Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) q####.c####.l####.####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) app.tianx####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) cdn-sdk####.g####.com.####.com:80
- TCP(HTTP/1.1) loc.map.b####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(TLS/1.0) et2-na6####.wagbr####.ali####.####.com:443
- TCP sdk.o####.t####.####.com:5224
- TCP cm-1####.ig####.com:5226
- a####.u####.com
- app.tianx####.com
- c-h####.g####.com
- cdn-sdk####.g####.com
- cm-1####.ig####.com
- loc.map.b####.com
- log.u####.com
- s####.u####.com
- sdk-ope####.g####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- app.tianx####.com/files/background/20190307/128be252cddd469db187a520bcdb...
- app.tianx####.com/files/crop/20161107/1752b9be41d641af8b25d99884a9e0ad.png
- app.tianx####.com/files/crop/20161107/7cbab4cac8314ca1adfaaee90e554859.png
- app.tianx####.com/files/crop/20161107/d05fb264835d478fb99173282feb5dd0.png
- app.tianx####.com/files/news/20190128/0fb57a0d19244fd49e2dc206419e83fd.png
- app.tianx####.com/files/news/20190927/b9dcb8f0b49d4d4a8183430ae2b92789.png
- app.tianx####.com/files/news/20191209/763a2117cb3b4875b36bfdeb3765a809.png
- app.tianx####.com/files/news/20200114/4dd51d9129694749ac56fd47eecea2cf.png
- app.tianx####.com/files/news/20200114/788f1612a40b498ab81018fc59e096fa.png
- app.tianx####.com/files/news/20200211/32aae0a9b7ba41f290b16d6e39eec846.png
- app.tianx####.com/files/news/20200211/579b56e558f44afeb32a99836a857276.jpg
- app.tianx####.com/files/news/20200406/27f3d7f4b50746cf95fb93f8aee696ab.png
- app.tianx####.com/files/news/20200406/fbf40fe25fea46c59b8563d741ae15a9-t...
- cdn-sdk####.g####.com.####.com/tdata_CoH340
- cdn-sdk####.g####.com.####.com/tdata_ViN250
- cdn-sdk####.g####.com.####.com/tdata_pKX830
- q####.c####.l####.####.com/config/hz-hzv6.conf
- sdk.o####.p####.####.com/api/addr.htm
- a####.u####.com/app_logs
- app.tianx####.com/app/v3/agri/keyword
- app.tianx####.com/app/v3/background
- app.tianx####.com/app/v3/cityweather
- app.tianx####.com/app/v3/distance
- app.tianx####.com/app/v3/download/latest
- app.tianx####.com/app/v3/news
- app.tianx####.com/app/v3/news/homepage
- app.tianx####.com/app/v3/region
- app.tianx####.com/app/v3/usercrop
- c-h####.g####.com/api.php?format=####&t=####
- loc.map.b####.com/offline_loc
- loc.map.b####.com/sdk.php
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/1587295874141.log
- /data/data/####/204864728400.569
- /data/data/####/204864728400.569 (deleted)
- /data/data/####/204864728649.068
- /data/data/####/204864728649.068 (deleted)
- /data/data/####/204864728941.762
- /data/data/####/204864728941.762 (deleted)
- /data/data/####/204864729017.48
- /data/data/####/204864729017.48 (deleted)
- /data/data/####/204864729041.226
- /data/data/####/204864729041.226 (deleted)
- /data/data/####/204864729279.889
- /data/data/####/204864729279.889 (deleted)
- /data/data/####/204864729596.701
- /data/data/####/204864729596.701 (deleted)
- /data/data/####/204864729709.422
- /data/data/####/204864729709.422 (deleted)
- /data/data/####/204864729961.669
- /data/data/####/204864729961.669 (deleted)
- /data/data/####/204864730279.399
- /data/data/####/204864730279.399 (deleted)
- /data/data/####/204864730688.028
- /data/data/####/204864730688.028 (deleted)
- /data/data/####/204864730958.329
- /data/data/####/204864730958.329 (deleted)
- /data/data/####/333033233185.88
- /data/data/####/333033233185.88 (deleted)
- /data/data/####/333033233286.278
- /data/data/####/333033233286.278 (deleted)
- /data/data/####/333033233435.929
- /data/data/####/333033233435.929 (deleted)
- /data/data/####/333033233647.591
- /data/data/####/333033233647.591 (deleted)
- /data/data/####/333033233728.68
- /data/data/####/333033233728.68 (deleted)
- /data/data/####/333033233730.066
- /data/data/####/333033233730.066 (deleted)
- /data/data/####/333033233980.25
- /data/data/####/333033233980.25 (deleted)
- /data/data/####/333033233982.026
- /data/data/####/333033233982.026 (deleted)
- /data/data/####/333033234067.452
- /data/data/####/333033234067.452 (deleted)
- /data/data/####/333033234098.007
- /data/data/####/333033234098.007 (deleted)
- /data/data/####/333033234125.333
- /data/data/####/333033234125.333 (deleted)
- /data/data/####/333033234214.34
- /data/data/####/333033234214.34 (deleted)
- /data/data/####/333033234343.4
- /data/data/####/333033234343.4 (deleted)
- /data/data/####/333033234348.313
- /data/data/####/333033234348.313 (deleted)
- /data/data/####/333033234686.909
- /data/data/####/333033234686.909 (deleted)
- /data/data/####/53012283.1680572
- /data/data/####/53012283.1680572 (deleted)
- /data/data/####/690268597049.884
- /data/data/####/690268597049.884 (deleted)
- /data/data/####/690268597887.174
- /data/data/####/690268597887.174 (deleted)
- /data/data/####/690268598873.371
- /data/data/####/690268598873.371 (deleted)
- /data/data/####/690268599128.497
- /data/data/####/690268599128.497 (deleted)
- /data/data/####/690268599208.505
- /data/data/####/690268599208.505 (deleted)
- /data/data/####/690268600012.652
- /data/data/####/690268600012.652 (deleted)
- /data/data/####/690268601080.116
- /data/data/####/690268601080.116 (deleted)
- /data/data/####/690268601459.915
- /data/data/####/690268601459.915 (deleted)
- /data/data/####/690268602309.834
- /data/data/####/690268602309.834 (deleted)
- /data/data/####/690268603380.389
- /data/data/####/690268603380.389 (deleted)
- /data/data/####/690268604757.22
- /data/data/####/690268604757.22 (deleted)
- /data/data/####/690268605667.966
- /data/data/####/690268605667.966 (deleted)
- /data/data/####/77522264999.7554
- /data/data/####/77522264999.7554 (deleted)
- /data/data/####/77522265093.7893
- /data/data/####/77522265093.7893 (deleted)
- /data/data/####/77522265204.5465
- /data/data/####/77522265204.5465 (deleted)
- /data/data/####/77522265233.199
- /data/data/####/77522265233.199 (deleted)
- /data/data/####/77522265242.1845
- /data/data/####/77522265242.1845 (deleted)
- /data/data/####/77522265332.4962
- /data/data/####/77522265332.4962 (deleted)
- /data/data/####/77522265452.3802
- /data/data/####/77522265452.3802 (deleted)
- /data/data/####/77522265495.0345
- /data/data/####/77522265495.0345 (deleted)
- /data/data/####/77522265590.4866
- /data/data/####/77522265590.4866 (deleted)
- /data/data/####/77522265710.7179
- /data/data/####/77522265710.7179 (deleted)
- /data/data/####/77522265865.3462
- /data/data/####/77522265865.3462 (deleted)
- /data/data/####/77522265967.6297
- /data/data/####/77522265967.6297 (deleted)
- /data/data/####/880092485230.154
- /data/data/####/880092485230.154 (deleted)
- /data/data/####/880092485495.473
- /data/data/####/880092485495.473 (deleted)
- /data/data/####/880092485890.947
- /data/data/####/880092485890.947 (deleted)
- /data/data/####/880092486450.297
- /data/data/####/880092486450.297 (deleted)
- /data/data/####/880092486664.589
- /data/data/####/880092486664.589 (deleted)
- /data/data/####/880092486668.25
- /data/data/####/880092486668.25 (deleted)
- /data/data/####/880092487329.403
- /data/data/####/880092487329.403 (deleted)
- /data/data/####/880092487334.095
- /data/data/####/880092487334.095 (deleted)
- /data/data/####/880092487559.848
- /data/data/####/880092487559.848 (deleted)
- /data/data/####/880092487640.593
- /data/data/####/880092487640.593 (deleted)
- /data/data/####/880092487712.807
- /data/data/####/880092487712.807 (deleted)
- /data/data/####/880092487948.02
- /data/data/####/880092487948.02 (deleted)
- /data/data/####/880092488289.082
- /data/data/####/880092488289.082 (deleted)
- /data/data/####/880092488302.067
- /data/data/####/880092488302.067 (deleted)
- /data/data/####/880092489196.859
- /data/data/####/880092489196.859 (deleted)
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/config.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/firll.dat
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/libcuid.so
- /data/data/####/libjiagu.so
- /data/data/####/ofl.config
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushk.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/tdata_CoH340
- /data/data/####/tdata_CoH340.jar
- /data/data/####/tdata_ViN250
- /data/data/####/tdata_ViN250.jar
- /data/data/####/tdata_pKX830
- /data/data/####/tdata_pKX830.jar
- /data/data/####/tianxiaoer-journal
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_socialize.xml
- /data/data/####/xUtils_http_cache.db
- /data/data/####/xUtils_http_cache.db-journal
- /data/data/####/xUtils_http_cookie.db
- /data/data/####/xUtils_http_cookie.db-journal
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/0a244bbd54b5a4b12abca98dd5786719
- /data/media/####/0a244bbd54b5a4b12abca98dd5786719.tmp
- /data/media/####/0c53a3d9129f562cb9fc4e651d5deafa
- /data/media/####/128be252cddd469db187a520bcdb8372.png.tmp
- /data/media/####/1295c19bcdd712ee0cd3aeebfc073800
- /data/media/####/2962b9c97352282b54d15328eba729e0
- /data/media/####/29b487c5f6e3c69b3b627d7abbc4765e
- /data/media/####/2f522fba4df9cfb9ed44a6322e67804f
- /data/media/####/3723692e61eb0d9893d1bd79c1b71ec3
- /data/media/####/440160a2935f9317345975aa80b28fef
- /data/media/####/45853ed2e3bcab5e15d1efbc214a4e42
- /data/media/####/48032a10e178b3fb1e35b14e0c067a93
- /data/media/####/4b5088c498fe97497fd12fca49ecf5c5
- /data/media/####/4ca61d5a3d14745dffb93955d0134727
- /data/media/####/4cc85baa7892aa26f0d5d0dccf16684c
- /data/media/####/69cee8cf79ac3b7d5b26cee24b963002
- /data/media/####/73311badaa97dae4460e1fd910f64785
- /data/media/####/773f22235c5747bb7bab8576f0b1858d
- /data/media/####/85cea6bd8a745fa5673ade0707747a3c
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/a07669ac6f0c0b5e34297ce560949377
- /data/media/####/a3e54febe208d616a99f88f7cc275ca7
- /data/media/####/app.db
- /data/media/####/b0f3fc9c1a10eafe48ed35da094f8f6a
- /data/media/####/b3cc27cadc91a19cfc49ae6a264130d1
- /data/media/####/b75307844bcbfcd64d456e35d73b104c
- /data/media/####/cc231669d7e1bf87e3d24ab3ef00f954
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.heda.tianxiao2.bin
- /data/media/####/com.heda.tianxiao2.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/conlts.dat
- /data/media/####/d071bb4dc7322ca5197886b9c123f4c3
- /data/media/####/dba5370237b260102fceec5d91b47225
- /data/media/####/ddae4b2b5ab97d641889bac93cae789e
- /data/media/####/f6ee9c88e5b5102729f3a3ea24c8e8bc
- /data/media/####/ller.dat
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/media/####/tdata_CoH340
- /data/media/####/tdata_ViN250
- /data/media/####/tdata_pKX830
- /data/media/####/test.0 (deleted)
- /data/media/####/test.log
- /data/media/####/yoh.dat
- /data/media/####/yol.dat
- /data/media/####/yom.dat
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.receiver.DemoPushService 24724 300 0
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.receiver.DemoPushService 24724 300 0
- getuiext2
- libjiagu
- locSDK6a
- webpbackport
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-NoPadding
- AES-CBC-PKCS5Padding