Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) l####.tbs.qq.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) img.newairc####.com:80
- TCP(HTTP/1.1) a.appj####.com:80
- TCP(HTTP/1.1) oss.newairc####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(TLS/1.0) oss.newairc####.com:443
- TCP(TLS/1.0) s####.ml####.cc:443
- TCP(TLS/1.0) h5.newairc####.com:443
- TCP c####.g####.ig####.com:5226
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- a####.u####.com
- a.appj####.com
- c####.g####.ig####.com
- c-h####.g####.com
- h5.newairc####.com
- img.newairc####.com
- l####.tbs.qq.com
- oss.newairc####.com
- s####.ml####.cc
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- img.newairc####.com/yzxw/pic/201812/01/45e16366-0a44-4b58-aa33-075c15278...
- oss.newairc####.com/yzxw/article/201806/04/c3809839.json
- oss.newairc####.com/yzxw/pic/201609/22/b0da0caf-678e-40d5-aee0-d232ee0cb...
- oss.newairc####.com/yzxw/pic/201703/14/2e9be320-8240-45a1-ac82-c7962ebf7...
- oss.newairc####.com/yzxw/pic/201805/30/9e80e440-fd75-4cc8-877a-efd298e3d...
- oss.newairc####.com/yzxw/pic/201805/30/9ebd2e21-3922-4d14-9689-a47f4f4ec...
- oss.newairc####.com/yzxw/pic/201805/30/cf60356f-cab6-4f46-a49b-98bbcb88e...
- oss.newairc####.com/yzxw/pic/201805/30/ed435447-6ab0-4dc4-bf04-596ae9f8f...
- oss.newairc####.com/yzxw/pic/201810/21/11801b86-c6b1-4750-b96d-32c167a99...
- oss.newairc####.com/yzxw/pic/201810/21/df62c9ed-16d1-49fe-a3a4-7933fd2b3...
- oss.newairc####.com/yzxw/pic/201811/05/585ebb7c-e7e9-41b8-8dd2-eb3394228...
- oss.newairc####.com/yzxw/pic/201811/05/81077cf8-67e1-44e3-bcb7-719b23555...
- oss.newairc####.com/yzxw/pic/201811/05/c3718572-7331-49e1-9c87-3c9871b09...
- oss.newairc####.com/yzxw/pic/201811/05/f952134f-38f1-4203-8efa-81b432c0f...
- oss.newairc####.com/yzxw/pic/201811/05/fd40e9f9-84ae-4913-b5b6-00570dd9b...
- t####.c####.q####.####.com/tdata_Soq141
- t####.c####.q####.####.com/tdata_vxj811
- a####.u####.com/app_logs
- a.appj####.com/ad-service/ad/mark
- c-h####.g####.com/api.php?format=####&t=####
- l####.tbs.qq.com/ajax?c=####&k=####
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/-1033620981
- /data/data/####/-1258396365
- /data/data/####/-1312716470
- /data/data/####/-1382212414
- /data/data/####/-1382929202
- /data/data/####/-1383021639
- /data/data/####/-1383137891
- /data/data/####/-1384060261
- /data/data/####/-874850400
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/0823ac1dc085b99c2d1943fc191575e87c1f2a3307476c8....0.tmp
- /data/data/####/0b4aaea76482698c0791825f1aa8c95736bf1d8d77c0e12....0.tmp
- /data/data/####/0c6cfe3d7378feab6c2996054fa9a2d4d34233990bdc3e7....0.tmp
- /data/data/####/0e83014dc797ffbdc66c2c81b38f09a7184ccfc72663f02....0.tmp
- /data/data/####/0e9954c54560c5d1140044a52c1eb126e3d6591f2735fda....0.tmp
- /data/data/####/1175890411
- /data/data/####/1180820770
- /data/data/####/1279920545
- /data/data/####/130340269a528cb0b453828b943cb05fd43e6ebe1dfedbf....0.tmp
- /data/data/####/1389023919
- /data/data/####/1601092246
- /data/data/####/1695857311
- /data/data/####/1957047657
- /data/data/####/1bd4f22f1c7f04c9bd012a501fa04f2dc69d40320396d9c....0.tmp
- /data/data/####/2014116873
- /data/data/####/2015155500
- /data/data/####/2015247937
- /data/data/####/220d119dbe243e6daf5f1902318f4c648fe9e5921561708....0.tmp
- /data/data/####/2b05877d82c1dced4dd289d2691a8aaf7b326aa3eac9341....0.tmp
- /data/data/####/2d27eaec9a120e202b6f88f81443805b5b7c98d7f91d0d5....0.tmp
- /data/data/####/2e37cc9b8cd631e9271dd1e71cd25c4895b232f780a8998....0.tmp
- /data/data/####/2e6bde2e5f6cc8c629f25a9d7e4a301dac0f9d66530081f....0.tmp
- /data/data/####/31223b1678f85d814da0efc984d075e03802b4d50991e8b....0.tmp
- /data/data/####/337525857
- /data/data/####/3809839_article.js
- /data/data/####/386967948
- /data/data/####/392c94e9709f0db1a50f0f62951f7a5a28d2bd61234dab9....0.tmp
- /data/data/####/3c18099aa23b959c64c5a04b1897fe6a801c2a4b973d9f9....0.tmp
- /data/data/####/3e0dc87d6945df005cac97a8891e716c3eaa5c7b273ccbb....0.tmp
- /data/data/####/45b13a5b31477a40bf18c41553fa979ea2eb32a15f8ef25....0.tmp
- /data/data/####/49
- /data/data/####/492055135
- /data/data/####/49584008edc74346c75e5f74ba2204a8e8169f63609ba96....0.tmp
- /data/data/####/505ee3e4150c70a6a74f9ee885eb50f79b0c883af82203b....0.tmp
- /data/data/####/575295a9d206a3bd8360ac1ce6330067cba4183fe011de4....0.tmp
- /data/data/####/5853db31786bf7a929a71a21c524fe6ff1e91b1a466a841....0.tmp
- /data/data/####/624304295
- /data/data/####/645ab5935ce14bfee6a523a28feed8fd958bda2ea25148e....0.tmp
- /data/data/####/679faff79af5765d4a0fc12fea2ffa05dc66dd0d861687f....0.tmp
- /data/data/####/6c94b41ed1ff1c810a4b6299dca3b92744bd0a99c14ffed....0.tmp
- /data/data/####/6deb133caf1ddd0567d6ca0d8c55cc4aa2b4358cdab17ae....0.tmp
- /data/data/####/71c7a283bce3a497ec0ae5d820d43f66a5ecc1fa2aadd6b....0.tmp
- /data/data/####/722462662
- /data/data/####/73284b55afc1b361aaa2997787f624a8808cde6e1258749....0.tmp
- /data/data/####/78e1405c513fc3fd9eeaf3f656997f0826df57399ecf79b....0.tmp
- /data/data/####/8874eee66181aa9cbf47947df175e9f448b84c354c3a309....0.tmp
- /data/data/####/8cbb3e7e5aeb7ca8bc99ecc943e1006cb2bf4beca4a6095....0.tmp
- /data/data/####/9056eda945f4db014990830b80a9e44f3fe0a78f8072c6a....0.tmp
- /data/data/####/FZLTXHK-GBK_YS.ttf
- /data/data/####/a622f5b28592243ddcfda30b7b0f470237db697b505ef52....0.tmp
- /data/data/####/a99804dfacec0ed2a7218434e904318bd2863583637c7e3....0.tmp
- /data/data/####/abfd1b007afe462ac32c5dd4304d31f574b24fae6165931....0.tmp
- /data/data/####/amazeui.min.css
- /data/data/####/amazeui.min.js
- /data/data/####/angular1.4.6.min.js
- /data/data/####/article.js
- /data/data/####/base.css
- /data/data/####/bf276b00ba40f6d32c425033f352f3e989a19e550b22282....0.tmp
- /data/data/####/c2e4f267b992457608ca3ca63c95e902fe7fcba3ee1d552....0.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/cf466f63c1fddc195b9ebca05509234fb2c5f9d1878ca3b....0.tmp
- /data/data/####/columnId.xml
- /data/data/####/core_info
- /data/data/####/d37a0582c7a35d8e43021a3b575c3abc006f623c8d6ef11....0.tmp
- /data/data/####/d453449b6a91587bfce2958ea1460915ec6ad0fb8c97daf....0.tmp
- /data/data/####/d4d8f8a451a4d8d27af5f3e1c22d428d5942ecedcd9dfc6....0.tmp
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/db_founder0-journal
- /data/data/####/dc51e4696093333fd8522f6a590d69961058748281de3b7....0.tmp
- /data/data/####/debug.conf
- /data/data/####/e3c9a025e4d417d94934315bc4885a4031287bce299a75f....0.tmp
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f0a045edc321d106a3fd83b1a4748a13a76da998bea95c5....0.tmp
- /data/data/####/f3010bbc3b202eb6fef7c803532fbf2fd6b2c6876afbfc2....0.tmp
- /data/data/####/f3d2e0659ac0c97db4be8f4754eeef6be5ac8cc796d5842....0.tmp
- /data/data/####/f43d46f4079c241fc792d19fdcdbd8a1461944e877ade19....0.tmp
- /data/data/####/f_000001
- /data/data/####/fa8d4e39c274033cd9c56859806abaefbdffec7d8f017f2....0.tmp
- /data/data/####/file__0.localstorage-journal
- /data/data/####/fontawesome-webfont.ttf
- /data/data/####/gdaemon_20161017
- /data/data/####/getui_sp.xml
- /data/data/####/great_button.png
- /data/data/####/great_cancel_button.png
- /data/data/####/gx_sp.xml
- /data/data/####/helpMsg.xml
- /data/data/####/icon-images.png
- /data/data/####/icon_audio_play.png
- /data/data/####/icon_file.png
- /data/data/####/icon_file_down.png
- /data/data/####/icon_meta_voice.png
- /data/data/####/icon_selector_normal.png
- /data/data/####/icon_selector_press.png
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/jg_app_update_settings_random.xml
- /data/data/####/journal.tmp
- /data/data/####/jquery.min2.2.0.js
- /data/data/####/js.combine.min.js
- /data/data/####/libjiagu.so
- /data/data/####/loading.png
- /data/data/####/multidex.version.xml
- /data/data/####/mwsdk_analytics.db-journal
- /data/data/####/news_detail.html
- /data/data/####/persistent_data.xml
- /data/data/####/play.png
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/reader.db-journal
- /data/data/####/run.pid
- /data/data/####/sanjiaoxing.png
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/tdata_Soq141
- /data/data/####/tdata_Soq141.jar
- /data/data/####/tdata_vxj811
- /data/data/####/tdata_vxj811.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/video.png
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.nomedia
- /data/media/####/app.db
- /data/media/####/com.founder.yinzhou.bin
- /data/media/####/com.founder.yinzhou.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/journal.tmp
- /data/media/####/localTemplate.zip
- /data/media/####/tbslog.txt
- /data/media/####/tdata_Soq141
- /data/media/####/tdata_vxj811
- /data/media/####/test.log
- <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.GeTuiPushService 24956 300 0
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- getprop ro.product.cpu.abi
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/<Package>.push.GeTuiPushService 24956 300 0
- getuiext2
- libjiagu
- AES-CBC-PKCS7Padding
- RSA-ECB-NoPadding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS7Padding