Technical information
- Adware.Gexin.2.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) versi####.api.h####.cn:80
- TCP(HTTP/1.1) d####.c####.l####.####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) soc.c####.hoge####.com:9504
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(HTTP/1.1) m####.henan####.com:80
- TCP(TLS/1.0) 1####.177.14.138:443
- TCP(TLS/1.0) 041791b####.bug####.cn:443
- TCP(TLS/1.0) al####.u####.com:443
- TCP(TLS/1.0) 1####.217.17.138:443
- TCP(TLS/1.0) init####.c####.h####.cn:443
- TCP(TLS/1.0) api.w####.com:443
- TCP(TLS/1.0) l####.c####.h####.cn:443
- TCP(TLS/1.0) safebro####.google####.com:443
- TCP(TLS/1.0) dualsta####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) 1####.217.20.74:443
- TCP(TLS/1.2) 64.2####.162.94:443
- TCP sdk.o####.t####.####.com:5224
- 041791b####.bug####.cn
- api.w####.com
- cm-1####.g####.com
- cm-1####.g####.com
- i####.henan####.com
- init####.c####.h####.cn
- l####.c####.h####.cn
- l####.tbs.qq.com
- m####.henan####.com
- mm.u.h####.cn
- o####.map.b####.com
- plb####.u####.com
- safebro####.google####.com
- sdk.c####.g####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- soc.c####.hoge####.com
- u####.u####.com
- versi####.api.h####.cn
- d####.c####.l####.####.com/config/hzv9.conf
- m####.henan####.com/2018110714b9f126d47e3db3a50a271c163bc873_origin.png
- m####.henan####.com/201811072d3715ef8570c0647d95724bb39df766_origin.png
- m####.henan####.com/201812128199bbec6f8e017197b8a86544501fd7_origin.png
- m####.henan####.com/201901221acf05dadf361ab2e4bbc8427bd3c833_origin.png
- m####.henan####.com/2019012245e4139e873d2e692659d6c65aef9fea_origin.png
- m####.henan####.com/201901224d8c42a38fe43965d64a67f1d7d55cae_origin.png
- m####.henan####.com/20190122ca068a37cacdd80a4c4390a174c92754_origin.png
- m####.henan####.com/20190122d101d9177f64622cdcf6d962cfa27235_origin.png
- m####.henan####.com/20190316c1cc92d099fa4213c2ed6befbfa077aa_origin.jpg?...
- m####.henan####.com/202007282610007dc58a03cc269cf16421554885.jpg?imageVi...
- m####.henan####.com/202007285ebec18422f1392f621e645d1360e1e5.jpg?imageVi...
- m####.henan####.com/202007289ee4b49dd5b93efbab3efe8aa9d3a56c.jpg?imageVi...
- m####.henan####.com/api/open/wxly/get_app_startup_ad?system_version=####...
- m####.henan####.com/api/open/wxly/sy_news?site_id=####&is_need_module=##...
- m####.henan####.com/api/v1/ad_news.php?system_version=####&app_version=#...
- m####.henan####.com/api/v1/news.php?system_version=####&app_version=####...
- soc.c####.hoge####.com:9504/
- t####.c####.q####.####.com/mxu/2018/1107/25/25138abf6a3770365635e0905c39...
- t####.c####.q####.####.com/mxu/2018/1107/27/279cb08a098aa049d34f1740e5ec...
- t####.c####.q####.####.com/mxu/2018/1107/81/817ea4ef760bd6f3371950318d09...
- t####.c####.q####.####.com/mxu/2018/1107/93/935629d2ba7a0e72ec36abd79e15...
- t####.c####.q####.####.com/mxu/2018/1107/94/9465bf291916becdc10171dd845f...
- t####.c####.q####.####.com/mxu/2018/1107/9d/9d400ae289d4bd952c7bea6c9acd...
- t####.c####.q####.####.com/mxu/2018/1107/b1/b19e17d5a82eb4f4cdc5b8d0233a...
- t####.c####.q####.####.com/mxu/2018/1107/e4/e438e7313894124c151b55556f2c...
- t####.c####.q####.####.com/mxu/2018/1212/1c/1c8707b46931c0caa33cf2712810...
- t####.c####.q####.####.com/mxu/2018/1212/43/43cb6b8e586ddaba2d9711525c21...
- versi####.api.h####.cn/?m=####&c=####&bundle_id=####&client_type=####&sy...
- l####.tbs.qq.com/ajax?c=####&k=####
- m####.henan####.com/api/v1/mobile_client.php?system_version=####&app_ver...
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.jgck
- /data/data/####/22937aa4afcdad818867db7bd1aa501b.0
- /data/data/####/22937aa4afcdad818867db7bd1aa501b.1
- /data/data/####/Alvin2.xml
- /data/data/####/ContextData.xml
- /data/data/####/CookiePersistence.xml
- /data/data/####/audio.xml
- /data/data/####/classes.dex
- /data/data/####/classes.dex;classes10.dex
- /data/data/####/classes.dex;classes11.dex
- /data/data/####/classes.dex;classes12.dex
- /data/data/####/classes.dex;classes13.dex
- /data/data/####/classes.dex;classes2.dex
- /data/data/####/classes.dex;classes3.dex
- /data/data/####/classes.dex;classes4.dex
- /data/data/####/classes.dex;classes5.dex
- /data/data/####/classes.dex;classes6.dex
- /data/data/####/classes.dex;classes7.dex
- /data/data/####/classes.dex;classes8.dex
- /data/data/####/classes.dex;classes9.dex
- /data/data/####/core_info
- /data/data/####/dW1weF9pbnRlcm5hbF8xNjIxNjEyNDk4MTI0;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNjIxNjEyNTA3NTUy;
- /data/data/####/dms_sp.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/gal.db
- /data/data/####/gal.db-journal
- /data/data/####/getui_sp.xml
- /data/data/####/hst.db
- /data/data/####/hst.db-journal
- /data/data/####/i==1.2.0&&2.0.0_1621612498073_envelope.log
- /data/data/####/info.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/libcuid.so
- /data/data/####/libjiagu.so
- /data/data/####/lock_dm
- /data/data/####/lock_gt
- /data/data/####/movie.binary
- /data/data/####/movie.spec
- /data/data/####/mxu.db-journal
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/proc_auxv
- /data/data/####/psd_17.png
- /data/data/####/psd_21.png
- /data/data/####/psd_23.png
- /data/data/####/psd_25.png
- /data/data/####/psd_27.png
- /data/data/####/psd_29.png
- /data/data/####/psd_31.png
- /data/data/####/psd_33.png
- /data/data/####/psd_35.png
- /data/data/####/push.pid
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/setting.xml
- /data/data/####/setting.xml.bak
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_config.xml.bak
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/umdat.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_common_config.xml.bak
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/weibo_sdk_aid1
- /data/media/####/.a.dat
- /data/media/####/.adfwe.dat
- /data/media/####/.cca.dat
- /data/media/####/.cuid2
- /data/media/####/.umm.dat
- /data/media/####/017bbacd1b55fdb3d77403f22de285ac985a099c6e927c....0.tmp
- /data/media/####/03895769bedb94094792dcf7568131bb33001de65e4653....0.tmp
- /data/media/####/08b8ca3f2a9da55730482e0ea3916f78e8da4df07dd2f1....0.tmp
- /data/media/####/0e6e3e9ba21f59549b7bfc22346ffa8546268f39519f92....0.tmp
- /data/media/####/1253d8f1e06a597db5ee062f97a7dcd4ccfa2c79261ec3....0.tmp
- /data/media/####/13ce0554bdf4293f1c7f0550fe2b3892fc0759e32af8bc...d5eb.0
- /data/media/####/1947673b974df5901c1ff384a655cfad4db66eada5ce9f....0.tmp
- /data/media/####/200e67a30870cbf5a56f17cb697e9e60cad8cf12631352....0.tmp
- /data/media/####/239f7bbcfa531950befb643930a1c73fd1e32554c438d8....0.tmp
- /data/media/####/2b43b636f9082d5f4aeaa72d52c9e0a3c52aec9983e2b0....0.tmp
- /data/media/####/2cd3c6499943979860727897f9b48bf890f01c3b058d05....0.tmp
- /data/media/####/361d09d9c6e2dba59001133e41d71ee90bec4ef8fa54b4....0.tmp
- /data/media/####/3de97249e0c52428b7a0ab104d2e18ffdf56268a2da800....0.tmp
- /data/media/####/464f3613bb8d6b75dce5ffe08deab3eec590f9e9667452....0.tmp
- /data/media/####/4ad8131304291d07f6d08915e4d37a6cdda0a266989641....0.tmp
- /data/media/####/56732ed0ea8e07d92a033e8ef145f4532fb87db8fd7e96....0.tmp
- /data/media/####/5f49dfd9ca281f35690f915cf9dc565143485e78d09bfb....0.tmp
- /data/media/####/654cb383b9ee05e42bb699d8dbc8698c1967dad9628ba6....0.tmp
- /data/media/####/666b7e34018ba9d642647f2078e25a51182de238a843eb....0.tmp
- /data/media/####/697c6f6db65cd5326a85f4213967024a3fd99b41e7b361....0.tmp
- /data/media/####/83f37d12be93e852034b96ff3cb79634cae27914992009....0.tmp
- /data/media/####/98b3d027a5fc39edebed12ea282c3f59b714478f85ee13....0.tmp
- /data/media/####/9d5247ac31181ac6b2d20ecc9ff060c8645d0cc9abb81d....0.tmp
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/a04bce13cfa179eb631950399abe0b363ba51dd464299c....0.tmp
- /data/media/####/a79f843fdda21e091053f75e63591eba75804dab39b26f....0.tmp
- /data/media/####/aad31a32d42255c5f92ad992af28f3533df899a32a8a77....0.tmp
- /data/media/####/b09594d5f2ef5a425a9af776ff57188106bb26360a1b76....0.tmp
- /data/media/####/b7a9a64d612ada5eb5d49b40e1ac418beeef8706a48798....0.tmp
- /data/media/####/b980c4f8cf101af9848d5d37444c789f7d4306137cce12....0.tmp
- /data/media/####/bb6c8b2d51b70dbffaf26ae07858c15a67b7985b857423....0.tmp
- /data/media/####/c06c33f73439e24659173a2618e35e076c297705b34219....0.tmp
- /data/media/####/c0937e1859c538475e0d999c9f96fe050a3f8d7347e600....0.tmp
- /data/media/####/c13991cf585f65dc1bcce5227fa599a04b7df8aace9326....0.tmp
- /data/media/####/c40c1a79e14bb9ae5fc540f998640d0504323841b23a54....0.tmp
- /data/media/####/cdc285149c605a71463cff9dd7397a397402c71ad7680d....0.tmp
- /data/media/####/com.akfh.wxly.bin
- /data/media/####/d0a673e86465eec2a793086f983af549f07b8e1f791918....0.tmp
- /data/media/####/dbedfd648de981252898020c114dcaeaaa469fc0cc2672....0.tmp
- /data/media/####/dfe18a7cb1d945f66e3487eb60dd8adb50ccfa0275f988....0.tmp
- /data/media/####/journal.tmp
- /data/media/####/log-05-21-18-54-57.log
- /data/media/####/log-05-21-18-55-07.log
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/media/####/tbslog.txt
- /data/media/####/yoh.dat
- /data/media/####/yol.dat
- /data/media/####/yom.dat
- /data/misc/####/primary.prof
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- /system/bin/dex2oat --instruction-set=x86 --dex-file=<Package Folder>/.jiagu/classes.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes2.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes3.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes4.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes5.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes6.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes7.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes8.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes9.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes10.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes11.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes12.dex --dex-file=<Package Folder>/.jiagu/classes.dex:classes13.dex --oat-file=<Package Folder>/.jiagu/classes.oat --inline-depth-limit=0 --compiler-filter=speed
- getprop ro.product.cpu.abi
- logcat -v time -t 500 3134
- ls /
- ls /data/anr/
- ls /sys/class/thermal
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- RSA-ECB-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- desede-CBC-PKCS5Padding