Technical information
- Adware.Panda.5.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) abs.rd####.net:80
- TCP(HTTP/1.1) www.md####.cn:80
- TCP(HTTP/1.1) tpw####.g####.sina####.com:80
- TCP(HTTP/1.1) cdn.zs####.cn.####.cn:8080
- TCP(HTTP/1.1) 1####.254.116.117:80
- TCP(HTTP/1.1) c####.h####.com:80
- TCP(HTTP/1.1) api.s####.cn:80
- TCP(HTTP/1.1) t####.qq.com:8080
- TCP(HTTP/1.1) c####.sup####.r####.cn:3004
- TCP(HTTP/1.1) thi####.q####.cn:80
- TCP(HTTP/1.1) s.r####.cn:80
- TCP(TLS/1.0) thi####.q####.cn:443
- TCP(TLS/1.0) a1.rd####.net:443
- TCP(TLS/1.0) wx.q####.cn:443
- TCP(TLS/1.0) s.r####.cn:443
- TCP(TLS/1.0) abs.rd####.net:443
- TCP(TLS/1.0) q.q####.cn:443
- TCP(TLS/1.0) f####.st####.mi####.com:443
- TCP(TLS/1.0) a4.rd####.net:443
- TCP t####.qq.com:8080
- TCP t####.qq.com:80
- TCP t####.qq.com:443
- a1.rd####.net
- a4.rd####.net
- a5.rd####.net
- abs.rd####.net
- api.s####.cn
- api.se####.com
- app.r####.cn
- c####.h####.com
- c####.sup####.r####.cn
- c.r####.cn
- cdn.zs####.cn
- f####.readin####.com
- f####.st####.mi####.com
- f####.st####.mi####.com
- f####.st####.mi####.com
- f####.st####.mi####.com
- pi####.qq.com
- q.q####.cn
- s.i####.cn
- s.r####.cn
- t####.qq.com
- t####.sin####.cn
- thi####.q####.cn
- thi####.q####.cn
- tp4.sin####.cn
- v2.app.r####.cn
- www.md####.cn
- wx.q####.cn
- abs.rd####.net/connect/c.min.js?/mobile####
- abs.rd####.net/connect/c.min.js?mobile/####
- c####.h####.com/Upload/b3dfa883-e832-4817-961e-05cc45d8a6f6.jpg
- c####.sup####.r####.cn:3004/?user=####&version=####&merchant_id=####&cha...
- cdn.zs####.cn.####.cn:8080/resource/gis/45
- s.r####.cn/activity/webview/birthday/attend/popup?model=####&data_source...
- s.r####.cn/mobile/net/monitor/?request_token=####&time=####
- s.r####.cn/mobile/reader/bs/book/bookInfo?book_id=####&ref=####&user=###...
- s.r####.cn/mobile/resources/css/theme.css
- s.r####.cn/mobile/static/js/require/reader/bookinfonew.js
- s.r####.cn/mobile/webview/bookIndex/chuban?v=####&sid=####&user=####&ver...
- thi####.q####.cn/mmopen/vi_32/Ge7uhlEVxicQjcfRZv4WGnj8uBJC8gSTpcCe1evVY6...
- thi####.q####.cn/qqapp/100830060/B0079086ADE7D9399EF0FACEF28A2171/40
- tpw####.g####.sina####.com/5204838419/50/0/1
- tpw####.g####.sina####.com/default/images/default_avatar_male_50.gif
- api.s####.cn/v10/getad
- s.r####.cn/1.0/mobile/r/user/register
- s.r####.cn/2.0/mobile/r/advertisement
- s.r####.cn/2.0/mobile/r/subscribeStatus
- s.r####.cn/coupon/getusercouponlist
- s.r####.cn/mobile/r/bl/keywordextend
- s.r####.cn/mobile/r/taskDelivery
- s.r####.cn/mobile/reader/bs/account/checkBindInfo
- s.r####.cn/mobile/reader/bs/redpoint
- s.r####.cn/mobile/reader/bs/userInfo
- s.r####.cn/mobile/reader/notice
- s.r####.cn/mobile/reader/statistics?counter_id=####
- s.r####.cn/mobile/serverx/android/5.9
- s.r####.cn/mobile/stat/commonCompressLog
- s.r####.cn/mobile/webview/upload/appinfo
- s.r####.cn/ping
- t####.qq.com:8080/203.205.211.75:8080/
- www.md####.cn/pservers/loadip
- /data/data/####/.tpns.service.xml.xml
- /data/data/####/ad.db-journal
- /data/data/####/ad_data.xml
- /data/data/####/bookshelf.db-journal
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/device_id.xml
- /data/data/####/f_000001
- /data/data/####/f_000002
- /data/data/####/f_000003
- /data/data/####/f_000004
- /data/data/####/f_000005
- /data/data/####/f_000006
- /data/data/####/f_000007
- /data/data/####/f_000008
- /data/data/####/f_000009
- /data/data/####/f_00000a
- /data/data/####/f_00000b
- /data/data/####/f_00000c
- /data/data/####/f_00000d
- /data/data/####/f_00000e
- /data/data/####/f_00000f
- /data/data/####/f_000010
- /data/data/####/index
- /data/data/####/iydVenus.xml
- /data/data/####/iydVenus.xml.bak
- /data/data/####/iydVenus.xml.bak (deleted)
- /data/data/####/message.zip
- /data/data/####/ok_http_cookie.xml
- /data/data/####/packageNamesAndappId.xml
- /data/data/####/sync.db-journal
- /data/data/####/tpush.shareprefs.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/zSJ.zip
- /data/data/####/zhike_admodel_3241
- /data/media/####/-1185362356
- /data/media/####/-1209441628
- /data/media/####/-1435156519
- /data/media/####/-189890862
- /data/media/####/-2035805864
- /data/media/####/-760575343
- /data/media/####/-858499751
- /data/media/####/1550658567642softInfo.txt
- /data/media/####/1550658567642softInfo.zip
- /data/media/####/409907368
- /data/media/####/410390077
- /data/media/####/480418344
- /data/media/####/492640574.tmp
- /data/media/####/629127880
- /data/media/####/818846766
- /data/media/####/828734_dst.iydt
- /data/media/####/846374_dst.iydt
- /data/media/####/846387_dst.iydt
- /data/media/####/846423_dst.iydt
- /data/media/####/868670_dst.iydt
- /data/media/####/883865_dst.iydt
- /data/media/####/884255_dst.iydt
- /data/media/####/885989_dst.iydt
- /data/media/####/892777_dst.iydt
- /data/media/####/895637_dst.iydt
- /data/media/####/908819_dst.iydt
- /data/media/####/914043_dst.iydt
- /data/media/####/Aileron-Regular.otf
- /data/media/####/AppMd5.json
- /data/media/####/cr3cache.inx
- /data/media/####/default_book.png
- /data/media/####/iydchannel_manhua
- /data/media/####/shenmi_1550658574911.jpg.iydCache
- /data/media/####/userCId
- /data/media/####/userId
- /data/media/####/zhike_admodel_3241
- /data/media/####/zhike_image_3241.jpg.iydCache
- /system/bin/cat /proc/cpuinfo
- <Package Folder>/lib/libxguardian.so <Package>,2100241503; 55832 203.205.128.130 [{"idx":0,"ts":%d,"et":2000,"si":0,"ui":"<IMEI>","ky":"Axg%lu","mid":"0","ev":{"ov":"18","sr":"600*752","md":"<System Property>","lg":"en","sv":"3.1","mf":"unknown","apn":"%s"}}] 0 18
- sh <Package Folder>/lib/libxguardian.so <Package>,2100241503; 55832 203.205.128.130 [{ idx :0, ts :%d, et :2000, si :0, ui : <IMEI> , ky : Axg%lu , mid : 0 , ev :{ ov : 18 , sr : 600*752 , md : <System Property> , lg : en , sv : 3.1 , mf : unknown , apn : %s }}] 0 18
- iydreader_v1
- tpnsSecurity
- AES
- AES-CFB8-NoPadding
- RSA-ECB-PKCS1PADDING
- AES-CFB-NoPadding
- AES-CFB8-NoPadding
- DES-ECB-PKCS5Padding