[ascom]

I downloaded it and decompiled it here, if anyone wants to take a look: https://mirrors.asun.co/chinese-spyware/

[aaron695]

So the QR code linked to - http://47.93.5.238:8081/APP/GA_AJ_JK/GA_AJ_JK_GXH.apk?AJLY=6...

Worst game ever. Is it just OK and Cancel? then it seems to do nothing?

Going up to http://47.93.5.238:8081/APP/ there are two other apk's [GT - "Download the security security project" "Download the public security project" ]

[sl4i6j3o4i98g]

Legend! thank you.

[sl4i6j3o4i98g]

Product: Landa iTAP Vendor: http://www.landasoft.com/html/class/dsjfx/index.html

C2 URL: http://bxaq.landaitap.com:22222/BXAQ/servlet/front/APPS?type... (HTTP POST)

Update URL: http://47.93.5.238:8081/APP/VERSION/jingwangweishi_version/v...

Interesting features:

MainActivity.this.scan = new SdcardScan("3GP,AMR,AVI,WEBM,FLV,IVX,M4A,MP3,MP4,MPG,RMVB,RAM,WMA,WMV,TXT,HTML,CHM,PNG,JPG", MainActivity.this.sdcardCallBack, true);

String SBMC = isTRN(isNull(EssentialInformation.getSBMC()));

        String IMEI = isTRN(isNull(EssentialInformation.getIMEI(this)));

        String MAC = isTRN(isNull(EssentialInformation.getMacAddress(this)));

        String CSMC = isTRN(isNull(EssentialInformation.getPhoneCsModel()));

        String XH = isTRN(isNull(EssentialInformation.getPhoneModel()));

        String SJH = isTRN(isNull(EssentialInformation.getLineNum(this)));

[aaron695]

Is

GA_AJ_JK_GXH_source_from_JADX\res\raw\test.txt

The md5's they are looking for you reckon?