Technical information
- Adware.Gexin.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) z.c####.com:80
- TCP(HTTP/1.1) wx.q####.cn:80
- TCP(HTTP/1.1) w####.q####.dn.####.com:80
- TCP(HTTP/1.1) sh.wagbr####.alibaba####.com:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) hm.b####.com:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(HTTP/1.1) t.q####.cn:80
- TCP(HTTP/1.1) c.c####.com:80
- TCP(HTTP/1.1) api.18t####.com:80
- TCP(HTTP/1.1) gm.mm####.com:80
- TCP(HTTP/1.1) app.q####.cn:80
- TCP(HTTP/1.1) w####.18t####.com.####.com:80
- TCP(HTTP/1.1) s####.j####.cn:80
- TCP(HTTP/1.1) pi####.qq.com:80
- TCP(TLS/1.0) api.w####.com:443
- TCP(TLS/1.0) h####.b####.com.####.com:443
- TCP 1####.229.215.22:7003
- UDP s.j####.cn:19000
- 18t####.qin####.com
- a####.u####.com
- api.18t####.com
- api.w####.com
- app.q####.cn
- c####.mm####.com
- c.c####.com
- cfg.ads####.com
- cfg.ads####.mobi
- cfg.ads####.net
- cfg.ads####.org
- h####.b####.com
- h####.c####.com
- hm.b####.com
- log.u####.com
- m.18t####.com
- pi####.qq.com
- qn.18t####.com
- rpc.api.18t####.com
- s####.j####.cn
- s.j####.cn
- s11.c####.com
- sns.whalec####.com
- t3.q####.cn
- www.18t####.com
- wx.q####.cn
- api.18t####.com/?c=####&a=####&apitype=####&post_id=####&callback=####&_...
- api.18t####.com/?c=####&a=####&app=####&act=####&vs=####&url=htt####&a=#...
- api.18t####.com/index.php?c=####&a=####&ids=####&dk=####&ak=####
- api.18t####.com/posts/get_post_info?id=####&callback=####&_=####
- app.q####.cn/mbloghead/4d98039ebf3ade140230/100
- c.c####.com/core.php?web_id=####&t=####
- c.c####.com/stat.php?id=####&web_id=####
- gm.mm####.com/9.gif?abc=####&rnd=####
- hm.b####.com/h.js?6b0d092####
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&ep=####&et=#...
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&et=####&ja=#...
- hm.b####.com/hm.js?6b0d092####
- sh.wagbr####.alibaba####.com/bar/get/54a8ee47fd98c513560009f7/?ud_get=####
- sh.wagbr####.alibaba####.com/share/auth/54a8ee47fd98c513560009f7/8282533...
- sh.wagbr####.alibaba####.com/sina/oauth?appkey=####&os=####&uid=####&sdk...
- t####.c####.q####.####.com/uploads/20141230/1419923264533395.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419927775111674.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419927832912062.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419927851907694.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419927895508963.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419927929227940.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419927974796907.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419928030932021.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20141230/1419932620691468.jpg?imageVi...
- t####.c####.q####.####.com/uploads/20151202/1449043004473543.jpg
- t####.c####.q####.####.com/uploads/20151223/1450852075417243.jpg
- t####.c####.q####.####.com/uploads/20160701/1467338886258761.jpg
- t####.c####.q####.####.com/uploads/20161019/v1_1-8_1476861138652024.jpg?...
- t####.c####.q####.####.com/uploads/20161028/1477621384426886.jpg
- t####.c####.q####.####.com/uploads/20161028/1477621384582521.jpg
- t####.c####.q####.####.com/uploads/20161028/1477621384840465.jpg
- t####.c####.q####.####.com/uploads/20161028/1477621384942884.jpg
- t####.c####.q####.####.com/uploads/20161028/v1_1-8_1477621451691821.jpg?...
- t####.c####.q####.####.com/uploads/20170117/v1_1-8_1484625918742510.jpg?...
- t####.c####.q####.####.com/uploads/20170117/v1_1-8_1484626898244575.png?...
- t####.c####.q####.####.com/uploads/20170122/v1_1-8_1485057585779567.jpg?...
- t####.c####.q####.####.com/uploads/20170210/v1_1-8_1486723524585753.jpg?...
- t.q####.cn/mbloghead/af8e70f37d369037e300/100
- w####.18t####.com.####.com/News/hotStrategyIncr?post_id=####
- w####.18t####.com.####.com/qjnn.html?_nocatch=####
- w####.18t####.com.####.com/qjnnsddyxj.html?_nocatch=####
- w####.18t####.com.####.com/qjnnwsjkh.html?_nocatch=####
- w####.q####.dn.####.com/tq/uploads/avatar/2036/2036559.2.png
- w####.q####.dn.####.com/tq/uploads/avatar/2247/2247213.1.png
- w####.q####.dn.####.com/uploads/avatar/08/2016080757a6bb22f2282.jpg
- w####.q####.dn.####.com/uploads/avatar/11/20161115582a75f28b856.jpg
- wx.q####.cn/mmopen/ajNVdqHZLLAjBgSlxTaHd0PdXz59b2OWV0vjDQgF4InrtPzGTkhMh...
- wx.q####.cn/mmopen/ajNVdqHZLLDABbBugTlicaDFdTaGeuYERKlOwviculNxPEXkSLtJR...
- z.c####.com/stat.htm?id=####&r=####&lg=####&ntime=####&cnzz_eid=####&sho...
- a####.u####.com/app_logs
- api.18t####.com/?c=####&a=####&apitype=####>k=####&dk=####&ak=####
- api.18t####.com/?c=####&a=####&dk=####&ak=####
- api.18t####.com/posts/get_post_info?dk=####&ak=####
- pi####.qq.com/mstat/report/?index=####
- s####.j####.cn/v2/report
- <Package Folder>/cache/####/data_0
- <Package Folder>/cache/####/data_1
- <Package Folder>/cache/####/data_2
- <Package Folder>/cache/####/data_3
- <Package Folder>/cache/####/f_000001
- <Package Folder>/cache/####/f_000002
- <Package Folder>/cache/####/f_000003
- <Package Folder>/cache/####/f_000004
- <Package Folder>/cache/####/f_000005
- <Package Folder>/cache/####/f_000006
- <Package Folder>/cache/####/f_000007
- <Package Folder>/cache/####/f_000008
- <Package Folder>/cache/####/f_000009
- <Package Folder>/cache/####/f_00000a
- <Package Folder>/cache/####/f_00000b
- <Package Folder>/cache/####/f_00000c
- <Package Folder>/cache/####/f_00000d
- <Package Folder>/cache/####/f_00000e
- <Package Folder>/cache/####/f_00000f
- <Package Folder>/cache/####/f_000010
- <Package Folder>/cache/####/index
- <Package Folder>/cache/ApplicationCache.db-journal
- <Package Folder>/databases/jpush_local_notification.db
- <Package Folder>/databases/jpush_local_notification.db-journal
- <Package Folder>/databases/jpush_statistics.db
- <Package Folder>/databases/jpush_statistics.db-journal
- <Package Folder>/databases/pri_wxop_tencent_analysis.db-journal
- <Package Folder>/databases/rep.db-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/databases/wxop_tencent_analysis.db-journal
- <Package Folder>/files/.imprint
- <Package Folder>/files/.jiagu.ls
- <Package Folder>/files/NN_AdsMogo.txt
- <Package Folder>/files/PrefsFile
- <Package Folder>/files/ZUIXING.txt
- <Package Folder>/files/jpush_stat_cache.json
- <Package Folder>/files/jpush_stat_cache_history.json
- <Package Folder>/files/libjiagu.so
- <Package Folder>/files/qjnn_BannerData.txt
- <Package Folder>/files/umeng_it.cache
- <Package Folder>/shared_prefs/.mta-wxop.xml
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/<Package>_preferences.xml.bak
- <Package Folder>/shared_prefs/JPushSA_Config.xml
- <Package Folder>/shared_prefs/cn.jpush.serverconfig.xml
- <Package Folder>/shared_prefs/jpush_device_info.xml
- <Package Folder>/shared_prefs/mobclick_agent_online_setting_<Package>.xml
- <Package Folder>/shared_prefs/openudid_prefs.xml
- <Package Folder>/shared_prefs/statistics_config.xml
- <Package Folder>/shared_prefs/umeng_general_config.xml
- <Package Folder>/shared_prefs/umeng_social_method.xml
- <Package Folder>/shared_prefs/umeng_social_oauth.xml
- <Package Folder>/shared_prefs/umeng_socialize.xml
- <Package Folder>/shared_prefs/umeng_socialize_qq.xml
- <Package Folder>/shared_prefs/umeng_socialize_token_expire_in.xml
- <SD-Card>/18touch_helpers/####/.nomedia
- <SD-Card>/18touch_helpers/####/19glisbmao8kfefwkgm3ey69i
- <SD-Card>/18touch_helpers/####/25zu78g8v9pjkh96c8al7yzl2
- <SD-Card>/18touch_helpers/####/2v3zhbyafj42zpx91awgwcqzi
- <SD-Card>/18touch_helpers/####/3rwukl8x2512p2cna0rucx6ew
- <SD-Card>/18touch_helpers/####/5vp17ccuu6uqvj23m8ll3o1zw
- <SD-Card>/18touch_helpers/####/68sahi16dquic3zw3lsjllfb9
- <SD-Card>/18touch_helpers/####/6cc5c23daywt8ryi908vcrnsy
- <SD-Card>/18touch_helpers/####/6no9pdr7bffqbv3x81xljuq1j
- <SD-Card>/18touch_helpers/####/6yv14d340gtkbxnqrlcgwgo60
- <SD-Card>/Tencent/####/.mid.txt
- <SD-Card>/data/.push_deviceid
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- jpush181
- libjiagu
- AES-CBC-NoPadding
- AES-CBC-NoPadding