Technical information
- Adware.Gexin.2.origin
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) versi####.api.h####.cn:80
- TCP(HTTP/1.1) 4fb7####.cdn.uc####.####.cn:80
- TCP(HTTP/1.1) d####.c####.l####.####.com:80
- TCP(HTTP/1.1) soc.c####.hoge####.com:9504
- TCP(HTTP/1.1) m####.p####.j####.cn:80
- TCP(HTTP/1.1) t####.c####.q####.####.com:80
- TCP(TLS/1.0) and####.cli####.go####.com:443
- TCP(TLS/1.0) dualsta####.wagbr####.ali####.####.com:443
- TCP(TLS/1.0) init####.c####.h####.cn:443
- TCP(TLS/1.0) api.w####.com:443
- TCP(TLS/1.0) 1####.217.19.202:443
- TCP(TLS/1.0) l####.c####.h####.cn:443
- TCP(TLS/1.0) al####.u####.com:443
- TCP(TLS/1.0) api.map.b####.com:443
- TCP(TLS/1.0) connect####.gst####.com:443
- TCP(TLS/1.0) 041791b####.bug####.cn:443
- TCP(TLS/1.2) 1####.217.168.227:443
- TCP(TLS/1.2) 1####.217.19.206:443
- TCP sdk.o####.t####.####.com:5224
- TCP cm-10####.g####.com:5226
- UDP 1####.217.19.202:443
- 041791b####.bug####.cn
- and####.cli####.go####.com
- api.map.b####.com
- api.w####.com
- cm-1####.g####.com
- cm-1####.g####.com
- cm-10####.g####.com
- connect####.gst####.com
- h####.b####.com
- img.p####.j####.cn
- init####.c####.h####.cn
- l####.c####.h####.cn
- l####.tbs.qq.com
- m####.go####.com
- m####.p####.j####.cn
- mm.u.h####.cn
- o####.map.b####.com
- pla####.googleu####.com
- plb####.u####.com
- sdk.c####.g####.com
- sdk.o####.p####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.com
- sdk.o####.t####.####.net
- soc.c####.hoge####.com
- u####.u####.com
- versi####.api.h####.cn
- wea####.api.h####.cn
- 4fb7####.cdn.uc####.####.cn/20210611125f44b68e74c1588d8dc980257f6e6d.png...
- 4fb7####.cdn.uc####.####.cn/2021061139df4ad0e830ab5adf5ee1fb4106d1e4_ori...
- 4fb7####.cdn.uc####.####.cn/202106113a8645440a523f3daaaa4edfd69576c1_ori...
- 4fb7####.cdn.uc####.####.cn/202106116446b9ba85350b621803bce7d64c045c_ori...
- 4fb7####.cdn.uc####.####.cn/20210611656e413a0053db2330c66e45ec7eb02b.jpg...
- 4fb7####.cdn.uc####.####.cn/202106116f10ec57fe2b78305cc2f96332c4c332_ori...
- 4fb7####.cdn.uc####.####.cn/20210611b6532bbd94e69c7005e3069cf31c58d5.jpg...
- 4fb7####.cdn.uc####.####.cn/20210611c05f1b46491053b0f3cf70accda5d256_ori...
- 4fb7####.cdn.uc####.####.cn/20210611d4a6b2c7a1f81f51ed1b19f19b1565ff_ori...
- 4fb7####.cdn.uc####.####.cn/20210611dc3916c3be4466bb0558ec23c69c27fe_ori...
- d####.c####.l####.####.com/config/hzv9.conf
- m####.p####.j####.cn/api/open/gongzhuling/ad.php?system_version=####&app...
- m####.p####.j####.cn/api/open/gongzhuling/ad_news.php?system_version=###...
- m####.p####.j####.cn/api/open/gongzhuling/get_content_info.php?system_ve...
- m####.p####.j####.cn/api/open/gongzhuling/news.php?site_id=####&client_t...
- soc.c####.hoge####.com:9504/
- t####.c####.q####.####.com/mxu/2017/1128/6d/6d8aaaca2afc4e917bd6482b66d3...
- t####.c####.q####.####.com/mxu/2017/1128/6e/6e93209bcc11cf332e4235fc2d50...
- t####.c####.q####.####.com/mxu/2017/1128/9a/9ad5193108dcd3c1410cf637c8db...
- t####.c####.q####.####.com/mxu/2017/1128/ab/abe9d9a4b1c651350c43c7897524...
- t####.c####.q####.####.com/mxu/2017/1128/b5/b5a12c7773038c01d713c324b303...
- t####.c####.q####.####.com/mxu/2017/1128/ed/ed8fd158ca12b07593bfa63fb4e3...
- t####.c####.q####.####.com/mxu/2018/0108/8c/8cfdfb3ba25e594153964a1c1f05...
- t####.c####.q####.####.com/mxu/2018/0108/fb/fb810118e79c7ebfba46fcc541e5...
- t####.c####.q####.####.com/mxu/2019/0115/be/be77ee5ea56f542888306dafe202...
- t####.c####.q####.####.com/mxu/2019/0115/f8/f86698fe14941f98c8f9c8729de9...
- versi####.api.h####.cn/?m=####&c=####&bundle_id=####&client_type=####&sy...
- versi####.api.h####.cn/?m=####&c=####&system_version=####&app_version=##...
- m####.p####.j####.cn/api/open/gongzhuling/mobile_client.php?system_versi...
- /data/data/####/.imprint
- /data/data/####/.jg.ic
- /data/data/####/22937aa4afcdad818867db7bd1aa501b.0
- /data/data/####/22937aa4afcdad818867db7bd1aa501b.1
- /data/data/####/Alvin2.xml
- /data/data/####/Alvin2.xml.bak (deleted)
- /data/data/####/ContextData.xml
- /data/data/####/ContextData.xml.bak (deleted)
- /data/data/####/CookiePersistence.xml
- /data/data/####/__Baidu_Stat_SDK_SendRem.xml
- /data/data/####/__local_ap_info_cache.json
- /data/data/####/__local_last_session.json
- /data/data/####/__local_stat_cache.json
- /data/data/####/__send_data_1623429694796
- /data/data/####/app_language_sp.xml
- /data/data/####/audio.xml
- /data/data/####/authStatus_com.hoge.android.app.gongzhuling.xml
- /data/data/####/authStatus_com.hoge.android.app.gongzhuling;pus...ce.xml
- /data/data/####/authStatus_com.hoge.android.app.gongzhuling;remote.xml
- /data/data/####/baidu_mtj_sdk_record.xml
- /data/data/####/baidu_mtj_sdk_record.xml.bak
- /data/data/####/classes.dex
- /data/data/####/classes.dex;classes10.dex
- /data/data/####/classes.dex;classes11.dex
- /data/data/####/classes.dex;classes12.dex
- /data/data/####/classes.dex;classes13.dex
- /data/data/####/classes.dex;classes2.dex
- /data/data/####/classes.dex;classes3.dex
- /data/data/####/classes.dex;classes4.dex
- /data/data/####/classes.dex;classes5.dex
- /data/data/####/classes.dex;classes6.dex
- /data/data/####/classes.dex;classes7.dex
- /data/data/####/classes.dex;classes8.dex
- /data/data/####/classes.dex;classes9.dex
- /data/data/####/core_info
- /data/data/####/dW1weF9pbnRlcm5hbF8xNjIzNDI5NjcwMTA4;
- /data/data/####/dms_sp.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/gal.db
- /data/data/####/gal.db-journal
- /data/data/####/getui_sp.xml
- /data/data/####/hst.db
- /data/data/####/hst.db-journal
- /data/data/####/i==1.2.0&&1.0.0_1623429670273_envelope.log
- /data/data/####/info.xml
- /data/data/####/init.pid
- /data/data/####/init_c1.pid
- /data/data/####/journal
- /data/data/####/libcuid.so
- /data/data/####/libjiagu.so
- /data/data/####/lock_dm
- /data/data/####/lock_gt
- /data/data/####/mac.xml
- /data/data/####/movie.binary
- /data/data/####/movie.spec
- /data/data/####/mxu.db-journal
- /data/data/####/ofl_location.db
- /data/data/####/ofl_location.db-journal
- /data/data/####/ofl_statistics.db
- /data/data/####/ofl_statistics.db-journal
- /data/data/####/proc_auxv
- /data/data/####/psd_17.png
- /data/data/####/psd_21.png
- /data/data/####/psd_23.png
- /data/data/####/psd_25.png
- /data/data/####/psd_27.png
- /data/data/####/psd_29.png
- /data/data/####/psd_31.png
- /data/data/####/psd_33.png
- /data/data/####/psd_35.png
- /data/data/####/push.pid
- /data/data/####/pushsdk.db-journal
- /data/data/####/run.pid
- /data/data/####/setting.xml
- /data/data/####/setting.xml.bak
- /data/data/####/tbs_download_config.xml
- /data/data/####/tbs_download_config.xml.bak
- /data/data/####/tbs_download_stat.xml
- /data/data/####/tbslock.txt
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/umdat.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_common_config.xml.bak
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_general_config.xml.bak (deleted)
- /data/data/####/umeng_it.cache
- /data/data/####/weibo_sdk_aid1
- /data/media/####/.a.dat
- /data/media/####/.adfwe.dat
- /data/media/####/.cca.dat
- /data/media/####/.confd
- /data/media/####/.confd-journal
- /data/media/####/.cuid2
- /data/media/####/.timestamp
- /data/media/####/.umm.dat
- /data/media/####/03257ba14e9aa13e0cba9ed3dd15ca8cce26b675852e39....0.tmp
- /data/media/####/0421f8fe073b4692691876fd74ff6e707efdfa04ef5498....0.tmp
- /data/media/####/0baaf53499c4377a0337a6a9f552ed0d5d8b04b2fcf0f5...97bf.0
- /data/media/####/13d5322e8795256c77f22af21651b4cb745b37f6a0e965....0.tmp
- /data/media/####/19c72e6727d07646da18bd939028caaff36a47821a0731....0.tmp
- /data/media/####/1dc46264a2942e43a78713acd2249cd0b691a177aed223....0.tmp
- /data/media/####/1fc7eda7c83b84b0c18a67174b66692fa0972c17c46d0d....0.tmp
- /data/media/####/23b8254932d33f03ff68110c6d60ab3bca0363d6ab2a11...2c9c.0
- /data/media/####/3cd19f412b29cb4c74fdf040e60c858c9e2edcb403469d....0.tmp
- /data/media/####/4561b1b46a856b9aca1b1c9db12748a43b32dee3599e2c....0.tmp
- /data/media/####/53887ee6bda5d254abc168c382e6daf1cd797d1d4c7ed0....0.tmp
- /data/media/####/5cad2035b7e25b6b8610085d7de3ae0a100e8c855b38de....0.tmp
- /data/media/####/6461ffa8435188eafc97dc0c8de4b3333d2e2ff0215755...5a12.0
- /data/media/####/6e393de47257242a68d58098cb56f3348ea4f6e038aff4....0.tmp
- /data/media/####/6eb2cd742fbc1b83185c71f704cd486fa33c8e7dd0e040...a632.0
- /data/media/####/8418e157acadc91ac72d4eb68a0cfc13ca4d1b26a5c01a...9cff.0
- /data/media/####/8ab50f588b6260a68327bc990aded9324cf7d672589aff...494b.0
- /data/media/####/95746c4c49a2569af76b266cf519a015aee1bf0b780307....0.tmp
- /data/media/####/976b7f6ce787f300fd0444b85f41bc3d28357b5b050a37....0.tmp
- /data/media/####/9827aa0e9e094b6eaad8221dca9651222462b003b092e7....0.tmp
- /data/media/####/9f3451353d221a6bc9c37e7d6f7493f0905738571081b2....0.tmp
- /data/media/####/Alvin2.xml
- /data/media/####/Alvin2.xml.bak (deleted)
- /data/media/####/ContextData.xml
- /data/media/####/ContextData.xml.bak (deleted)
- /data/media/####/a9484941c3a6781acfd920d3086784b09e74b0c6deda23....0.tmp
- /data/media/####/b2eccc9d07f0b617b28b7dbe86f53a629afaeda26b244c....0.tmp
- /data/media/####/b748ddc4fe36c400bbca2468172530848a433ef26bd8b3...1ee2.0
- /data/media/####/c2a07cf87f6fff47f37577258ac8aa6ecf9b23b2bc5c95....0.tmp
- /data/media/####/c4f9669f54dc9c59372ad3425ad8438bf127ae4a9ed2af...33da.0
- /data/media/####/c5dc225a767dccd7ea9063f4b45e9da529121d1d590221....0.tmp
- /data/media/####/c86137c7a2b32984861eae9f9568db6991f070f9af0743...3028.0
- /data/media/####/cd0933063e2b938312733c2653cc7b7f7a2412c18c48d6...e8c3.0
- /data/media/####/com.hoge.android.app.gongzhuling.bin
- /data/media/####/d612e052a00e15545cc1a96b5ec60751b13c452a972d1d....0.tmp
- /data/media/####/dc57cd9cd6da19ac0a4f82e130fcdc0cb7e1f1591f8dd5...6f04.0
- /data/media/####/e51a4f6ade2676a34c1a934c90e4facbdbceba34773e10....0.tmp
- /data/media/####/f8c3a779f748b94e41f1bd82a4ed2c336468be718f4125....0.tmp
- /data/media/####/fd5e0a65b6ba1e68e145f35ded6288b3c3902c4aec6d0e....0.tmp
- /data/media/####/fe082d794ee234f9066bce59cc0bcabb0297450fdd492d....0.tmp
- /data/media/####/ffe63db82bac668cb59b67b0cd47ea0822ab1d4f89c1f0....0.tmp
- /data/media/####/journal.tmp
- /data/media/####/log-06-11-19-40-29.log
- /data/media/####/ls.db
- /data/media/####/ls.db-journal
- /data/misc/####/primary.prof
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- getprop ro.build.display.id
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.miui.ui.version.name
- getprop ro.product.cpu.abi
- getprop ro.smartisan.version
- getprop ro.vivo.os.version
- ls /
- ls /data/anr/
- ls /sys/class/thermal
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- RSA-ECB-NoPadding
- RSA-ECB-PKCS1Padding
- RSA-NONE-OAEPWithSHA1AndMGF1Padding
- AES-CBC-PKCS5Padding
- desede-CBC-PKCS5Padding