Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) qin####.com.www.####.com:80
- TCP(HTTP/1.1) sdk-ope####.g####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) h####.opensp####.cn:80
- TCP(HTTP/1.1) a.appj####.com:80
- TCP(HTTP/1.1) oss.newairc####.com:80
- TCP(HTTP/1.1) d####.opensp####.cn:80
- TCP(TLS/1.0) 1####.217.17.142:443
- TCP(TLS/1.0) oss.newairc####.com:443
- TCP(TLS/1.0) s####.ml####.cc:443
- TCP(TLS/1.0) h5.newairc####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5225
- 7j####.c####.z0.####.com
- a####.u####.com
- a.appj####.com
- c####.g####.ig####.com
- c####.g####.ig####.com
- c####.g####.ig####.com
- c-h####.g####.com
- d####.opensp####.cn
- h####.opensp####.cn
- h5.newairc####.com
- img.newairc####.com
- jrs####.newairc####.com
- oss.newairc####.com
- pub-####.qin####.com
- s####.ml####.cc
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- h####.opensp####.cn/launchconfig?t=####&p=####
- oss.newairc####.com/global/user/jrsq/mobile/config/shunqingV3.2.3.apk
- oss.newairc####.com/jrsq/pic/201710/31/3b8b4387-4408-46f1-ab7e-ec79ff671...
- oss.newairc####.com/jrsq/pic/201710/31/849a14c5-739f-48f0-be88-bc798c35e...
- oss.newairc####.com/jrsq/pic/201710/31/8b620abc-7e97-4de0-aee5-028c93e25...
- oss.newairc####.com/jrsq/pic/201710/31/bce25de9-6d49-4b1a-981f-d21cbe763...
- oss.newairc####.com/jrsq/pic/201809/27/ff5ec03d-eb53-40fe-b2d1-a5f487493...
- qin####.com.www.####.com/tdata_EDT369
- t####.c####.q####.####.com/config/hz-hzv6.conf
- t####.c####.q####.####.com/tdata_Soq141
- t####.c####.q####.####.com/tdata_fEV688
- t####.c####.q####.####.com/tdata_hOi150
- t####.c####.q####.####.com/tdata_ilz707
- a####.u####.com/app_logs
- a.appj####.com/ad-service/ad/mark
- c-h####.g####.com/api.php?format=####&t=####
- d####.opensp####.cn/index.php/clientrequest/clientcollect/isCollect
- sdk-ope####.g####.com/api.php?format=####&t=####
- sdk-ope####.g####.com/api.php?format=####&t=####&d=####&k=####
- /data/data/####/-1015298293
- /data/data/####/-1124754041
- /data/data/####/-1262609044
- /data/data/####/-1293628851
- /data/data/####/-1312716470
- /data/data/####/-1383137677
- /data/data/####/-1383881486
- /data/data/####/-1383881487
- /data/data/####/-1383881578
- /data/data/####/-1383910281
- /data/data/####/-1383911436
- /data/data/####/-1383911437
- /data/data/####/-1383911459
- /data/data/####/-1383911461
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/06e46562568ba63d77ef70be1ab89efa91d7303a56ce97d....0.tmp
- /data/data/####/09b93cac3d156e931386950f7c21f52bbb189b989202d56....0.tmp
- /data/data/####/0f333180edab4180131dba657cee1eef36697b17cb2f58f....0.tmp
- /data/data/####/1389023919
- /data/data/####/1470cb8916ed4254849265876fdbf80cf820875e822c933....0.tmp
- /data/data/####/1526646622
- /data/data/####/155637c7e2cc4ea23704ddf5c61b99947971acb8e1aaf7d....0.tmp
- /data/data/####/1671054731
- /data/data/####/1695857311
- /data/data/####/1702074538
- /data/data/####/178536008
- /data/data/####/17a50a41f39585a500cc1c7e716a8bf7eac12f612be64af....0.tmp
- /data/data/####/1864066650
- /data/data/####/1c280173a1e4cc8c435d7bb34452162a5f348c682ef8617....0.tmp
- /data/data/####/1fc847e0fd83d1ae4f35b8b3ed24c657a56281493cc4dd7....0.tmp
- /data/data/####/2014265674
- /data/data/####/203de7e976fce62bf36977a0c2080c14036a715483e4e37....0.tmp
- /data/data/####/20eaaaf123c158b327c4d4ceadaf412b827b86c4495dd4f....0.tmp
- /data/data/####/21c8aa0fd0ea15e7f42de0e804bf76a18fa609b38866054....0.tmp
- /data/data/####/2bf9856d936aa5c4d076373be0190eafe51416a322368e6....0.tmp
- /data/data/####/386967948
- /data/data/####/3b1760be955ed180207b28a5361a31fde0ef7cb00821d9e....0.tmp
- /data/data/####/3bd7408f4e09b87b0fc4e7b1596e205c25084d842331564....0.tmp
- /data/data/####/3fe5fe5b7154a885d5d11ea96e0072330ba867f72322d6e....0.tmp
- /data/data/####/40ffe2898a29699cce20c15c7d787b83aed697ff518ac9f....0.tmp
- /data/data/####/42e332746195de7902c3af52c32c40e2a4607e087e59c56....0.tmp
- /data/data/####/438cd4ee5509d5aef090324a0dd6f9eb744ecacbfd8c9fd....0.tmp
- /data/data/####/492203936
- /data/data/####/4ec1c48185d0a05cc65a6adb15e64baca5d31dbcb82e219....0.tmp
- /data/data/####/508bacb5bf40b5867b59e1798549c1047952d84da0596c7....0.tmp
- /data/data/####/50c7462a6aab2324ed5689616eb236c8f994932a078d8eb....0.tmp
- /data/data/####/519e6b9e3072e0f34517799fc24aa124a184754321a98eb....0.tmp
- /data/data/####/566642b06a2cf5b1938b044e8ae11285dc9ac95c37e8bc6....0.tmp
- /data/data/####/566a7a9a016607f912033387a6ae52d57c0ca5485bf8f41....0.tmp
- /data/data/####/5f27df77b1d8d817349e435df65cd59d5ca7f12e4f8da07....0.tmp
- /data/data/####/612c0c5a406843f6cccb9d9830dc07457c04d1b5e50b600....0.tmp
- /data/data/####/61eca411dd0c3e6c825d91836d166beea6cd0e3fd4cb24d....0.tmp
- /data/data/####/625bb403b8a0fb24c7ffc996f5cfbf77bc8e1ea8a75d369....0.tmp
- /data/data/####/67c5478825261871bd38c1366ea678b3e855b67193ee3ae....0.tmp
- /data/data/####/708afe61faa953703694e065ce6ef3357d5ca16faca71c1....0.tmp
- /data/data/####/71dfa09579ef5f1ac7f9419f1b2e12d4af34cfcb00971d7....0.tmp
- /data/data/####/722611463
- /data/data/####/7cdd125f6c697c1a8922604c6882a23cc37503ff1ec7c98....0.tmp
- /data/data/####/835b9de1960afa13eac3ba422552431bfc4b5f53fc51bb3....0.tmp
- /data/data/####/92129239432f7c5702869937afd830fd36a0a61680ee5c1....0.tmp
- /data/data/####/926579363
- /data/data/####/988618977
- /data/data/####/9f0b8da73a40527aa257f3515ff578ef9902c97f0c5d464....0.tmp
- /data/data/####/FZLTXHK-GBK_YS.ttf
- /data/data/####/QQ_3x.png
- /data/data/####/ac6c1d0fb3e39b7dd0f3a9cb0b128b6c02b63953c9db6cd....0.tmp
- /data/data/####/amazeui.min.css
- /data/data/####/amazeui.min.js
- /data/data/####/angular1.4.6.min.js
- /data/data/####/b6665a1ae40d3e5bb84dcf24089bbf63cbc289637d42d14....0.tmp
- /data/data/####/b6665a1ae40d3e5bb84dcf24089bbf63cbc289637d42d14...5991.0
- /data/data/####/b827a89744a0
- /data/data/####/base.css
- /data/data/####/bea89b2582436e244b64fa7e41bd54d32e4bbc69b1c2235....0.tmp
- /data/data/####/c08cc4062b42515c0424d211f1febbe41982d1b13a27e6f....0.tmp
- /data/data/####/c4d759ad896c10f502cee25e188444141963be9f6c48f97....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/columnId.xml
- /data/data/####/com.iflytek.id.xml
- /data/data/####/com.iflytek.msc.xml
- /data/data/####/core_info
- /data/data/####/d410d5e22858ec5d46a051603f416aeaa22103e1b14a713....0.tmp
- /data/data/####/db_founder0-journal
- /data/data/####/device_id.xml.xml
- /data/data/####/e69f30b61b59e44b07e4c4c8514fd72b5b12ddf7e105463....0.tmp
- /data/data/####/ef982f2ae471b7e77444d35e2872aac1bda5ca9225f32aa....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f0587e8b5868025e0193f3d54268946873ba1bcf39fb176....0.tmp
- /data/data/####/f11b7f1139064e52d473405777f4a3fb992f22d752cab08....0.tmp
- /data/data/####/fontawesome-webfont.ttf
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/great_button.png
- /data/data/####/great_cancel_button.png
- /data/data/####/gx_sp.xml
- /data/data/####/helpMsg.xml
- /data/data/####/icon-images.png
- /data/data/####/icon_audio_play.png
- /data/data/####/icon_file.png
- /data/data/####/icon_file_down.png
- /data/data/####/icon_meta_voice.png
- /data/data/####/icon_praise.png
- /data/data/####/icon_praiseStar.png
- /data/data/####/icon_selector_normal.png
- /data/data/####/icon_selector_press.png
- /data/data/####/ifly_launch_lib.xml
- /data/data/####/iflytek_state_com.founder.shunqing.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/jg_app_update_settings_random.xml
- /data/data/####/journal.tmp
- /data/data/####/jquery.min2.2.0.js
- /data/data/####/js.combine.min.js
- /data/data/####/libjiagu.so
- /data/data/####/loading.png
- /data/data/####/multidex.version.xml
- /data/data/####/mwsdk_analytics.db-journal
- /data/data/####/news_detail.html
- /data/data/####/persistent_data.xml
- /data/data/####/play.png
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushk.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/reader.db-journal
- /data/data/####/run.pid
- /data/data/####/sanjiaoxing.png
- /data/data/####/shareTimeline_3x.png
- /data/data/####/sina_3x.png
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/tdata_Soq141
- /data/data/####/tdata_Soq141.jar
- /data/data/####/tdata_fEV688
- /data/data/####/tdata_fEV688.jar
- /data/data/####/tdata_hOi150
- /data/data/####/tdata_hOi150.jar
- /data/data/####/tdata_ilz707
- /data/data/####/tdata_ilz707.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/video.png
- /data/data/####/wx_3x.png
- /data/media/####/.nomedia
- /data/media/####/app.db
- /data/media/####/com.founder.shunqing.bin
- /data/media/####/com.founder.shunqing.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/iflyworkdir_test
- /data/media/####/journal.tmp
- /data/media/####/localTemplate.zip
- /data/media/####/tdata_Soq141
- /data/media/####/tdata_fEV688
- /data/media/####/tdata_hOi150
- /data/media/####/tdata_ilz707
- /data/media/####/test.log
- /system/bin/cat /proc/cpuinfo
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.GeTuiPushService 25043 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- getprop ro.product.cpu.abi
- mount
- sh
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.GeTuiPushService 25043 300 0
- getuiext2
- libjiagu
- msc
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-ECB-PKCS5Padding