Техническая информация
- Adware.Dowgin.14.origin
- Adware.Dowgin.3.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) cd.md.c####.####.net:80
- TCP(HTTP/1.1) statson####.pu####.b####.com:80
- TCP(HTTP/1.1) api.tui####.b####.com:80
- TCP(HTTP/1.1) m2.dwst####.com:80
- TCP(HTTP/1.1) gi.xi.g####.com:80
- TCP(HTTP/1.1) s####.yy.com:80
- TCP(HTTP/1.1) v3.dwst####.com:80
- TCP(HTTP/1.1) wup.z####.com:80
- TCP(HTTP/1.1) bi2.du####.com:80
- TCP(TLS/1.0) ssl.gst####.com:443
- TCP(TLS/1.0) www.go####.com:443
- TCP(TLS/1.0) www.gst####.com:443
- TCP sa.tui####.b####.com:5287
- a####.u####.co
- a####.u####.com
- api.tui####.b####.com
- bi2.du####.com
- cd.md.c####.cn
- gi.xi.g####.com
- m2.dwst####.com
- s####.yy.com
- sa.tui####.b####.com
- ssl.gst####.com
- statson####.pu####.b####.com
- v3.dwst####.com
- wup.z####.com
- www.b####.com
- www.go####.com
- www.gst####.com
- bi2.du####.com/apiBiList_cate_new.php?type=####&os=####&page=####&versio...
- bi2.du####.com/apiMain_new.php?os=####&version=####
- bi2.du####.com/hot_search.php?os=####&funcName=####&version=####
- bi2.du####.com/upgrade/version_bi_new.php?isAutoRequest=####&os=####&ver...
- cd.md.c####.####.net/offer/20181204/201812041054103.png
- cd.md.c####.####.net/offer/20181204/201812041054366.apk
- cd.md.c####.####.net/offer/20181204/201812041054759.png
- gi.xi.g####.com/vs/ggtc?appid=####
- m2.dwst####.com/huodong/shouji3/201803/023/06/79753f5fcc3de49213b8211a6c...
- m2.dwst####.com/huodong/shouji3/201803/023/28/4c183902dbc6dcafc247f983ef...
- m2.dwst####.com/huodong/shouji3/201803/027/19/6f409135e15334700eb083e226...
- m2.dwst####.com/huodong/shouji3/201803/027/66/2dd6a9cd776011297f5b1fa8cf...
- m2.dwst####.com/huodong/shouji3/201803/029/50/d81d268df778f4bd8509824f84...
- m2.dwst####.com/huodong/shouji3/201803/030/77/2fbd0991f74d5f1e4baf19f7e5...
- m2.dwst####.com/huodong/shouji3/201805/567/02/25ba4d7ad173e75890d053c246...
- m2.dwst####.com/huodong/shouji3/201808/433/16/0cc0daf3e0343d93b6cade8d58...
- m2.dwst####.com/huodong/shouji3/201809/279/61/ca9c682f87728083de6527f2ed...
- s####.yy.com/biapps/bi/bi_v4.2.81a_bi.apk
- v3.dwst####.com/bi/201901/02/3ad7a93487992c5cd5cbd4f9d5f90000.png?w=####...
- v3.dwst####.com/bi/201902/02/3ad7a9344130555c19d2b7b3b8b30000.png?w=####...
- v3.dwst####.com/bi/201902/02/3ad7a934d52a555c14d2d5acd6ac0000.png?w=####...
- v3.dwst####.com/bi/201902/22/3ad7a9206a0f705c57bfbde8bee80000.jpg?w=####...
- v3.dwst####.com/bi/201902/22/3ad7a93405f56f5c17d2bf0cc00c0000.jpg?w=####...
- v3.dwst####.com/bi/201902/22/3ad7a934e6fa6f5c11d2911892180000.jpg?w=####...
- v3.dwst####.com/bi/201902/22/3ad7a934effa6f5c0dd2a318a4180000.jpg?w=####...
- v3.dwst####.com/bi/201902/25/3ad7a93421a6735c16d2bd81be810000.jpg?w=####...
- v3.dwst####.com/bi/201902/26/3ad7a920a8eb745c57bf390a3a0a0000.jpg?w=####...
- v3.dwst####.com/bi/201902/27/3ad7a9206c37765c52bfe1ebe2eb0000.jpg?w=####...
- v3.dwst####.com/bi/201902/28/3ad7a93414f7775c1ad2e3bbe4bb0000.jpg?w=####...
- a####.u####.com/app_logs
- api.tui####.b####.com/rest/2.0/channel/3693581628720451546
- api.tui####.b####.com/rest/2.0/channel/channel
- bi2.du####.com/
- gi.xi.g####.com/50f7k
- gi.xi.g####.com/6f50l
- gi.xi.g####.com/ca97/gf5
- gi.xi.g####.com/ca97/h76
- gi.xi.g####.com/ca97/j67
- gi.xi.g####.com/ca97/k67
- gi.xi.g####.com/ca97/l56
- gi.xi.g####.com/ca97/n6c
- gi.xi.g####.com/ca97/zca
- statson####.pu####.b####.com/pushlog_special
- wup.z####.com/
- /data/data/####/1551436359985c.jar
- /data/data/####/_i-819278499.xml
- /data/data/####/_w-819278499.xml
- /data/data/####/_w-819278499.xml.bak (deleted)
- /data/data/####/b28e9bae7.xml
- /data/data/####/bi_preference.xml
- /data/data/####/bindcache.xml
- /data/data/####/c9576.xml
- /data/data/####/com.ehd.bawyt.jar
- /data/data/####/com.funsoft.kutu.push_sync.xml
- /data/data/####/com.funsoft.kutu.self_push_sync.xml
- /data/data/####/d4199558.xml
- /data/data/####/ed9055a.xml
- /data/data/####/exchangeIdentity.json
- /data/data/####/funbox_db_cache.db-journal
- /data/data/####/pst.xml
- /data/data/####/pushstat_4.6.2.db
- /data/data/####/pushstat_4.6.2.db-journal
- /data/data/####/um_cache_1551436385601.env
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/zb_user.xml
- /data/media/####/.cuid
- /data/media/####/15099fbb7f572200f2c89a95ceb28b3d.tmp
- /data/media/####/367b372
- /data/media/####/6amML6eAmRpDxXtBSQBzYGSh8Js.-2116431691.tmp
- /data/media/####/8QJ1vmoufXx5EtNnfHMhvJfwehw.cnt
- /data/media/####/A4RSSYIrex-IPg7yXCf1WJ4lPL4.1337993668.tmp
- /data/media/####/GAtBO1AvBtkY3nHyFb_P18Bc2ow.278971420.tmp
- /data/media/####/JtYbq-AReMcFK2X0jxaH8XoNAz8.2005108194.tmp
- /data/media/####/JxvptsI2c9vj6ZuUUdiJ6ya81vo.1953635346.tmp
- /data/media/####/OfFKbY-1O9L8z-VGZ7hcxU_rqcM.714467536.tmp
- /data/media/####/UZQbEW3MBVaQsMKijrsQh_ckr5Y.835325086.tmp
- /data/media/####/WQMejmnl4FNDKwP3AdvQW4YzI3Y.-151944125.tmp
- /data/media/####/Xs78JNrgji4n8y2uE9jNfZDWtro.-911210690.tmp
- /data/media/####/apps
- /data/media/####/b3g7Lj6-M7MYLX2eIb5-TOecpLQ.642675463.tmp
- /data/media/####/bdQosGY0sqocBdOq9oZGvt79uDc.71947990.tmp
- /data/media/####/cygkOKBkfHma785uOULT5JKppII.-1950159513.tmp
- /data/media/####/d-cKZk8mi7HQDZwW9dW7F31XHC8.147315621.tmp
- /data/media/####/eB69Tv_8gGKA3eAEXXTNzjtt3PM.-1291207035.tmp
- /data/media/####/fc000b6
- /data/media/####/hpLNMXqVkO7zmWQrJKMGhm8estk.744137656.tmp
- /data/media/####/i5xxzeYkbBllTlFiXft9FdhbHTo.-1236596360.tmp
- /data/media/####/i9_mO0ii_SaZDRmeKFMkreag6c0.-2018755009.tmp
- /data/media/####/mfz.d
- /data/media/####/p7PiNvaMO7gvQlWZZ1K3vvfBq8g.256737076.tmp
- /data/media/####/xdtQ5cnlASHWGxyvZVm_YyxY2tE.257850545.tmp
- chmod 777 /storage/emulated/0/download/46f50f7//15099fbb7f572200f2c89a95ceb28b3d.tmp
- bdpush_V2_5
- bitmaps
- memchunk
- AES-CBC-PKCS5Padding
- DES
- RSA-ECB-PKCS1Padding
- AES-CBC-PKCS5Padding
- DES
- RSA-ECB-PKCS1Padding