Technical information
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) api.zhuo####.com:80
- TCP(HTTP/1.1) a####.zhuo####.com:80
- TCP(HTTP/1.1) go.afftiny####.com:80
- TCP(HTTP/1.1) aqueous####.herok####.com:80
- TCP(HTTP/1.1) j.bay####.com:8888
- TCP(HTTP/1.1) d3656q1####.cloudf####.net:80
- TCP(HTTP/1.1) c####.tn####.com:80
- TCP(HTTP/1.1) down####.zhuo####.com:80
- TCP(HTTP/1.1) gpup####.min####.com:80
- TCP(HTTP/1.1) gpup####.b0.a####.com:80
- TCP(HTTP/1.1) www.okyes####.com:8081
- TCP(HTTP/1.1) rt.hm####.com:80
- TCP(HTTP/1.1) gp.lik####.com:80
- TCP(HTTP/1.1) gl####.ymtrac####.com:80
- TCP(HTTP/1.1) newt####.adc####.com:80
- TCP(HTTP/1.1) a####.w####.in:80
- TCP(HTTP/1.1) l.a####.com:80
- TCP(HTTP/1.1) b####.pc.cdn.####.com:80
- TCP(HTTP/1.1) t####.hxc####.com:80
- TCP(HTTP/1.1) e####.w####.in:80
- TCP(HTTP/1.1) www.koapk####.com:8081
- TCP(HTTP/1.1) pm.zhuo####.com:80
- TCP(HTTP/1.1) p####.a####.com:80
- TCP(HTTP/1.1) gp.miaoxi####.com:80
- TCP(HTTP/1.1) ak.icec####.org:80
- TCP(TLS/1.0) c.tra####.com:443
- TCP(TLS/1.0) c####.apprev####.com:443
- TCP(TLS/1.0) www.go####.com:443
- TCP(TLS/1.0) www.gst####.com:443
- TCP(TLS/1.0) ssl.gst####.com:443
- TCP(TLS/1.0) lh3.googleu####.com:443
- TCP(TLS/1.0) adser####.go####.nl:443
- TCP(TLS/1.0) www.go####.nl:443
- a####.w####.in
- a####.zhuo####.com
- activeo####.appromo####.com
- adser####.go####.nl
- ak.icec####.org
- api.zhuo####.com
- c####.apprev####.com
- c####.tn####.com
- c.tra####.com
- d3656q1####.cloudf####.net
- down####.androi####.b####.com
- down####.zhuo####.com
- e####.w####.in
- gl####.ymtrac####.com
- go.afftiny####.com
- gp.lik####.com
- gp.miaoxi####.com
- gpup####.min####.com
- h####.b####.com
- j.bay####.com
- l.a####.com
- lh3.googleu####.com
- newswif####.dftou####.com
- newt####.adc####.com
- p####.a####.com
- pm.zhuo####.com
- rt.hm####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- sh.penc####.com
- ssl.gst####.com
- t####.hxc####.com
- www.go####.com
- www.go####.nl
- www.gst####.com
- www.koapk####.com
- www.okyes####.com
- a####.w####.in/interface/vsupdate_627du.php?kv=####&kc=####&kq=####&ku=#...
- api.zhuo####.com/Api/UnifiedAccess?PBindKey=####&data=ey####
- b####.pc.cdn.####.com/public/uploads/store_5/4/8/c/48c7407ad53f2f446fa51...
- e####.w####.in/interface/mothdvista.php?subid=####&pjid=####&uid=####&Im...
- e####.w####.in/interface/sale_static_new.php?kehuid=####&xiangid=####&ch...
- e####.w####.in/interface/shazinew.php?subid=####&pjid=####&uid=####&Imsi...
- gp.lik####.com/cr/sv/getRltNew?eid=####&estatus=####&appkey=####&pid=###...
- gpup####.b0.a####.com/cr/sdk/170417/goplaysdk_statistics_all_1704171.dat
- newt####.adc####.com/aff_c?offer_id=####&aff_id=####&aff_sub3=####&aff_s...
- p####.a####.com/img/bdar40641.png
- e####.w####.in/wapbill/geturlow.php?imsi=####&net=####&subid=####&pjid=#...
- l.a####.com/pv.php
- l.a####.com/sal.php
- www.koapk####.com:8081/sm/sr/rt/ry
- www.okyes####.com:8081/sdk/nsd.action?b=####
- <Package Folder>/app_indicators/indicator_d
- <Package Folder>/app_indicators/indicator_p
- <Package Folder>/app_libs/.atmp9.jar
- <Package Folder>/app_libs/.atmp_8.log
- <Package Folder>/app_mdex/abc.zip
- <Package Folder>/app_mdex/classes.dex
- <Package Folder>/app_process_lock/25575983.0399091
- <Package Folder>/app_process_lock/25575983.0399091 (deleted)
- <Package Folder>/app_process_lock/32621901.2073141
- <Package Folder>/cache/####/data_0
- <Package Folder>/cache/####/data_1
- <Package Folder>/cache/####/data_2
- <Package Folder>/cache/####/data_3
- <Package Folder>/cache/####/f_000001
- <Package Folder>/cache/####/f_000002
- <Package Folder>/cache/####/f_000003
- <Package Folder>/cache/####/f_000004
- <Package Folder>/cache/####/f_000005
- <Package Folder>/cache/####/f_000006
- <Package Folder>/cache/####/index
- <Package Folder>/cache/intel1980838239.txt
- <Package Folder>/databases/arrkii.asa.sdk.db-journal
- <Package Folder>/databases/bdownloaders.db-journal
- <Package Folder>/databases/pushsdk.db-journal
- <Package Folder>/databases/swith1014.db-journal
- <Package Folder>/databases/webview.db-journal
- <Package Folder>/databases/webviewCookiesChromium.db-journal
- <Package Folder>/databases/xUtils_http_cookie.db-journal
- <Package Folder>/files/####/.md
- <Package Folder>/files/####/0A23180E5300843BC9938096D586AACF
- <Package Folder>/files/####/304A55A114B1BB5080A05D808B97C728
- <Package Folder>/files/####/5horsebrowser1012<System Property>46
- <Package Folder>/files/####/<Package>12<System Property>2
- <Package Folder>/files/####/B6BFDE86BB5639D567FA8ED996FFE5AF
- <Package Folder>/files/####/BE9C866C5AD2146E3CCE3DBE46AE6A0F
- <Package Folder>/files/####/C013E6B8D463D57A9E5C0493B0D1A232
- <Package Folder>/files/####/C18AFF9E39574FE2E0A3220A8CD5BC12
- <Package Folder>/files/####/C42BD8C1561605E66DAB63893EE6964C
- <Package Folder>/files/####/C9B62EBE2B318036B3B8C0F70F5A3744
- <Package Folder>/files/####/E04D09FBB9D7D7208CF16653768CC163
- <Package Folder>/files/####/gpdu
- <Package Folder>/files/####/https_www.google.nl_0.localstorage-journal
- <Package Folder>/files/####/ntmp20582266
- <Package Folder>/files/####/test
- <Package Folder>/files/1510833283270_libneo32.so
- <Package Folder>/files/1805.jar
- <Package Folder>/files/201708041650.apk
- <Package Folder>/files/408.jar
- <Package Folder>/files/421.jar
- <Package Folder>/files/430.jar
- <Package Folder>/files/610.jar
- <Package Folder>/files/611.jar
- <Package Folder>/files/617.jar
- <Package Folder>/files/640.jar
- <Package Folder>/files/806.jar
- <Package Folder>/files/<System Property>112.jar
- <Package Folder>/files/IlvGNfLeLnXWQUZjdynamicloader.jar
- <Package Folder>/files/__local_ap_info_cache.json
- <Package Folder>/files/__local_last_session.json
- <Package Folder>/files/__local_stat_cache.json
- <Package Folder>/files/__send_data_1510833274633
- <Package Folder>/files/c201708041650.apk
- <Package Folder>/files/ehkdbiDtwbaGbOOydaemon.so
- <Package Folder>/files/hftJcw46N.jar
- <Package Folder>/files/init.pid
- <Package Folder>/files/init_c1.pid
- <Package Folder>/files/libcuid.so
- <Package Folder>/files/libiXCCVhYUvWYjNhMlbootstrap.so
- <Package Folder>/files/mingsk
- <Package Folder>/files/pPSqBZtGDOsuTyItstub.jar
- <Package Folder>/files/push.pid
- <Package Folder>/files/run.pid
- <Package Folder>/files/sail752.so
- <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s
- <Package Folder>/files/wokuai.apk
- <Package Folder>/files/xnPqJGuLCADgDtbpsa.jar
- <Package Folder>/shared_prefs/20160121.xml
- <Package Folder>/shared_prefs/<Package>_preferences.xml
- <Package Folder>/shared_prefs/Argolisten.xml
- <Package Folder>/shared_prefs/HETEENHAPPYFAMILYDATA.xml
- <Package Folder>/shared_prefs/Q2hhbm5lbElES2V5MjAxNjEyMjcxODU3.xml
- <Package Folder>/shared_prefs/ZYASDKPOIEJMFKL##@!!!.xml
- <Package Folder>/shared_prefs/__Baidu_Stat_SDK_SendRem.xml
- <Package Folder>/shared_prefs/ae.xml
- <Package Folder>/shared_prefs/ak.salvia.sdk.xml
- <Package Folder>/shared_prefs/com.arrkii.module.offerprobe.xml
- <Package Folder>/shared_prefs/dayupdate.xml
- <Package Folder>/shared_prefs/duspf6030945.xml
- <Package Folder>/shared_prefs/jihuos.xml
- <Package Folder>/shared_prefs/settingsLog.xml
- <Package Folder>/shared_prefs/userconfig.xml
- <SD-Card>/.salvia/####/1644728081.temp
- <SD-Card>/.salvia/####/1672245539.temp
- <SD-Card>/.salvia/####/230133003.temp
- <SD-Card>/.salvia/####/401180781.temp
- <SD-Card>/.salvia/####/710217169.temp
- <SD-Card>/.salvia/<Package>
- <SD-Card>/Android/####/0bd7b256cdb4760f744e52ffc70d3e32.0
- <SD-Card>/Android/####/115209b1d9cd8bbc265614752eedf918.0
- <SD-Card>/Android/####/1323d2e16129919da5e058c95015fd06.0
- <SD-Card>/Android/####/21e2001a4d919c12b9bc0bb2e75655fc.0
- <SD-Card>/Android/####/286607a7ec722362d50233ea993fbc09.0
- <SD-Card>/Android/####/2fe7a2193603676e89f2fcee6f024ad3.0
- <SD-Card>/Android/####/34a56288ed2d17f7d82ee9889163c1ab.0
- <SD-Card>/Android/####/3cb5250ea30f410c3eef93a7be8b4c74.0
- <SD-Card>/Android/####/62093f0f99ff46308735a3690079e272.0
- <SD-Card>/Android/####/6fdaa731b0b007a125dde442da541dac.0
- <SD-Card>/Android/####/79d36e686ca63e8ca1ee390aacba6320.0
- <SD-Card>/Android/####/a097b9f86508a7c6a08c87ace293362e.0
- <SD-Card>/Android/####/b2bff5d3fa8a1356dce3f775e52e2932.0
- <SD-Card>/Android/####/b6a93820f5feac92d963847bd1bd1e12.0
- <SD-Card>/Android/####/be9c0e019328e4f851664940ae56eef7.0
- <SD-Card>/Android/####/bfdd661f3243a35c910e26da82000ab3.0
- <SD-Card>/Android/####/c4ccc109e14ff712e65694089832bc16.0
- <SD-Card>/Android/####/cf3c3f1dbab77b3842c0f49569adbe7e.0
- <SD-Card>/Android/####/cf857690b646b46a65eef96bec26597e.0
- <SD-Card>/Android/####/d78014cac44e7d8ce6ce3da45103e66e.0
- <SD-Card>/Android/####/ebc8dbc392c66f1b42f5cdbdfbd43346.0
- <SD-Card>/Android/####/ed470b5fd8ed7940a5baa133aab2c4a4.0
- <SD-Card>/Android/####/f729ea46142986758c8d2e2e997dced2.0
- <SD-Card>/Android/####/journal.tmp
- <SD-Card>/backups/####/.confd
- <SD-Card>/backups/####/.confd-journal
- <SD-Card>/backups/####/.cuid
- <SD-Card>/backups/####/.cuid2
- <SD-Card>/backups/####/.timestamp
- <SD-Card>/system/7826467d0bb7f6f42cb766534e5de0d6.apk.tmp
- <SD-Card>/system1/babeef0fde758db9a6576aea74c6699a.apk
- <SD-Card>/system1/babeef0fde758db9a6576aea74c6699a.apk.tmp
- .kugua
- .kugua -c id
- <Package Folder>/files/.play/test <Package Folder>/files/.play/ 9d051a7f5ce243ccaa3a5a10e8d24c4e
- <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s -h 9d051a7f5ce243ccaa3a5a10e8d24c4e <Package Folder>/.syslib-
- c201708041650.apk -p <Package> -c <Package>:baidu
- chmod 0771 <Package Folder>/.syslib-
- chmod 6777 <Package Folder>/files/c201708041650.apk
- chmod 770 <Package Folder>/files/.play/test
- getenforce
- logcat -d -v time
- ps
- rm -f <Package Folder>/files/hftJcw46N.dex
- rm -f <Package Folder>/files/hftJcw46N.jar
- rm -f <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s
- rm <Package Folder>/files/hftJcw46N.dex
- rm <Package Folder>/files/hftJcw46N.jar
- rm <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s
- sh
- sh -c /system/usr/toolbox rm -f <Package Folder>/files/hftJcw46N.dex > /dev/null 2>&1
- sh -c /system/usr/toolbox rm -f <Package Folder>/files/hftJcw46N.jar > /dev/null 2>&1
- sh -c /system/usr/toolbox rm -f <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s > /dev/null 2>&1
- sh -c rm <Package Folder>/files/hftJcw46N.dex > /dev/null 2>&1
- sh -c rm <Package Folder>/files/hftJcw46N.jar > /dev/null 2>&1
- sh -c rm <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s > /dev/null 2>&1
- sh -c rm -f <Package Folder>/files/hftJcw46N.dex > /dev/null 2>&1
- sh -c rm -f <Package Folder>/files/hftJcw46N.jar > /dev/null 2>&1
- sh -c rm -f <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s > /dev/null 2>&1
- sh <Package Folder>/files/.play/test <Package Folder>/files/.play/ 9d051a7f5ce243ccaa3a5a10e8d24c4e
- sh <Package Folder>/files/us.908GhK3z1XIE6J7u3B4nRKlfEI88s -h 9d051a7f5ce243ccaa3a5a10e8d24c4e <Package Folder>/.syslib-
- 1510833283270_libneo32
- com_zhuoyian_horsebrowser101
- ehkdbiDtwbaGbOOydaemon
- getuiext2
- intel1980838239
- libiXCCVhYUvWYjNhMlbootstrap
- libjni-comymrefpackagesjrrbaidu