Technical information
- Adware.Dowgin.3.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) an.ca.15####.cn:80
- TCP(HTTP/1.1) nbaser####.d####.com:80
- TCP(HTTP/1.1) dn.dd.15####.####.net:80
- TCP(HTTP/1.1) i####.t####.qq.com:80
- a####.u####.com
- an.ca.15####.cn
- dn.dd.15####.cn
- i####.g####.com
- nbaser####.d####.com
- s1.se####.cn
- dn.dd.15####.####.net/ad/20170705/201707051157602.png
- dn.dd.15####.####.net/ad/20171207/20171207111067.png
- dn.dd.15####.####.net/ad/20171207/201712071130342.png
- dn.dd.15####.####.net/ad/20171229/201712291049180.apk
- i####.t####.qq.com/chinanba/pics/hv1/162/188/2261/147069627.jpg
- i####.t####.qq.com/chinanba/pics/hv1/184/199/2261/147072454.jpg
- i####.t####.qq.com/chinanba/pics/hv1/197/187/2261/147069407.jpg
- i####.t####.qq.com/chinanba/pics/hv1/38/189/2261/147069758.jpg
- i####.t####.qq.com/chinanba/pics/hv1/89/196/2261/147071594.jpg
- nbaser####.d####.com/AdImage
- nbaser####.d####.com/NewsList?p=####&psize=####
- a####.u####.com/app_logs
- an.ca.15####.cn//1b20fe4a4a/zaa
- an.ca.15####.cn//1b20fe4a4a/zia
- an.ca.15####.cn//1b20fe4a4a/zib
- an.ca.15####.cn//1b20fe4a4a/zic
- an.ca.15####.cn//1b20fe4a4a/zid
- <Package Folder>/.lib/libexec.so
- <Package Folder>/.lib/libexecmain.so
- <Package Folder>/cache/187_2261_147069407.jpg
- <Package Folder>/cache/188_2261_147069627.jpg
- <Package Folder>/cache/189_2261_147069758.jpg
- <Package Folder>/cache/196_2261_147071594.jpg
- <Package Folder>/cache/199_2261_147072454.jpg
- <Package Folder>/databases/cxcdownloads
- <Package Folder>/databases/cxcdownloads-journal
- <Package Folder>/databases/uscom.db
- <Package Folder>/databases/uscom.db-journal
- <Package Folder>/files/fmynbanews.jar
- <Package Folder>/shared_prefs/_acomynbanewsz.xml
- <Package Folder>/shared_prefs/_gcomynbanewss.xml
- <Package Folder>/shared_prefs/ki.xml
- <Package Folder>/shared_prefs/mobclick_agent_header_<Package>.xml
- <Package Folder>/shared_prefs/mobclick_agent_state_<Package>.xml
- <Package Folder>/shared_prefs/vgp_id.xml
- <SD-Card>/Android/####/201707051157602#png.tmp
- <SD-Card>/Android/####/20171207111067#png
- <SD-Card>/Android/####/20171207111067#png.tmp
- <SD-Card>/Android/####/201712071130342#png.tmp
- <SD-Card>/Android/####/CX.DAT
- <SD-Card>/Android/####/egnaro_etceles_egap_d
- <SD-Card>/Android/####/egnaro_gbntb_d
- <SD-Card>/Android/####/ehcac_ntb_mottob
- <SD-Card>/Android/####/elcric_cs_d
- <SD-Card>/Android/####/enil_efas
- <SD-Card>/Android/####/enil_efas_d
- <SD-Card>/Android/####/enil_jt_d
- <SD-Card>/Android/####/erahs_ntb_mottob
- <SD-Card>/Android/####/eulb_gbntb_d
- <SD-Card>/Android/####/gb_datuctrohs_d
- <SD-Card>/Android/####/gb_gmi
- <SD-Card>/Android/####/gb_gmi_d
- <SD-Card>/Android/####/gb_mottob
- <SD-Card>/Android/####/gb_pot
- <SD-Card>/Android/####/gb_pot_d
- <SD-Card>/Android/####/gb_sdrowda
- <SD-Card>/Android/####/gb_tluafed_d
- <SD-Card>/Android/####/kcab_pop
- <SD-Card>/Android/####/kcab_pop_d
- <SD-Card>/Android/####/lecnac_ntb_mottob_d
- <SD-Card>/Android/####/llatsni_ntb
- <SD-Card>/Android/####/llatsni_ntb_d
- <SD-Card>/Android/####/llatsni_ntb_mottob
- <SD-Card>/Android/####/lomron_egap_d
- <SD-Card>/Android/####/n_kcehcp
- <SD-Card>/Android/####/na_csppa_d
- <SD-Card>/Android/####/neerg_gbntb_d
- <SD-Card>/Android/####/noci_efas
- <SD-Card>/Android/####/noci_efas_d
- <SD-Card>/Android/####/ntb_erom_pc_d
- <SD-Card>/Android/####/ntb_meti
- <SD-Card>/Android/####/ntb_mottob_pop
- <SD-Card>/Android/####/ntb_mottob_pop_d
- <SD-Card>/Android/####/ntb_rehto_pc_d
- <SD-Card>/Android/####/ntbesolc_pot_x
- <SD-Card>/Android/####/ntbesolc_potd_d
- <SD-Card>/Android/####/nwod_worra
- <SD-Card>/Android/####/nwod_worra_d
- <SD-Card>/Android/####/p_kcehcp
- <SD-Card>/Android/####/pot_ntbseolc_d
- <SD-Card>/Android/####/pu_worra
- <SD-Card>/Android/####/pu_worra_d
- <SD-Card>/Android/####/rats_m
- <SD-Card>/Android/####/tnetnocppa
- <SD-Card>/Android/####/wolley_gbntb_d
- <SD-Card>/Android/####/z.jar
- <SD-Card>/Download/####/201712291049180.apk.tmp
- <SD-Card>/MyNBA/imagelist.cache
- <SD-Card>/MyNBA/newslist.cache
- chmod 777 /storage/emulated/0/download/mmynbanews//201712291049180.apk.tmp
- getprop ro.product.cpu.abi
- libexec
- libexecmain
- DES
- DES-CBC-PKCS5Padding
- DES-CBC-PKCS5Padding