VirSCAN VirSCAN

1, Vous pouvez ENVOYER tout fichier mais il y a une limite de 20 Mo par fichier.
2, VirSCAN supporte la décompression Rar/Zip mais il doit y avoir moins de 20 fichiers.
3, VirSCAN peut détecter un fichier compressé avec le mot de passe 'infected' ou 'virus'.

Langue
Charge du serveur
Server Load



Informations sur le fichier
Nom de fichier :aaa.apk (File not down)
Taille du fichier :2840164 byte
Type de fichier :application/zip
MD5:636cf43a9b723044f1b7a01853633b8b
SHA1:e17bdc8f174f21ed31ec25a881837fe143e089d1
  • 扫描结果
  • 权限
  • 文件行为分析
  • Résultats des moteurs
    Résultats des moteurs:6%(2/32)a trouvé un malware !
    Rapport d'analyse du comportement:         Analyse de fichier Habo
    Temps: 2018-09-10 15:41:16 (CST)
    VirSCANVirSCAN
    Scanner Vers. moteur Vers. Sig. Date Sig. Résultats des moteurs Temps
    antiy AVL SDK 2.0 AVL SDK 2.0 2018-05-1 Rien n'a été trouvé 6
    avast 18.4.3895.0 18.4.3895.0 2018-09-10 Rien n'a été trouvé 9
    avg 10.0.1405 10.0.1405 2018-09-10 Rien n'a été trouvé 1
    baidu 2.0.1.0 4.1.3.52192 2018-06-20 Rien n'a été trouvé 6
    baidusd 1.0 1.0 2018-06-21 Rien n'a été trouvé 60
    bitdefender 7.141118 7.141118 2018-09-10 Rien n'a été trouvé 9
    clamav 24913 0.97.5 2018-09-08 Rien n'a été trouvé 1
    drweb 5.0.2.3300 5.0.1.1 2018-09-06 Rien n'a été trouvé 58
    emsisoft 9.0.0.4799 9.0.0.4799 2018-06-21 Rien n'a été trouvé 3
    fortinet 1.000, 62.080, 61.963, 61.987 5.4.247 2018-09-10 Riskware/Generic.Z.2EC855!Android 1
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Rien n'a été trouvé 1
    fsecure 2015-08-01-02 9.13 2018-09-10 Rien n'a été trouvé 4
    gdata 25.18439 25.18439 2018-09-09 Rien n'a été trouvé 16
    ikarus 4.00.09 V1.32.39.0 2018-09-09 Rien n'a été trouvé 1
    jiangmin 16.0.100 1.0.0.0 2018-07-11 Rien n'a été trouvé 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Rien n'a été trouvé 21
    kingsoft 2.1 2.1 2018-06-20 Rien n'a été trouvé 60
    mcafee 8974 5400.1158 2018-08-03 Rien n'a été trouvé 12
    nod32 7844 3.0.21 2018-08-07 Rien n'a été trouvé 1
    panda 9.05.01 9.05.01 2018-07-15 Rien n'a été trouvé 4
    pcc 11.380.07 9.500-1005 2014-12-31 Rien n'a été trouvé 2
    qh360 1.0.1 1.0.1 2018-06-20 Rien n'a été trouvé 4
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Rien n'a été trouvé 1
    quickheal 14.00 14.00 2018-08-07 Rien n'a été trouvé 4
    rising 4050 4050 2018-09-09 Rien n'a été trouvé 3
    sophos 4.62 3.16.1 2016-09-20 Rien n'a été trouvé 18
    symantec 20151230.005 1.3.0.24 2015-12-30 Rien n'a été trouvé 1
    tachyon 9.9.9 9.9.9 2013-12-27 Rien n'a été trouvé 6
    thehacker 6.8.0.5 6.8.0.5 2018-07-12 Rien n'a été trouvé 2
    tws 17.47.17308 1.0.2.2108 2018-09-09 Rien n'a été trouvé 16
    vba 3.12.29.3 beta 3.12.29.3 beta 2016-09-19 Script.Tangular 5
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Rien n'a été trouvé 20
    Heuristic/Suspicious Exact
    Nota Bene : Un malware trouvé par certains analyseurs peut être un faux positif, aussi devez-vous juger par vous-même.
    Presse-papier
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    com.huawei.android.launcher.permission.CHANGE_BADGE
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.VIBRATE允许设备震动
    android.permission.CAMERA访问照相机设备
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.FLASHLIGHT访问闪光灯
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.RECEIVE_USER_PRESENT
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.WRITE_MEDIA_STORAGE
    com.com91quanyi.quanyiapp.permission.JPUSH_MESSAGE
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
  • 文件信息
    安全评分 :
    基本信息
    MD5:636cf43a9b723044f1b7a01853633b8b
    包名:com.com91quanyi.quanyiapp
    最低运行环境:Android 2.3, 2.3.1, 2.3.2
    版权:(562015052@qq.com)
    关键行为
    行为描述:查找PE资源信息
    详情信息:(FindResourceA) hModule = 0x00400000, ResName: #101, ResType: BIN
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    C:\Documents and Settings\Administrator\IECompatCache
    行为描述:创建远程线程
    详情信息:TargetProcess: winlogon.exe, InheritedFromPID = 520, ProcessID = 608, ThreadID = 2812, StartAddress = 76C3F250, Parameter = 00000000
    进程行为
    行为描述:隐藏窗口创建进程
    详情信息:ImagePath = , CmdLine = C:\WINDOWS\system32\wupdmgr.exe
    ImagePath = , CmdLine = C:\WINDOWS\system32\wupdmgrd.exe
    行为描述:创建进程
    详情信息:[0x00000b14]ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winup.exe, CmdLine = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\\winup.exe
    [0x00000bb0]ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:2856 CREDAT:79873
    [0x00000bc4]ImagePath = C:\WINDOWS\system32\wupdmgrd.exe, CmdLine = C:\WINDOWS\system32\wupdmgrd.exe
    [0x00000cbc]ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:3220 CREDAT:79873
    行为描述:创建新文件进程
    详情信息:[0x00000b00]ImagePath = C:\WINDOWS\system32\wupdmgr.exe, CmdLine = C:\WINDOWS\system32\wupdmgr.exe
    行为描述:创建远程线程
    详情信息:TargetProcess: winlogon.exe, InheritedFromPID = 520, ProcessID = 608, ThreadID = 2812, StartAddress = 76C3F250, Parameter = 00000000
    行为描述:枚举进程
    详情信息:N/A
    行为描述:创建本地线程
    详情信息:TargetProcess: winup.exe, InheritedFromPID = 2816, ProcessID = 2836, ThreadID = 2848, StartAddress = 77E56C7D, Parameter = 000D9A18
    TargetProcess: winup.exe, InheritedFromPID = 2816, ProcessID = 2836, ThreadID = 2852, StartAddress = 769AE43B, Parameter = 000DC420
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2864, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: wupdmgr.exe, InheritedFromPID = 2776, ProcessID = 2816, ThreadID = 2868, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: wupdmgr.exe, InheritedFromPID = 2776, ProcessID = 2816, ThreadID = 2920, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: wupdmgr.exe, InheritedFromPID = 2776, ProcessID = 2816, ThreadID = 2924, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2928, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2932, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2936, StartAddress = 7C949B6F, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2940, StartAddress = 77E56C7D, Parameter = 00196508
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2944, StartAddress = 5DE05ABD, Parameter = 00198330
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2948, StartAddress = 5DE05BC0, Parameter = 001940E8
    TargetProcess: iexplore.exe, InheritedFromPID = 872, ProcessID = 2856, ThreadID = 2952, StartAddress = 0122F74F, Parameter = 00000210
    TargetProcess: iexplore.exe, InheritedFromPID = 2856, ProcessID = 2992, ThreadID = 3020, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2856, ProcessID = 2992, ThreadID = 3040, StartAddress = 7C947EBB, Parameter = 00000000
    文件行为
    行为描述:创建文件
    详情信息:C:\WINDOWS\system32\wupdmgr.exe
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\updater[1].exe
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{23E783D8-B4D0-11E8-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFFAB4.tmp
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{23E783D9-B4D0-11E8-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF672.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\favicon[1].ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\windowsupdate_microsoft_com[1]
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{28F15C0A-B4D0-11E8-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF736E.tmp
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{28F15C0B-B4D0-11E8-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF85E0.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\yixun_com[1]
    行为描述:创建可执行文件
    详情信息:C:\WINDOWS\system32\wupdmgr.exe
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    行为描述:查找文件
    详情信息:FileName = C:\WINDOWS
    FileName = C:\WINDOWS\system32
    FileName = C:\WINDOWS\system32\wupdmgr.exe
    FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winup.exe
    FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS\system32\Ras\*.pbk
    FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\Program Files\Common Files\Adobe
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\updater[1].exe
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFFAB4.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF672.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\favicon[1].ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\windowsupdate_microsoft_com[1]
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF736E.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF85E0.tmp
    行为描述:重命名文件
    详情信息:C:\WINDOWS\system32\wupdmgr.exe ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winup.exe
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    C:\Documents and Settings\Administrator\IECompatCache
    行为描述:修改文件内容
    详情信息:C:\WINDOWS\system32\wupdmgr.exe ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{23E783D8-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{23E783D8-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFFAB4.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFFAB4.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{23E783D8-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{23E783D8-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{23E783D9-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{23E783D9-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF672.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF672.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{23E783D9-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{23E783D9-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{28F15C0A-B4D0-11E8-91C0-7B****28}.dat ---> Offset = 512
    网络行为
    行为描述:下载文件
    详情信息:URLDownloadToFileW: http://ww****om/updater.exe ---> C:\WINDOWS\system32\wupdmgrd.exe
    URLDownloadToFileW: http://ww****om/favicon.ico ---> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    行为描述:连接指定站点
    详情信息:InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = wi****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = ur****om, PORT = 443, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000200
    行为描述:打开HTTP连接
    详情信息:InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
    InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
    InternetOpenA: UserAgent: VCSoapClient, hSession = 0x00cc0010
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x0000025c
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000574
    URL: wi****om, IP: **.133.40.**:80, SOCKET = 0x000004f0
    URL: wi****om, IP: **.133.40.**:80, SOCKET = 0x0000052c
    URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x00000580
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000444
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x0000058c
    URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x00000590
    行为描述:读取网络文件
    详情信息:hFile = 0x00cc000c, BytesToRead =2048, BytesRead = 2048.
    hFile = 0x00cc000c, BytesToRead =4096, BytesRead = 4096.
    hFile = 0x00cc0018, BytesToRead =4095, BytesRead = 4095.
    行为描述:发送HTTP包
    详情信息:GET /updater.exe HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
    GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
    GET / HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Accept-Encoding: gzip, deflate Host: wi****om Connection: Keep-Alive
    GET / HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: wi****om Connection: Keep-Alive
    GET / HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Accept-Encoding: gzip, deflate Host: ww****om Connection: Keep-Alive
    行为描述:打开HTTP请求
    详情信息:HttpOpenRequestA: ww****om:80/updater.exe, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
    HttpOpenRequestA: ww****om:80/favicon.ico, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00600010
    HttpOpenRequestA: wi****om:80/, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400000
    HttpOpenRequestA: wi****om:80/, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
    HttpOpenRequestA: ur****om:443/urs.asmx?msurs-client-key=l9mw7l5q/p6ouxjqvgioia%3d%3d&msurs-patented-lock=txb2hjt4/mo%3d, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: POST, Referer: , Flags = 0x04880300
    HttpOpenRequestA: ww****om:80/, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400200
    HttpOpenRequestA: ur****om:443/urs.asmx?msurs-client-key=kmz0zqpwh6a3miedywiy0w%3d%3d&msurs-patented-lock=ly5fdpsikfk%3d, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: POST, Referer: , Flags = 0x04880300
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: ww****om
    GetAddrInfoW: wi****om
    GetAddrInfoW: ur****om
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-*\RefCount
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{23E783D8-B4D0-11E8-91C0-7B****28}
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\Enable
    \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32\
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTimeCount
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\ThreadingModel
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
    行为描述:删除注册表键
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\
    \REGISTRY\USER\S-*_CLASSES\JavaPlugin.1000\CLSID\
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    RasPbFile
    Local\!BrowserEmulation!SharedMemory!Mutex
    ConnHashTable<2856>_HashTable_Mutex
    oleacc-msaa-loaded
    Local\RSS Eventing Connection Database Mutex 00000b28
    行为描述:创建事件对象
    详情信息:EventName = Global\crypt32LogoffEvent
    EventName = Global\userenv: User Profile setup event
    EventName = DINPUTWINMM
    EventName = Isolation Signal Registry Event (23E783D5-B4D0-11E8-91C0-7B****28, 0)
    EventName = IE_EarlyTabStart_0xb2c
    EventName = Isolation Signal Registry Event (23E783D6-B4D0-11E8-91C0-7B****28, 0)
    EventName = Local\b28_29
    EventName = Local\RSS Eventing Event Event 00000b28
    EventName = Local\bb0_29
    EventName = IEFrame.EventCheckDefaultBrowser
    EventName = Isolation Signal Registry Event (28F15C07-B4D0-11E8-91C0-7B****28, 0)
    EventName = IE_EarlyTabStart_0xc98
    EventName = Isolation Signal Registry Event (28F15C08-B4D0-11E8-91C0-7B****28, 0)
    EventName = MSCTF.SendReceive.Event.MGM.IC
    EventName = MSCTF.SendReceiveConection.Event.MGM.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Static,]
    NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
    NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:调整进程token权限
    详情信息:SE_DEBUG_PRIVILEGE
    SE_LOAD_DRIVER_PRIVILEGE
    行为描述:打开事件
    详情信息:Global\crypt32LogoffEvent
    HookSwitchHookEnabledEvent
    \INSTALLATION_SECURITY_HOLD
    MSFT.VSA.COM.DISABLE.2836
    MSFT.VSA.IEC.STATUS.6c736db0
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    Global\SvcctrlStartEvent_A3752DX
    Isolation Signal Registry Event (23E783D5-B4D0-11E8-91C0-7B****28, 0)
    Isolation Signal Registry Event (23E783D6-B4D0-11E8-91C0-7B****28, 0)
    IE_EarlyTabStart_0xb2c
    MSFT.VSA.COM.DISABLE.2856
    _fCanRegisterWithShellService
    MSFT.VSA.COM.DISABLE.2992
    Local\b28_29
    Local\RSS Eventing Event Event 00000b28
    行为描述:查找PE资源信息
    详情信息:(FindResourceA) hModule = 0x00400000, ResName: #101, ResType: BIN
    行为描述:可执行文件签名信息
    详情信息:C:\WINDOWS\system32\wupdmgr.exe(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico(签名验证: 未通过)
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,BrowserFrameGripperClass]
    [Window,Class] = [,msctls_progress32]
    [Window,Class] = [,SysLink]
    [Window,Class] = [,Static]
    [Window,Class] = [文件大小未知,Static]
    [Window,Class] = [Windows Internet Explorer,IEFrame]
    [Window,Class] = [打开此类文件前总是询问(&W),Button]
    [Window,Class] = [发行者:,Static]
    [Window,Class] = [,UniversalSearchBand]
    [Window,Class] = [,TravelBand]
    [Window,Class] = [,CommandBarClass]
    [Window,Class] = [,ReBarWindow32]
    [Window,Class] = [,TabBandClass]
    [Window,Class] = [缩放级别,ToolbarWindow32]
    [Window,Class] = [http://www.yixun.com/ - Windows Internet Explorer,IEFrame]
    行为描述:可执行文件MD5
    详情信息:C:\WINDOWS\system32\wupdmgr.exe ---> 6a95c2f88e0c09a91d69ffb98bc6fce8
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> fe1d0ee5901dd167ee9b28eece31786c
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Local\!IETld!Mutex
    Local\_!MSFTHISTORY!_
    Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
    Local\c:!documents and settings!administrator!cookies!
    Local\c:!documents and settings!administrator!local settings!history!history.ie5!
    Local\WininetStartupMutex
    Local\WininetConnectionMutex
    Local\WininetProxyRegistryMutex
    RasPbFile
    Local\!BrowserEmulation!SharedMemory!Mutex
    CtfmonInstMutexDefaultS-*
    Local\RSS Eventing Connection Database Mutex 00000b28
    Local\c:!documents and settings!administrator!local settings!application data!microsoft!feeds cache!
    Local\!IECompat!Mutex
    Activities
    活动名类型
    com.uzmap.pkg.EntranceActivityandroid.intent.action.MAIN
    com.uzmap.pkg.EntranceActivityandroid.intent.category.LAUNCHER
    cn.jpush.android.ui.PushActivitycn.jpush.android.ui.PushActivity
    cn.jpush.android.ui.PushActivityandroid.intent.category.DEFAULT
    cn.jpush.android.ui.PushActivitycom.com91quanyi.quanyiapp
    com.tencent.tauth.AuthActivityandroid.intent.action.VIEW
    com.tencent.tauth.AuthActivityandroid.intent.category.DEFAULT
    com.tencent.tauth.AuthActivityandroid.intent.category.BROWSABLE
    com.tencent.smtt.sdk.VideoActivitycom.tencent.smtt.tbs.video.PLAY
    com.tencent.smtt.sdk.VideoActivityandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    android/app/NotificationManager;->notify信息通知栏
    ContentResolver;->query读取联系人、短信等数据库
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    LocationManager;->getLastKnownLocation获取地址位置
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/URL;->openConnection连接URL
    HttpClient;->execute请求远程服务器
    TelephonyManager;->getLine1Number获取手机号
    DefaultHttpClient;->execute发送HTTP请求
    java/net/HttpURLConnection;->connect连接URL
    MediaRecorder;->setAudioSource开启录音功能
    ContentResolver;->delete删除短信、联系人
    SmsManager;->sendTextMessage发送普通短信
    启动方式
    名称信息
    com.uzmap.pkg.uzapp.UPExtraBridge开机启动服务
    com.uzmap.pkg.uzapp.UPExtraBridge网络连接改变时启动服务
    com.uzmap.pkg.uzapp.UPExtraBridge应用卸载时启动服务
    com.uzmap.pkg.uzapp.UPExtraBridge应用安装时启动服务
    com.uzmap.pkg.uzapp.UPExtraBridge
    com.uzmap.pkg.uzapp.UPExtraBridge
    com.uzmap.pkg.uzapp.UPExtraBridge
    com.uzmap.pkg.uzapp.UPExtraBridge
    cn.jpush.android.service.PushReceiver
    cn.jpush.android.service.PushReceiver屏幕解锁启动服务
    cn.jpush.android.service.PushReceiver网络连接改变时启动服务
    cn.jpush.android.service.PushReceiver应用安装时启动服务
    cn.jpush.android.service.PushReceiver应用卸载时启动服务
    com.open.apicloud.jpush.JPushReceiver
    com.open.apicloud.jpush.JPushReceiver
    com.open.apicloud.jpush.JPushReceiver
    com.open.apicloud.jpush.JPushReceiver
    com.open.apicloud.jpush.JPushReceiver
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    com.huawei.android.launcher.permission.CHANGE_BADGE
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.VIBRATE允许设备震动
    android.permission.CAMERA访问照相机设备
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.FLASHLIGHT访问闪光灯
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.RECEIVE_USER_PRESENT
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.WRITE_MEDIA_STORAGE
    com.com91quanyi.quanyiapp.permission.JPUSH_MESSAGE
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    服务列表
    名称
    com.uzmap.pkg.uzsocket.UPnsService
    cn.jpush.android.service.DownloadService
    cn.jpush.android.service.PushService
    Providers
    名字信息
    com.uzmap.pkg.uzapp.UProvider
    cn.jpush.android.service.DataProvider
    com.apicloud.UIAlbumBrowser.MyProvider
    文件列表
    文件名 校验码
    AndroidManifest.xml 0x6dfe5406
    META-INF/CERT.RSA 0xd41357f
    META-INF/CERT.SF 0x28e35f9
    META-INF/MANIFEST.MF 0xd7d465f7
    assets/background.9.png 0x2b654113
    assets/buttonNegt.png 0xbf8691b8
    assets/buttonPost.png 0x6231c3b4
    assets/button_green.9.png 0xab4b0557
    assets/button_red.9.png 0xded221c2
    assets/com.tencent.open.config.json 0xb3d4a81a
    assets/com.tencent.plus.bar.png 0x5fd36d43
    assets/com.tencent.plus.blue_disable.png 0xf0e0db56
    assets/com.tencent.plus.blue_down.png 0xb6bdc1b
    assets/com.tencent.plus.blue_normal.png 0x18382c6e
    assets/com.tencent.plus.gray_disable.png 0x9375206c
    assets/com.tencent.plus.gray_down.png 0xcbe30e37
    assets/com.tencent.plus.gray_normal.png 0xbf8cba3
    assets/com.tencent.plus.ic_error.png 0xed6b2186
    assets/com.tencent.plus.ic_success.png 0x20ea665b
    assets/com.tencent.plus.logo.png 0x91dff5be
    assets/libwbsafeedit 0xb05a63a9
    assets/libwbsafeedit_64 0xf8f2144
    assets/libwbsafeedit_x86 0xfc7f4f0b
    assets/libwbsafeedit_x86_64 0xf630540c
    assets/uzmap/module.json 0x9c6ad14b
    assets/widget/config.xml 0x624789e0
    assets/widget/css/api.css 0x4b0394f8
    assets/widget/css/entry.css 0x5c6a12f8
    assets/widget/css/fonts/demo.css 0x5075edce
    assets/widget/css/fonts/demo_fontclass.html 0xf2b0233
    assets/widget/css/fonts/demo_symbol.html 0xf0a9c500
    assets/widget/css/fonts/demo_unicode.html 0x6247b831
    assets/widget/css/fonts/iconfont.css 0xfc96317a
    assets/widget/css/fonts/iconfont.eot 0xf278f7dd
    assets/widget/css/fonts/iconfont.js 0x6f837908
    assets/widget/css/fonts/iconfont.svg 0x7795d6a5
    assets/widget/css/fonts/iconfont.ttf 0x26e18fe1
    assets/widget/css/fonts/iconfont.woff 0xfb89dcf8
    assets/widget/css/index.css 0x6354fb6d
    assets/widget/error/error.html 0xa1dec292
    assets/widget/html/account/forget.html 0x8aca7c8c
    assets/widget/html/account/login.html 0x7c9d63b
    assets/widget/html/account/regist.html 0x701d9282
    assets/widget/html/article/index.html 0xd6afffd1
    assets/widget/html/coupon/category.html 0xbcf94557
    assets/widget/html/coupon/list.html 0x49767119
    assets/widget/html/coupon/upload.html 0xb642951c
    assets/widget/html/home.html 0x1f607b74
    assets/widget/html/link.html 0xdc8f5fe8
    assets/widget/html/main.html 0x82cc6318
    assets/widget/html/mine/index.html 0xbd290e89
    assets/widget/html/mine/userinfo.html 0xf2906d8e
    assets/widget/html/mine/wallet.html 0x9e7ea38c
    assets/widget/html/mine/withdraw.html 0xee0f60b4
    assets/widget/html/other.html 0xd7d7b827
    assets/widget/icon/icon150x150.png 0x86fee0f6
    assets/widget/image/loading_more.gif 0x9932f5cf
    assets/widget/index.html 0x707898d1
    assets/widget/js/api.js 0x9effde5b
    assets/widget/js/index.js 0xbbe52ba9
    assets/widget/js/jquery.min.js 0xfc29b748
    assets/widget/js/link.js 0xfc66acb9
    assets/widget/js/mint-ui.js 0xed013d69
    assets/widget/js/other.js 0x29f88e89
    assets/widget/js/vue.js 0xd14206b9
    assets/widget/launch/launch1080x1920.png 0xee64c12b
    assets/widget/script/api.js 0x8a72683e
    assets/yyb_appdetail_bg_floatingwindow.9.png 0x2e9abd8b
    assets/yyb_appdetail_showmore.png 0xcfd41321
    assets/yyb_friends.png 0xf969c41e
    assets/yyb_icon_back.png 0x58d07682
    assets/yyb_qq.png 0xa289050d
    assets/yyb_qzone.png 0x20e15be3
    assets/yyb_topbar.9.png 0x410133f6
    assets/yyb_weixin.png 0x3402b818
    classes.dex 0xa6fdd95e
    lib/armeabi/libjcore119.so 0x8b0d3311
    lib/armeabi/liblbs.so 0x8199b417
    lib/armeabi/librsjni.so 0xfacbedcd
    lib/armeabi/libsec.so 0x43c405e0
    res/color/mis_default_text_color.xml 0x134c4980
    res/color/mis_folder_text_color.xml 0x84c96eee
    res/drawable-hdpi-v4/uz_copyright.png 0x5a2774a9
    res/drawable-hdpi-v4/uz_icon.png 0x1ffa8ccb
    res/drawable-hdpi-v4/uz_pull_down_refresh_arrow.png 0x307098c1
    res/drawable-hdpi-v4/uz_splash_bg.png 0x1a0394d2
    res/drawable-mdpi-v4/uz_icon.png 0xbbdc124f
    res/drawable-mdpi-v4/uz_splash_bg.png 0x1a0394d2
    res/drawable-xhdpi-v4/mis_btn_back.png 0xfb1e1f30
    res/drawable-xhdpi-v4/mis_default_check_s.png 0xedd0a927
    res/drawable-xhdpi-v4/mis_ic_menu_back.png 0x93ca71eb
    res/drawable-xhdpi-v4/mis_preview_image_selected.png 0x57ecab1a
    res/drawable-xhdpi-v4/mis_preview_image_unselected.png 0xa3732d01
    res/drawable-xhdpi-v4/mis_selector_indicator.png 0xf1532e75
    res/drawable-xhdpi-v4/uz_icon.png 0x28ea48d2
    res/drawable-xhdpi-v4/uz_splash_bg.png 0x499cae89
    res/drawable-xxhdpi-v4/mis_asv.png 0x379aacc2
    res/drawable-xxhdpi-v4/mis_asy.png 0x8f0fb94b
    res/drawable-xxhdpi-v4/mis_btn_selected.png 0xc0e501e9
    res/drawable-xxhdpi-v4/mis_btn_unselected.png 0x19e66721
    res/drawable-xxhdpi-v4/mis_default_check.png 0x7f6580a8
    res/drawable-xxhdpi-v4/mis_default_error.png 0xf1d00cb7
    res/drawable-xxhdpi-v4/mis_group_camera_icon.png 0x9e34b971
    res/drawable-xxhdpi-v4/mis_group_selected_icon.png 0xbff4a79c
    res/drawable-xxhdpi-v4/mis_text_indicator.png 0x37fbad5a
    res/drawable-xxhdpi-v4/uz_icon.png 0x24e4d165
    res/drawable-xxhdpi-v4/uz_splash_bg.png 0x5264b0d7
    res/drawable/mis_action_btn.xml 0x503d5f35
    res/layout-v14/mis_fragment_multi_image.xml 0x854aaf22
    res/layout/mis_activity_default.xml 0xa002df2
    res/layout/mis_cmp_customer_actionbar.xml 0x6095b8f
    res/layout/mis_fragment_multi_image.xml 0x85ab632f
    res/layout/mis_group_image_layout.xml 0x2bef52e2
    res/layout/mis_list_item_camera.xml 0xe9906f5c
    res/layout/mis_list_item_folder.xml 0x8a1868e7
    res/layout/mis_list_item_image.xml 0x26b613f4
    res/layout/mis_preview_layout.xml 0xf21d6cf3
    res/layout/mis_preview_pager_layout.xml 0x8bafaacc
    res/layout/mo_demo_main_activity.xml 0x87c92cbb
    resources.arsc 0xcb0315d4
    运行截图
    VirSCAN

Au sujet de VirSCAN | Politique de confidentialité | Contacts | 友情链接 | Aider VirSCAN
Traduit par Gérard Mélone (Paris)
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号