Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) app.b####.com:80
- TCP(HTTP/1.1) a####.b####.qq.com:8011
- TCP(HTTP/1.1) a####.b####.qq.com:8012
- TCP(HTTP/1.1) p3.q####.com:80
- TCP(HTTP/1.1) s.3####.cn:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) s####.s.360.cn:80
- TCP(HTTP/1.1) k####.b####.com:80
- TCP(HTTP/1.1) sdk.l####.360.cn:80
- TCP(HTTP/1.1) p.s.3####.cn:80
- TCP(HTTP/1.1) sh.wagbr####.aliyun####.com:80
- TCP(HTTP/1.1) s0.q####.com:80
- TCP(TLS/1.0) app.b####.com:443
- TCP(TLS/1.0) api.app.b####.com:443
- TCP(TLS/1.0) p1.ssl.q####.com:443
- TCP(TLS/1.0) res####.a####.com:443
- TCP(TLS/1.0) c####.b####.com:443
- TCP(TLS/1.0) 1####.217.168.206:443
- TCP(TLS/1.0) p0.ssl.cdn.####.com:443
- TCP(TLS/1.0) p1.ssl.cdn.####.com:443
- TCP sdk.o####.t####.####.com:5224
- a####.b####.qq.com
- aexcep####.b####.qq.com
- amap####.cn-hang####.oss####.####.com
- and####.b####.qq.com
- api.app.b####.com
- api.b####.com
- app.b####.com
- c####.b####.com
- k####.b####.com
- p.s.3####.cn
- p0.q####.com
- p0.ssl.cdn.####.com
- p1.ssl.cdn.####.com
- p1.ssl.q####.com
- p2.ssl.cdn.####.com
- p3.q####.com
- p3.ssl.cdn.####.com
- p4.ssl.cdn.####.com
- res####.a####.com
- s####.s.360.cn
- s.3####.cn
- s0.q####.com
- sdk.c####.ig####.com
- sdk.l####.360.cn
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- app.b####.com/btime_agreement.html?push_switch=####&browse_mode=####&sid...
- k####.b####.com/
- p3.q####.com/d/inn/82376e76/line.png
- p3.q####.com/d/inn/a558e65d/web-icon.png
- s####.s.360.cn/ak/a0a080f42e6f13b3a2df133f073095dd.html?m2=####
- s.3####.cn/w360/s.htm?p=####&u=####&id=####&guid=####&b=####&c=####&r=##...
- s0.q####.com/monitor/;monitor/0ddb3eeb.js
- sdk.l####.360.cn/codec?model=####&pid=####&mid=####&ver=####&bid=####&sd...
- sh.wagbr####.aliyun####.com/sdkcoor/android/x86/libJni_wgs2gcj.so
- a####.b####.qq.com:8011/rqd/async
- a####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- p.s.3####.cn/pstat/plog.php
- p.s.3####.cn/update/update.php?p=####
- /data/data/####/0802c12f57559ce13664549ed7693830743761cb060ce27....0.tmp
- /data/data/####/0b90c4fb4a400ed7931c2edc15b2eeef
- /data/data/####/0c3c620dd3a556f2c24baaf691fd335a
- /data/data/####/0deb4ac44cef2247a283d724d03c0279
- /data/data/####/0f1e354342b815ede502c6320913029f
- /data/data/####/11c00445e4111f7283e892fddce0fc71
- /data/data/####/19eca713221e03799ee0d3c16c61d55c
- /data/data/####/262952e553ec112c0636b358eb6cdc53
- /data/data/####/272268963a202b88c26cc03456bf28e8
- /data/data/####/2a30b1f46db0ac334bc9971e3258c9e4
- /data/data/####/2f3adcada95ea190b184e1322d7901652f68633ec624e25....0.tmp
- /data/data/####/30023e5efa6208c19a61fbd7b6cdc197
- /data/data/####/318dcbed3bdaed3223418dc5a265c6f81890cbf6b744f84....0.tmp
- /data/data/####/33ce8ff384cd62fd7c0849a776a32b897784022f4e31efa....0.tmp
- /data/data/####/343ec45bd37e767d2e5940251e680e49
- /data/data/####/354b1904c8ce6f30d4932d12712db81d
- /data/data/####/36b0d4278594462937538c44a564d465
- /data/data/####/36c2f9ff2542ea4fcd03744a377c25ca
- /data/data/####/377f997d1bda3dfe837e21743de0c77b
- /data/data/####/3d179d3c95b81ced03dac4b6b03ac25d
- /data/data/####/3d7c6eb10e6436605d33f714b7956adb
- /data/data/####/3f57f9dacdeed8a7c19678e9f77dd8d384a24696b3516bc....0.tmp
- /data/data/####/42f0b4d2a315869a08283112da7bc95b
- /data/data/####/437afb10bea2ff8c76475bde19763b34
- /data/data/####/442e4c5a485a544135511de78ee468b4
- /data/data/####/47fa492cb408d42565674fb815685fd0
- /data/data/####/49152817054716.0
- /data/data/####/4d8847041dc6451a7025e9f165c0f7e0
- /data/data/####/4e2c748c75fbf5a07be8876ea34f04cc
- /data/data/####/4e9a15deae9c53d79f56a51c322b67b1
- /data/data/####/5061b640e98acd81d9ede41495f2ea6d
- /data/data/####/54be2123ba2934482887dcaaa44247d1
- /data/data/####/54ef08b3d5f04464635821e7c6c8c841
- /data/data/####/560f71b0ed15ca641fb5dcdaa35f2b08
- /data/data/####/56827ed399d67d5e415c546abd6a50a1
- /data/data/####/5ddaddddb1253d7f996e768ca1afb717b897e5fdcf6a8b1....0.tmp
- /data/data/####/5ee0f9fb0e9bcf8e61955535d6cd756b
- /data/data/####/6076683caf7dfe7bf34970b4ce9bccde
- /data/data/####/6a715d260fbd60bbaf8f97c5118af3cb
- /data/data/####/6d97047fb63d6c584c8f83d22f5524db
- /data/data/####/704561335f3cc7a148db420806f3b4f3
- /data/data/####/744f7e1adedc3e4d5765dacf25368d18e767eccb7add623....0.tmp
- /data/data/####/7632c6a1b557a0fd14a63ab34f13adec1fb79337eb6a69b....0.tmp
- /data/data/####/7c3d570ce87bc053166b530c8c83ffde6ffb2772ea3fd0c....0.tmp
- /data/data/####/7e776e1defd228db103e087f0c8ba3cc
- /data/data/####/7e8bd49ab0399dbaf6c6f9f184e14073
- /data/data/####/80122225540982.0
- /data/data/####/82750ff9c1982379d1244a9207ae83b9
- /data/data/####/82b2c27192d44b2ef80bb19cc39be2d5
- /data/data/####/8643ff0903788f632113aec9a5ab575c
- /data/data/####/8a633abacab1abe15608a7410dae39a7
- /data/data/####/8a97b59eb16315bb4813cfa82604b34e541c8b4287bea8a....0.tmp
- /data/data/####/8a9e9f368479c1ae7ab51bdfa771030a
- /data/data/####/8b8604ae067ad70467319c1f94cb712c
- /data/data/####/8d2d234b5badd3e3bafacb6d152622df
- /data/data/####/8fc34061d43c1185fcc8aedc507c59a8
- /data/data/####/9057101ee1dd49319f9071e702ea9d14a472978657a1235....0.tmp
- /data/data/####/947eaead4521ef630f2a3d6546ad1216
- /data/data/####/958ac7e1ec0d4a76bf8bbf0298850b4b
- /data/data/####/99c32c245dae2cbe6776a2a286c6277b
- /data/data/####/99d461c2424276e97465034f7079e37d866b6f738c79cb3....0.tmp
- /data/data/####/9e2e7ddf9e89becaa391af3941e27b6b
- /data/data/####/9f343282b86a01ef62b057322bbbb057
- /data/data/####/9fe3a0c259b26c72009cdae896e36d5d
- /data/data/####/ApplicationCache.db-journal
- /data/data/####/QH_DeviceSDK.xml
- /data/data/####/QH_SDK_M2.xml
- /data/data/####/QH_SDK_UserDataa0a080f42e6f13b3a2df133f073095dd.xml
- /data/data/####/QH_SDK_sessionIDa0a080f42e6f13b3a2df133f073095dd.xml
- /data/data/####/RefactorNewsItemDbModel.realm
- /data/data/####/RefactorNewsItemDbModel.realm.lock
- /data/data/####/WalletPlugin.apk
- /data/data/####/Y29tLmJ0aW1lLmJqdGltZQ==.tick.lock
- /data/data/####/a0132abf1e1786382078818338e1b58e
- /data/data/####/a17a8d032d01478cac301ed3e49420ea
- /data/data/####/a1a6c43e26154098f23166e21267d8782049249acd96e3d....0.tmp
- /data/data/####/a241809a46c174636890a21765e4a428
- /data/data/####/a4de35c8d504b969c7ccf5eb6ece516e
- /data/data/####/access_control.control.mx
- /data/data/####/access_control.write.mx
- /data/data/####/acecd825eb8c8a5a064b3a1e2ffaa197
- /data/data/####/b02faec081df6e9b4c9f2f75f80efd8b
- /data/data/####/b29845e5a73b495f93608c313ab77f18
- /data/data/####/b84ffd9dab9add37cb3825aee595236b
- /data/data/####/ba2b16d7881a044c45666e5416b89051
- /data/data/####/bbef981f137add0884b808fe5a28f13a
- /data/data/####/bfb7a96d7e1b7aa3c496981c23bc1609
- /data/data/####/btime_multi_theme.xml
- /data/data/####/btime_netmode_debug.xml
- /data/data/####/bugly_db_legu-journal
- /data/data/####/c82d07b690745f096b536d3effbba712297019a51a23128....0.tmp
- /data/data/####/c8b44f1d7d3391b6934cdba2adfcd352
- /data/data/####/c94fe1d685140f689bd0e8a51c6e6cda
- /data/data/####/ca3d089b275f7a88982f7fb6f28cbfc8
- /data/data/####/d3119cf1cab109518a924f96d04f1a09
- /data/data/####/d41bbaeaffdeb80d292a8d5fd07008b5
- /data/data/####/d5fe5e97f81ebc0555d5d878402f4f94
- /data/data/####/dafile.db
- /data/data/####/dafile.db-journal
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/dbaa58d2161269acc5f73f45abd657f12e93495f74e5bca....0.tmp
- /data/data/####/dbcb61f8540476d58a113be9de22d39e5f48d41f56d3379....0.tmp
- /data/data/####/dcdc26959dbe64b65ca42b6687d5d990
- /data/data/####/dfa018f2477991a821bc2154672ecc97
- /data/data/####/e16a767a7655683c3059737f8a3133ab
- /data/data/####/e45195d496bd5ac5aa5f4bc1ed66158f
- /data/data/####/e707535c1ce67cc92a278cb7d52873ed
- /data/data/####/e9711bb57813d91670960514300adb62
- /data/data/####/e9ed22601bc3ae62326ccc598dbf80a1
- /data/data/####/ed66c0b880b085631a7c0606afb0b9ad
- /data/data/####/ed905f538f3c30754bbdb13dc2922af9
- /data/data/####/f091583fb0c5a0dad678b2aaf929dbdd
- /data/data/####/f2b33cdcf9f68ba1a583267d691543f5
- /data/data/####/fd79f0edddf0dda7f01651aa353ceb43
- /data/data/####/fe2ef01cebcf6ae13f2843e4d4b95ce1
- /data/data/####/getui_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.9.0.2.so
- /data/data/####/libufix.so
- /data/data/####/local_crash_lock
- /data/data/####/loctemp.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/mix.dex
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/tray.db-journal
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.deviceId
- /data/media/####/.iddata
- /data/media/####/Y29tLmJ0aW1lLmJqdGltZQ==
- /data/media/####/Y29tLmJ0aW1lLmJqdGltZQ== (deleted)
- /data/media/####/a0a080f42e6f13b3a2df133f073095dd
- /data/media/####/alsn.db
- /data/media/####/alsn.db-journal
- /data/media/####/applog.txt
- /data/media/####/com.btime.bjtime.bin
- /data/media/####/data.lock
- /data/media/####/logs.txt
- /data/media/####/report.lock
- /data/media/####/xpR
- /data/media/####/xpR (deleted)
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.0.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- Bugly
- getuiext2
- libnfix
- libshella-2.9.0.2
- libufix
- nfix
- openh264
- publisher
- realm-jni
- transcore
- ufix
- viewer
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- desede-ECB-PKCS5Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding