VirSCAN VirSCAN

1, 당신은 모든 파일을 업로드할 수 있지만 최대 20Mb의 용량제한이 있다.
2, Rar/Zip 파일은 자동압축해제를 하지만 내부에 20개 파일보다 적어야 한다.
3, 압축된 파일이 'infected' 또는 'virus'로 암호화된 경우 진단할 수 있다.

언어선택
서비스 로드
Server Load



파일 정보
파일 이름 : 最好时钟TellMeTheTime115.apk (File not down)
파일 크기 :627051 byte
파일 형식 :application/jar
MD5:d3e8a2c168695c9617dddda0af920e8e
SHA1:747d12bb3fb9fe0df5d6fd5d490b60c7aa7cf48c
  • 扫描结果
  • 权限
  • 文件行为分析
  • 검사 결과
    검사 결과:0%스캐너(0/32)바이러스 발견!        Behavior
    시간: 2018-01-13 20:41:22 (CST)
    VirSCANVirSCAN
    백신제품 엔진 버전 시그니처 버전 시그니처 날짜 검사 결과 시간
    antiy AVL SDK 2.0 1970-01-01 미발견 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 미발견 1
    avast 170303-1 4.7.4 2017-03-03 미발견 60
    avg 2109/14785 10.0.1405 2018-01-04 미발견 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 미발견 6
    baidusd 1.0 1.0 2017-03-22 미발견 1
    bitdefender 7.58879 7.90123 2015-01-16 미발견 60
    clamav 24212 0.97.5 2018-01-11 미발견 60
    drweb 5.0.2.3300 5.0.1.1 2017-11-04 미발견 60
    fortinet 1.000, 54.385, 54.343, 54.201 5.4.247 2018-01-13 미발견 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 미발견 60
    fsecure 2015-08-01-02 9.13 2015-08-01 미발견 60
    gdata 25.15650 25.15650 2018-01-12 미발견 13
    ikarus 4.00.03 V1.32.31.0 2018-01-12 미발견 60
    jiangmin 16.0.100 1.0.0.0 2017-12-22 미발견 2
    kaspersky 5.5.33 5.5.33 2014-04-01 미발견 60
    kingsoft 2.1 2.1 2018-01-12 미발견 4
    mcafee 8620 5400.1158 2017-08-12 미발견 60
    nod32 6720 3.0.21 2018-01-11 미발견 60
    panda 9.05.01 9.05.01 2018-01-12 미발견 4
    pcc 13.302.06 9.500-1005 2017-03-27 미발견 60
    qh360 1.0.1 1.0.1 1.0.1 미발견 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 미발견 60
    quickheal 14.00 14.00 2017-11-18 미발견 3
    rising 3090 3090 2017-12-26 미발견 2
    sophos 5.32 3.65.2 2016-10-10 미발견 60
    symantec 20151230.005 1.3.0.24 2015-12-30 미발견 60
    tachyon 9.9.9 9.9.9 2013-12-27 미발견 9
    thehacker 6.8.0.5 6.8.0.5 2018-01-08 미발견 2
    tws 17.47.17308 1.0.2.2108 2018-01-12 미발견 14
    vba 3.12.29.5 beta 3.12.29.5 beta 2018-01-12 미발견 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 미발견 60
    Heuristic/Suspicious Exact
    경고: 일부 스캐너가 바이러스를 진단했을때 오진일 수 있으며, 그것에 대하여 자신 스스로가 판단하여야 한다.
    클립보드에 복사
  • 权限列表
    许可名称信息
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.VIBRATE允许设备震动
  • 文件信息
    安全评分 :
    基本信息
    MD5:d3e8a2c168695c9617dddda0af920e8e
    包名:TellMeTheTime.App
    最低运行环境:Android 2.2.x
    版权:-
    关键行为
    行为描述:杀掉进程
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe
    行为描述:获取TickCount值
    详情信息:TickCount = 222403, SleepMilliseconds = 200.
    TickCount = 222418, SleepMilliseconds = 200.
    TickCount = 222434, SleepMilliseconds = 200.
    TickCount = 222496, SleepMilliseconds = 200.
    TickCount = 222512, SleepMilliseconds = 200.
    TickCount = 222543, SleepMilliseconds = 200.
    TickCount = 222559, SleepMilliseconds = 200.
    TickCount = 230653, SleepMilliseconds = 200.
    TickCount = 230668, SleepMilliseconds = 200.
    TickCount = 231965, SleepMilliseconds = 200.
    TickCount = 232012, SleepMilliseconds = 200.
    TickCount = 244340, SleepMilliseconds = 200.
    TickCount = 244403, SleepMilliseconds = 200.
    TickCount = 244418, SleepMilliseconds = 200.
    TickCount = 244434, SleepMilliseconds = 200.
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x0001033c, Text = 无界浏览 17.04, ClassName = #32770.
    行为描述:查找PE资源信息
    详情信息:(FindResourceA) hModule = 0x00000000, ResName: , ResType: BIN
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012018011320180114
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x919b6d40, EDX = 0x000000b8
    EAX = 0x919b6d8c, EDX = 0x000000b8
    EAX = 0x919b6dd8, EDX = 0x000000b8
    EAX = 0x919b6e24, EDX = 0x000000b8
    EAX = 0xb12774f1, EDX = 0x000000b8
    EAX = 0xb66243aa, EDX = 0x000000b8
    EAX = 0xcb78ad9d, EDX = 0x000000b8
    进程行为
    行为描述:隐藏窗口创建进程
    详情信息:ImagePath = , CmdLine = C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe -L="127.0.0.1:9666" -CID="2e7bd183", -ProgPath="C:\Documents and Settings\Administrator\Local Settings\%temp%\\" -TmpPath="C:\Documents and Settings\Administrator\Local Setting
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2808, ThreadID = 2820, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2808, ThreadID = 2824, StartAddress = 5FE01259, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2808, ThreadID = 2832, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2808, ThreadID = 2836, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2808, ThreadID = 2880, StartAddress = 004BEE47, Parameter = 011760D0
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2808, ThreadID = 2948, StartAddress = 004BEE47, Parameter = 01178DD0
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2808, ThreadID = 2952, StartAddress = 004BEE47, Parameter = 01178BB0
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 2980, StartAddress = 0044CF50, Parameter = 4CB3E000
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 2984, StartAddress = 0044CF50, Parameter = 4CB3E240
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 2988, StartAddress = 0044CF50, Parameter = 4CB3E480
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 2992, StartAddress = 0044CF50, Parameter = 4CB9CFC0
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 2996, StartAddress = 0044CF50, Parameter = 4CB3E6C0
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 3000, StartAddress = 0044CF50, Parameter = 4CB3E900
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 3004, StartAddress = 0044CF50, Parameter = 4CB3EB40
    TargetProcess: u.exe, InheritedFromPID = 2808, ProcessID = 2940, ThreadID = 3032, StartAddress = 0044CF50, Parameter = 4CB3ED80
    行为描述:创建新文件进程
    详情信息:[0x00000b7c]ImagePath = C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe, CmdLine = "C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe" -L="127.0.0.1:9666" -CID="2e7bd183", -ProgPath="C:\Documents and Settings\Administrator\Local Settings\%temp%\\" -TmpPath="C:\Documents and Settings\Administrator\Local Setti
    行为描述:杀掉进程
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\19d5
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Pfftrbewpx9t6a1m
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Lpibviwjgb0i9j0j
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Lqqdsmjtek3i0i1m
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe
    C:\Documents and Settings\Administrator\PUTTY.RND
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012018011320180114\index.dat
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS\system32\Ras\*.pbk
    FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\wifpttubguwe\*
    FileName = C:\WINDOWS\*
    FileName = C:\Documents and Settings\Administrator\Local Settings\History
    FileName = C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012016091220160913\*.*
    FileName = C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012018011320180114\*.*
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\19d5
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Pfftrbewpx9t6a1m
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Lpibviwjgb0i9j0j
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Lqqdsmjtek3i0i1m
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\noConnect[3]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\bullet[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\ErrorPageTemplate[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\dnserrordiagoff_webOC[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\down[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\navcancl[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\dnserrordiagoff[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\tools[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\info_48[2]
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012018011320180114
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Pfftrbewpx9t6a1m ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Lpibviwjgb0i9j0j ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\Lqqdsmjtek3i0i1m ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe ---> Offset = 1986560
    C:\Documents and Settings\Administrator\PUTTY.RND ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012018011320180114\index.dat ---> Offset = 0
    网络行为
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: do****om
    GetAddrInfoW: a0****om
    GetAddrInfoW: ie****om
    GetAddrInfoW: ra****et
    GetAddrInfoW: fa****et
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
    \REGISTRY\USER\S-*\Software\Microsoft\MediaPlayer\Preferences\UseHTTP
    \REGISTRY\USER\S-*\Software\Microsoft\MediaPlayer\Preferences\UseTCP
    \REGISTRY\USER\S-*\Software\Microsoft\MediaPlayer\Preferences\UseUDP
    \REGISTRY\USER\S-*\Software\Microsoft\MediaPlayer\Preferences\UseMulticast
    \REGISTRY\USER\S-*\Software\Microsoft\MediaPlayer\Preferences\ProxySettings\HTTP\ProxyBypass
    \REGISTRY\USER\S-*\Software\Microsoft\MediaPlayer\Preferences\ProxySettings\HTTP\ProxyStyle
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1C00
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\CurrentLevel
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Main\Isolation
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
    行为描述:删除注册表键
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016091220160913\
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018011320180114\
    行为描述:修改注册表_IE连接设置
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Main\Isolation
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TypedURLs\url1
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TypedURLs\url2
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TypedURLs\url3
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TypedURLs\url4
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TypedURLs\url5
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    RasPbFile
    MSCTF.Shared.MUTEX.IOH
    MSCTF.Shared.MUTEX.MPK
    _!SHMSFTHISTORY!_
    Local\c:!documents and settings!administrator!local settings!history!history.ie5!mshist012018011320180114!
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = U2T48FAER2EL
    EventName = Global\userenv: User Profile setup event
    EventName = MSCTF.SendReceive.Event.MPK.IC
    EventName = MSCTF.SendReceiveConection.Event.MPK.IC
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x919b6d40, EDX = 0x000000b8
    EAX = 0x919b6d8c, EDX = 0x000000b8
    EAX = 0x919b6dd8, EDX = 0x000000b8
    EAX = 0x919b6e24, EDX = 0x000000b8
    EAX = 0xb12774f1, EDX = 0x000000b8
    EAX = 0xb66243aa, EDX = 0x000000b8
    EAX = 0xcb78ad9d, EDX = 0x000000b8
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:窗口信息
    详情信息:Pid = 2808, Hwnd=0x10340, Text = 打开IE, ClassName = Button.
    Pid = 2808, Hwnd=0x10342, Text = Chrome, ClassName = Button.
    Pid = 2808, Hwnd=0x10344, Text = 高级设置, ClassName = Button.
    Pid = 2808, Hwnd=0x10346, Text = 帮助, ClassName = Button.
    Pid = 2808, Hwnd=0x10348, Text = 隐藏, ClassName = Button.
    Pid = 2808, Hwnd=0x1034a, Text = 退出, ClassName = Button.
    Pid = 2808, Hwnd=0x1034c, Text = 无界浏览, ClassName = Static.
    Pid = 2808, Hwnd=0x1034e, Text = 服务器选择, ClassName = Static.
    Pid = 2808, Hwnd=0x10350, Text = 连接速度, ClassName = Static.
    Pid = 2808, Hwnd=0x10358, Text = 0%, ClassName = Static.
    Pid = 2808, Hwnd=0x1035a, Text = 0%, ClassName = Static.
    Pid = 2808, Hwnd=0x1035c, Text = 0%, ClassName = Static.
    Pid = 2808, Hwnd=0x1035e, Text = Progress1, ClassName = msctls_progress32.
    Pid = 2808, Hwnd=0x10360, Text = Progress1, ClassName = msctls_progress32.
    Pid = 2808, Hwnd=0x10362, Text = Progress1, ClassName = msctls_progress32.
    行为描述:获取TickCount值
    详情信息:TickCount = 222403, SleepMilliseconds = 200.
    TickCount = 222418, SleepMilliseconds = 200.
    TickCount = 222434, SleepMilliseconds = 200.
    TickCount = 222496, SleepMilliseconds = 200.
    TickCount = 222512, SleepMilliseconds = 200.
    TickCount = 222543, SleepMilliseconds = 200.
    TickCount = 222559, SleepMilliseconds = 200.
    TickCount = 230653, SleepMilliseconds = 200.
    TickCount = 230668, SleepMilliseconds = 200.
    TickCount = 231965, SleepMilliseconds = 200.
    TickCount = 232012, SleepMilliseconds = 200.
    TickCount = 244340, SleepMilliseconds = 200.
    TickCount = 244403, SleepMilliseconds = 200.
    TickCount = 244418, SleepMilliseconds = 200.
    TickCount = 244434, SleepMilliseconds = 200.
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x0001033c, Text = 无界浏览 17.04, ClassName = #32770.
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    Global\SvcctrlStartEvent_A3752DX
    \INSTALLATION_SECURITY_HOLD
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    _fCanRegisterWithShellService
    行为描述:查找PE资源信息
    详情信息:(FindResourceA) hModule = 0x00000000, ResName: , ResType: BIN
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe(签名验证: 未通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 200.
    [2]: MilliSeconds = 200.
    [3]: MilliSeconds = 200.
    [4]: MilliSeconds = 250.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,tooltips_class32]
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\utmp\u.exe ---> 6e8821da6bbaaac5784fad0b0dde63c3
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Local\_!MSFTHISTORY!_
    Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
    Local\c:!documents and settings!administrator!cookies!
    Local\c:!documents and settings!administrator!local settings!history!history.ie5!
    Local\WininetStartupMutex
    Local\WininetConnectionMutex
    Local\WininetProxyRegistryMutex
    RasPbFile
    _!SHMSFTHISTORY!_
    Local\c:!documents and settings!administrator!local settings!history!history.ie5!mshist012018011320180114!
    Activities
    活动名类型
    .TellMeTheTimeandroid.intent.action.MAIN
    .TellMeTheTimeandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    android/app/NotificationManager;->notify信息通知栏
    启动方式
    名称信息
    com.ame.android.mediabutton.MediaButtonReceiver
    TellMeTheTime.App.BootupReceiver开机启动服务
    权限列表
    许可名称信息
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.VIBRATE允许设备震动
    服务列表
    名称
    TellMeTheTime.App.TellMeTheTimeService
    文件列表
    文件名 校验码
    res/anim/fadein.xml 0x5ef0d9bc
    res/anim/fadeinback.xml 0x1545399b
    res/anim/fadeout.xml 0x95e5417
    res/anim/fadeoutback.xml 0xc4cc1f8d
    res/drawable/button_selector.xml 0xbedc0851
    res/drawable/button_shape_pressed.xml 0x8a7e6c95
    res/layout/close.xml 0x68d2ef02
    res/layout/info.xml 0xd4819a83
    res/layout/language.xml 0xbcf49d9d
    res/layout/main.xml 0x1bda61c1
    res/layout/seekbar.xml 0x336e0e6
    res/menu/opt_menu.xml 0x91bdcec
    res/xml/preference_appearance.xml 0x2539c8fd
    res/xml/preference_audio.xml 0xe5b0eace
    res/xml/preference_control.xml 0xec30ea
    res/xml/preference_control_headset.xml 0xc1cb7f99
    res/xml/preference_control_interval.xml 0x890a7b7f
    res/xml/preference_control_night.xml 0x568ebee9
    res/xml/preference_control_open.xml 0x1c529fd6
    res/xml/preference_control_power.xml 0xf8a77c56
    res/xml/preference_control_proximity.xml 0x91ed26ae
    res/xml/preference_control_shake.xml 0xde6d868d
    res/xml/preference_main.xml 0xc31a9765
    res/xml/preference_system.xml 0x3ef9056f
    AndroidManifest.xml 0x22df4b03
    resources.arsc 0xf9f045be
    res/drawable-hdpi/google_tts.png 0x5b090520
    res/drawable-hdpi/ic_launcher.png 0x3aa5e2b2
    res/drawable-hdpi/ic_menu_close_clear_cancel.png 0x35e560b3
    res/drawable-hdpi/ic_menu_info_details.png 0x97180586
    res/drawable-hdpi/ic_menu_night_clock.png 0xf973d110
    res/drawable-hdpi/ic_menu_preferences.png 0x88421ab2
    res/drawable-hdpi/ic_menu_speaking_clock.png 0xe1cb86bd
    res/drawable-hdpi/ic_state_night_clock.png 0x9d4e2ab3
    res/drawable-hdpi/ic_state_pulse_generator.png 0x3779bdfb
    res/drawable-hdpi/ivona_de.png 0x866b5103
    res/drawable-hdpi/ivona_es.png 0x62d72365
    res/drawable-hdpi/ivona_es_us.png 0xa75f2676
    res/drawable-hdpi/ivona_fr.png 0xb8765810
    res/drawable-hdpi/ivona_it.png 0xec4c833d
    res/drawable-hdpi/ivona_pl.png 0x558f539e
    res/drawable-hdpi/ivona_uk.png 0xcab48c30
    res/drawable-hdpi/ivona_us.png 0x3486a3c4
    res/drawable-hdpi/svox_cs.png 0xab84bbb3
    res/drawable-hdpi/svox_de.png 0xd5ecc30c
    res/drawable-hdpi/svox_es.png 0x1fe6b20
    res/drawable-hdpi/svox_fr.png 0x5d1fad5e
    res/drawable-hdpi/svox_it.png 0xca939098
    res/drawable-hdpi/svox_nl.png 0xc82926d4
    res/drawable-hdpi/svox_pl.png 0xc7337778
    res/drawable-hdpi/svox_pt.png 0xdb8304a6
    res/drawable-hdpi/svox_ru.png 0xa08cdd81
    res/drawable-hdpi/svox_tr.png 0x62db2687
    res/drawable-hdpi/svox_uk.png 0xfccd2a4e
    res/drawable-hdpi/svox_us.png 0xe50072a
    res/drawable-hdpi/svox_zh.png 0x12f420fa
    res/drawable-hdpi-v11/ic_action_night_clock.png 0xd2f87fd4
    res/drawable-hdpi-v11/ic_action_speaking_clock.png 0x46ec2174
    res/drawable-hdpi-v11/ic_state_night_clock.png 0x5bcc33c5
    res/drawable-hdpi-v11/ic_state_pulse_generator.png 0xf44898c3
    res/drawable-ldpi/google_tts.png 0xa39f5e2
    res/drawable-ldpi/ic_launcher.png 0x2c7d1540
    res/drawable-ldpi/ic_menu_close_clear_cancel.png 0x60fd15a
    res/drawable-ldpi/ic_menu_info_details.png 0x6d57b9a6
    res/drawable-ldpi/ic_menu_night_clock.png 0xd3046cee
    res/drawable-ldpi/ic_menu_preferences.png 0xdc94ac81
    res/drawable-ldpi/ic_menu_speaking_clock.png 0xb5c4536f
    res/drawable-ldpi/ic_state_night_clock.png 0xce426430
    res/drawable-ldpi/ic_state_pulse_generator.png 0xec00d53c
    res/drawable-ldpi/ivona_de.png 0x74741a22
    res/drawable-ldpi/ivona_es.png 0x2258b443
    res/drawable-ldpi/ivona_es_us.png 0x27a4c55b
    res/drawable-ldpi/ivona_fr.png 0xbb92f166
    res/drawable-ldpi/ivona_it.png 0x7d570599
    res/drawable-ldpi/ivona_pl.png 0xe0b02739
    res/drawable-ldpi/ivona_uk.png 0x70d943ca
    res/drawable-ldpi/ivona_us.png 0x7c831f62
    res/drawable-ldpi/svox_cs.png 0x34a5fbcb
    res/drawable-ldpi/svox_de.png 0x6ec6dc84
    res/drawable-ldpi/svox_es.png 0x21a6f27
    res/drawable-ldpi/svox_fr.png 0x40c08f76
    res/drawable-ldpi/svox_it.png 0x5a287962
    res/drawable-ldpi/svox_nl.png 0x7d5f8e33
    res/drawable-ldpi/svox_pl.png 0x95a42250
    res/drawable-ldpi/svox_pt.png 0xfb8fe048
    res/drawable-ldpi/svox_ru.png 0x84be5549
    res/drawable-ldpi/svox_tr.png 0x28eec29d
    res/drawable-ldpi/svox_uk.png 0xbb3ed0df
    res/drawable-ldpi/svox_us.png 0x3c62a33a
    res/drawable-ldpi/svox_zh.png 0x4ec78ade
    res/drawable-mdpi/google_tts.png 0x163da3d7
    res/drawable-mdpi/ic_launcher.png 0x4333b63
    res/drawable-mdpi/ic_menu_close_clear_cancel.png 0xc02adaec
    res/drawable-mdpi/ic_menu_info_details.png 0x6ffdbb4b
    res/drawable-mdpi/ic_menu_night_clock.png 0x4dc501a9
    res/drawable-mdpi/ic_menu_preferences.png 0x3ed1eb33
    res/drawable-mdpi/ic_menu_speaking_clock.png 0xd20319ce
    res/drawable-mdpi/ic_state_night_clock.png 0xc9b4e78c
    res/drawable-mdpi/ic_state_pulse_generator.png 0x1bde7814
    res/drawable-mdpi/ivona_de.png 0x25ce4cd1
    res/drawable-mdpi/ivona_es.png 0xa95dbb1c
    res/drawable-mdpi/ivona_es_us.png 0x5dbadea
    res/drawable-mdpi/ivona_fr.png 0x192eb2f9
    res/drawable-mdpi/ivona_it.png 0xd4fe93df
    res/drawable-mdpi/ivona_pl.png 0x53adf5c
    res/drawable-mdpi/ivona_uk.png 0x57e3f754
    res/drawable-mdpi/ivona_us.png 0x229613b9
    res/drawable-mdpi/svox_cs.png 0xcf127a78
    res/drawable-mdpi/svox_de.png 0xf56dfca6
    res/drawable-mdpi/svox_es.png 0x9cfc0715
    res/drawable-mdpi/svox_fr.png 0x9cab6dc9
    res/drawable-mdpi/svox_it.png 0x1ea47e54
    res/drawable-mdpi/svox_nl.png 0xa6737ef
    res/drawable-mdpi/svox_pl.png 0xc4c3f812
    res/drawable-mdpi/svox_pt.png 0xedc5295e
    res/drawable-mdpi/svox_ru.png 0x5446d11b
    res/drawable-mdpi/svox_tr.png 0x153f7421
    res/drawable-mdpi/svox_uk.png 0xee304fd6
    res/drawable-mdpi/svox_us.png 0xf8bc0f79
    res/drawable-mdpi/svox_zh.png 0xe433a89f
    res/drawable-mdpi-v11/ic_action_night_clock.png 0x82f7d808
    res/drawable-mdpi-v11/ic_action_speaking_clock.png 0x3ba33c22
    res/drawable-mdpi-v11/ic_state_night_clock.png 0xf3131aa9
    res/drawable-mdpi-v11/ic_state_pulse_generator.png 0x140a63e3
    res/drawable-xhdpi/ic_launcher.png 0x3e0c6223
    res/drawable-xhdpi/ic_menu_night_clock.png 0xed77df63
    res/drawable-xhdpi/ic_menu_speaking_clock.png 0xf6e17659
    res/drawable-xhdpi/ic_state_night_clock.png 0x6df4590
    res/drawable-xhdpi/ic_state_pulse_generator.png 0x8e2bfc3a
    res/drawable-xhdpi-v11/ic_action_night_clock.png 0xbfcd4c66
    res/drawable-xhdpi-v11/ic_action_speaking_clock.png 0x5a48af83
    res/drawable-xhdpi-v11/ic_state_night_clock.png 0x706f1c96
    res/drawable-xhdpi-v11/ic_state_pulse_generator.png 0x1fb9d543
    res/drawable-xxhdpi/ic_launcher.png 0x4084bf93
    res/drawable-xxhdpi/ic_state_night_clock.png 0x752536a9
    res/drawable-xxhdpi/ic_state_pulse_generator.png 0xc0d69654
    res/drawable-xxhdpi-v11/ic_action_night_clock.png 0x16edf9b1
    res/drawable-xxhdpi-v11/ic_action_speaking_clock.png 0xd572343
    res/drawable-xxhdpi-v11/ic_state_night_clock.png 0x73e63c9c
    res/drawable-xxhdpi-v11/ic_state_pulse_generator.png 0x31cb7825
    classes.dex 0x3796713
    META-INF/MANIFEST.MF 0xcf2ea0b8
    META-INF/CERT.SF 0x90c1cff2
    META-INF/CERT.RSA 0x900cb5a3
    运行截图
    VirSCAN

VirSCAN 이란 | 개인정책 | 연락 | 友情链接 | 도움지원
Translated by Gus (south korea)
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号