Technical information
- Adware.Kyview.4.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) ksg.5####.com:80
- TCP(HTTP/1.1) www.ikuai####.com:80
- TCP(HTTP/1.1) s####.cn.ron####.com:80
- TCP(HTTP/1.1) b####.x.jd.com:80
- TCP(HTTP/1.1) mo####.b####.com:80
- TCP(HTTP/1.1) loc.map.b####.com:80
- TCP(HTTP/1.1) lbs.sig.a####.io:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) api.5ika####.com:80
- TCP(HTTP/1.1) 1####.254.116.117:80
- TCP(TLS/1.0) pla####.google####.com:443
- TCP(TLS/1.0) dxp.b####.com:443
- TCP(TLS/1.0) 64.2####.164.94:443
- TCP(TLS/1.0) 2####.85.233.95:443
- TCP(TLS/1.0) p####.google####.com:443
- TCP(TLS/1.0) mobads-####.b####.com:443
- TCP(TLS/1.0) h####.b####.com:443
- TCP(TLS/1.0) s####.cn.ron####.com:443
- TCP(TLS/1.0) rr9---s####.g####.com:443
- TCP(TLS/1.2) 64.2####.164.94:443
- TCP(TLS/1.2) p####.google####.com:443
- UDP rp.sig.a####.io:8000
- a####.u####.com
- api.5ika####.com
- apm.9l####.com
- b####.5####.com
- b####.x.jd.com
- dxp.b####.com
- h####.b####.com
- ksco####.d####.com
- ksg.5####.com
- lbs.sig.a####.io
- loc.map.b####.com
- mo####.b####.com
- mobads-####.b####.com
- nav.cn.ron####.com
- p####.google####.com
- pi####.qq.com
- pla####.google####.com
- rp.sig.a####.io
- rr9---s####.g####.com
- s####.cn.ron####.com
- t####.qq.com
- w.5####.com
- www.ikuai####.com
- api.5ika####.com/v1/domain/info
- api.5ika####.com/v1/user/info
- b####.x.jd.com/app/config?os=####&key=####
- dxp.b####.com:443/autoTracker
- dxp.b####.com:443/circleConfig?sdkVersion=####&appKey=####&packageName=#...
- ksg.5####.com/AdImpressionServlet?adType=####&slotId=####&packageName=##...
- ksg.5####.com/VideoConfigServlet
- lbs.sig.a####.io/getaddr?vid=####
- mo####.b####.com/ads/pa/8/__pasys_remote_banner.php?v=####&bdr=####&tp=#...
- mo####.b####.com/ads/pa/8/__xadsdk__remote__8.8108.jar
- mo####.b####.com/ads/pa/proxy/proxy854
- mo####.b####.com/cpro/ui/mads.php?code2=####
- www.ikuai####.com/cnzz/<Package>.html
- www.ikuai####.com/favicon.ico
- a####.u####.com/app_logs
- h####.b####.com:443/app.gif
- loc.map.b####.com/offline_loc
- loc.map.b####.com/sdk.php
- mobads-####.b####.com:443/brwhis.log
- s####.cn.ron####.com/navipush.json
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.lock (deleted)
- /data/data/####/.tpns.settings.xml.xml
- /data/data/####/312b375b21d51b5c_0
- /data/data/####/Alvin2.xml
- /data/data/####/COUNTLY_STORE.xml
- /data/data/####/ContextData.xml
- /data/data/####/Cookies-journal
- /data/data/####/LOCATIONPRE.xml
- /data/data/####/RongPush.xml
- /data/data/####/RongPush.xml.bak
- /data/data/####/SKY_SP.xml
- /data/data/####/Statistics.xml
- /data/data/####/Statistics.xml.bak
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/XGPushConfig_token.config.xml
- /data/data/####/__Baidu_Stat_SDK_SendRem.xml
- /data/data/####/__local_ap_info_cache.json
- /data/data/####/__local_last_session.json
- /data/data/####/__local_stat_cache.json
- /data/data/####/__send_data_1687837317242
- /data/data/####/__x_adsdk_agent_header__.xml
- /data/data/####/__xadsdk__remote__final__aa4db2e8-84b1-4377-9be...51.jar
- /data/data/####/__xadsdk_downloaded__version__.xml
- /data/data/####/ad_s_c.xml
- /data/data/####/b66971a934b349d3_0
- /data/data/####/baidu_mtj_sdk_record.xml
- /data/data/####/baidu_mtj_sdk_record.xml.bak
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/classes.dex
- /data/data/####/classes.oat
- /data/data/####/classes2.dex
- /data/data/####/classes3.dex
- /data/data/####/com.baidu.mobads.loader.xml
- /data/data/####/com.kandian.vodapp.LAST_OPEN_TIME.xml
- /data/data/####/com.kandian.vodapp_preferences.xml
- /data/data/####/downloads.db
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/firll.dat
- /data/data/####/index
- /data/data/####/index_floatingad.xml
- /data/data/####/journal
- /data/data/####/libcuid.so
- /data/data/####/libjiagu.so
- /data/data/####/metrics_guid
- /data/data/####/mtj_autoTracker.js
- /data/data/####/ofl.config
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/pili_qos_index.json
- /data/data/####/pili_qos_log.0
- /data/data/####/pref_callkit.xml
- /data/data/####/proc_auxv
- /data/data/####/qos.xml
- /data/data/####/qptbccm.dex
- /data/data/####/qptbccm.dex.flock (deleted)
- /data/data/####/qptbccm.jar
- /data/data/####/systemconfigs_info.xml
- /data/data/####/tempnoads.xml
- /data/data/####/tempnoapp.xml
- /data/data/####/the-real-index
- /data/data/####/tpush.shareprefs.xml
- /data/data/####/trace_circle.data
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_socialize_qq.xml
- /data/data/####/videoAd.xml
- /data/media/####/.a.db
- /data/media/####/.confd
- /data/media/####/.confd-journal
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/.q.db
- /data/media/####/.timestamp
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/Runtime.dat
- /data/media/####/conlts.dat
- /data/media/####/ller.dat
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/misc/####/primary.prof
- /system/lib/arm/houdini <Package Folder>/lib/libxguardian.so <Package Folder>/lib/libxguardian.so <Package>,2100045734; 55296 119.45.78.184 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : 0 , mc : 02:00:00:00:00:00 , ev :{ ov : 25 , sr : 461*561 , md : <System Property> , lg : en , sv : 3.0 , mf : <System Property> , apn : %s }}] 0 25
- <Package Folder>/lib/libxguardian.so <Package>,2100045734; 55296 119.45.78.184 [{"idx":0,"ts":%d,"et":2000,"si":0,"ui":"<IMEI>","ky":"Axg%lu","mid":"0","mc":"02:00:00:00:00:00","ev":{"ov":"25","sr":"461*561","md":"<System Property>","lg":"en","sv":"3.0","mf":"<System Property>","apn":"%s"}}] 0 25
- <Package Folder>/lib/libxguardian.so <Package>,2100045734; 55296 119.45.78.184 [{\ :0,\ :%d,\ :2000,\ :0,\ :\ ,\ :\ ,\ :\ ,\ :\ ,\ :{\ :\ ,\ :\ ,\ :\ ,\ :\ ,\ :\ ,\ :\ ,\ :\ }}] 0 25
- cat /sys/class/net/wlan0/address
- chmod 755 /data/user/0/<Package>/.jiagu/libjiagu.so
- getprop net.dns1
- getprop ro.build.display.id
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.miui.ui.version.name
- getprop ro.smartisan.version
- getprop ro.vivo.os.version
- logcat -c
- logcat main ssologin:D *:S
- libRongIMLib
- libagorasdk2
- libjiagu
- liblocSDK6a
- libtpnsSecurity
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- DES-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- RSA-ECB-PKCS1Padding