Technical information
- Adware.Youmi.1.origin
- UDP(DNS) <Google DNS>
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) s####.e.qq.com:80
- TCP(HTTP/1.1) tyjr-co####.al####.com:80
- TCP(HTTP/1.1) 1####.254.116.116:80
- TCP(TLS/1.0) md####.google####.com:443
- TCP(TLS/1.0) def####.duals####.cn.####.com:443
- TCP(TLS/1.0) 1####.194.163.27:443
- TCP(TLS/1.0) t####.m.qq.com:443
- TCP(TLS/1.0) api.im.qc####.com:443
- TCP(TLS/1.0) and####.b####.qq.com:443
- TCP(TLS/1.0) adash####.man.aliy####.com:443
- TCP(TLS/1.0) 2####.107.1.97:443
- TCP(TLS/1.0) tbsreco####.i####.qq.com:443
- TCP(TLS/1.0) l####.tbs.qq.com:443
- TCP(TLS/1.0) u####.u####.com:443
- TCP(TLS/1.0) ap####.uc.cn:443
- TCP(TLS/1.0) digital####.google####.com:443
- TCP(TLS/1.0) and####.a####.go####.com:443
- TCP(TLS/1.0) qzs.gd####.com.####.com:443
- TCP(TLS/1.2) md####.google####.com:443
- TCP(TLS/1.2) 64.2####.165.94:443
- TCP(TLS/1.2) 64.2####.165.139:443
- TCP 49.51.1####.192:8080
- UDP md####.google####.com:443
- TCP 1####.62.97.251:80
- TCP 1####.62.97.251:8080
- TCP 49.51.1####.192:80
- TCP zb-cent####.m.ta####.com:443
- TCP 1####.62.115.168:80
- TCP 1####.62.221.203:80
- TCP 1####.62.221.203:8080
- TCP 1####.62.115.168:8080
- 3####.nd####.y####.com
- 3####.nd####.y####.com
- 9####.nd####.y####.com
- a####.man.aliy####.com
- acc####.m.ta####.com
- amdc####.m.ta####.com
- and####.a####.go####.com
- and####.b####.qq.com
- ap####.uc.cn
- api.im.qc####.com
- beacon####.aliy####.com
- digital####.google####.com
- l####.tbs.qq.com
- log.u####.com
- md####.google####.com
- qzs.gd####.com
- s####.e.qq.com
- s####.gw.y####.####.8
- s####.gw.y####.net
- s.y####.net
- s.y####.net.####.8
- t####.dmp.y####.####.8
- t####.dmp.y####.net
- t####.m.qq.com
- tbsreco####.i####.qq.com
- u####.u####.com
- umen####.m.ta####.com
- def####.duals####.cn.####.com:443/bar/get/5d6c81300cafb2c0b300085c/?pcv=...
- adash####.man.aliy####.com:443/man/api?ak=####&s=####
- and####.b####.qq.com:443/rqd/async?aid=####
- ap####.uc.cn:443/collect?chk=####&vno=####&uuid=####&app=####&enc=####
- api.im.qc####.com:443/v4/imopenstat/im_native_sdk_report?sdkappid=####
- l####.tbs.qq.com:443/ajax?c=####&k=####
- qzs.gd####.com.####.com:443/union/res/union_cdn/page/temp_v2/tempMob.pac...
- s####.e.qq.com/activate
- t####.m.qq.com:443/?mc=####
- tbsreco####.i####.qq.com:443/getconfig
- tyjr-co####.al####.com/beacon/fetch/config/byappkey
- u####.u####.com:443/umpx_push_launch
- u####.u####.com:443/umpx_share
- u####.u####.com:443/unify_logs
- u####.u####.com:443/zcfg
- /data/data/####/.cl
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/.turing.dat
- /data/data/####/0b4e0afda5a8e1c9a3080a3f24ad838f
- /data/data/####/0b4e0afda5a8e1c9a3080a3f24ad838f-journal
- /data/data/####/1002
- /data/data/####/1004
- /data/data/####/105498_auMini_1
- /data/data/####/1f1cda4e5a419b7548df7656c68c9211
- /data/data/####/1f1cda4e5a419b7548df7656c68c9211-journal
- /data/data/####/3620.yaqcookie
- /data/data/####/3940.yaqcookie
- /data/data/####/4186.yaqcookie
- /data/data/####/44d43bce9ef06580d84fe7a05757f86d-journal
- /data/data/####/A3AEECD8.dex
- /data/data/####/A3AEECD8.dex.flock (deleted)
- /data/data/####/ACCS_BINDdefault.xml
- /data/data/####/ACCS_SDK.xml
- /data/data/####/ACCS_SDK.xml.bak (deleted)
- /data/data/####/ACCS_SDK_CHANNEL.xml
- /data/data/####/AGOO_BIND.xml
- /data/data/####/Agoo_AppStore.xml
- /data/data/####/Alvin2.xml
- /data/data/####/BuglySdkInfos.xml
- /data/data/####/C0XKJAO3JLZKJPDKJFXLINQCJIOAOD.xml
- /data/data/####/C0XKJAO3JLZKJPDKJFXLINQCJIOAOD.xml.bak (deleted)
- /data/data/####/CE94557724F842149D690D0E8CBB1CBD.xml
- /data/data/####/ContextData.xml
- /data/data/####/DeviceInfo.xml
- /data/data/####/ETOMER1IABEKAM0JW0MOC.st
- /data/data/####/IABEKAM0JW0MOC.st
- /data/data/####/LENNAHC1IABEKAM0JW0MOC.st
- /data/data/####/MessageStore.db-journal
- /data/data/####/MsgLogStore.db-journal
- /data/data/####/P15pKIjsm64m
- /data/data/####/P15pKIjsm64m-journal
- /data/data/####/T1oX0rhhuXWt
- /data/data/####/T1oX0rhhuXWt-journal
- /data/data/####/UM_PROBE_DATA.xml
- /data/data/####/XKwVoK0huy3R
- /data/data/####/XKwVoK0huy3R-journal
- /data/data/####/accs.db-journal
- /data/data/####/agoo.pid
- /data/data/####/bugly_db_-journal
- /data/data/####/cdt.wa
- /data/data/####/channel_umeng_common_config.xml
- /data/data/####/channel_umeng_common_config.xml.bak
- /data/data/####/classes.dex
- /data/data/####/classes.dex;classes2.dex
- /data/data/####/classes.dex;classes3.dex
- /data/data/####/classes.dex;classes4.dex
- /data/data/####/classes.dex;classes5.dex
- /data/data/####/com.qq.e.sdkconfig.xml
- /data/data/####/com.wj.makebai.BETA_VALUES.xml
- /data/data/####/com_alibaba_aliyun_crash_defend_sdk_info
- /data/data/####/com_alibaba_aliyun_crash_defend_sdk_info_com.wj...hannel
- /data/data/####/com_alibaba_aliyun_crash_defend_sdk_info_com.wj...remote
- /data/data/####/core_info
- /data/data/####/cr.wa
- /data/data/####/crashrecord.xml
- /data/data/####/devCloudSetting.cfg
- /data/data/####/devCloudSetting.sig
- /data/data/####/download_upload
- /data/data/####/dt.wa
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/gdt_config.cfg
- /data/data/####/gdt_plugin.dex
- /data/data/####/gdt_plugin.dex.flock (deleted)
- /data/data/####/gdt_plugin.jar
- /data/data/####/gdt_plugin.jar.sig
- /data/data/####/gdt_suid
- /data/data/####/httpdns_config_cache.xml
- /data/data/####/httpdns_config_enable.xml
- /data/data/####/i==1.2.0&&v1.5.7_1690287192898_dW5pZnlfbG9ncw==;.log
- /data/data/####/imsdk_report
- /data/data/####/info.xml
- /data/data/####/jqIqJYOT3JpT
- /data/data/####/jqIqJYOT3JpT-journal
- /data/data/####/libMMANDKSignature.41e3cc97.so
- /data/data/####/libMMANDKSignature.6763574d.so
- /data/data/####/libMMANDKSignature.fe7fa1ff.so
- /data/data/####/libjiagu.so
- /data/data/####/libturingau.41e3cc97.so
- /data/data/####/libturingau.6763574d.so
- /data/data/####/libturingau.fe7fa1ff.so
- /data/data/####/libyaqbasic.41e3cc97.so
- /data/data/####/libyaqbasic.6763574d.so
- /data/data/####/libyaqbasic.fe7fa1ff.so
- /data/data/####/libyaqpro.41e3cc97.so
- /data/data/####/libyaqpro.6763574d.so
- /data/data/####/libyaqpro.fe7fa1ff.so
- /data/data/####/local_crash_lock
- /data/data/####/message_accs_db
- /data/data/####/message_accs_db-journal
- /data/data/####/mobclick_agent_user_com.wj.makebai.xml
- /data/data/####/mpdc_105498_1
- /data/data/####/native_record_lock
- /data/data/####/p==6.2.0&&v1.5.7_1690287201170_dW1weF9wdXNoX2xh...=;.log
- /data/data/####/prefs.lock
- /data/data/####/proc_auxv
- /data/data/####/remote_umeng_common_config.xml
- /data/data/####/remote_umeng_common_config.xml.bak
- /data/data/####/s==7.1.2&&v1.5.7_1690287192519_dW1weF9zaGFyZQ==;.log
- /data/data/####/save_cache.xml
- /data/data/####/save_cache.xml.bak
- /data/data/####/sdkCloudSetting.cfg
- /data/data/####/sdkCloudSetting.sig
- /data/data/####/share.db-journal
- /data/data/####/t==9.3.0&&v1.5.7_1690287191082_dW5pZnlfbG9ncw==;.log
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_config.xml.bak
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbs_emergence.xml
- /data/data/####/tbs_pv_config
- /data/data/####/tbscoreinstall.txt
- /data/data/####/tbslock.txt
- /data/data/####/turingfd_conf_105498_auMini.xml
- /data/data/####/turingfd_protect_105498_47_auMini.xml
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/um_session_id.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_common_location.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_message_state.xml
- /data/data/####/umeng_socialize.xml
- /data/data/####/umeng_sp_zdata.xml
- /data/data/####/umeng_zcfg_flag
- /data/data/####/umeng_zero_cache.db
- /data/data/####/umeng_zero_cache.db-journal
- /data/data/####/unique
- /data/data/####/update.xml
- /data/data/####/update_lc
- /data/data/####/usa129xa
- /data/data/####/usa129xa-journal
- /data/data/####/ver
- /data/data/####/wIU6pTyUBYWX
- /data/data/####/wIU6pTyUBYWX-journal
- /data/data/####/wjsavedb.db-journal
- /data/data/####/wsUL1uCdKvjD
- /data/data/####/wsUL1uCdKvjD-journal
- /data/data/####/xian_wan_sp_config_table.xml
- /data/data/####/yaq.41e3cc97.sec
- /data/data/####/yaq.6763574d.sec
- /data/data/####/yaq.fe7fa1ff.sec
- /data/data/####/yaq2.41e3cc97.sec
- /data/data/####/yaq2.6763574d.sec
- /data/data/####/yaq2.fe7fa1ff.sec
- /data/data/####/yaq3_0.41e3cc97.sec
- /data/data/####/yaq3_0.6763574d.sec
- /data/data/####/yaq3_0.fe7fa1ff.sec
- /data/data/####/yaqsdkcookie
- /data/data/####/ymdex.dex
- /data/data/####/ymdex.dex.flock (deleted)
- /data/data/####/ymdex.jar
- /data/data/####/z==1.2.0&&v1.5.7_1690287187160_emNmZw==;.log
- /data/media/####/.turing.dat
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/deviceToken
- /data/media/####/i42d45df023jnkdd93la483f9xGFKXI
- /data/media/####/imsdk.mmap3
- /data/media/####/imsdk_20230725.xlog
- /data/media/####/meta.dat
- /data/media/####/s92TjjdfoP2n3o9dfji2l9s1olkjf0p
- /data/media/####/tbslog.txt
- /data/misc/####/primary.prof
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- /system/bin/cat /sys/devices/system/cpu/kernel_max
- /system/bin/df
- /system/bin/getprop
- /system/bin/sh -c getprop
- cat /sys/class/net/wlan0/address
- getprop
- getprop ro.product.cpu.abi
- ls -l /system/bin/su
- ls /
- ls /sys/class/thermal
- sh -c type su
- libA3AEECD8
- libBugly
- libImSDK
- libMMANDKSignature.41e3cc97
- libMMANDKSignature.6763574d
- libMMANDKSignature.fe7fa1ff
- libabcdefgh
- libcrashsdk
- libjiagu
- libtnet-3.1.14
- libturingau.41e3cc97
- libturingau.6763574d
- libturingau.fe7fa1ff
- libumeng-spy
- libyaqbasic.41e3cc97
- libyaqbasic.6763574d
- libyaqbasic.fe7fa1ff
- libyaqpro.41e3cc97
- libyaqpro.6763574d
- libyaqpro.fe7fa1ff
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS7Padding
- PBEWITHMD5andDES
- RSA-ECB-NoPadding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS7Padding
- PBEWITHMD5andDES
- RSA-ECB-PKCS1Padding