Technical information
- Adware.Gexin.2.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) c-h####.g####.com:80
- TCP(HTTP/1.1) loc.map.b####.com:80
- TCP(HTTP/1.1) rs.eas####.com:80
- TCP(HTTP/1.1) sdk.o####.p####.####.com:80
- TCP(HTTP/1.1) sni.c####.q####.####.net:80
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) ti####.c####.l####.####.com:443
- TCP(TLS/1.0) a6.eas####.com:443
- TCP(TLS/1.0) zs####.51####.com:443
- TCP c####.g####.ig####.com:5224
- TCP sdk.o####.t####.####.com:5224
- 7j####.c####.z0.####.com
- a####.u####.com
- a6.eas####.com
- api.map.b####.com
- c####.g####.ig####.com
- c-h####.g####.com
- loc.map.b####.com
- mt####.go####.com
- rs.eas####.com
- sdk.c####.ig####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- zs####.51####.com
- zs-im####.51####.com
- rs.eas####.com/easemob/server.json?sdk_version=####&app_key=####&file_ve...
- sni.c####.q####.####.net/config/hz-hzv3.conf
- sni.c####.q####.####.net/tdata_YEE769
- sni.c####.q####.####.net/tdata_qHR433
- a####.u####.com/app_logs
- c-h####.g####.com/api.php?format=####&t=####
- loc.map.b####.com/sdk.php
- sdk.o####.p####.####.com/api.php?format=####&t=####
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/0b473d73899ac4ead4a8997abdb0691680fe10e51778a4c....0.tmp
- /data/data/####/0ef8d03efe85beb59f8b493f7e5a60841d076b29c5121dc....0.tmp
- /data/data/####/1217517ccf49bab01a8d3f6f39d198f7de58ca2097e27d2....0.tmp
- /data/data/####/170a2ff9573daca0daed5f4e89ff70eb2cb5010a8eef1b0....0.tmp
- /data/data/####/2399368babfd1a99dce6223c056d1122.0.tmp
- /data/data/####/2399368babfd1a99dce6223c056d1122.1.tmp
- /data/data/####/23d81c1964b44dab9e788f6aeefe233e.0.tmp
- /data/data/####/23d81c1964b44dab9e788f6aeefe233e.1.tmp
- /data/data/####/280f7970bb82f4bf8eece75abd8365821726742fe8411e0....0.tmp
- /data/data/####/2ab34610f6449fd3a69e0df7ffb0087f8684eb1faec2da4....0.tmp
- /data/data/####/2f3c5fbc82f0b140a7356146649a2f042bca1bddabad5f8....0.tmp
- /data/data/####/305e4571a3893b1d373410879c1af1b95f8fc93500b1d28....0.tmp
- /data/data/####/31061e91d35df2295ec8b53342ddfdb169092e3196154a1....0.tmp
- /data/data/####/37e4ea69242664390f8f93ca53e0c038e9e464f3a35a7c2....0.tmp
- /data/data/####/3bf20d8091e2a901b23aeec9d6df0fb5d4a13501a5435ed....0.tmp
- /data/data/####/47deed18f4d68ed60b209a18297fdaf6b78194b325d0d95....0.tmp
- /data/data/####/4ae41d04731a40335929c9594e33160d.0.tmp
- /data/data/####/4ae41d04731a40335929c9594e33160d.1.tmp
- /data/data/####/4b06c5dc483c04ebd86068243d10ce831a0c1625f3cf5f4....0.tmp
- /data/data/####/4bc65dfbd05dc3f0cea225a508e6cc30c719224977b6009....0.tmp
- /data/data/####/4bd0f802e8a68e1127580fa9191d1baeb6bf80578bda704....0.tmp
- /data/data/####/5179eedba1f0347f4cbabcc2b20a78e2.0.tmp
- /data/data/####/5179eedba1f0347f4cbabcc2b20a78e2.1.tmp
- /data/data/####/58ff43272d74beac121543809d040f463528eecf38113d8....0.tmp
- /data/data/####/5fbea92120b5814a65826f9964a230db562babb52560841....0.tmp
- /data/data/####/612eb70219d0da17979fccc7766aa7c72d28b174091d104....0.tmp
- /data/data/####/618d2d4d9e2c40eeea4536e347f3a41444f95e4de072fd0....0.tmp
- /data/data/####/667ac683861402d1e39f22b61512be58762492756945df6....0.tmp
- /data/data/####/74e77e9543ca0bd6ad57a7e855f17fcb2ccd5286dac5039....0.tmp
- /data/data/####/7784e5852503b135d6bbe8c06a2229d25506ce6e64f9d03....0.tmp
- /data/data/####/7b534e397c6e27b69fc26af1dab855bd90796700d8ca91e....0.tmp
- /data/data/####/83e3f67c8d25ffffc36dcdeed0c70915403fbf36f13e716....0.tmp
- /data/data/####/85e3ad4900ffd250b09634a8b5b1d22a5e85162b7928d7b....0.tmp
- /data/data/####/87f3b50ac30bd48172e784e7b68b0e70.0.tmp
- /data/data/####/87f3b50ac30bd48172e784e7b68b0e70.1.tmp
- /data/data/####/96daa029d65d6fab1cf2946c05940983780a6592cd58b50....0.tmp
- /data/data/####/_wisdomoperating.db
- /data/data/####/_wisdomoperating.db-journal
- /data/data/####/a00ab77e82569ca2976d150828d62b1ae8ed077d6cf216a....0.tmp
- /data/data/####/app_info.xml
- /data/data/####/authStatus_com.example.wisdomoperating;remote.xml
- /data/data/####/b25aeecb36069c45347b2b2b32b13c5e3b5feeab9ffd4d5....0.tmp
- /data/data/####/b326008347c10565be80956474bcb0a8d5625835df7bf8a....0.tmp
- /data/data/####/be33810d6fc7be146f0e28ede4d08571.0.tmp
- /data/data/####/be33810d6fc7be146f0e28ede4d08571.1.tmp
- /data/data/####/c071ba43e8c5ccd3c2174afb61ad5842482d0e00fadaaf2....0.tmp
- /data/data/####/c1ac942499661dad577c242a4a42d1a0d778fd44b65a112....0.tmp
- /data/data/####/c455f475fbf9eac131fb2a55301c522c.0.tmp
- /data/data/####/c455f475fbf9eac131fb2a55301c522c.1.tmp
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.example.wisdomoperating_preferences.xml
- /data/data/####/config.json
- /data/data/####/d14fdc7bb3ef32885ce1381eda2156a8098517f5f976297....0.tmp
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/de233a886346172042fcbba831c932ce951d1034eccccb4....0.tmp
- /data/data/####/device_id.xml.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/f1c6947c2fc9e1289fcd7ff48af8ce74259ec0617c91e02....0.tmp
- /data/data/####/fa278e21524cee205d859dff932004e9c26c3f66f2f26e2....0.tmp
- /data/data/####/fa9abbedcfd4b061ead5ee0b14f6111836271348814b070....0.tmp
- /data/data/####/fb52ab6d78f21281c12be9e06c135bdb76a548d339afcc7....0.tmp
- /data/data/####/fe386d92dd82a629e949b6b306751a6c18a7d6b8b9bfb9d....0.tmp
- /data/data/####/firll.dat
- /data/data/####/first_pref.xml
- /data/data/####/gdaemon_20161017
- /data/data/####/gx_sp.xml
- /data/data/####/index
- /data/data/####/init.pid
- /data/data/####/init_c.pid
- /data/data/####/journal.tmp
- /data/data/####/libcuid.so
- /data/data/####/libjiagu.so
- /data/data/####/multidex.version.xml
- /data/data/####/null_demo.db-journal
- /data/data/####/push.pid
- /data/data/####/pushext.db-journal
- /data/data/####/pushg.db-journal
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/saveInfo.xml
- /data/data/####/server.json
- /data/data/####/splash_ad
- /data/data/####/tdata_YEE769
- /data/data/####/tdata_YEE769.jar
- /data/data/####/tdata_qHR433
- /data/data/####/tdata_qHR433.jar
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/media/####/.cuid
- /data/media/####/.cuid2
- /data/media/####/app.db
- /data/media/####/com.example.wisdomoperating.db
- /data/media/####/com.getui.sdk.deviceId.db
- /data/media/####/com.igexin.sdk.deviceId.db
- /data/media/####/tdata_YEE769
- /data/media/####/tdata_qHR433
- /data/media/####/test.0
- /data/media/####/test.log
- /data/media/####/yoh.dat
- /data/media/####/yol.dat
- /data/media/####/yom.dat
- <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 25787 300 0
- chmod 700 <Package Folder>/files/gdaemon_20161017
- chmod 755 <Package Folder>/.jiagu/libjiagu.so
- sh <Package Folder>/files/gdaemon_20161017 0 <Package>/com.igexin.sdk.PushService 25787 300 0
- getuiext2
- gif
- hyphenate
- hyphenate_av
- hyphenate_av_recorder
- libjiagu
- locSDK7
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding