Technical information
Malicious functions:
Executes code of the following detected threats:
- Android.Siggen.Susp.63
Network activity:
Connects to:
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) vod-####.q####.com.####.com:80
- TCP(HTTP/1.1) 39.1####.70.54:80
- TCP(HTTP/1.1) wy.vod.dians####.####.com:80
- TCP(HTTP/1.1) l####.b####.com:80
- TCP(HTTP/1.1) cdn.api.dianshi####.com:80
- TCP(HTTP/1.1) adash####.man.aliy####.com:80
- TCP(HTTP/1.1) 39.1####.21.73:80
- TCP(HTTP/1.1) 39.1####.42.65:80
- TCP(HTTP/1.1) d####.100u####.com.####.net:80
- TCP(HTTP/1.1) webzjca####.reg.163.com:80
- TCP(HTTP/1.1) detec####.math####.cn:80
- TCP(HTTP/1.1) p####.dianshi####.com:80
- TCP(HTTP/1.1) c####.dianshi####.com.####.com:80
- TCP(HTTP/1.1) g3.l####.com:80
- TCP(HTTP/1.1) i####.k####.com.####.com:80
- TCP(HTTP/1.1) 1####.56.125.184:80
- TCP(HTTP/1.1) t####.dians####.com:80
- TCP(HTTP/1.1) and####.b####.qq.com:80
- TCP(HTTP/1.1) idc####.k####.com:80
- TCP(HTTP/1.1) co####.ssp.math####.cn:80
- TCP(HTTP/1.1) hub.dianshi####.com:80
- TCP(HTTP/1.1) im.dianshi####.com:80
- TCP(HTTP/1.1) 1####.161.124.146:12340
- TCP(HTTP/1.1) api.dianshi####.com:80
- TCP(HTTP/1.1) disp####.dians####.com:80
- TCP(HTTP/1.1) h.ve####.zhim####.com:80
- TCP(HTTP/1.1) tra####.dians####.com:80
- TCP(HTTP/1.1) 1####.28.228.62:14305
- TCP(HTTP/1.1) newap####.math####.cn:80
- TCP(HTTP/1.1) 39.1####.143.44:8001
- TCP(HTTP/1.1) p####.api.math####.cn:80
- TCP(HTTP/1.1) dd2.wuko####.com:80
- TCP(HTTP/1.1) cdn.dianshi####.com:80
- TCP(TLS/1.0) s.b####.com:8650
- TCP(TLS/1.0) ac.d####.163.com:443
- TCP(TLS/1.0) idc####.k####.com:443
- TCP(TLS/1.0) webzjca####.reg.163.com:443
- TCP(TLS/1.0) 64.2####.163.95:443
- TCP(TLS/1.0) plb####.u####.com:443
- TCP(TLS/1.0) to####.ctobsn####.com.####.com:443
- TCP(TLS/1.0) to####.ctobsn####.com.####.net:443
- TCP(TLS/1.0) 1####.194.176.223:443
- TCP(TLS/1.0) necap####.n####.127.####.com:443
- TCP(TLS/1.0) 2####.107.1.97:443
- TCP(TLS/1.0) u####.u####.com:443
- TCP(TLS/1.0) digital####.google####.com:443
- TCP(TLS/1.0) card####.k####.com.####.com:443
- TCP(TLS/1.2) pla####.google####.com:443
- TCP(TLS/1.2) 1####.194.222.94:443
- TCP 1####.130.146.17:4010
- TCP 36.32.2####.35:4010
- TCP 1####.174.29.22:4010
- UDP 2####.102.25.66:2194
- TCP 1####.234.125.94:4010
- TCP 60.17.2####.111:4010
- UDP 1####.235.27.251:2639
- UDP 2####.255.255.250:1900
- TCP 2####.221.249.255:4010
- TCP 1####.97.68.166:12351
- TCP 1####.229.181.120:4010
- UDP 39.1####.62.19:3478
- TCP 1####.92.50.58:20482
- UDP as3.binst####.live:3923
- TCP 58.1####.31.108:4010
- UDP as2.binst####.live:3923
- UDP 1####.243.152.156:1300
- UDP 1####.0.3.254:4010
- TCP 6####.19.38.109:4010
- TCP 1.1####.36.116:4010
- UDP as3.binst####.live:13
- UDP 1####.227.247.246:1572
- UDP as4.binst####.live:3923
- TCP 1####.208.91.91:4010
- TCP 42.1####.182.99:26706
- UDP as2.binst####.live:13
- TCP 27.2####.11.250:4010
- UDP as1.binst####.live:13
- TCP 1####.39.117.251:4010
- TCP 1####.190.136.60:4010
- UDP 39.1####.70.54:8050
- TCP 1####.96.255.215:4698
- TCP 1####.73.206.142:4010
- TCP 1####.161.241.130:4010
- TCP 1####.109.203.113:4010
- UDP 39.1####.42.65:8050
- TCP 42.1####.127.195:4010
- UDP 1####.10.181.27:1732
- UDP as4.binst####.live:13
- TCP 1####.186.92.194:4010
- TCP 1####.116.141.123:4010
- TCP 1####.157.126.39:4010
- UDP hs9.hangzho####.com:16000
- UDP digital####.google####.com:443
- TCP 1####.165.131.230:4010
- TCP 1####.214.57.67:4010
- UDP 39.1####.134.87:3479
- UDP as1.binst####.live:3923
- TCP zb-cent####.m.ta####.com:443
DNS requests:
- a####.man.aliy####.com
- ac.d####.163.com
- acc####.m.ta####.com
- ad-temp####.k####.com
- amdc####.m.ta####.com
- and####.b####.qq.com
- and####.cli####.go####.com
- api.dianshi####.com
- as1.binst####.live
- as2.binst####.live
- as3.binst####.live
- as4.binst####.live
- ask.log.k####.com
- c####.dianshi####.com
- card####.k####.com
- cdn.api.dianshi####.com
- cdn.cha####.dianshi####.com
- cdn.dianshi####.com
- co####
- co####.8.8.####.8
- co####.ssp.math####.cn
- d####.100u####.com
- dd2.wuko####.com
- detec####.math####.cn
- digital####.google####.com
- disp####.dians####.com
- g3.l####.com
- h.ve####.zhim####.com
- hs9.hangzho####.com
- hub.dianshi####.com
- i####.k####.com
- idc####.k####.com
- im.dianshi####.com
- l####.b####.com
- necap####.n####.127.net
- newap####.math####.cn
- off####.dianshi####.com
- p####.api.math####.cn
- p####.dianshi####.com
- p####.google####.com
- pla####.google####.com
- pla####.googleu####.com
- plb####.u####.com
- qn.g####.l####.####.com
- s.b####.com
- t####.dians####.com
- t####.k####.com
- tm1.binst####.live
- tm2.binst####.live
- tm3.binst####.live
- tm4.binst####.live
- to####.ctobsn####.com
- tra####.dians####.com
- u####.u####.com
- umen####.m.ta####.com
- web####.reg.163.com
- webzjca####.reg.163.com
- wy.g####.l####.####.com
- wy.vod.dians####.com
HTTP GET requests:
- api.dianshi####.com/api/cash/info
- api.dianshi####.com/api/channel/v1/channelGroup/template
- api.dianshi####.com/api/coin/info
- api.dianshi####.com/api/config/deviceCompat?brand=####&model=####&osver=...
- api.dianshi####.com/api/config/v1/common/conf
- api.dianshi####.com/api/pan/v1/config/global
- api.dianshi####.com/api/pan/v2/ufile/list?type=####&page=####&size=####&...
- api.dianshi####.com/api/redpack/info
- api.dianshi####.com/api/task/get?
- api.dianshi####.com/api/tv/v1/hotchannels?type=####
- api.dianshi####.com/api/tvSkin?menunum=####
- api.dianshi####.com/api/update/new_version
- api.dianshi####.com/api/v1/cloudConfig?ts=####
- api.dianshi####.com/api/v1/play/control
- api.dianshi####.com/api/v2/user/wx/helplogin
- api.dianshi####.com/api/v6/channels?ts=####
- api.dianshi####.com/gslb/channel/stream?region=####&isp=####&tm=####&uui...
- api.dianshi####.com/ipInfo
- api.dianshi####.com/time?ts=####
- c####.dianshi####.com.####.com/bl0qsnbh8pc0/bl0qsnbh8pc0_cctv8_34u8_zhua...
- c####.dianshi####.com.####.com/static/plugin/01f41a829659f80e9566717f8ee...
- c####.dianshi####.com.####.com/static/plugin/33bcaa6df34bea8b058f19ca44b...
- c####.dianshi####.com.####.com/static/plugin/343f88522e562dc57be54cb8f01...
- c####.dianshi####.com.####.com/static/plugin/7b2267f9f4f7d9e7c3a360950e3...
- c####.dianshi####.com.####.com/static/plugin/8bdc5f82e6ab1c0470bea1ea3c7...
- c####.dianshi####.com.####.com/static/plugin/923ac7fb0f83cde79ad5fd559b9...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-148402...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-151663...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-152771...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-177474...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-183007...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-202767...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-227829...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-236052...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-256750...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-261458...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-313071...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-356744...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-448347...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-451317...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-464934...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-471156...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-480752...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-489720...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-533575...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-546971...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-571809...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-587092...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-596396...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-617474...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-651542...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-686125...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-713990...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-780034...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-785732...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-811505...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-851301...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-887774...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-891471...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-932835...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-952251...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/-982422...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/1430392...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/2075142...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/2611325...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/2636163...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/3038883...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/3941938...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/3972318...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/4351071...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/4420493...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/4664043...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/4962826...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/5316456...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/5339431...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/5414152...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/5418526...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/5468723...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/5620384...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/5696204...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/6796928...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/7181822...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/7464087...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/8447794...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/8871296...
- card####.k####.com.####.com:443/media/cdn/prod/ad-card-templates/8955438...
- card####.k####.com.####.com:443/pro/protocol/2021/7/27/10/17/29/16273522...
- card####.k####.com.####.com:443/pro/protocol/2022/11/7/11/39/48/16677923...
- cdn.api.dianshi####.com/api/programs?cid=####&date=####&tm=####
- cdn.dianshi####.com/api/config/hotChannelTvTypeOne
- cdn.dianshi####.com/assets/mobile/random/randomconfig.json?ts=####
- cdn.dianshi####.com/assets/mobile/temp/ts_cf.json?ts=####
- cdn.dianshi####.com/assets/tvTea.json
- cdn.dianshi####.com/config/channel/voice_mapping.json
- co####.ssp.math####.cn/api/v2/SDKCommonConfig?channelCode=####&version=#...
- co####.ssp.math####.cn/api/v3/sdkTestConfig?send_ts=####
- dd2.wuko####.com/tvclient/sdk?func=####&package=####
- detec####.math####.cn/favicon.ico
- detec####.math####.cn/images/sdk/detective.jpeg
- detec####.math####.cn/js/finger20220224.js
- detec####.math####.cn/sdk/checkCookie/httpClient?uniqueId=####&androidVe...
- detec####.math####.cn/sdk/checkCookie/webview?uniqueId=####&androidVersi...
- detec####.math####.cn/sdk/checkRedirect?uniqueId=4ae26d8e7fbf9c1b9396d4d...
- detec####.math####.cn/sdk/filterHeader/httpClient?uniqueId=####&androidV...
- detec####.math####.cn/sdk/filterHeader/webview?uniqueId=####&androidVers...
- detec####.math####.cn/sdk/openWebview?uniqueId=4ae26d8e7fbf9c1b9396d4d4e...
- detec####.math####.cn/sdk/redirectHttpClientSecondPage?uniqueId=####&and...
- detec####.math####.cn/sdk/redirectWebviewSecondPage?uniqueId=####&androi...
- detec####.math####.cn/sdk/setCookie/httpClient?uniqueId=####&androidVers...
- detec####.math####.cn/sdk/setCookie/webview?uniqueId=####&androidVersion...
- detec####.math####.cn/sdk/validateCookie/httpClient?uniqueId=####&androi...
- detec####.math####.cn/sdk/validateCookie/webview?uniqueId=####&androidVe...
- disp####.dians####.com/sf/bwi6lenns5s0.m3u8?stream_id=####&abtimeshift=#...
- disp####.dians####.com/v/live/c8kupm8v777k.m3u8?stream_id=####&abtimeshi...
- g3.l####.com/r?format=####
- h.ve####.zhim####.com/
- i####.k####.com.####.com/pro/ad/sdk/jar/2020/11/25/10/46/37272382_160627...
- idc####.k####.com/check.do?pid=####&thread_id=####©right_id=####&mac...
- idc####.k####.com:443/?wlan0=####ð0=####&bssid=####&imei=####&version...
- idc####.k####.com:443/api/tvsdk/config?ltu=####&bssid=####&sign=####&p_m...
- idc####.k####.com:443/api/tvsdk/prepare?sign=####&request_id=####&mac=##...
- idc####.k####.com:443/api/tvsdk/update?sign=####&mac=####&app_id=####&ti...
- im.dianshi####.com/ws/v2
- l####.b####.com/jquery/2.1.4/jquery.min.js
- p####.api.math####.cn/ip?send_ts=####
- p####.dianshi####.com/api/coin/info
- p####.dianshi####.com/api/kuyun/list
- p####.dianshi####.com/api/pan/v2/space/report?actType=####
- p####.dianshi####.com/api/tvSkin?menunum=####
- p####.dianshi####.com/api/update/new_version
- p####.dianshi####.com/api/v1/plugin?module=####&verCode=####&aver=####&t...
- p####.dianshi####.com/api/v2/song/remind?type=####
- p####.dianshi####.com/api/v24/apiConfig
- p####.dianshi####.com/api/v3/offProgram
- to####.ctobsn####.com.####.net:443/service/2/app_alert_check/?aid=####&t...
- tra####.dians####.com/broker?groupId=####&ver=####&type=####&appid=####
- tra####.dians####.com/channel/config?groupId=####&type=####&module=####&...
- tra####.dians####.com/config?appid=####&uuid=####&cver=####
- tra####.dians####.com/live/config?appid=####&ver=####&sid=####
- vod-####.q####.com.####.com/bl0qsnbh8pc0/bl0qsnbh8pc0_cctv8_34u8_zhuanlz...
- vod-####.q####.com.####.com/bl0qsnbh8pc0/bl0qsnbh8pc0_gqcctv8_28g0_lz-16...
- webzjca####.reg.163.com/api/v2/get?referer=####&zoneId=####&id=####&fp=#...
- webzjca####.reg.163.com/webzjcaptcha.reg.163.com/api/v2/check?referer=##...
- webzjca####.reg.163.com/webzjcaptcha.reg.163.com/api/v2/get?referer=####...
- wy.vod.dians####.####.com/config/hoteProgramList.json
HTTP POST requests:
- adash####.man.aliy####.com/man/api?ak=####&s=####
- and####.b####.qq.com/rqd/async?aid=####
- api.dianshi####.com/api/pay/documents
- api.dianshi####.com/api/v2/device/info?duid=####&c=####&
- api.dianshi####.com/api/v2/device/start/info
- d####.100u####.com.####.net/reportcomp
- hub.dianshi####.com/u
- idc####.k####.com/template/check/0/00:00:00:00:00:03/0/1001
- newap####.math####.cn/titan/monitor/device_info
- p####.dianshi####.com/api/v2/device/info?duid=####&c=####&
- plb####.u####.com:443/umpx_internal
- plb####.u####.com:443/umpx_push_launch
- plb####.u####.com:443/umpx_push_register
- s.b####.com:8650/config?&st=####
- t####.dians####.com/v1/del_peer
- t####.dians####.com/v1/new_peer
- to####.ctobsn####.com.####.com:443/service/2/app_log/?device_platform=##...
- to####.ctobsn####.com.####.net:443/service/2/abtest_config/?&os_api=####...
- to####.ctobsn####.com.####.net:443/service/2/app_log/?device_platform=##...
- to####.ctobsn####.com.####.net:443/service/2/device_register/?aid=####&t...
- to####.ctobsn####.com.####.net:443/service/2/log_settings/?device_platfo...
- u####.u####.com:443/unify_logs
File system changes:
Creates the following files:
- /data/data/####/-1484021606445496065
- /data/data/####/-151663369471870715
- /data/data/####/-1527716628729267963
- /data/data/####/-1774742751189387446
- /data/data/####/-1830074305893649652
- /data/data/####/-2027670920120851445
- /data/data/####/-2278291990166134047
- /data/data/####/-2360527842604846113
- /data/data/####/-2567506579635691599
- /data/data/####/-2614587746622734603
- /data/data/####/-3130717048806538194
- /data/data/####/-3567442377955726570
- /data/data/####/-4483478159438962104
- /data/data/####/-4513172892946266962
- /data/data/####/-4649340208529423183
- /data/data/####/-4711563819388476794
- /data/data/####/-4807529098079340755
- /data/data/####/-489720828702396827
- /data/data/####/-5335757940728776334
- /data/data/####/-5469715923474017295
- /data/data/####/-5718096519348345315
- /data/data/####/-5870923422506530041
- /data/data/####/-5963960703668330528
- /data/data/####/-6174742324800409447
- /data/data/####/-6515428158716504371
- /data/data/####/-6861252529237472873
- /data/data/####/-7139907709653249367
- /data/data/####/-7800341229994448166
- /data/data/####/-7857323045930740017
- /data/data/####/-8115058902634844633
- /data/data/####/-8513013884315180474
- /data/data/####/-8877748838519959376
- /data/data/####/-8914716798821109771
- /data/data/####/-932835391527648530
- /data/data/####/-952251455018835225
- /data/data/####/-982422564356638816
- /data/data/####/.imprint
- /data/data/####/05389e90b03b9299123935c43c928d54.0.tmp
- /data/data/####/05389e90b03b9299123935c43c928d54.1.tmp
- /data/data/####/0f90e762fca917be5c18ebbffef8039e.0.tmp
- /data/data/####/0f90e762fca917be5c18ebbffef8039e.1
- /data/data/####/0f90e762fca917be5c18ebbffef8039e.1.tmp
- /data/data/####/1002
- /data/data/####/1004
- /data/data/####/1430392246785913002
- /data/data/####/1b5fb678281cad6e6b6111af43a82ee5.0.tmp
- /data/data/####/1b5fb678281cad6e6b6111af43a82ee5.1
- /data/data/####/1ca5df7916234a74_0
- /data/data/####/1cba9979b2d36864387f3d4fe1447e74.0.tmp
- /data/data/####/1cba9979b2d36864387f3d4fe1447e74.1.tmp
- /data/data/####/2075142082425198475
- /data/data/####/2611325096960032065
- /data/data/####/2636163445339219937
- /data/data/####/3038883122909475633
- /data/data/####/325dd77e835cecff2003329b751b13bd.0.tmp
- /data/data/####/325dd77e835cecff2003329b751b13bd.1
- /data/data/####/325dd77e835cecff2003329b751b13bd.1.tmp
- /data/data/####/32b0cdcf11a52456d97358a8da812cbc.0
- /data/data/####/32b0cdcf11a52456d97358a8da812cbc.0.tmp
- /data/data/####/32b0cdcf11a52456d97358a8da812cbc.1
- /data/data/####/34df98c88f18d4d5_0
- /data/data/####/35f9b9432c52e0a0a2d41af56a14a733.0
- /data/data/####/35f9b9432c52e0a0a2d41af56a14a733.0.tmp
- /data/data/####/35f9b9432c52e0a0a2d41af56a14a733.1
- /data/data/####/3941938169960817622
- /data/data/####/397231887393501850
- /data/data/####/3cca0aaaf8c244e3936178a6c99f1a7f.0.tmp
- /data/data/####/3cca0aaaf8c244e3936178a6c99f1a7f.1
- /data/data/####/3e2cedf644511bfaeb925ec47dfc850f.0
- /data/data/####/3e2cedf644511bfaeb925ec47dfc850f.1
- /data/data/####/421563956e4461b88c4860f73d5c4795.0.tmp
- /data/data/####/421563956e4461b88c4860f73d5c4795.1
- /data/data/####/421563956e4461b88c4860f73d5c4795.1.tmp
- /data/data/####/4351071184899779741
- /data/data/####/4420493196322090454
- /data/data/####/4664043220440190170
- /data/data/####/496282649169392034
- /data/data/####/518fd22e8cc4fa15e023507e5a779d5a.0.tmp
- /data/data/####/518fd22e8cc4fa15e023507e5a779d5a.1
- /data/data/####/518fd22e8cc4fa15e023507e5a779d5a.1.tmp
- /data/data/####/5316456293227244082
- /data/data/####/5339431853063794436
- /data/data/####/540253d8a1da72b7_0
- /data/data/####/5414152084873444544
- /data/data/####/5418526389619063342
- /data/data/####/546872322302951276
- /data/data/####/5620384730233234893
- /data/data/####/5696204927416798673
- /data/data/####/56a5c25b6c7f92fb587aa5a1b7fda0c4.0.tmp
- /data/data/####/56a5c25b6c7f92fb587aa5a1b7fda0c4.1
- /data/data/####/56a5c25b6c7f92fb587aa5a1b7fda0c4.1.tmp
- /data/data/####/58095b0c6485c221_0
- /data/data/####/58095b0c6485c221_1
- /data/data/####/5dc1a78e6f4ddc5a7376c67300d416db.0.tmp
- /data/data/####/5dc1a78e6f4ddc5a7376c67300d416db.1
- /data/data/####/5dc1a78e6f4ddc5a7376c67300d416db.1.tmp
- /data/data/####/60d58df2fd0bc8be21ce8b4ec7cb5551.0.tmp
- /data/data/####/60d58df2fd0bc8be21ce8b4ec7cb5551.1
- /data/data/####/63cde9655e58a6bf5cd3fa408cabc928.0
- /data/data/####/63cde9655e58a6bf5cd3fa408cabc928.0.tmp
- /data/data/####/63cde9655e58a6bf5cd3fa408cabc928.1
- /data/data/####/6796928213870279378
- /data/data/####/6eb68ea955d68f02_0
- /data/data/####/70298c6eb6032706_0
- /data/data/####/70298c6eb6032706_1
- /data/data/####/7181822007234926111
- /data/data/####/7464087012018890470
- /data/data/####/79f56bfdbab87eae36d3bda940ffb3e2.0.tmp
- /data/data/####/79f56bfdbab87eae36d3bda940ffb3e2.1
- /data/data/####/79f56bfdbab87eae36d3bda940ffb3e2.1.tmp
- /data/data/####/7c31bc24e91f48da9200ad1a250acba6.0.tmp
- /data/data/####/7c31bc24e91f48da9200ad1a250acba6.1.tmp
- /data/data/####/7d547b80782fce05_0
- /data/data/####/81b02692d6e9c790a85f08f4e48be0ce.0.tmp
- /data/data/####/81b02692d6e9c790a85f08f4e48be0ce.1
- /data/data/####/81b02692d6e9c790a85f08f4e48be0ce.1.tmp
- /data/data/####/8447794008194188610
- /data/data/####/8871296798525170
- /data/data/####/8955438123731525261
- /data/data/####/8acf7512ea710e6e_0
- /data/data/####/ACCS_BINDumeng;5912cd5f1061d264c8000455.xml
- /data/data/####/ACCS_SDK.xml
- /data/data/####/ACCS_SDK_CHANNEL.xml
- /data/data/####/ACCS_SDK_CHANNEL.xml.bak
- /data/data/####/AGOO_BIND.xml
- /data/data/####/Agoo_AppStore.xml
- /data/data/####/Alvin2.xml
- /data/data/####/BOOT_AD_CONFIG.xml
- /data/data/####/CONFIG.xml
- /data/data/####/CONFIG.xml.bak
- /data/data/####/CUSTOM_CONFIG.xml
- /data/data/####/CUSTOM_CONFIG.xml.bak
- /data/data/####/ContextData.xml
- /data/data/####/Cookies-journal
- /data/data/####/DEVICE_INFO.xml
- /data/data/####/DEVICE_INFO.xml.bak
- /data/data/####/DOWNLOAD_END_AD.xml
- /data/data/####/DRAINAGE.xml
- /data/data/####/END_AD.xml
- /data/data/####/END_AD_BOOT.xml
- /data/data/####/EVENT_CONFIG.xml
- /data/data/####/EVENT_CONFIG.xml.bak
- /data/data/####/LIVE_CONFIG.xml
- /data/data/####/LIVE_CONFIG.xml.bak
- /data/data/####/MessageStore.db-journal
- /data/data/####/MsgLogStore.db-journal
- /data/data/####/PERMANENT_DATA.xml
- /data/data/####/PHOTO_INFO.xml
- /data/data/####/PLAY.xml
- /data/data/####/PLAY_CONFIG.xml
- /data/data/####/PLAY_CONFIG.xml.bak
- /data/data/####/STREAM_CONFIG_V2.xml
- /data/data/####/SWITCH_CONFIG.xml
- /data/data/####/SWITCH_CONFIG.xml.bak
- /data/data/####/SYSTEM_INFO.xml
- /data/data/####/TEA.xml
- /data/data/####/TEA.xml.bak
- /data/data/####/UM_PROBE_DATA.xml
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/a2ea026de065bb6b801b187999cb9485.0.tmp
- /data/data/####/a2ea026de065bb6b801b187999cb9485.1
- /data/data/####/a2ea026de065bb6b801b187999cb9485.1.tmp
- /data/data/####/a7229fec28d20d696a701e6bb0bfb2d5.0.tmp
- /data/data/####/a7229fec28d20d696a701e6bb0bfb2d5.1
- /data/data/####/a7229fec28d20d696a701e6bb0bfb2d5.1.tmp
- /data/data/####/accs.db-journal
- /data/data/####/ad_templates_1001.xml
- /data/data/####/ad_u_1001.xml
- /data/data/####/agoo.pid
- /data/data/####/agreement.xml
- /data/data/####/agreement.xml.bak
- /data/data/####/api.prefs.xml
- /data/data/####/api.prefs.xml.bak
- /data/data/####/applog_stats.xml
- /data/data/####/b23e21a27bcf0e4da4a1404dc20f2c6f.0.tmp
- /data/data/####/b23e21a27bcf0e4da4a1404dc20f2c6f.1
- /data/data/####/b23e21a27bcf0e4da4a1404dc20f2c6f.1.tmp
- /data/data/####/b4427419e7945751_0
- /data/data/####/b4fd029fb389fec7311445366f1fcd9e.0
- /data/data/####/b4fd029fb389fec7311445366f1fcd9e.1
- /data/data/####/bd_tea_agent.db-journal
- /data/data/####/bugly_db_-journal
- /data/data/####/c0968fa531339178b2ed07e203745184.0.tmp
- /data/data/####/c0968fa531339178b2ed07e203745184.1
- /data/data/####/c0968fa531339178b2ed07e203745184.1.tmp
- /data/data/####/c95e8fe89978e95a87f3dc7734ccf9d8
- /data/data/####/cache.json
- /data/data/####/cctv8.0
- /data/data/####/cctv8.0 (deleted)
- /data/data/####/ce73866785fb8eb96feaca7c83de027b.0.tmp
- /data/data/####/ce73866785fb8eb96feaca7c83de027b.1
- /data/data/####/ce73866785fb8eb96feaca7c83de027b.1.tmp
- /data/data/####/channel---d630269360c7588a72ae559ca7a8fd86-5238374.block
- /data/data/####/channel---d630269360c7588a72ae559ca7a8fd86-5238379.block
- /data/data/####/channel---ee13e628a6a0d4b899aecaf4294386b1-2600...leted)
- /data/data/####/channel---ee13e628a6a0d4b899aecaf4294386b1-2600348.block
- /data/data/####/channel---ee13e628a6a0d4b899aecaf4294386b1-2600353.block
- /data/data/####/com.dianshijia.newlive.BETA_VALUES.xml
- /data/data/####/com.dianshijia.newlive_preferences.xml
- /data/data/####/conf.dat
- /data/data/####/crashrecord.xml
- /data/data/####/cuuid.xml
- /data/data/####/cuuid.xml.bak
- /data/data/####/dW1weF9pbnRlcm5hbF8xNjgzMjEzODc1MTg4;
- /data/data/####/dW1weF9pbnRlcm5hbF8xNjgzMjEzODcwMTA0;
- /data/data/####/dW1weF9wdXNoX2xhdW5jaF8xNjgzMjEzODg2Njg3;
- /data/data/####/dW1weF9wdXNoX3JlZ2lzdGVyXzE2ODMyMTM4NzY2NDA=;
- /data/data/####/device_identification_info.xml
- /data/data/####/device_preference_1001.xml
- /data/data/####/efe9ee18fc7ead8891b772f74fcf2be1.0.tmp
- /data/data/####/efe9ee18fc7ead8891b772f74fcf2be1.1
- /data/data/####/efe9ee18fc7ead8891b772f74fcf2be1.1.tmp
- /data/data/####/epg-cctv1-20230504.json
- /data/data/####/epg-cctv2-20230504.json
- /data/data/####/epg-cctv4-20230504.json
- /data/data/####/epg-cctv5-20230504.json
- /data/data/####/epg-cctv6-20230504.json
- /data/data/####/epg-cctv7-20230504.json
- /data/data/####/epg-cctv8-20230504.json
- /data/data/####/epg-cctv9-20230504.json
- /data/data/####/epg.dex
- /data/data/####/epg.dex.flock (deleted)
- /data/data/####/epg.tmp
- /data/data/####/event_db
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/fb6af786f26a2595b3be0ff754fb377a.0.tmp
- /data/data/####/fb6af786f26a2595b3be0ff754fb377a.1
- /data/data/####/fb6af786f26a2595b3be0ff754fb377a.1.tmp
- /data/data/####/header_custom.xml
- /data/data/####/header_custom.xml.bak
- /data/data/####/httpdns_config_cache.xml
- /data/data/####/httpdns_config_cache.xml.bak
- /data/data/####/i==1.2.0&&3.5.7_1683213870165_envelope.log
- /data/data/####/index
- /data/data/####/info.xml
- /data/data/####/inject_track.xml
- /data/data/####/journal
- /data/data/####/kuyun.apk.tmp
- /data/data/####/kuyun.dex
- /data/data/####/kuyun.dex.flock (deleted)
- /data/data/####/kuyun_sdk.xml
- /data/data/####/last_sp_session.xml
- /data/data/####/launch.log
- /data/data/####/launcher_ad.data
- /data/data/####/libsce.so
- /data/data/####/libsce.so.temp
- /data/data/####/libztvb321.2.2.2.so
- /data/data/####/local_crash_lock
- /data/data/####/log_manager.xml
- /data/data/####/log_manager.xml.bak
- /data/data/####/material_break_point_info.xml
- /data/data/####/message_accs_db
- /data/data/####/message_accs_db-journal
- /data/data/####/metrics_guid
- /data/data/####/native_record_lock
- /data/data/####/native_record_lock (deleted)
- /data/data/####/net_node.xml
- /data/data/####/okhttp_prefs.xml
- /data/data/####/package_infos.xml
- /data/data/####/package_infos.xml.bak
- /data/data/####/pid.txt
- /data/data/####/player_strategy.xml
- /data/data/####/plugin.dex
- /data/data/####/plugin.dex.flock (deleted)
- /data/data/####/plugin.tmp
- /data/data/####/plugin_break_point_info.xml
- /data/data/####/plugin_config.xml
- /data/data/####/pp.dex
- /data/data/####/pp.dex.flock (deleted)
- /data/data/####/pp.tmp
- /data/data/####/privacy_agreement
- /data/data/####/proc_auxv
- /data/data/####/promote.dex
- /data/data/####/promote.dex.flock (deleted)
- /data/data/####/promote.tmp
- /data/data/####/risk_infos.xml
- /data/data/####/risk_infos.xml.bak
- /data/data/####/risk_user_info.xml
- /data/data/####/safe_mode_config.xml
- /data/data/####/sce_config.xml
- /data/data/####/sce_config.xml.bak
- /data/data/####/security_info
- /data/data/####/session_cache
- /data/data/####/skin_cache_name.xml
- /data/data/####/snssdk_openudid.xml
- /data/data/####/sp_key_stream.xml
- /data/data/####/spider_prefs.xml
- /data/data/####/t==8.1.3&&3.5.7_1683213870452_envelope.log
- /data/data/####/the-real-index
- /data/data/####/tv_name_id_map.xml
- /data/data/####/tvcore.tmp
- /data/data/####/tvlive2.db-journal
- /data/data/####/ua.db
- /data/data/####/ua.db-journal
- /data/data/####/um_pri.xml
- /data/data/####/umeng_common_config.xml
- /data/data/####/umeng_common_location.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/umeng_message_state.xml
- /data/data/####/umeng_message_state.xml.bak (deleted)
- /data/data/####/unknown.xml
- /data/data/####/user.xml
- /data/data/####/user_agreement
- /data/data/####/x_google_ad_s_id_123
- /data/media/####/Alvin2.xml
- /data/media/####/ContextData.xml
- /data/media/####/ddev.data
- /data/media/####/deviceToken
- /data/media/####/device_parameters.dat
- /data/media/####/dvc
- /data/media/####/flag.data
- /data/media/####/sysid.dat
- /data/media/####/uuid.data
- /data/misc/####/primary.prof
Miscellaneous:
Executes the following shell scripts:
- /system/bin/cat /proc/cpuinfo
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- /system/bin/sh -c getprop
- cat /sys/class/net/wlan0/address
- chmod 777 /data/user/0/<Package>/files/.honor0
- getprop
- getprop ro.build.version.emui
- getprop ro.letv.release.version
- getprop ro.vivo.os.build.display.id
- ls /
- ls /sys/class/thermal
- sh
Loads the following dynamic libraries:
- libBugly
- libEncryptorP
- libc++_shared
- libmmkv
- libsce
- libtnet-3.1.14
- libtvcore
- libztvb321.2.2.2
Uses the following algorithms to encrypt data:
- AES
- AES-CBC-PKCS5Padding
- AES-CBC-PKCS7Padding
- AES-GCM-NoPadding
- DES
- RSA-ECB-PKCS1Padding
Uses the following algorithms to decrypt data:
- AES
- AES-CBC-PKCS7Padding
- AES-ECB-PKCS5Padding
- AES-GCM-NoPadding
- DES
Accesses the ITelephony private interface.
Gets information about location.
Gets information about network.
Gets information about phone status (number, IMEI, etc.).
Gets information about installed apps.
Gets information about running apps.
Adds tasks to the system scheduler.
Displays its own windows over windows of other apps.
Requests the system alert window permission.
