Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) e####.ej####.net:80
- TCP(HTTP/1.1) ti####.c####.l####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) aexcep####.b####.qq.com:8012
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) m.ej####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) www.ej####.net:80
- TCP(HTTP/1.1) cn-hang####.oss####.aliyun####.com:80
- TCP(HTTP/1.1) www.ej####.net:8080
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) e####.ej####.net:8080
- TCP(TLS/1.0) res####.a####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP c####.g####.ig####.com:5226
- 7j####.c####.z0.####.com
- a####.u####.com
- aexcep####.b####.qq.com
- and####.b####.qq.com
- c####.g####.ig####.com
- c-h####.g####.com
- cn-hang####.oss####.aliyun####.com
- e####.ej####.net
- m.ej####.com
- pub-####.qin####.com
- res####.a####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- www.ej####.net
- cn-hang####.oss####.aliyun####.com/amap-api/comm/upload/CoordinateSoEnhe...
- e####.ej####.net:8080/upload/discountGoods/home_icon_03.png
- e####.ej####.net:8080/upload/machineImg/201612/min_14824053755086463.jpg
- e####.ej####.net:8080/upload/machineImg/201812/min_15447473854991697.jpg
- e####.ej####.net:8080/upload/machineImg/201812/min_15452770806721198.jpg
- e####.ej####.net:8080/upload/machineImg/201901/min_15474489926444670.jpg
- e####.ej####.net:8080/upload/machineImg/201902/min_15507346816393402.jpg
- t####.c####.q####.####.com/tdata_Rnl693
- t####.c####.q####.####.com/tdata_Soq141
- t####.c####.q####.####.com/tdata_fEV688
- t####.c####.q####.####.com/tdata_siA393
- ti####.c####.l####.####.com/config/hz-hzv3.conf
- ti####.c####.l####.####.com/tdata_EDT369
- www.ej####.net/upload/ads/15305987451224607.png
- www.ej####.net/upload/ads/15373491642934244.png
- www.ej####.net/upload/ads/15504896697978402.png
- www.ej####.net/upload/applicationForm/15103106003823154.jpg
- www.ej####.net/upload/applicationForm/15103114719091669.jpg
- www.ej####.net/upload/applicationForm/15103116525226924.png
- www.ej####.net/upload/discountGoods/201903/15520955001064263.jpg
- www.ej####.net/upload/holiday/images/bj3.png
- www.ej####.net:8080/upload/apk/android_owner_2.7.6.apk
- a####.u####.com/app_logs
- aexcep####.b####.qq.com:8012/rqd/async
- and####.b####.qq.com/rqd/async
- c-h####.g####.com/api.php?format=####&t=####
- e####.ej####.net/ads/listForPlay
- e####.ej####.net/clientMgr/checkVersion2
- e####.ej####.net/config/findAll
- e####.ej####.net/config/findValByKey
- e####.ej####.net/disGoods/findGoodsListLimit
- e####.ej####.net/lease/findByLimit
- e####.ej####.net/rental/findByLimit
- e####.ej####.net/repair2/countOrderNum
- e####.ej####.net/showModule/getShowList
- e####.ej####.net/transBriefing/list
- m.ej####.com/cms/cmsList.php
- sdk.o####.p####.####.com/api.php?format=####&t=####
- sdk.o####.p####.####.com/api.php?format=####&t=####&d=####&k=####
- /data/data/####/.imprint
- /data/data/####/023e77bd10ad9e0256fe12123c8d415e9d4fb34b99526f8....0.tmp
- /data/data/####/042d6da9010a56e6f82f6bc0bbdb6fb9187636153260f23....0.tmp
- /data/data/####/1d2b904cbeadfb72ed9546111a231c85.0
- /data/data/####/2a47fa1f97697621ce965226b2cc27d062729b8081deb1d....0.tmp
- /data/data/####/2ad5c12f78fa99ba3279d4da45c39ec319c909d75fd6a99....0.tmp
- /data/data/####/6870430652247.0
- /data/data/####/9be967cfc7b07c47d7a0bec2571907f3b28b5db87939228....0.tmp
- /data/data/####/MultiDex.lock
- /data/data/####/a8d02bf2be7626b7d84766146d7795ba34660db86eeadf2....0.tmp
- /data/data/####/acea4fafb66dc161fd3228f082dc4f39024f6a4b102b5c6....0.tmp
- /data/data/####/b1a8e51f9f2b
- /data/data/####/b1c4723917a68512b80688d39deb73a46cb4807b44bd339....0.tmp
- /data/data/####/be5155acb7589c24fa533efb8d483c340c97b81e0ec1886....0.tmp
- /data/data/####/bugly_db_legu-journal
- /data/data/####/c2a3b093b07bf050a7348ad3c580dbd555874fd17ba0e91....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/config.xml
- /data/data/####/d221834c6d1e34a1327626287c68f701ea5e1b14f8d9555....0.tmp
- /data/data/####/database.db
- /data/data/####/database.db-journal
- /data/data/####/eb34eefa7915d131c639e918edecf79307b6d6d7e357e7a....0.tmp
- /data/data/####/ef03759f59967041e731cf5dd1e862f156ac0e5c00c9651....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/fe554e6987119744973930fa17f37a355dec3cc2b347226....0.tmp
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/gkt-journal
- /data/data/####/gx_sp.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/journal.tmp
- /data/data/####/k.store
- /data/data/####/libjiagu-381137861.so
- /data/data/####/libnfix.so
- /data/data/####/libshella-2.9.0.2.so
- /data/data/####/libufix.so
- /data/data/####/libwgs2gcj.so
- /data/data/####/local_crash_lock
- /data/data/####/loctemp.so
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/mix.dex
- /data/data/####/multidex.version.xml
- /data/data/####/native_record_lock
- /data/data/####/pref.xml
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushk.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/security_info
- /data/data/####/tdata_Rnl693
- /data/data/####/tdata_Rnl693.jar
- /data/data/####/tdata_Soq141
- /data/data/####/tdata_Soq141.jar
- /data/data/####/tdata_fEV688
- /data/data/####/tdata_fEV688.jar
- /data/data/####/tdata_siA393
- /data/data/####/tdata_siA393.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/1553960773802.db
- /data/media/####/alsn20170807.db
- /data/media/####/alsn20170807.db-journal
- /data/media/####/app.db
- /data/media/####/com.business.eglobal.bin
- /data/media/####/com.business.eglobal.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/config.cache
- /data/media/####/eglobal.apk
- /data/media/####/gkt
- /data/media/####/gkt-journal
- /data/media/####/gktper
- /data/media/####/tdata_Rnl693
- /data/media/####/tdata_Soq141
- /data/media/####/tdata_fEV688
- /data/media/####/tdata_siA393
- /data/media/####/test.log
- /system/bin/sh -c getprop ro.aa.romver
- /system/bin/sh -c getprop ro.board.platform
- /system/bin/sh -c getprop ro.build.fingerprint
- /system/bin/sh -c getprop ro.build.nubia.rom.name
- /system/bin/sh -c getprop ro.build.rom.id
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
- /system/bin/sh -c getprop ro.build.version.emui
- /system/bin/sh -c getprop ro.build.version.opporom
- /system/bin/sh -c getprop ro.gn.gnromvernumber
- /system/bin/sh -c getprop ro.lenovo.series
- /system/bin/sh -c getprop ro.lewa.version
- /system/bin/sh -c getprop ro.meizu.product.model
- /system/bin/sh -c getprop ro.miui.ui.version.name
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
- /system/bin/sh -c type su
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.EglobalService 25013 300 0
- cat /sys/class/net/wlan0/address
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 700 <Package Folder>/tx_shell/libnfix.so
- chmod 700 <Package Folder>/tx_shell/libshella-2.9.0.2.so
- chmod 700 <Package Folder>/tx_shell/libufix.so
- getprop ro.aa.romver
- getprop ro.board.platform
- getprop ro.build.fingerprint
- getprop ro.build.nubia.rom.name
- getprop ro.build.rom.id
- getprop ro.build.tyd.kbstyle_version
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.gn.gnromvernumber
- getprop ro.lenovo.series
- getprop ro.lewa.version
- getprop ro.meizu.product.model
- getprop ro.miui.ui.version.name
- getprop ro.vivo.os.build.display.id
- getprop ro.yunos.version
- logcat -d -v threadtime
- mount
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.EglobalService 25013 300 0
- Bugly
- X86Bridge
- getuiext2
- libjiagu-381137861
- libnfix
- libshella-2.9.0.2
- libufix
- nfix
- ufix
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding