Technical information
- Adware.Was.1.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) g####.62####.com:8001
- TCP(HTTP/1.1) api.ad.xi####.####.net:80
- TCP(HTTP/1.1) a.da####.com:9127
- UDP(NTP) 2.and####.p####.####.org:123
- TCP(TLS/1.0) unit####.edges####.net:443
- TCP(TLS/1.0) ms.appl####.com:443
- TCP(TLS/1.0) outcome####.superso####.com:443
- TCP(TLS/1.0) publish####.unit####.uni####.com:443
- TCP(TLS/1.0) c####.jq####.com:443
- TCP(TLS/1.0) wild####.moa####.com.####.net:443
- TCP(TLS/1.0) 1####.194.222.95:443
- TCP(TLS/1.0) hy####.ray####.com:443
- TCP(TLS/1.0) tk.anythin####.com:443
- TCP(TLS/1.0) rt.appl####.com:443
- TCP(TLS/1.0) aa.birdg####.com:443
- TCP(TLS/1.0) net.ray####.com:443
- TCP(TLS/1.0) networ####.ss####.com:443
- TCP(TLS/1.0) aa.top####.com:443
- TCP(TLS/1.0) cdn-adn####.ray####.com:443
- TCP(TLS/1.0) new.ads.vu####.com:443
- TCP(TLS/1.0) co####.uca.c####.####.com:443
- TCP(TLS/1.0) api-acc####.edges####.net:443
- TCP(TLS/1.0) d.appl####.com:443
- TCP(TLS/1.0) l####.iro####.mobi:443
- TCP(TLS/1.0) z####.ad.xi####.com:443
- TCP(TLS/1.0) f.ma####.mi####.####.com:443
- TCP(TLS/1.0) 1####.194.73.95:443
- TCP(TLS/1.0) dd.top####.com:443
- TCP(TLS/1.0) www.face####.com:443
- TCP(TLS/1.0) p####.birdg####.com:443
- TCP(TLS/1.0) fx-se####.bepicg####.com:443
- TCP(TLS/1.0) i####.superso####.com:443
- TCP(TLS/1.0) fk-set####.ray####.com:443
- TCP(TLS/1.0) p####.ray####.com:443
- TCP(TLS/1.0) sdkco####.ad.xi####.com:443
- TCP(TLS/1.0) f.ma####.c.####.com:443
- TCP(TLS/1.2) 1####.194.73.113:443
- TCP(TLS/1.2) 74.1####.131.95:443
- UDP 85.1####.116.204:443
- TCP cdn-adn####.ray####.com:443
- UDP 1####.194.222.95:443
- UDP 85.1####.117.141:443
- TCP analy####.ray####.com:443
- 2.and####.p####.####.org
- a.da####.com
- a4.appl####.com
- aa.birdg####.com
- aa.top####.com
- ads.api.vu####.com
- analy####.ray####.com
- api.ad.xi####.com
- c####.jq####.com
- cdn-adn####.ray####.com
- cdn-adn####.ray####.com
- co####.uca.c####.####.com
- co####.unit####.uni####.com
- d.appl####.com
- dd.top####.com
- f1.ma####.xi####.com
- f4.ma####.mi####.com
- fx-se####.bepicg####.com
- g####.62####.com
- hy####.ray####.com
- i####.superso####.com
- l####.iro####.mobi
- m####.go####.com
- ms.appl####.com
- mt####.ray####.com
- net.ray####.com
- networ####.ss####.com
- new.ads.vu####.com
- outcome####.superso####.com
- p####.birdg####.com
- p####.ray####.com
- publish####.unit####.uni####.com
- rt.appl####.com
- sdkco####.ad.xi####.com
- set####.ray####.com
- tk.anythin####.com
- www.face####.com
- z####.ad.xi####.com
- z.moa####.com
- a.da####.com:9127/ll/gs?baseversion=####&version=####&channel=####&appid...
- cdn-adn####.ray####.com:443/vm/22/08/03/11/9e0ba276-e282-49da-928f-080de...
- cdn-adn####.ray####.com:443/vm/22/10/18/00/726bc657-b856-465d-b37b-02b3e...
- f.ma####.c.####.com:443/download/AdCenter/067c8d64cb48b48fca014c25c59221...
- f.ma####.mi####.####.com:443/download/AdCenter/067c8d64cb48b48fca014c25c...
- fk-set####.ray####.com:443/rewardsetting?app_id=####&sign=####&channel=#...
- fk-set####.ray####.com:443/rewardsetting?app_id=####&sign=####&unit_ids=...
- fk-set####.ray####.com:443/sdk/customid?app_id=####&sign=####&channel=##...
- fk-set####.ray####.com:443/setting?app_id=####&sign=####&jm_a=####&jm_n=...
- hy####.ray####.com:443/rv-zip-2021/0712/mini-467e1352170584c587fa19fc97b...
- hy####.ray####.com:443/rv-zip-2022/1010/tpl4-fe353a91b798c734410278efe02...
- i####.superso####.com:443/sdk/v6.16.1?request=####
- net.ray####.com:443/openapi/ad/v3?app_id=####&unit_id=####&placement_id=...
- networ####.ss####.com:443/mobileSDKController/mobileController.html
- new.ads.vu####.com:443/api/v5/new?ifa=####&app_id=####
- p####.ray####.com:443/pl/22/07/29/m_de_xh3d2048new_uSsYZY6vm_p_an_ty-853...
- p####.ray####.com:443/pl/22/09/20/m_de_xh3d2048nb_omye647hl_p_an_ty-5ee1...
- rt.appl####.com:443/4.0/ad?p=####
- sdkco####.ad.xi####.com:443/api/checkupdate/lastusefulversion2?av=####&c...
- unit####.edges####.net:443/webview/3.4.0/cba752c1d41faa6e9fa2f18a8a35718...
- unit####.edges####.net:443/webview/3.4.2/release/config.json?ts=####&sdk...
- wild####.moa####.com.####.net:443/VNG/android/fe5b19d/status.json?ts=###...
- a.da####.com:9127/ll//uu?t=####
- aa.birdg####.com:443/v1/d_api
- aa.top####.com:443/v1/open/app
- aa.top####.com:443/v1/open/placement
- api-acc####.edges####.net:443/config
- api.ad.xi####.####.net/union/fetchAds
- d.appl####.com:443/2.0/device?p=####
- dd.top####.com:443/v1/open/da
- g####.62####.com:8001/adStatistics
- g####.62####.com:8001/addNewApp
- g####.62####.com:8001/gameState
- ms.appl####.com:443/5.0/i?p=####
- outcome####.superso####.com:443/mediation?adUnit=####&sessionId=####&app...
- p####.birdg####.com:443/v1/ptk
- publish####.unit####.uni####.com:443/privacy/3717645/state
- rt.appl####.com:443/4.0/pix?p=####
- tk.anythin####.com:443/v1/open/tk
- z####.ad.xi####.com:443/client/upgrade/mimo/v1
- /data/data/####/.Ote
- /data/data/####/.cl
- /data/data/####/.hptc.cache_eeder.grass.gtx
- /data/data/####/.jg.ic
- /data/data/####/.jgck
- /data/data/####/.nomedia
- /data/data/####/.sqk
- /data/data/####/.xIL
- /data/data/####/.
- /data/data/####/.
- /data/data/####/.
- /data/data/####/0f92b44282a83126_0
- /data/data/####/1
- /data/data/####/2
- /data/data/####/20
- /data/data/####/3
- /data/data/####/427b480a364383a0_0
- /data/data/####/7aa15ccbdd3b0416_0
- /data/data/####/7aa15ccbdd3b0416_1
- /data/data/####/Cookies-journal
- /data/data/####/FBAdPrefs.xml
- /data/data/####/Mediation_Shared_Preferences.xml
- /data/data/####/UnityAdsStorage-private-data.json
- /data/data/####/UnityAdsStorage-public-data.json
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/_m_rec.xml
- /data/data/####/_m_rec.xml.bak
- /data/data/####/analytics.apk.tmp
- /data/data/####/analytics_api.xml
- /data/data/####/analytics_updater.xml
- /data/data/####/anythink.db-journal
- /data/data/####/anythink_agent_log
- /data/data/####/anythink_myoffer-journal
- /data/data/####/anythink_placement_strategy_update_check.xml
- /data/data/####/anythink_sdk.xml
- /data/data/####/anythink_sdk.xml.bak
- /data/data/####/anythink_temp_log
- /data/data/####/appsflyer-data.xml
- /data/data/####/audience_network.dex
- /data/data/####/audience_network.dex.flock (deleted)
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/cheuu
- /data/data/####/classes.dex
- /data/data/####/classes.dex;classes2.dex
- /data/data/####/classes.dex;classes3.dex
- /data/data/####/classes.dex;classes4.dex
- /data/data/####/classes.oat
- /data/data/####/com.applovin.sdk.1.xml
- /data/data/####/com.applovin.sdk.impl.postbackQueue.domain.xml
- /data/data/####/com.applovin.sdk.impl.postbackQueue.domain.xml.bak
- /data/data/####/com.applovin.sdk.preferences.v0abHs2tZ22gOOkclD...mM.xml
- /data/data/####/com.applovin.sdk.preferences.v0abHs2tZ22gOOkclD...ml.bak
- /data/data/####/com.applovin.sdk.shared.xml
- /data/data/####/com.arcade.weeder.grass.gtx.v2.playerprefs.xml
- /data/data/####/com.arcade.weeder.grass.gtx.v2.playerprefs.xml.bak
- /data/data/####/com.arcade.weeder.grass.gtx_preferences.xml
- /data/data/####/com.facebook.ads.idfa.xml
- /data/data/####/com.vungle.sdk.xml
- /data/data/####/com.vungle.sdk.xml.bak
- /data/data/####/cv.xml
- /data/data/####/f3d51800f3d63a76_0
- /data/data/####/f3eb31517896d8c1_0
- /data/data/####/index
- /data/data/####/journal.tmp
- /data/data/####/libjiagu.so
- /data/data/####/metrics_guid
- /data/data/####/mimo_asset.apk
- /data/data/####/mimo_asset.dex
- /data/data/####/mimo_asset.dex.flock (deleted)
- /data/data/####/mintegral.msdk.db-journal
- /data/data/####/mintegral.xml
- /data/data/####/mintegral.xml.bak
- /data/data/####/plugin_updater.xml
- /data/data/####/proc_auxv
- /data/data/####/share_date.xml
- /data/data/####/share_date.xml.bak
- /data/data/####/supersonic_sdk.db
- /data/data/####/supersonic_sdk.db-journal
- /data/data/####/supersonic_shared_preferen.xml
- /data/data/####/the-real-index
- /data/data/####/tmd
- /data/data/####/tramini.xml
- /data/data/####/tv
- /data/data/####/umeng_general_config.xml
- /data/data/####/unityads-installinfo.xml
- /data/data/####/uuloi
- /data/data/####/vungle_db-journal
- /data/data/####/vva
- /data/data/####/vva.dex
- /data/data/####/vva.dex.flock (deleted)
- /data/data/####/vva.jar
- /data/data/####/yg_cache_prefs.xml
- /data/data/####/zeus_pms.xml
- /data/data/####/zeus_pms.xml.bak
- /data/media/####/-1925840068.tmp
- /data/media/####/.nomedia
- /data/media/####/1014107570.tmp
- /data/media/####/1646287931.tmp
- /data/media/####/268106630.tmp
- /data/media/####/315aea1b405f01a8d4eef3c4a03f9569.zip
- /data/media/####/360d3f38e08716eef1e988150d977dd4
- /data/media/####/3f0f838a64f05a888a58202c61d929ed.zip
- /data/media/####/59ebd3bfcee560452b24841593249533
- /data/media/####/6dc579963e0170a1974dc52e7c959c02.zip
- /data/media/####/6df8bc34348f3ffb8ffa5cdc8e82511a
- /data/media/####/Compat.browser
- /data/media/####/DefaultWsdlHelpGenerator.aspx
- /data/media/####/DynamicLoader.js
- /data/media/####/UnityAdsTest.txt
- /data/media/####/UnityAdsTest.txt (deleted)
- /data/media/####/UnityAdsWebApp.html
- /data/media/####/browscap.ini
- /data/media/####/close_v2.png
- /data/media/####/common.min.js
- /data/media/####/config
- /data/media/####/config.xml
- /data/media/####/fb078739a9e60803cfffd5e7ba427538.zip
- /data/media/####/global-metadata.dat
- /data/media/####/loading.gif
- /data/media/####/logo-black.png
- /data/media/####/logo-gray.png
- /data/media/####/m_de_xh3d2048nb_omye647hl_p_an_ty.html
- /data/media/####/m_de_xh3d2048new_uSsYZY6vm_p_an_ty.html
- /data/media/####/machine.config
- /data/media/####/mini.html
- /data/media/####/mobileController.html
- /data/media/####/mscorlib.dll-resources.dat
- /data/media/####/mtg_offline_package.js
- /data/media/####/mw_config.js
- /data/media/####/om_js_content.txt
- /data/media/####/package_loading.js
- /data/media/####/rv_bg_0.jpg
- /data/media/####/rv_bg_1.jpg
- /data/media/####/rv_bg_2.jpg
- /data/media/####/settings.map
- /data/media/####/sound_off_v2.png
- /data/media/####/sound_open_v2.png
- /data/media/####/star.png
- /data/media/####/star1.png
- /data/media/####/tpl4.html
- /data/media/####/tpl4.js
- /data/media/####/unity.ver
- /data/media/####/web.config
- /data/media/####/webAudioCheck.js
- /data/misc/####/primary.prof
- cat /sys/class/net/wlan0/address
- libjiagu
- libmain
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding