Technical information
- Adware.Youmi.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(HTTP/1.1) i####.jom####.com:80
- TCP(HTTP/1.1) pic.pdo####.com.####.com:80
- TCP(HTTP/1.1) hiph####.jom####.com:80
- TCP(HTTP/1.1) p18.q####.com:80
- TCP(HTTP/1.1) qiantu-####.b0.a####.com:80
- TCP(HTTP/1.1) img.j####.com.####.com:80
- TCP(HTTP/1.1) i####.n.sh####.com:80
- TCP(HTTP/1.1) i####.mzst####.com.####.net:80
- TCP(HTTP/1.1) pic.2####.com:80
- TCP(HTTP/1.1) img.z####.cn.####.net:80
- TCP(HTTP/1.1) downcc####.bo####.net:80
- TCP(HTTP/1.1) i####.pcon####.com.cn:80
- TCP(TLS/1.0) gmscomp####.google####.com:443
- TCP(TLS/1.0) img.j####.com.####.com:443
- TCP(TLS/1.0) img.z####.cn.####.net:443
- TCP(TLS/1.0) 1####.250.179.131:443
- TCP(TLS/1.0) rr9---s####.g####.com:443
- TCP(TLS/1.0) i####.n.sh####.com:443
- TCP(TLS/1.0) 2####.239.34.223:443
- TCP(TLS/1.0) rr2---s####.g####.com:443
- TCP(TLS/1.0) 2####.239.32.223:443
- TCP(TLS/1.0) and####.google####.com:443
- TCP(TLS/1.0) pla####.google####.com:443
- TCP(TLS/1.0) and####.a####.go####.com:443
- TCP(TLS/1.2) 1####.250.179.131:443
- TCP(TLS/1.2) 64.2####.162.95:443
- TCP(TLS/1.2) 64.2####.164.95:443
- TCP(TLS/1.2) 64.2####.161.95:443
- TCP(TLS/1.2) 1####.177.14.104:443
- UDP 2####.239.32.223:443
- 5.p####.pc6.com
- a####.u####.com
- and####.a####.go####.com
- and####.google####.com
- at####.zh####.com
- gmscomp####.google####.com
- i####.b####.com
- i####.i####.b####.com
- i####.pcon####.com.cn
- im####.b####.com
- img####.zb8.com
- img.2####.com
- img.j####.com
- img.z####.cn
- is1.mzst####.com
- l####.tbs.qq.com
- p18.q####.com
- pic.2####.com
- pic.do####.com
- pic.pdo####.com
- pic.qiant####.com
- pla####.google####.com
- rr2---s####.g####.com
- rr9---s####.g####.com
- www.easy####.net
- www.r####.cn
- downcc####.bo####.net/upload/2017-2/20172101119454897.jpg
- hiph####.jom####.com/imgad/pic/item/d50735fae6cd7b89c45270b8042442a7d933...
- i####.jom####.com/it/u=1074587193,529245587&fm=27&gp=0.jpg
- i####.mzst####.com.####.net/image/thumb/Purple62/v4/4f/55/fa/4f55fa77-28...
- i####.n.sh####.com:443/search/error.html
- i####.pcon####.com.cn/images/upload/upc/tx/pcdlc/1606/21/c5/spcgroup/231...
- img.j####.com.####.com:443/UserDocument/2017z/zhouya/Picture/20171015182...
- img.z####.cn.####.net:443/community/010a905778ac710000018c1b6aea1e.jpg
- p18.q####.com/t0162a67e9b12f6b836.png
- pic.2####.com/upload/2017-3/2017311336165180.jpg
- pic.pdo####.com.####.com/upload/2017-2/20172101119454897.jpg
- qiantu-####.b0.a####.com/58pic/14/80/73/60Q58PICJiK_1024.jpg
- l####.tbs.qq.com/ajax?c=####&k=####
- /data/data/####/.jg.ic
- /data/data/####/13994ae32560668b_0 (deleted)
- /data/data/####/Cookies-journal
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/classes.dex
- /data/data/####/com.zeustv.ggb_preferences.xml
- /data/data/####/core_info
- /data/data/####/debug.conf
- /data/data/####/index
- /data/data/####/libjiagu.so
- /data/data/####/metrics_guid
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbs_load_stat_flag.xml
- /data/data/####/tbs_report_lock.txt
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/temp-index
- /data/data/####/the-real-index
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/media/####/-1025693489
- /data/media/####/-194226191
- /data/media/####/-194226191.tmp
- /data/media/####/-2029850940
- /data/media/####/-852243128
- /data/media/####/.mima.ini
- /data/media/####/1581670530
- /data/media/####/1581670530.tmp
- /data/media/####/2004462103
- /data/media/####/304884873
- /data/media/####/699940809
- /data/media/####/tbslog.txt
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- getprop ro.product.cpu.abi
- libjiagu
- RC4
- RSA-ECB-NoPadding