Technical information
- Android.Siggen.Susp.34689
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) p1.i####.cc:80
- TCP(HTTP/1.1) a####.u####.com:80
- TCP(HTTP/1.1) i####.cn.com:80
- TCP(HTTP/1.1) c####.cn:80
- TCP(TLS/1.0) 2####.239.34.223:443
- TCP(TLS/1.0) rr6---s####.g####.com:443
- TCP(TLS/1.0) rr14---####.g####.com:443
- TCP(TLS/1.0) app-mea####.com:443
- TCP(TLS/1.0) and####.a####.go####.com:443
- TCP(TLS/1.0) gmscomp####.google####.com:443
- TCP(TLS/1.0) ga.x####.com.####.com:443
- TCP(TLS/1.0) rr2---s####.g####.com:443
- TCP(TLS/1.2) 1####.177.14.138:443
- TCP(TLS/1.2) 74.1####.163.36:443
- TCP(TLS/1.2) 1####.250.74.68:443
- TCP(TLS/1.2) 2####.58.211.3:443
- TCP(TLS/1.2) gmscomp####.google####.com:443
- TCP(TLS/1.2) 64.2####.163.94:443
- TCP(TLS/1.2) 1####.250.74.74:443
- TCP(TLS/1.2) 1####.250.74.42:443
- TCP(TLS/1.2) 1####.250.74.174:443
- UDP 2####.239.34.223:443
- a####.u####.com
- and####.a####.go####.com
- app-mea####.com
- c####.cn
- ga.x####.com
- gmscomp####.google####.com
- i####.cn.com
- l####.i####.cc
- p1.i####.cc
- pay.9####.com
- pg.x####.com
- rr14---####.g####.com
- rr2---s####.g####.com
- rr6---s####.g####.com
- s####.hzzr####.com
- sdk.hzzr####.com
- v####.api.eeric####.com
- c####.cn/b.zip
- i####.cn.com/a/39ff8ce02733e60356919953cdeda65b9
- a####.u####.com/app_logs
- ga.x####.com.####.com:443/g/d?crc=####
- p1.i####.cc/index.php/MC/HB
- p1.i####.cc/index.php/MC/LP
- p1.i####.cc/index.php/MC/RP
- /data/data/####/.imprint
- /data/data/####/337026506120052
- /data/data/####/337026506120052-journal
- /data/data/####/39ff8ce02733e60356919953cdeda65b9;account_file.xml
- /data/data/####/Cocos2dxPrefsFile.xml
- /data/data/####/LANG_SDK_PREF.xml
- /data/data/####/TD_app_pefercen_profile.xml
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/assets.apk
- /data/data/####/cabmen.dex
- /data/data/####/cabmen.dex.flock (deleted)
- /data/data/####/cabmen.jar
- /data/data/####/cc.db
- /data/data/####/cc.db-journal
- /data/data/####/cp_block_201.dat
- /data/data/####/exchangeIdentity.json
- /data/data/####/exid.dat
- /data/data/####/libyunsvc
- /data/data/####/libyunsvc.lck
- /data/data/####/metrics_guid
- /data/data/####/mobclick_agent_cached_org.penetration.makar44
- /data/data/####/mpush_game.db-journal
- /data/data/####/mpush_gateway_preferences_file
- /data/data/####/mpush_version_preferences_file
- /data/data/####/org.penetration.makar.com.pay.db.DBHelper_smspa...ournal
- /data/data/####/org.penetration.makar.com.pay.db.DBHelper_smspay.db
- /data/data/####/org.penetration.makar.xml
- /data/data/####/org.penetration.makar_preferences.xml
- /data/data/####/org.xml
- /data/data/####/p2j5x0m0v2q1e6a08516n260b7m3f3.xml
- /data/data/####/pay_plg.dex
- /data/data/####/pay_plg.dex.flock (deleted)
- /data/data/####/pay_plg.jar
- /data/data/####/pref_file.xml
- /data/data/####/retry1
- /data/data/####/retry2
- /data/data/####/retry3
- /data/data/####/retry4
- /data/data/####/second_block_201.dat
- /data/data/####/shareyuanlangfirst.xml
- /data/data/####/td_pefercen_profile.xml
- /data/data/####/tdid.xml
- /data/data/####/umeng_general_config.xml
- /data/data/####/umeng_it.cache
- /data/data/####/wochi_v4.db
- /data/data/####/wochi_v4.db-journal
- /data/data/####/yl_plugin.apk
- /data/data/####/yl_plugin.dex
- /data/data/####/yl_plugin.dex.flock (deleted)
- /data/data/####/yunchao_sp.xml
- /data/data/####/yunchao_sp.xml.bak
- /data/media/####/.tcookieid
- /data/media/####/exit
- /data/media/####/org.penetration.makar_250021605620733_20250514_pay.log
- /data/misc/####/primary.prof
- /data/org.penetration.makar/####/Web Data
- /data/org.penetration.makar/####/Web Data-journal
- /data/org.penetration.makar/####/mpush_game.db
- /data/org.penetration.makar/####/td_database_push
- /data/org.penetration.makar/####/tdandroidgame
- /data/org.penetration.makar/####/webview_data.lock
- /drw/ssl_dumps/ssl_dump_4927.pcap
- /data/user/0/<Package>/files/libyunsvc <Package> <Package>:svc <Package>/com.yuanlang.pay.TheService 2>&1
- /system/lib/arm/houdini /data/user/0/<Package>/files/libyunsvc /data/user/0/<Package>/files/libyunsvc <Package> <Package>:svc <Package>/com.yuanlang.pay.TheService
- app_process /system/bin com.android.commands.am.Am startservice <Package>/com.yuanlang.pay.TheService
- cat /proc/cpuinfo
- chmod 755 /data/user/0/<Package>/files/libyunsvc
- chmod 755 /data/user/0/<Package>/files/libyunsvc 2>&1
- sh
- AES-CBC-PKCS5Padding
- DES-CBC-PKCS5Padding
- AES-CBC-PKCS5Padding
- DES-CBC-PKCS5Padding