Technical information
- Android.DownLoader.2083
- Android.DownLoader.546.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) t####.qq.com:14000
- TCP(HTTP/1.1) hk.wagbr####.non####.####.com:80
- TCP(HTTP/1.1) d####.d####.mob.com:80
- TCP(HTTP/1.1) a####.exc.mob.com:80
- TCP(HTTP/1.1) bj.bc####.com:80
- TCP(HTTP/1.1) c.d####.mob.com:80
- TCP(HTTP/1.1) t####.qq.com:80
- TCP(HTTP/1.1) api.s####.mob.com:80
- TCP(HTTP/1.1) m.d####.mob.com:80
- TCP(HTTP/1.1) h####.b####.com:80
- TCP(HTTP/1.1) ada####.m.ta####.com:80
- TCP(TLS/1.0) sh.wagbr####.ta####.com:443
- TCP t####.qq.com:80
- TCP t####.qq.com:14000
- a####.exc.mob.com
- a####.u####.co
- a####.u####.com
- ad####.m.ta####.com
- ada####.m.ta####.com
- ap####.qiuj####.com
- api.s####.mob.com
- bcfeed####.ta####.com
- c.d####.mob.com
- d####.d####.mob.com
- h####.b####.com
- m.d####.mob.com
- pi####.qq.com
- qiujied####.bj.bc####.com
- t####.qq.com
- y####.al####.com
- bj.bc####.com/android_update/update.json
- m.d####.mob.com/cconf?appkey=####&plat=####&apppkg=####&appver=####&netw...
- a####.exc.mob.com/errconf
- a####.u####.com/app_logs
- ada####.m.ta####.com/rest/sur?ak=####&av=####&c=####&v=####&s=####&d=###...
- api.s####.mob.com/conf5
- api.s####.mob.com/conn
- api.s####.mob.com/data2
- api.s####.mob.com/log4
- c.d####.mob.com/cdata
- d####.d####.mob.com/dinfo
- d####.d####.mob.com/dsign
- h####.b####.com/app.gif
- hk.wagbr####.non####.####.com/saveWb.json
- t####.qq.com/203.205.211.75:80/
- t####.qq.com:14000/203.205.211.75:14000/
- /data/data/####/.jg.ic
- /data/data/####/.lock
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/.mrecord
- /data/data/####/.mrlock
- /data/data/####/.statistics
- /data/data/####/.tpns.xml.xml
- /data/data/####/.tpush_mta.xml
- /data/data/####/0a231bd8575dcf72.txt
- /data/data/####/1d77ea041509fe06.lock
- /data/data/####/21c22f492aba3de8.lock
- /data/data/####/930a31b34bd52c08.lock
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/SGMANAGER_DATA2.tmp
- /data/data/####/ThrowalbeLog.db-journal
- /data/data/####/UTCommon.xml
- /data/data/####/__Baidu_Stat_SDK_SendRem.xml
- /data/data/####/__local_ap_info_cache.json
- /data/data/####/__local_last_session.json
- /data/data/####/__local_stat_cache.json
- /data/data/####/ap.Lock
- /data/data/####/com.jizhi.iaandroid.qiujieda.odex
- /data/data/####/com.jizhi.iaandroid.qiujieda.zip
- /data/data/####/com.jizhi.iaandroid.qiujieda_preferences.xml
- /data/data/####/db_public-journal
- /data/data/####/device_id.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/libjiagu.so
- /data/data/####/libsgmainso-5.1.81.so.tmp
- /data/data/####/lock.lock
- /data/data/####/mob_commons_1.xml
- /data/data/####/mob_sdk_exception_1.xml
- /data/data/####/pri_tpush_tencent_analysis.db_com.jizhi.iaandro...ournal
- /data/data/####/qjd_preference.xml
- /data/data/####/school.db
- /data/data/####/share_sdk_1.xml
- /data/data/####/sharesdk.db-journal
- /data/data/####/sp.lock
- /data/data/####/tpush_tencent_analysis.db_com.jizhi.iaandroid.q...ournal
- /data/data/####/um_cache_1567200328235.env
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/ut.db
- /data/data/####/ut.db-journal
- /data/media/####/-751070741.tmp
- /data/media/####/-987032467.tmp
- /data/media/####/.al
- /data/media/####/.ccLock
- /data/media/####/.ccc
- /data/media/####/.confd
- /data/media/####/.confd-journal
- /data/media/####/.config
- /data/media/####/.cuid
- /data/media/####/.dh-journal
- /data/media/####/.dhlock
- /data/media/####/.dic_lock
- /data/media/####/.dk
- /data/media/####/.duid
- /data/media/####/.globalLock
- /data/media/####/.mid.txt
- /data/media/####/.nulal
- /data/media/####/.nulplt
- /data/media/####/.pkg_lock
- /data/media/####/.plst
- /data/media/####/.rc_lock
- /data/media/####/.usLock
- /data/media/####/1954625132.tmp
- /data/media/####/602238956.tmp
- /data/media/####/6c709c11d2d46a7b
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/dd7893586a493dc3
- /data/media/####/hid.dat
- /data/media/####/icon.png
- /data/media/####/records.bat
- <Package Folder>/lib/libtpnsWatchdog.so <Package>,2100096059; 55555 203.205.128.130 [{"idx":0,"ts":%d,"et":2000,"si":0,"ui":"<IMEI>","ky":"Axg%lu","mid":"0","ev":{"ov":"18","sr":"600*752","md":"<System Property>","lg":"en","sv":"2.39","mf":"unknown","apn":"%s"}}] 0 18
- <Package Folder>/lib/libtpnsWatchdog.so <Package>,2100096059;<Package>,2100096059; 55555 203.205.128.130 [{"idx":0,"ts":%d,"et":2000,"si":0,"ui":"<IMEI>","ky":"Axg%lu","mid":"ddf43912040a073385c1a5a3cff937cba0728e4a","ev":{"ov":"18","sr":"600*752","md":"<System Property>","lg":"en","sv":"2.39","mf":"unknown","apn":"%s"}}] 0 18
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- grep -E -v root|shell|system
- sh
- sh <Package Folder>/lib/libtpnsWatchdog.so <Package>,2100096059; 55555 203.205.128.130 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : 0 , ev :{ ov : 18 , sr : 600*752 , md : <System Property> , lg : en , sv : 2.39 , mf : unknown , apn : %s }}] 0 18
- sh <Package Folder>/lib/libtpnsWatchdog.so <Package>,2100096059;<Package>,2100096059; 55555 203.205.128.130 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : ddf43912040a073385c1a5a3cff937cba0728e4a , ev :{ ov : 18 , sr : 600*752 , md : <System Property> , lg : en , sv : 2.39 , mf : unknown , apn : %s }}] 0 18
- top -d 0 -n 1
- libjiagu
- neh
- sgmainso-5.1
- tpnsSecurity
- ut_c_api
- AES-CBC-PKCS5Padding
- AES-CFB8-NoPadding
- AES-ECB-PKCS5Padding
- AES-ECB-PKCS7Padding
- RSA-ECB-PKCS1PADDING
- AES-CBC-PKCS5Padding
- AES-CFB8-NoPadding
- AES-ECB-PKCS5Padding