Technical information
- Adware.Gexin.2.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) ccs.mojic####.com:80
- TCP(HTTP/1.1) regi####.moj####.com:80
- TCP(HTTP/1.1) api.shu####.cn:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) amap####.cn-hang####.oss####.####.com:80
- TCP(HTTP/1.1) ugc.moj####.com:80
- UDP(NTP) 1.cn.p####.####.org:123
- TCP(TLS/1.0) 74.1####.205.95:443
- TCP(TLS/1.0) and####.a####.go####.com:443
- TCP(TLS/1.0) dcc.shu####.cn:443
- TCP(TLS/1.0) daa.shu####.cn:443
- TCP(TLS/1.0) md####.google####.com:443
- TCP(TLS/1.0) 64.2####.161.95:443
- TCP(TLS/1.0) api.shu####.cn:443
- TCP(TLS/1.0) res####.a####.com:443
- TCP(TLS/1.0) 1####.194.221.95:443
- TCP(TLS/1.0) dai.shu####.cn:443
- TCP(TLS/1.0) app.x####.com:443
- TCP(TLS/1.2) 64.2####.161.95:443
- TCP(TLS/1.2) 74.1####.131.94:443
- TCP(TLS/1.2) 1####.251.1.113:443
- UDP 64.2####.161.95:443
- UDP 74.1####.131.95:443
- TCP adla####.m####.com:8080
- 1.cn.p####.####.org
- adla####.m####.com
- amap####.cn-hang####.oss####.####.com
- and####.a####.go####.com
- and####.b####.qq.com
- api.shu####.cn
- app.x####.com
- crystal####.opt####.cn
- crystal####.opt####.cn.####.8
- cs.api.m####.com
- daa.shu####.cn
- dai.shu####.cn
- dcc.shu####.cn
- i####.cn
- id1.cn.8.####.8
- m####.go####.com
- md####.google####.com
- regi####.moj####.com
- res####.a####.com
- ugc.moj####.com
- amap####.cn-hang####.oss####.####.com/sdkcoor/android/armeabi/libJni_wgs...
- regi####.moj####.com/weather/RegisterAndroidUser?UserID=####&Platform=##...
- and####.b####.qq.com/rqd/async?aid=####
- api.shu####.cn/report?v=####&c=####&e=####
- api.shu####.cn:443/report?v=####&c=####&e=####
- app.x####.com:443/g/d?crc=####
- ccs.mojic####.com/point/json/get_task_list
- daa.shu####.cn:443/report?v=####&c=####&e=####
- dai.shu####.cn:443/report?v=####&c=####&e=####
- dcc.shu####.cn:443/request?v=####
- res####.a####.com:443/v3/iasdkauth?key=####&ts=####&scode=####
- ugc.moj####.com/sns/json/profile/get_unread
- /data/data/####/.dex2oatlock
- /data/data/####/.updateIV.dat
- /data/data/####/0000000lllll_0.dex
- /data/data/####/0000000lllll_1.dex
- /data/data/####/000O00ll111l_0.dex
- /data/data/####/000O00ll111l_1.dex
- /data/data/####/00O000ll111l_0.dex
- /data/data/####/00O000ll111l_0.dex (deleted)
- /data/data/####/00O000ll111l_0.dex.flock
- /data/data/####/00O000ll111l_0.dex.flock (deleted)
- /data/data/####/00O000ll111l_1.dex
- /data/data/####/00O000ll111l_1.dex (deleted)
- /data/data/####/00O000ll111l_1.dex.flock
- /data/data/####/00O000ll111l_1.dex.flock (deleted)
- /data/data/####/0OO00l111l1l
- /data/data/####/0OO00l111l1l.lock
- /data/data/####/1004
- /data/data/####/1d2b904cbeadfb72ed9546111a231c85.0
- /data/data/####/2794794944176.0
- /data/data/####/3326372560.apk
- /data/data/####/44151931373504.0
- /data/data/####/44159073052622.0
- /data/data/####/47153181807187.0
- /data/data/####/57162934411099.0
- /data/data/####/6896173107593.0
- /data/data/####/7998484549037.0
- /data/data/####/TD_app_pefercen_profile.xml
- /data/data/####/TD_app_pefercen_profile.xml.bak
- /data/data/####/TDpref_longtime.xml
- /data/data/####/TDtcagent.db
- /data/data/####/TDtcagent.db-journal
- /data/data/####/WEATHER_BG_PREFER.xml
- /data/data/####/alarms.db
- /data/data/####/alarms.db-journal
- /data/data/####/appwidget_prefer.xml
- /data/data/####/badge_info.xml
- /data/data/####/badge_info.xml.bak
- /data/data/####/bugly_db_
- /data/data/####/bugly_db_-journal
- /data/data/####/bugly_db_yaq-journal
- /data/data/####/buglylog_com.moji.zteweather;mjskin_.txt
- /data/data/####/buglylog_com.moji.zteweather_.txt
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/classes.dex
- /data/data/####/classes.dex.flock (deleted)
- /data/data/####/com.moji.zteweather_preferences.xml
- /data/data/####/com.moji.zteweather_prefs.xml
- /data/data/####/com.moji.zteweather_prefs.xml.bak
- /data/data/####/crashrecord.xml
- /data/data/####/credit_info.xml
- /data/data/####/creditask.db
- /data/data/####/creditask.db-journal
- /data/data/####/default.xml
- /data/data/####/default.xml.bak
- /data/data/####/default_process_safe.xml
- /data/data/####/hmdb
- /data/data/####/hmdb-journal
- /data/data/####/i2wapi.db
- /data/data/####/i2wapi.db-journal
- /data/data/####/journal
- /data/data/####/libshellx-super.2019.so
- /data/data/####/libwgs2gcj.so
- /data/data/####/local_crash_lock
- /data/data/####/local_crash_lock (deleted)
- /data/data/####/locations.db
- /data/data/####/locations.db-journal
- /data/data/####/logdb.db
- /data/data/####/logdb.db-journal
- /data/data/####/map_record.txt
- /data/data/####/mjtabad.db
- /data/data/####/mjtabad.db-journal
- /data/data/####/mojiSnsUser.db
- /data/data/####/mojiSnsUser.db-journal
- /data/data/####/moji_ad.xml
- /data/data/####/mojiweather
- /data/data/####/mojiweather-journal
- /data/data/####/mojiwidget.db-journal
- /data/data/####/native_record_lock
- /data/data/####/native_record_lock (deleted)
- /data/data/####/notify_info.xml
- /data/data/####/o0oooOO0ooOo.dat
- /data/data/####/pref.xml
- /data/data/####/pref.xml.bak
- /data/data/####/proc_auxv
- /data/data/####/reg_record.txt
- /data/data/####/rqd_record.eup
- /data/data/####/security_info
- /data/data/####/setting_preference.xml
- /data/data/####/td.lock
- /data/data/####/tdid.xml
- /data/data/####/tomb_1663186299512.txt
- /data/data/####/tomb_1663186311202.txt
- /data/data/####/tosversion
- /data/data/####/umeng_general_config.xml
- /data/data/####/weather.db
- /data/data/####/weather.db-journal
- /data/data/####/ztemojiweather.db
- /data/data/####/ztemojiweather.db-journal
- /data/media/####/..ccdid
- /data/media/####/..ccvid
- /data/media/####/._android.dat
- /data/media/####/._driver.dat
- /data/media/####/._system.dat
- /data/media/####/.acc.dat
- /data/media/####/.aio.dat
- /data/media/####/.ccdid
- /data/media/####/.ccvid
- /data/media/####/.nomedia
- /data/media/####/.tcookieid
- /data/media/####/1663186296072.db (deleted)
- /data/media/####/UserLog.txt
- /data/media/####/_android.dat
- /data/media/####/_driver.dat
- /data/media/####/_system.dat
- /data/media/####/acc.dat
- /data/media/####/aio.dat
- /data/media/####/alsn20170807.db
- /data/media/####/alsn20170807.db-journal
- /data/media/####/avatarDefault_2.png
- /data/media/####/avatar_xmm.csv
- /data/media/####/xmm_0-1.png
- /data/media/####/xmm_0-10.png
- /data/media/####/xmm_0-11.png
- /data/media/####/xmm_0-2.png
- /data/media/####/xmm_0-3.png
- /data/media/####/xmm_0-4.png
- /data/media/####/xmm_0-5.png
- /data/media/####/xmm_0-6.png
- /data/media/####/xmm_0-7.png
- /data/media/####/xmm_0-8.png
- /data/media/####/xmm_1-1.png
- /data/media/####/xmm_10-1.png
- /data/media/####/xmm_11-1.png
- /data/media/####/xmm_12-1.png
- /data/media/####/xmm_13-1.png
- /data/media/####/xmm_13-2.png
- /data/media/####/xmm_14-2.png
- /data/media/####/xmm_14-3.png
- /data/media/####/xmm_14-4.png
- /data/media/####/xmm_3-1.png
- /data/media/####/xmm_3-2.png
- /data/media/####/xmm_3-6.png
- /data/media/####/xmm_4-1.png
- /data/media/####/xmm_4-11.png
- /data/media/####/xmm_4-12.png
- /data/media/####/xmm_4-2.png
- /data/media/####/xmm_4-3.png
- /data/media/####/xmm_4-4.png
- /data/media/####/xmm_4-5.png
- /data/media/####/xmm_4-8.png
- /data/media/####/xmm_5-10-1.png
- /data/media/####/xmm_5-10-2.png
- /data/media/####/xmm_5-10-3.png
- /data/media/####/xmm_5-11-2.png
- /data/media/####/xmm_5-11-3.png
- /data/media/####/xmm_5-2-1.png
- /data/media/####/xmm_5-2-2.png
- /data/media/####/xmm_5-2-3.png
- /data/media/####/xmm_5-4-1.png
- /data/media/####/xmm_5-4-2.png
- /data/media/####/xmm_5-4-3.png
- /data/media/####/xmm_5-5-1.png
- /data/media/####/xmm_5-6-1.png
- /data/media/####/xmm_5-6-2.png
- /data/media/####/xmm_5-6-3.png
- /data/media/####/xmm_5-7-1.png
- /data/media/####/xmm_5-7-2.png
- /data/media/####/xmm_5-7-3.png
- /data/media/####/xmm_5-8-1.png
- /data/media/####/xmm_5-8-2.png
- /data/media/####/xmm_5-8-3.png
- /data/media/####/xmm_5-9-1.png
- /data/media/####/xmm_6-1.png
- /data/media/####/xmm_7-1-1.png
- /data/media/####/xmm_7-1-2.png
- /data/media/####/xmm_7-1-3.png
- /data/media/####/xmm_7-2-1.png
- /data/media/####/xmm_7-2-2.png
- /data/media/####/xmm_7-2-3.png
- /data/media/####/xmm_7-3-1.png
- /data/media/####/xmm_7-3-2.png
- /data/media/####/xmm_7-3-3.png
- /data/media/####/xmm_7-5-1.png
- /data/media/####/xmm_7-5-2.png
- /data/media/####/xmm_7-5-3.png
- /data/media/####/xmm_7-6-1.png
- /data/media/####/xmm_7-6-2.png
- /data/media/####/xmm_7-6-3.png
- /data/media/####/xmm_7-7-1.png
- /data/media/####/xmm_7-7-2.png
- /data/media/####/xmm_7-7-3.png
- /data/media/####/xmm_7-8-1.png
- /data/media/####/xmm_7-8-2.png
- /data/media/####/xmm_7-8-3.png
- /data/media/####/xmm_9-1.png
- /data/media/####/xmm_default.png
- /data/misc/####/primary.prof
- /system/bin/cat /proc/meminfo
- /system/bin/sh -c getprop
- /system/bin/sh -c ps|grep 'moji'|grep 'daemon'
- /system/bin/sh -c type su
- cat /proc/cpuinfo
- cat /sys/class/net/wlan0/address
- date
- getprop
- getprop ro.miui.ui.version.name
- getprop ro.product.cpu.abi
- grep daemon
- grep moji
- id
- logcat -d -v threadtime -s dalvikvm art zygote zygote64 OpenGLRenderer Bugly-libunwind:S
- logcat -t 1000 -v threadtime Bugly-libunwind:S
- ls /dev/socket
- mkdir -p <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/
- ps
- service call iphonesubinfo 1
- sh -c cat
- sh -c cat /proc/sys/kernel/random/uuid
- sh -c cat /proc/uptime
- sh -c cat /sys/class/net/eth0/address
- sh -c cat /sys/class/net/eth1/address
- sh -c cat /sys/class/net/eth2/address
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/..ccdid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/..ccvid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/.acc.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/.aio.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/.ccdid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/.ccvid
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_android.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/acc.dat
- sh -c cat <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/aio.dat
- sh -c cd /proc/;cat cpuinfo
- sh -c cd /proc/net/ && cat arp
- sh -c cd /proc/self/;cat status
- sh -c cd /sys/class/net/eth0/ && cat address
- sh -c cd /sys/class/net/wlan0/ && cat address
- sh -c echo MTMwRDU5OTRGODk5MjY5NUNEMzFFMDk4MjY0RUEzREM0NkMzMkY6Mzk5RjE1OkNFMzEyNA== > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_driver.dat
- sh -c echo MThBNTc4NjhEMDJDNDgyQjZBMDY1NDU2NzREMDA2MUIyMDIwMTAyODAwMDE= > <SD-Card>/../../../../../..<SD-Card>/..ccvid
- sh -c echo MThBNTc4NjhEMDJDNDgyQjZBMDY1NDU2NzREMDA2MUIyMDIwMTAyODAwMDE= > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/.ccvid
- sh -c echo Mjk5MTNCRjZDOUYzRTJDMzdFNjFBMTM1MkYyRUNGNjQxNjYzMTg2MzQ4 > <SD-Card>/../../../../../..<SD-Card>/.acc.dat
- sh -c echo Mjk5MTNCRjZDOUYzRTJDMzdFNjFBMTM1MkYyRUNGNjQxNjYzMTg2MzQ4 > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/acc.dat
- sh -c echo NDFGMzUyMzlBRENFQjNGQTIxNzk0NkNGMzgwN0I2MzRENjE3MDI6QUU1ODY2OjNFQjMzQQ== > <SD-Card>/../../../../../..<SD-Card>/._android.dat
- sh -c echo NDFGMzUyMzlBRENFQjNGQTIxNzk0NkNGMzgwN0I2MzRENjE3MDI6QUU1ODY2OjNFQjMzQQ== > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_android.dat
- sh -c echo QjU4NUVFQTBCMEQ3MkI1Mzg5QjM5ODQ1MzQ1NUNFMDMzQzdBQjU6ODg2Qzc4OjI3RERDMw== > <SD-Card>/../../../../../..<SD-Card>/._system.dat
- sh -c echo QjU4NUVFQTBCMEQ3MkI1Mzg5QjM5ODQ1MzQ1NUNFMDMzQzdBQjU6ODg2Qzc4OjI3RERDMw== > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/_system.dat
- sh -c echo RDdCRjQ4NUFFNDc3RkVBMjk2RDA3M0Y2NjE4MkRCNDIxNjYzMTg2MzEy > <SD-Card>/../../../../../..<SD-Card>/.aio.dat
- sh -c echo RDdCRjQ4NUFFNDc3RkVBMjk2RDA3M0Y2NjE4MkRCNDIxNjYzMTg2MzEy > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/aio.dat
- sh -c echo REE3NDYzQTMyN0MxOTg4MTUyNkJDN0Y2NDM5REFBQ0Fpbk8wRDlaRnlENVUvcjMyZGtBNTF2MkRHdTQrZnpLRXpMZ0ZtRExOdVRobzdaTHZDUFY3bW1DNzRJeHhHaS9jY0N1UUtQa2hWSDBoWmJIT05TbGxNczM3TmNnSzZvbjJnY21XN3NmR20wZWtIS051bnNRb0xuNlNrQ1p0UVYyc1JadmdVSS90UElDdGhGUWxOYzQ3bUpucE1ZNXJXeDJUS1hGZjB2bWdGNUxweWtnL0s1Ukt4UWluRVlBSVlzRng= > <SD-Card>/../../../../../..<SD-Card>/..ccdid
- sh -c echo REE3NDYzQTMyN0MxOTg4MTUyNkJDN0Y2NDM5REFBQ0Fpbk8wRDlaRnlENVUvcjMyZGtBNTF2MkRHdTQrZnpLRXpMZ0ZtRExOdVRobzdaTHZDUFY3bW1DNzRJeHhHaS9jY0N1UUtQa2hWSDBoWmJIT05TbGxNczM3TmNnSzZvbjJnY21XN3NmR20wZWtIS051bnNRb0xuNlNrQ1p0UVYyc1JadmdVSS90UElDdGhGUWxOYzQ3bUpucE1ZNXJXeDJUS1hGZjB2bWdGNUxweWtnL0s1Ukt4UWluRVlBSVlzRng= > <SD-Card>/../../../../../..<SD-Card>/Android/Data/System/local/.ccdid
- libBugly-yaq
- libmthook
- libshellx-super.2019
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-GCM-NoPadding
- desede-CBC-NoPadding