Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) res.wx.qq.####.com:80
- TCP(HTTP/1.1) app.gulu####.com:23388
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) www.gulu####.com:80
- TCP(TLS/1.0) www.google-####.com:443
- TCP(TLS/1.0) hm.b####.com:443
- TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) z.c####.com:443
- TCP(TLS/1.0) gm.mm####.com:443
- TCP(TLS/1.0) s####.j####.cn:443
- TCP(TLS/1.0) s####.g.doublec####.net:443
- TCP(TLS/1.0) c.c####.com:443
- UDP s.j####.cn:19000
- TCP 1####.230.236.35:7002
- app.gulu####.com
- c####.mm####.com
- c.c####.com
- colle####.b####.com
- hm.b####.com
- img.gulu####.com
- log.u####.com
- r####.wx.qq.com
- s####.g.doublec####.net
- s####.j####.cn
- s####.u####.com
- s.j####.cn
- sis.j####.io
- w.c####.com
- www.google-####.com
- www.gulu####.com
- z4.c####.com
- app.gulu####.com:23388/api/advert/getAdvertContentList?boardId=####&page...
- app.gulu####.com:23388/api/greetings/getGreetings?
- app.gulu####.com:23388/api/songRecommend/getRecommendSongList?pageSize=#...
- app.gulu####.com:23388/api/userRecommend/getUserRecommendList?
- app.gulu####.com:23388/api/version/getVersion?type=####&
- res.wx.qq.####.com/open/js/jweixin-1.2.0.js
- t####.c####.q####.####.com/appadvert/content/117ebd54-f113-4745-9c88-ce4...
- t####.c####.q####.####.com/appadvert/content/33091529-72f7-4183-a910-12e...
- t####.c####.q####.####.com/appadvert/content/5960a83b-27e7-42b1-8339-a8a...
- t####.c####.q####.####.com/appadvert/content/720cfb5b-1e75-4828-a37d-5f0...
- t####.c####.q####.####.com/appadvert/content/76df61dd-7f86-41d8-8982-e18...
- t####.c####.q####.####.com/appadvert/content/7f94c5d9-e008-4fd2-b884-a7a...
- t####.c####.q####.####.com/appadvert/content/a0a23102-afef-426e-ac16-a06...
- t####.c####.q####.####.com/appadvert/content/a935a840-04e3-4162-9939-905...
- t####.c####.q####.####.com/appadvert/content/d6dcc624-0e39-475c-8bdd-d5a...
- t####.c####.q####.####.com/appadvert/content/dbdaa004-4a37-470e-8e86-65d...
- t####.c####.q####.####.com/appgreetings/6ab6e717-d215-476b-bc95-4f3a83b2...
- t####.c####.q####.####.com/avatar/avatar_weibo_20171116121426482924329.j...
- t####.c####.q####.####.com/cover/cover_111148_2017072413271709158754.jpg
- t####.c####.q####.####.com/cover/cover_111293_20170803100229042137642.jpg
- t####.c####.q####.####.com/cover/cover_122810_20190418092312862817559.jp...
- t####.c####.q####.####.com/cover/cover_123654_20190317173451161863371.jp...
- t####.c####.q####.####.com/cover/cover_1542557_20190329225728598238247.j...
- t####.c####.q####.####.com/cover/cover_216634_20170813212212306371227.jpg
- t####.c####.q####.####.com/cover/cover_227512_20190825155129114781410.jp...
- t####.c####.q####.####.com/cover/cover_227512_2019082515531691059023.jpg...
- t####.c####.q####.####.com/cover/cover_238938_2019032613070131848315.jpg...
- t####.c####.q####.####.com/cover/cover_239312_20190310100835104555042.jp...
- t####.c####.q####.####.com/cover/cover_239604_20190324010815905834029.jp...
- t####.c####.q####.####.com/cover/cover_551449_20170726212317435281856.jpg
- t####.c####.q####.####.com/cover/cover_585429_20190828113850558866955.jp...
- t####.c####.q####.####.com/cover/cover_787585_2019082414024078387155.jpg...
- t####.c####.q####.####.com/cover/cover_827825_2019082810204925243653.jpg...
- t####.c####.q####.####.com/event/bufushiguangCoverWap/bg-block3.jpg
- t####.c####.q####.####.com/event/bufushiguangCoverWap/bg-block5.jpg
- t####.c####.q####.####.com/event/bufushiguangCoverWap/bg-block7.jpg
- t####.c####.q####.####.com/event/bufushiguangCoverWap/title-snzg.png
- t####.c####.q####.####.com/event/chinaBoyCoverWap/bg-block1.jpg
- t####.c####.q####.####.com/event/chinaBoyCoverWap/title-bfsg.png
- t####.c####.q####.####.com/event/chinaBoyCoverWap/title-snzg.png
- t####.c####.q####.####.com/frame/login-logo.png
- t####.c####.q####.####.com/frame/register-error.png
- t####.c####.q####.####.com/frame/register-success.png
- www.gulu####.com/assets/css/amazeui/amazeui-6f07fadc1a.css
- www.gulu####.com/assets/css/common-4888cf328a.css
- www.gulu####.com/assets/css/event/event_28_wap-508d4bd95f.css
- www.gulu####.com/assets/css/event/event_29_wap-c9d2cf2176.css
- www.gulu####.com/assets/fonts/fontawesome-webfont.ttf
- www.gulu####.com/assets/js/amazeui/amazeui.min.js
- www.gulu####.com/assets/js/comment-aab9613043.js
- www.gulu####.com/assets/js/common-78344a9b54.js
- www.gulu####.com/assets/js/event/event_28_wap-028b5705a9.js
- www.gulu####.com/assets/js/event/event_29_wap-e5f552a65f.js
- www.gulu####.com/assets/js/plugins/jquery.atwho.min.js
- www.gulu####.com/assets/js/plugins/jquery.caret.min.js
- www.gulu####.com/assets/js/plugins/jquery.min.js
- www.gulu####.com/assets/vendor/md5.min.js
- www.gulu####.com/assets/vendor/template.js
- www.gulu####.com/captcha/getKaptcha
- www.gulu####.com/commentEvent/getCommentInfo?currentPage=####&eventId=##...
- www.gulu####.com/commentEvent/getHotCommentInfo?eventId=####
- www.gulu####.com/event/cover-bfsg-snzg/20170717
- www.gulu####.com/m/event/getWapSonglist?currentPage=####&sortType=####&s...
- www.gulu####.com/m/special/28
- www.gulu####.com/m/special/29
- www.gulu####.com/share/getWeixinSign?url=####
- www.gulu####.com/special/28;jsessionid=4C932F699BD6A0D3337AF9DB97A894F9
- www.gulu####.com/special/29
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/12dc0be37fa099ef1f8ee6bed256b884b3bc9970698bce8....0.tmp
- /data/data/####/12dc0be37fa099ef1f8ee6bed256b884b3bc9970698bce8...4dd7.0
- /data/data/####/1567095214148.log
- /data/data/####/3346d093070be9325ba3b8e00507a7c3b9de4716ff73969....0.tmp
- /data/data/####/423334d19804bb51b85a2b15fa25a2f9d5b2178f8f49b15....0.tmp
- /data/data/####/4eb77bf8731fbfe1ad7efec8c67be9201cc31e07876d609....0.tmp
- /data/data/####/6124717f4c3f4b1f1416bfaa92ee0c13629c80a9efe5b14...11c7.0
- /data/data/####/7604b4a2a712bce2169a5c6bd194d892b3ca156d90f5c53....0.tmp
- /data/data/####/9ee8dd8a9da431115e39afd13447371a6b4c99f35e46a07....0.tmp
- /data/data/####/BUGHD.xml
- /data/data/####/GuideAc.xml
- /data/data/####/JPushSA_Config.xml
- /data/data/####/Service.xml
- /data/data/####/StartAc.xml
- /data/data/####/appPackageNames
- /data/data/####/app_data.xml
- /data/data/####/b3183d578641ec1b905feed14e230bce7e87a7d14f6a6f9....0.tmp
- /data/data/####/b6e97f20556d5ac0bc9af2e6a9409f2035c4fefa7616744....0.tmp
- /data/data/####/cn.jpush.android.user.profile.xml
- /data/data/####/cn.jpush.preferences.v2.xml
- /data/data/####/cn.jpush.preferences.v2.xml.bak
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dd224647269f7788f3be1d7a1c195bfe620f931f988becf....0.tmp
- /data/data/####/f12873110bc3b7fe0d2ffc4faab748c7a7fad7a6fa54d87....0.tmp
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/http_www.gulubala.com_0.localstorage-journal
- /data/data/####/index
- /data/data/####/journal.tmp
- /data/data/####/jpush_device_info.xml
- /data/data/####/jpush_local_notification.db
- /data/data/####/jpush_local_notification.db-journal
- /data/data/####/jpush_stat_cache.json
- /data/data/####/jpush_stat_cache_history.json
- /data/data/####/jpush_statistics.db
- /data/data/####/jpush_statistics.db-journal
- /data/data/####/libjiagu.so
- /data/data/####/musicdb.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_socialize.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/webviewCookiesChromiumPrivate.db-journal
- /data/media/####/.nomedia
- /data/media/####/.push_deviceid
- /data/media/####/1ctz3ewz8sm48xqtr6p161n2l.0.tmp
- /data/media/####/1vvjfycaz0sgs3qkhbrnxido4.0.tmp
- /data/media/####/32hkf9dvsr36dluw7vyck8nj0.0.tmp
- /data/media/####/3ahsn0zrwcoj4yils3mnlrabi.0.tmp
- /data/media/####/4htlocbs5pd4xvtzhhcg7ofmx.0.tmp
- /data/media/####/4tgrejkt3tmfgan00h17fv1qi.0.tmp
- /data/media/####/5pmq56ljrhryu16n3ch96561c.0.tmp
- /data/media/####/6ps66llcpqd0o59rbtbypqu89.0.tmp
- /data/media/####/ffntf0qksi2933gtwo4nzayl.0.tmp
- /data/media/####/journal.tmp
- /data/media/####/knbm6bpewr4gdeaq0nvgstrr.0.tmp
- /data/media/####/welcome.mp3
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- jpush217
- libjiagu
- pl_droidsonroids_gif
- AES-CBC-NoPadding
- AES-CBC-NoPadding