data/data/####/initialization_marker
- /data/data/####/installationId
- /data/data/####/mz.xt.caux.hkqo.av.jar
- /data/data/####/sa_6088861e-d86a-442e-9704-179922f321f2_1553498517303.tap
- /data/data/####/score.xml
- /data/data/####/session_analytics.tap
- /data/data/####/session_analytics.tap.tmp
- /data/data/####/settings.xml
- /data/data/####/zsrgsf.db-journal
- /data/media/####/.nomedia
- /data/media/####/36598dbe776b675eaa1dcaea891920ab.tmp
- /data/media/####/9c323ff5e4e27
- chmod 777 /storage/emulated/0/download/gsfi//36598dbe776b675eaa1dcaea891920ab.tmp
- gif
- AES-ECB-PKCS7Padding
- DES
- DES