VirSCAN VirSCAN

1, คุณสามารถอัพโหลดไฟล์ไดๆก็ได้ที่มีขนาดไม่ใหญ่กว่า 20 เมกกะไบต์
2, VirSCAN สามารถสแกนไฟล์ที่ถูกบีบอัดในรูปแบบของ ZIP และ RAR โดยจะต้องมีไฟล์ในนั้นไม่สูงกว่า 20 ไฟล์
3, VirSCAN สามารถสแกนไฟล์บีบอัดที่มีรหัสผ่านด้วยคำว่า 'infected' และ 'virus' ได้

ภาษา
การทำงานของเซิฟเวอร์
Server Load

ข้อมูลไฟล์
ชื่อไฟล์ :金中投超强版_1.0.apk (ไฟล์ไม่ลง)
ขนาดของไฟล์ :640670 byte
ประเภทของไฟล์ :application/zip
MD5:b6f6908b480d48db223a0ce217e44f07
SHA1:9108723cb87dc56270224c67c84bc52bb6cee899
  • 扫描结果
  • 权限
  • 文件行为分析
  • ผลสรุปการสแกน
    ผลสรุปการสแกน:3% โปรแกรม (1/32)พบมัลแวร์!
    รายงานการวิเคราะห์พฤติกรรม:         การวิเคราะห์ไฟล์ Habo
    เวลา: 2015-09-27 00:31:10 (CST)
    VirSCANVirSCAN
    สแกนเนอร์ เวอร์ชั่นเอ็นจิน เวอร์ชั่นของฐานข้อมูล ฐานข้อมูลวันที่ ผลการสแกน เวลา
    antiy AVL SDK 3.0 1970-01-01 ไม่พบอะไร 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 ไม่พบอะไร 1
    avast 150725-1 4.7.4 2015-07-25 ไม่พบอะไร 0
    avg 2109/8133 10.0.1405 2014-11-26 ไม่พบอะไร 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 ไม่พบอะไร 5
    baidusd 1.0 1.0 2014-04-02 ไม่พบอะไร 1
    bitdefender 7.58469 7.90123 2014-12-25 ไม่พบอะไร 0
    clamav 19861 0.97.5 2014-12-31 ไม่พบอะไร 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 ไม่พบอะไร 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 ไม่พบอะไร 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 ไม่พบอะไร 0
    fsecure 2014-04-02-01 9.13 2014-04-02 ไม่พบอะไร 0
    gdata 25.3614 25.3614 2015-09-26 ไม่พบอะไร 9
    ikarus 1.06.01 V1.32.31.0 2014-12-08 ไม่พบอะไร 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 ไม่พบอะไร 42
    kaspersky 5.5.33 5.5.33 2014-04-01 ไม่พบอะไร 0
    kingsoft 2.1 2.1 2013-09-22 ไม่พบอะไร 6
    mcafee 7638 5400.1158 2014-11-30 ไม่พบอะไร 0
    nod32 0920 3.0.21 2014-12-23 ไม่พบอะไร 0
    panda 9.05.01 9.05.01 2015-07-26 ไม่พบอะไร 4
    pcc 11.380.07 9.500-1005 2014-12-31 ไม่พบอะไร 0
    qh360 1.0.1 1.0.1 1.0.1 Win32/Trojan.1ef 5
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 ไม่พบอะไร 0
    quickheal 14.00 14.00 2015-07-25 ไม่พบอะไร 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 ไม่พบอะไร 3
    sophos 5.08 3.55.0 2014-12-01 ไม่พบอะไร 0
    symantec 20141230.001 1.3.0.24 2014-12-30 ไม่พบอะไร 0
    tachyon 9.9.9 9.9.9 2013-12-27 ไม่พบอะไร 5
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 ไม่พบอะไร 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 ไม่พบอะไร 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 ไม่พบอะไร 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 ไม่พบอะไร 0
    Heuristic/Suspicious Exact
    คำเตือน : การตรวจจับอาจมีการผิดพลาดเกิดขึ้นบ้าง คุณควรพิจารณาด้วยตัวคุณเองด้วย
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.READ_PHONE_STATE读取电话状态
  • 文件信息
    安全评分 :
    基本信息
    MD5:b6f6908b480d48db223a0ce217e44f07
    包名:com.ZhongtouSecurity.qs.app.android
    最低运行环境:Android 1.5
    版权:ShouJiKaiFaZu
    关键行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.MJB..JKAHH
    MSCTF.MarshalInterface.FileMap.MJB.B.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.C.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.D.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.E.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.F.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.G.JLAHH
    MSCTF.Shared.SFM.MJB
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000202b2, Text = EX4-TO-MQ4 Decompiler Software ( www.forex-warez.com ), ClassName = TForm1.
    hWnd = 0x000202a8, Text = , ClassName = TApplication.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [EX4-TO-MQ4 Decompiler Software ( www.forex-warez.com ),TForm1]
    进程行为
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.MJB..JKAHH
    MSCTF.MarshalInterface.FileMap.MJB.B.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.C.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.D.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.E.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.F.JLAHH
    MSCTF.MarshalInterface.FileMap.MJB.G.JLAHH
    MSCTF.Shared.SFM.MJB
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 20
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 35
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 49
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 61
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 70
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 77
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 87
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 17
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 32
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 46
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 58
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 67
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 74
    C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.ini---> Offset = 84
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.zh-CN
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.zh-Hans
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.zh
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.CHS
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.CH
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.MJB
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [EX4-TO-MQ4 Decompiler Software ( www.forex-warez.com ),TForm1]
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000202b2, Text = EX4-TO-MQ4 Decompiler Software ( www.forex-warez.com ), ClassName = TForm1.
    hWnd = 0x000202a8, Text = , ClassName = TApplication.
    行为描述:窗口信息
    详情信息:Pid = 1476, Hwnd=0x202ae, Text = EX4-TO-MQ4 Decompiler Software 4.0.509.5, ClassName = TStatusBar.
    Pid = 1476, Hwnd=0x202c6, Text = Vars prefixes: , ClassName = TGroupBox.
    Pid = 1476, Hwnd=0x202b0, Text = A, ClassName = TEdit.
    Pid = 1476, Hwnd=0x302b8, Text = L, ClassName = TEdit.
    Pid = 1476, Hwnd=0x302da, Text = G, ClassName = TEdit.
    Pid = 1476, Hwnd=0x202ca, Text = Update, ClassName = TButton.
    Pid = 1476, Hwnd=0x202c8, Text = Append ~ for mq4 file name, ClassName = TCheckBox.
    Pid = 1476, Hwnd=0x202c2, Text = Generate mqh for library, ClassName = TCheckBox.
    Pid = 1476, Hwnd=0x202d8, Text = Smart variable names rename, ClassName = TCheckBox.
    Pid = 1476, Hwnd=0x302dc, Text = Open MQ4, ClassName = TButton.
    Pid = 1476, Hwnd=0x202b2, Text = EX4-TO-MQ4 Decompiler Software ( www.forex-warez.com ), ClassName = TForm1.
    动态列表行为
    行为描述:注册广播接收器
    详情信息:[u'ca@414bebe0', u'android.content.IntentFilter@41555858']
    [u'ca@414da748', u'android.content.IntentFilter@415283a8']
    行为描述:读取系统设置
    详情信息:[u'android.app.ContextImpl$ApplicationContentResolver@41532e20', u'sound_effects_enabled']
    [u'android.app.ContextImpl$ApplicationContentResolver@41532e20', u'sound_effects_enabled']
    行为描述:初始化IntentFilter
    详情信息:[u'SMS_SEND_ACTIOIN']
    [u'SMS_DELIVERED_ACTION']
    行为描述:窗口信息
    详情信息:{"text": "连接服务器选择", "class": "android.widget.TextView"}
    {"text": "深圳移动", "class": "android.widget.RadioButton"}
    {"text": "深圳电信", "class": "android.widget.RadioButton"}
    {"text": "证通移动", "class": "android.widget.RadioButton"}
    {"text": "西安电信", "class": "android.widget.RadioButton"}
    {"text": "提示:请在以上列表中选择您的服务器.", "class": "android.widget.TextView"}
    {"text": "确定", "class": "android.widget.Button"}
    {"text": "取消", "class": "android.widget.Button"}
    {"text": "选择网络", "class": "android.widget.TextView"}
    {"text": "移动梦网(cmwap) 联通无限(uniwap)", "class": "android.widget.RadioButton"}
    {"text": "互联网http", "class": "android.widget.RadioButton"}
    {"text": "互联网net", "class": "android.widget.RadioButton"}
    {"text": "提示:请在列表中选择一个与手机接入点设置相匹配的联网方式,如果您不清楚接入点设置,请按“取消”,程序会自动检测可用的联网设置.", "class": "android.widget.TextView"}
    {"text": "确定", "class": "android.widget.Button"}
    {"text": "取消", "class": "android.widget.Button"}
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414edd90', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414afc58']
    行为描述:初始化Intent
    详情信息:[]
    [u'android.os.Parcel@414ad2a0']
    行为描述:调用Intent的setAction
    详情信息:[u'android.intent.action.MAIN']
    行为描述:激活Activity
    详情信息:{"ACTION":"android.intent.action.MAIN","FLAG":268435456,"CATEGORIES":"[android.intent.category.LAUNCHER]","COMPONENT_NAME":"ComponentInfo{com.ZhongtouSecurity.qs.app.android\/com.hexin.qs.app.android.Hexin}"}
    行为描述:数据库查询
    详情信息:[u'style', u'[record_id]', u'null', u'null', u'null', u'null', u'null']
    [u'adjuststyle', u'[record_id]', u'null', u'null', u'null', u'null', u'null']
    [u'logoinfo', u'[record_id]', u'null', u'null', u'null', u'null', u'null']
    [u'address', u'[record_id]', u'null', u'null', u'null', u'null', u'null']
    [u'network', u'[record_id]', u'null', u'null', u'null', u'null', u'null']
    [u'config', u'[record_id]', u'null', u'null', u'null', u'null', u'null']
    [u'resource', u'[record_id]', u'null', u'null', u'null', u'null', u'null']
    行为描述:获取设备ID
    详情信息:357143040944263
    Activities
    活动名类型
    com.hexin.qs.app.android.Statementandroid.intent.action.MAIN
    com.hexin.qs.app.android.Statementandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    getRuntime获取命令行环境
    SmsManager;->sendTextMessage发送普通短信
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.READ_PHONE_STATE读取电话状态
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xf562c4fa
    META-INF/HEXIN_KE.SF 0x3e172e84
    META-INF/HEXIN_KE.RSA 0x2b249957
    assets/address.png 0x82c42862
    assets/adjuststyle.png 0x29f9af28
    assets/config.ini 0x2f17a9cf
    assets/disclaimer.txt 0x440500ac
    assets/hand.png 0xa4059574
    assets/logoinfo.png 0x83ec2fce
    assets/network.png 0xba8bd1a9
    assets/pubkey.png 0x59200d26
    assets/style.png 0x4272055
    assets/zi.dat 0x950fa2e
    res/drawable/a128.png 0x35d55d13
    res/drawable/a129.png 0x691040a1
    res/drawable/a130.png 0xde8a6b22
    res/drawable/a131.png 0x7d443e79
    res/drawable/a132.png 0x295a0efe
    res/drawable/a133.png 0xc579d898
    res/drawable/a134.png 0xcf7c3b1f
    res/drawable/a135.png 0xb7e26576
    res/drawable/a136.png 0x1894eb02
    res/drawable/a137.png 0xbb84e483
    res/drawable/a138.png 0xcdb8be03
    res/drawable/a139.png 0x38788cb7
    res/drawable/a140.png 0xcb9452ea
    res/drawable/a141.png 0x6d901580
    res/drawable/a142.png 0xaecb0282
    res/drawable/a143.png 0x918a3dd8
    res/drawable/a145.png 0x21cf404d
    res/drawable/a150.png 0xb64c9cde
    res/drawable/a151.png 0xa1933445
    res/drawable/a153.png 0x2447649d
    res/drawable/a156.png 0x24b2d350
    res/drawable/a157.png 0xaa862711
    res/drawable/a158.png 0xb3b79b9f
    res/drawable/a159.png 0xffce9969
    res/drawable/a160.png 0xf3c7437
    res/drawable/a162.png 0xa1b9f66b
    res/drawable/a163.png 0xa43a3c00
    res/drawable/a256.png 0xa53cfe30
    res/drawable/a257.png 0x302a4144
    res/drawable/a258.png 0x57806b01
    res/drawable/a259.png 0x27d5933c
    res/drawable/a260.png 0xca60598d
    res/drawable/a261.png 0x3f7cd5bc
    res/drawable/a262.png 0x4c4126d5
    res/drawable/a263.png 0xbe50a6f7
    res/drawable/a264.png 0xacb383dc
    res/drawable/a266.png 0xc5c77e6
    res/drawable/a267.png 0xee13d881
    res/drawable/address 0x479c1644
    res/drawable/app_icon.png 0x5609c9ac
    res/drawable/baojia.png 0xeff1b1eb
    res/drawable/big_button_focus.png 0x192d18c
    res/drawable/big_button_normally.png 0x600a53da
    res/drawable/big_button_press.png 0x6b857d47
    res/drawable/btn_default_focus.9.png 0xda8a6a67
    res/drawable/btn_default_normal.9.png 0x9b79b867
    res/drawable/btn_default_press.9.png 0xc7e79d6
    res/drawable/button.9.png 0x6d45fb76
    res/drawable/custom_choose_stock.xml 0x5463e576
    res/drawable/custom_title_changestock.xml 0x4faf31e8
    res/drawable/custombutton.xml 0x425d888f
    res/drawable/dapanfenshi.png 0x538d3f77
    res/drawable/ddlr.png 0x9c0ff019
    res/drawable/defaultlogo.png 0x3592f156
    res/drawable/df.png 0x6497eaf5
    res/drawable/fags.png 0x29102f04
    res/drawable/fanhui.png 0xb5d12a05
    res/drawable/fenxidashi.png 0xf0611036
    res/drawable/gb.png 0xe1c0fffd
    res/drawable/gg.png 0x9709afbf
    res/drawable/google_code_tiny.png 0xc0facac7
    res/drawable/hand.png 0xf23d8a0d
    res/drawable/help.png 0xc14d45c0
    res/drawable/hexin.png 0x5d7f1052
    res/drawable/ic_dialog_menu_generic.png 0x63b6bbdc
    res/drawable/ic_menu_refresh.png 0xd8e13f97
    res/drawable/icon.png 0xaefe0b5f
    res/drawable/iconower.png 0xc6b18aa2
    res/drawable/jrzxg.png 0x17d7ad63
    res/drawable/kuaisumaichu.png 0xa2a2f78f
    res/drawable/kuaisumairu.png 0x1fd83be2
    res/drawable/kxian.png 0xf99f9b22
    res/drawable/logo_land.png 0xd93429fe
    res/drawable/logo_port.png 0xb9f2ed31
    res/drawable/menu_more.png 0xc255644a
    res/drawable/minilogo.png 0x48f9e78
    res/drawable/my.png 0x98ad517b
    res/drawable/mzgs.png 0x961ce1ca
    res/drawable/ozgs.png 0x3b40de44
    res/drawable/paim.png 0xaf4ab527
    res/drawable/panel_background.9.png 0x2bc7d2e7
    res/drawable/pmxx.png 0xa3dbfa5e
    res/drawable/qhuo.png 0x7443b91f
    res/drawable/rmb.png 0x70741fb
    res/drawable/rocket_custom_back_off.png 0x40ee5cd2
    res/drawable/rocket_custom_back_on.png 0x8b970675
    res/drawable/scxz.png 0x9707c08e
    res/drawable/sczxg.png 0x105aa2e8
    res/drawable/shiddlu.png 0x651dbdab
    res/drawable/simple_spinner_dropdown_item_custom.xml 0x6cac7046
    res/drawable/singlebutton.xml 0x6f74075f
    res/drawable/small_button_focus.png 0x2004d276
    res/drawable/small_button_normally.png 0xae862edc
    res/drawable/small_button_press.png 0xec0d9c6e
    res/drawable/sx.png 0x95648912
    res/drawable/szchengzhi.png 0x9a14871e
    res/drawable/szzhishu.png 0x18d7b9f4
    res/drawable/titleicon.png 0xca138b59
    res/drawable/twobutton.xml 0xc815ca81
    res/drawable/whui.png 0xc44a02fd
    res/drawable/widget_bg.xml 0x8ea0a987
    res/drawable/widget_bg_normal.9.png 0x756cbe26
    res/drawable/widget_bg_pressed.9.png 0x62635e0f
    res/drawable/widget_bg_selected.9.png 0xca7d1f74
    res/drawable/wuddlr.png 0x3d744aaa
    res/drawable/xz.png 0xd9ce9a34
    res/drawable/yzgs.png 0x467c12bd
    res/drawable/zf.png 0xd4e68fd3
    res/drawable/zixuangu.png 0xd8e13f97
    res/layout/custom_list_item.xml 0xd5f01f44
    res/layout/custom_title.xml 0xa6535e8
    res/layout/custom_title2.xml 0xdfe41579
    res/layout/details_item.xml 0x6b60f46a
    res/layout/hexin_button_layout.xml 0x4c71d908
    res/layout/hexin_layout.xml 0xff9df6c3
    res/layout/spinner_dropdown_item_ellipsize.xml 0xab89aa39
    res/layout/statement.xml 0x262468fb
    res/layout/title1.xml 0x2c6f74d
    res/layout/toast.xml 0xb8e18d7e
    res/layout/widget_land.xml 0x9e5911b1
    res/layout/widget_listitem.xml 0xa897938d
    res/layout/widget_loading.xml 0x651d837e
    res/layout/widget_port.xml 0x607d5667
    AndroidManifest.xml 0xcaa3ab4a
    resources.arsc 0x6dda777b
    res/drawable-land/background.png 0x511b55cf
    res/drawable-land/logo.png 0xd93429fe
    res/layout-land/widget_port.xml 0x9f751267
    res/drawable-port/background.png 0x5404a602
    res/layout-port/widget_land.xml 0xb3c49c9c
    classes.dex 0x30d89236
    kxml2-2.3.0.jar 0x4e347488
    运行截图
    VirSCAN

เกี่ยวกับ VirSCAN | ข้อตกลงด้านความเป็นส่วนตัว | ติดต่อเรา | ลิงค์ที่เป็นมิตร | ช่วยเหลือ VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号