Technical information
- Adware.Plague.1.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) ad.c####.co.kr:11000
- TCP(HTTP/1.1) api-ser####.ap-nort####.elb.####.com:80
- TCP(HTTP/1.1) a.appj####.com:80
- TCP(HTTP/1.1) ad.c####.co.kr:5220
- TCP(HTTP/1.1) gwk.ad####.com:80
- TCP(HTTP/1.1) x####.c####.co.kr:5220
- TCP(HTTP/1.1) macthin####.ap-nort####.elb.####.com:80
- TCP(HTTP/1.1) i####.c####.co.kr:15151
- TCP(TLS/1.0) 2####.58.212.238:443
- TCP(TLS/1.0) sett####.crashly####.com:443
- TCP(TLS/1.0) gwk.ad####.com:443
- a.appj####.com
- ad.c####.co.kr
- api-ser####.ap-nort####.elb.####.com
- ch.bo####.com
- ch1bo####.com
- ch2.bo####.com
- down####.c####.co.kr
- gwk.ad####.com
- gwx.ad####.com
- i####.c####.co.kr
- log.ad####.com
- macthin####.ap-nort####.elb.####.com
- s####.ad####.com
- sett####.crashly####.com
- x####.c####.co.kr
- ad.c####.co.kr:11000/caulyImpress?code=####&gender=####&age=####&scode=#...
- ad.c####.co.kr:11000/checkCondition?platform=####&content_type=####&sdk_...
- ad.c####.co.kr:5220/caulyXconf?sdk_type=####&code=####&model=####&sdk_ve...
- api-ser####.ap-nort####.elb.####.com/v1/properties?clientType=####&local...
- i####.c####.co.kr:15151/sdk/blackdragon/3.1/BlackDragonAssets.dat_3.4
- i####.c####.co.kr:15151/sdk/blackdragon/module_info/GetModuleInfo.txt_3....
- x####.c####.co.kr:5220/caulyXconf?sdk_type=####&code=####&model=####&sdk...
- a.appj####.com/ad-service/ad/mark
- a.appj####.com/jiagu/check/upgrade
- gwk.ad####.com/ad/config/init
- gwk.ad####.com/ad/gapping/request
- gwk.ad####.com/ad/native/request
- gwk.ad####.com/ad/smart/request
- gwk.ad####.com/rat/apps/package
- macthin####.ap-nort####.elb.####.com/v1/connect
- /data/data/####/.jg.ic
- /data/data/####/.log.lock
- /data/data/####/.log.ls
- /data/data/####/1979924498.tmp
- /data/data/####/5AFF28D30044-0001-0817-F56986B3F12C.cls_temp
- /data/data/####/5AFF28D30044-0001-0817-F56986B3F12CBeginSession.cls_temp
- /data/data/####/5AFF28D30044-0001-0817-F56986B3F12CSessionApp.cls_temp
- /data/data/####/5AFF28D30044-0001-0817-F56986B3F12CSessionCrash.cls_temp
- /data/data/####/5AFF28D30044-0001-0817-F56986B3F12CSessionDevice.cls_temp
- /data/data/####/5AFF28D30044-0001-0817-F56986B3F12CSessionOS.cls_temp
- /data/data/####/5AFF28D30044-0001-0817-F56986B3F12CSessionUser.cls_temp
- /data/data/####/5AFF28EF01B5-0002-0817-F56986B3F12CBeginSession.cls_temp
- /data/data/####/5AFF28EF01B5-0002-0817-F56986B3F12CSessionApp.cls_temp
- /data/data/####/5AFF28EF01B5-0002-0817-F56986B3F12CSessionDevice.cls_temp
- /data/data/####/5AFF28EF01B5-0002-0817-F56986B3F12CSessionOS.cls_temp
- /data/data/####/5AFF28F5007A-0001-08BC-F56986B3F12CBeginSession.cls_temp
- /data/data/####/5AFF28F5007A-0001-08BC-F56986B3F12CSessionApp.cls_temp
- /data/data/####/5AFF28F5007A-0001-08BC-F56986B3F12CSessionDevice.cls_temp
- /data/data/####/5AFF28F5007A-0001-08BC-F56986B3F12CSessionOS.cls_temp
- /data/data/####/BlackDragonAssets.dat__
- /data/data/####/Cauly-BlackDragon.xml
- /data/data/####/Default.xml
- /data/data/####/TwitterAdvertisingInfoPreferences.xml
- /data/data/####/_TriDCommon.lua
- /data/data/####/_TriDDynamicData.lua
- /data/data/####/_TriDStartup.lua
- /data/data/####/app_skdddclasses.jar
- /data/data/####/com.adlibr.xml
- /data/data/####/com.crashlytics.prefs.xml
- /data/data/####/com.crashlytics.sdk.android;answers;settings.xml
- /data/data/####/com.crashlytics.settings.json
- /data/data/####/com.google.android.gms.appid-no-backup
- /data/data/####/com.google.android.gms.appid.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml
- /data/data/####/crash_marker
- /data/data/####/crashlytics-userlog-5AFF28D30044-0001-0817-F569...C.temp
- /data/data/####/crashlytics-userlog-5AFF28D30044-0001-0817-F569...mp.tmp
- /data/data/####/crashlytics-userlog-5AFF28F5007A-0001-08BC-F569...mp.tmp
- /data/data/####/dbqwcjo-journal
- /data/data/####/gappingPref.xml
- /data/data/####/google_app_measurement_local.db
- /data/data/####/google_app_measurement_local.db-journal
- /data/data/####/initialization_marker
- /data/data/####/io.fabric.sdk.android;fabric;io.fabric.sdk.android.l.xml
- /data/data/####/jg_app_update_settings_random.xml
- /data/data/####/json.lua
- /data/data/####/libjiagu.so
- /data/data/####/libtridadrra1127.so
- /data/data/####/local.xml
- /data/data/####/pammd
- /data/data/####/persisted_config
- /data/data/####/qihoo_jiagu_crash_report.xml
- /data/data/####/sa_5280a2b2-f290-4244-b7d9-526d1c3b67ab_1526671571239.tap
- /data/data/####/session_analytics.tap
- /data/data/####/session_analytics.tap.tmp
- /data/data/####/trid1127.zip
- /data/data/####/uuid.dat
- /data/data/####/webview.db-journal
- /data/data/####/xconf.cauly.co.kr__
- /data/media/####/1526671599360.mp4
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- libjiagu
- zisf
- DES-ECB-PKCS5Padding
- DESede-CFB8-NoPadding
- AES-ECB-PKCS5Padding