So, the "VmosService" system app has full Android permissions, and after deep scanning it, the app can connect to a total of 3 websites, 1 of them is localhost which appears to be a error log collector. Another is xml.apache.org, but the 3rd one is called yytest.shouzhiyun.com/vmmaster.

After some research, and bad translations like "Refuse to phone no electricity!" Shouzhiyun (Redfinger) is some odd company where the pages lead to "/###"

(Toot 2/3)