Technical information
- Android.Backdoor.657.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) reso####.msg.xi####.net:80
- TCP(HTTP/1.1) pass####.da####.com:80
- TCP(TLS/1.0) regi####.xm####.xi####.com:443
- TCP(TLS/1.0) 1####.217.20.110:443
- TCP 47.74.1####.155:5222
- TCP 4####.62.94.2:5222
- pass####.da####.com
- regi####.xm####.xi####.com
- reso####.msg.xi####.net
- reso####.msg.xi####.net/gslb/?ver=####&type=####&connpt=####&uuid=####&l...
- pass####.da####.com/api/v1/tokens?dl_fingerprint=####
- /data/data/####/.jiagu.ls
- /data/data/####/DLTOKEN.xml
- /data/data/####/cn.jpush.preferences.v2.xml
- /data/data/####/com.ymall.presentshop;pushservice
- /data/data/####/libjiagu.so
- /data/data/####/local.db-journal
- /data/data/####/mipush.xml
- /data/data/####/mipush.xml.bak
- /data/data/####/mipush_account.xml
- /data/data/####/mipush_extra.xml
- /data/data/####/pref_registered_pkg_names.xml
- /data/data/####/usercachdata.xml
- jpush205
- libjiagu