Technical information
- Adware.Dowgin.3.origin
- Android.DownLoader.343.origin
- Android.DownLoader.723
- Android.DownLoader.725
- Android.Packed.4861
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) j####.xiaom####.cn:80
- TCP(HTTP/1.1) a####.u####.com:80
- a####.u####.com
- a.wangdai####.com
- d1qxrv0####.cloudf####.net
- ic.ie.0####.com
- j####.xiaom####.cn
- s1.33####.com
- a####.u####.com/app_logs
- j####.xiaom####.cn/app/init
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.jiagu.lock
- /data/data/####/21E5B560E81ED8DD.xml
- /data/data/####/AFD1C2AC691715A2.xml
- /data/data/####/B58050C27928141889B2F8696582AB6F.xml
- /data/data/####/C14DAA89B184F741784CCB94F6F286E0.xml
- /data/data/####/D37A23C31790697F.xml
- /data/data/####/D3919D4096C48654.xml
- /data/data/####/E9C343ED5907C543-journal
- /data/data/####/ECFFFB
- /data/data/####/ECFFFB-journal
- /data/data/####/FDEEDD-journal
- /data/data/####/__pasys_remote_banner.tmp.jar
- /data/data/####/_mgrenxuewuyu_r.xml
- /data/data/####/cbupslwfbbmqldftt.dex
- /data/data/####/com.androidemu.renxuewuyu_preferences.xml
- /data/data/####/com.hfuedle.mnvhe.dex (deleted)
- /data/data/####/com.hfuedle.mnvhe.jar
- /data/data/####/downmodel.db
- /data/data/####/downmodel.db-journal
- /data/data/####/dxt_yx_sdk
- /data/data/####/dxt_yx_sdk-journal
- /data/data/####/game.nes
- /data/data/####/keySP.xml
- /data/data/####/libjiagu.so
- /data/data/####/mobclick_agent_cached_com.androidemu.renxuewuyu5
- /data/data/####/mobclick_agent_online_setting_com.androidemu.re...yu.xml
- /data/data/####/ooa001.dex
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/webview.db
- /data/data/####/webview.db-journal
- /data/data/####/zwaikj.t
- /data/media/####/06872ECAF03786FD1CC8E32DDC4E9B6C
- /data/media/####/0BE137AAA8685C66C9B615DD761E1F1C46EB7152143875C1
- /data/media/####/0C030EC9B6366CBDA214D2F23879B0E0
- /data/media/####/1D284B2C4D0AF5A33442973D59B73BB4A214D2F23879B0E0
- /data/media/####/212A036E88473710ADDB01A3397F4610
- /data/media/####/24A932ECF3D6A467F38FB5DAD3664C2A
- /data/media/####/29E84A170BF7B34CEFA36621A4B7ED42
- /data/media/####/479E5F7C06DD240B33AB58F5BCA5C7BD6FB3D10D623802BC
- /data/media/####/4BF82F23511640253F6399E60DC01F7D
- /data/media/####/5BAB7EC50D23B8B24044528401FF915AEFA36621A4B7ED42
- /data/media/####/5BAB7EC50D23B8B2B92A35E2BEC621E48287EBC988E7D2...3875C1
- /data/media/####/5BDAD4DEA2768BDC4F64593F711C95A8EFA36621A4B7ED42
- /data/media/####/678B576151C066FA46EB7152143875C1
- /data/media/####/7C09D8CDB169EFE93CE00BAD67CC033AEFA36621A4B7ED42
- /data/media/####/7DE8698A58880656E5C86602D46151EEE4E8B9A6B567283B
- /data/media/####/94199100C68D4AE96FB3D10D623802BC
- /data/media/####/99E5975F7CC5BC24
- /data/media/####/C354828FBE8A46AAEFA36621A4B7ED42
- /data/media/####/D35E6E7FD65818AF4F1F0E2076FB12446FB3D10D623802BC
- /data/media/####/D35E6E7FD65818AF571AB50F75D512D956EBA1CA73824685
- /data/media/####/D851341ECC39FFA1D08481D1E8BA810AA214D2F23879B0E0
- /data/media/####/DB8D641CF6A8AA62
- /data/media/####/DD9180DB8C5EA7992E1B8CAA1A1F939A
- /data/media/####/E149D85CDD2C70712597A4AF9CD7675646EB7152143875C1
- /data/media/####/F82CB1AA417E8C6EB8EA45ECDF16EAAE
- /data/media/####/F82CB1AA417E8C6EE4E8B9A6B567283B
- /data/media/####/F9CC6A1BB773E0A2ADDB01A3397F4610
- /data/media/####/FE6D13C146B9AB79ADDB01A3397F4610
- /data/media/####/XH.txt
- /data/media/####/__pasys_remote_banner.jar
- /data/media/####/cbupslwfbbmqldftt.zip
- /data/media/####/flqdgdmmmtqeandzxd.zip
- /data/media/####/hxaqikcgkxoemoouibr.zip
- /data/media/####/ooa001.jar
- /data/media/####/oynayddcruumrykkx.zip
- /data/media/####/txdqnpblecnirhiawj.zip
- /data/media/####/ulgep
- /data/media/####/ulgep.zip
- /data/media/####/umgep
- /data/media/####/umgep.zip
- /data/media/####/uygep
- /data/media/####/uygep.zip
- /data/media/####/zwaikj
- <Package Folder>/zwaikj -p <Package> -r am start --user 0 -n <Package>/ytdu.tx.wsfmgu -a daemon -h http://127.0.0.1:7123/report/allData -i 2277
- <Package Folder>/zwaikj -p <Package> -r am start --user 0 -n <Package>/ytdu.tx.wsfmgu -a daemon -h http://127.0.0.1:7123/report/allData -i 2375
- <Package Folder>/zwaikj -p <Package> -r am start --user 0 -n <Package>/ytdu.tx.wsfmgu -a daemon -h http://127.0.0.1:7123/report/allData -i 2500
- chmod 777 <Package Folder>/zwaikj
- sh <Package Folder>/zwaikj -p <Package> -r am start --user 0 -n <Package>/ytdu.tx.wsfmgu -a daemon -h http://127.0.0.1:7123/report/allData -i 2277
- sh <Package Folder>/zwaikj -p <Package> -r am start --user 0 -n <Package>/ytdu.tx.wsfmgu -a daemon -h http://127.0.0.1:7123/report/allData -i 2375
- sh <Package Folder>/zwaikj -p <Package> -r am start --user 0 -n <Package>/ytdu.tx.wsfmgu -a daemon -h http://127.0.0.1:7123/report/allData -i 2500
- emu
- gnupng
- libjiagu
- zip
- DES
- RSA-ECB-PKCS1Padding
- DES
- DES-CBC-PKCS5Padding