Technical information
- Adware.Dowgin.14.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) fk-k8s-####.ray####.com:80
- TCP(HTTP/1.1) net.ray####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) trac####.le####.com:80
- TCP(HTTP/1.1) d####.ray####.com:80
- TCP(HTTP/1.1) cd.md.c####.####.net:80
- TCP(HTTP/1.1) ui.ki.u####.cn:80
- TCP(HTTP/1.1) f.adu####.com:80
- TCP(HTTP/1.1) w.ws.amberwe####.com:80
- TCP(HTTP/1.1) p####.amberwe####.com:80
- TCP(HTTP/1.1) 75a2####.cdn.uc####.####.cn:80
- TCP(HTTP/1.1) f.ad.amberwe####.com:80
- TCP(TLS/1.0) app.appsf####.com:443
- TCP(TLS/1.0) 2####.58.212.142:443
- TCP(TLS/1.0) t.mob####.com:443
- TCP(TLS/1.0) ssl.google-####.com:443
- TCP(TLS/1.0) www.amberwe####.com:443
- a####.u####.com
- and####.b####.qq.com
- app.appsf####.com
- cd.md.c####.cn
- cdn####.ray####.com
- d####.ray####.com
- f.ad.amberwe####.com
- f.adu####.com
- f.s####.amberwe####.com
- net.ray####.com
- p####.amberwe####.com
- set####.ray####.com
- ssl.google-####.com
- t.mob####.com
- trac####.le####.com
- ui.ki.u####.cn
- w.ws.amberwe####.com
- www.amberwe####.com
- 75a2####.cdn.uc####.####.cn/cdn-adn/dmp/18/06/27/16/55/5b3351191a5e9.png
- 75a2####.cdn.uc####.####.cn/cdn-adn/v2/offersync/19/01/07/11/31/5c32c804...
- cd.md.c####.####.net/offer/20181204/201812041054103.png
- cd.md.c####.####.net/offer/20181204/201812041054366.apk
- cd.md.c####.####.net/offer/20181204/201812041054759.png
- cd.md.c####.####.net/offer/20181224/201812241540636.png
- d####.ray####.com/click?k=####&p=fHx8f####&q=####&r=eyJna####&al=2661###...
- d####.ray####.com/impression?k=####&p=fHx8f####&q=####&x=####&r=eyJna###...
- d####.ray####.com/onlyImpression?k=####&p=OTA3O####&csp=####&rs=####
- f.ad.amberwe####.com/ezweather/get_version.php?type=####&z####&UID=####
- f.ad.amberwe####.com/feature_app?appid=####&o=####&vcode=####&p=####&lan...
- f.adu####.com/ipcity.php
- fk-k8s-####.ray####.com/setting?app_id=####&sign=####&platform=####&os_v...
- fk-k8s-####.ray####.com/setting?unit_ids=####&app_id=####&sign=####&plat...
- net.ray####.com/openapi/ad/v3?app_id=####&unit_id=####&req_type=####&sig...
- p####.amberwe####.com/message.php?appid=####&lang=####&appver=##...
- p####.amberwe####.com/message.php?appid=####&lang=####&appver=####&UID=#...
- trac####.le####.com/click?mb_pl=####&mb_nt=####&mb_campid=####&mb_creati...
- ui.ki.u####.cn/r?a=####
- w.ws.amberwe####.com/api/v1/weather?lat=####&lon=####&lang=####&appid=##...
- a####.u####.com/app_logs
- and####.b####.qq.com/rqd/async?aid=####
- ui.ki.u####.cn/bva/lc3
- ui.ki.u####.cn/kbf/sbh/xvw/n7c
- ui.ki.u####.cn/qa/j/zc8
- ui.ki.u####.cn/s/j37
- ui.ki.u####.cn/t/f/n/k37
- ui.ki.u####.cn/x/qrm/h77
- /data/data/####/.imprint
- /data/data/####/03a5da5.xml
- /data/data/####/1004
- /data/data/####/1460683162801.jar
- /data/data/####/1460683162801.tmp
- /data/data/####/2a2101f77.xml
- /data/data/####/3dfdaf0d5.xml
- /data/data/####/6f0c159226.xml
- /data/data/####/8371d.xml
- /data/data/####/8e3cd.xml
- /data/data/####/IST.xml
- /data/data/####/ad_cache_file.xml
- /data/data/####/ad_shareprefer.xml
- /data/data/####/aw-widget-sp.xml
- /data/data/####/bugly_db_-journal
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/com.google.android.gms.analytics.prefs.xml
- /data/data/####/com.google.android.gms.appid-no-backup
- /data/data/####/com.google.android.gms.appid.xml
- /data/data/####/com.google.android.gms.measurement.prefs.xml
- /data/data/####/crashrecord.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/gaClientId
- /data/data/####/google_analytics_v4.db-journal
- /data/data/####/index
- /data/data/####/local_crash_lock
- /data/data/####/mobvista.msdk.db-journal
- /data/data/####/mobvista.xml
- /data/data/####/msk.pouw.xwea.qhjsuz.jar
- /data/data/####/mul_widget.xml
- /data/data/####/mul_widget_ad.xml
- /data/data/####/mul_world.xml
- /data/data/####/multidex.version.xml
- /data/data/####/push.db
- /data/data/####/push.db-journal
- /data/data/####/security_info
- /data/data/####/share_date.xml
- /data/data/####/sp_lock_screen
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/weathero.know.fulua-1.apk.classes1500576537.zip
- /data/data/####/weathero.know.fulua_preferences.xml
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/widget_mul_ad_lib.xml
- /data/data/####/widget_mul_store.xml
- /data/media/####/.nomedia
- /data/media/####/15099fbb7f572200f2c89a95ceb28b3d.tmp
- /data/media/####/1554221885.temp
- /data/media/####/67b372
- /data/media/####/c000b6
- /data/media/####/d746d6
- /data/media/####/lock_sd_config
- /data/media/####/mfz.d
- /data/media/####/mul_widget_config.amber
- /system/bin/sh -c getprop
- /system/bin/sh -c type su
- chmod 777 /storage/emulated/0/download/865ae72ab//15099fbb7f572200f2c89a95ceb28b3d.tmp
- Bugly
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding
- DES
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding
- DES