VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :Dungeon Hunter 4 v2.0.0f v2.apk (File not down)
File Size :16742775 byte
File Type :application/jar
MD5:a29c514792a67e08f95e2bb3380964bc
SHA1:12c3e73daf06d0954f388222e74fa26916b3c352
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-12-21 23:03:19 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 7
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 6
    avast 161220-0 4.7.4 2016-12-20 Found nothing 60
    avg 2109/13100 10.0.1405 2016-12-16 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
    baidusd 1.0 1.0 2014-04-02 Found nothing 2
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 22739 0.97.5 2016-12-19 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2016-12-09 Found nothing 60
    fortinet 41.532, 41.532, 41.532 5.4.233 2016-12-21 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.9646 25.9646 2016-12-21 Found nothing 14
    ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2016-12-19 Found nothing 49
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 9
    mcafee 8254 5400.1158 2016-08-11 Found nothing 60
    nod32 1777 3.0.21 2015-06-12 Found nothing 60
    panda 9.05.01 9.05.01 2016-12-20 Found nothing 5
    pcc 13.106.06 9.500-1005 2016-12-20 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2016-12-20 Found nothing 7
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 8
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 17
    thehacker 6.8.0.5 6.8.0.5 2016-12-19 Found nothing 5
    tws 17.47.17308 1.0.2.2108 2016-12-20 Found nothing 18
    vba 3.12.29.3 beta 3.12.29.3 beta 2016-12-15 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.GET_ACCOUNTS访问账户列表
    com.android.vending.CHECK_LICENSE
    com.android.vending.BILLING
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.gameloft.android.ANMP.GloftD4HM.permission.C2D_MESSAGE
    com.google.android.c2dm.permission.RECEIVE
    android.permission.VIBRATE允许设备震动
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    glshare.permission.ACCESS_SHARED_DATA
  • 文件信息
    安全评分 :
    基本信息
    MD5:a29c514792a67e08f95e2bb3380964bc
    包名:com.gameloft.android.ANMP.GloftD4HM
    最低运行环境:Android 2.3, 2.3.1, 2.3.2
    版权:Android
    关键行为
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0xaf010470.
    行为描述:获取TickCount值
    详情信息:TickCount = 5495453, SleepMilliseconds = 60000.
    TickCount = 5495468, SleepMilliseconds = 60000.
    TickCount = 5495515, SleepMilliseconds = 60000.
    TickCount = 5495531, SleepMilliseconds = 60000.
    TickCount = 5495546, SleepMilliseconds = 60000.
    TickCount = 5435865, SleepMilliseconds = 100.
    TickCount = 5495781, SleepMilliseconds = 60000.
    TickCount = 5495890, SleepMilliseconds = 60000.
    TickCount = 5496000, SleepMilliseconds = 60000.
    TickCount = 5496015, SleepMilliseconds = 60000.
    TickCount = 5496031, SleepMilliseconds = 60000.
    TickCount = 5496046, SleepMilliseconds = 60000.
    TickCount = 5496062, SleepMilliseconds = 60000.
    TickCount = 5496125, SleepMilliseconds = 60000.
    TickCount = 5496140, SleepMilliseconds = 60000.
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3132, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3148, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3152, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3168, StartAddress = 77E56C7D, Parameter = 00203220
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3172, StartAddress = 769AE43B, Parameter = 002086D8
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3176, StartAddress = 013B507F, Parameter = 00129784
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3196, StartAddress = 6359727B, Parameter = 02B56AD8
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3200, StartAddress = 6359727B, Parameter = 02B85A98
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3204, StartAddress = 6359727B, Parameter = 02B85B38
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3388, StartAddress = 04062839, Parameter = 044C08D0
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3392, StartAddress = 03F54723, Parameter = 04070E10
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3396, StartAddress = 03F54723, Parameter = 04070E10
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3400, StartAddress = 03F54723, Parameter = 04070E10
    TargetProcess: PPBox.exe, InheritedFromPID = 1944, ProcessID = 3108, ThreadID = 3640, StartAddress = 769AE43B, Parameter = 02DE77E0
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\flash[1].htm
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1]
    C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\skinh.she
    C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\SkinH_EL.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\mbupdate.ini
    C:\Documents and Settings\Administrator\Local Settings\Temp\JET12C8.tmp
    C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\ksoft1.ldb
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\SkinH_EL.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\mbupdate.ini
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1]
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS\system32\Ras\*.pbk
    FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS
    FileName = C:\WINDOWS\system32
    FileName = C:\WINDOWS\system32\urlmon.dll
    FileName = C:\WINDOWS\system32\ieframe.dll
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\skinh.she
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\SkinH_EL.dll
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\ksoft1.mdb
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump
    FileName = C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012016091220160913\*.*
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\flash[1].htm
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\navcancl[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\ErrorPageTemplate[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\background_gradient[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\info_48[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\bullet[1]
    C:\Documents and Settings\Administrator\Local Settings\Temp\JET12C8.tmp
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\skinh.she ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\SkinH_EL.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\mbupdate.ini ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\ksoft1.ldb ---> Offset = 0
    网络行为
    行为描述:下载文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\mbupdate.ini
    行为描述:连接指定站点
    详情信息:InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000000
    行为描述:打开HTTP连接
    详情信息:InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
    InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0), hSession = 0x00cc0010
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000344
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x0000043c
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x0000044c
    行为描述:读取网络文件
    详情信息:hFile = 0x00cc000c, BytesToRead =4096, BytesRead = 4096.
    hFile = 0x00cc0018, BytesToRead =102400, BytesRead = 102400.
    行为描述:发送HTTP包
    详情信息:GET /ksjad/flash.htm HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
    GET /update/ppbox/mbupdate.txt HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Accept: */* Host: ww****om Cache-Control: no-cache
    行为描述:打开HTTP请求
    详情信息:HttpOpenRequestA: ww****om:80/ksjad/flash.htm, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400000
    HttpOpenRequestA: ww****om:80/ksjad/flash.htm, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
    HttpOpenRequestA: ww****om:80/update/ppbox/mbupdate.txt, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x84000000
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: ww****om
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
    \REGISTRY\USER\S-*\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x16(565 0)
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Directory
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\ProcessId
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Brazos volatile counter\VolatileDsnCount
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\DBQ
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\DefaultDir
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\Engines\Jet\Driver
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\DriverId
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\FIL
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\Engines\Jet\ImplicitCommitSync
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\PWD
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\SafeTransactions
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\Engines\Jet\Threads
    \REGISTRY\MACHINE\SOFTWARE\ODBC\Temporary (volatile) Jet DSN for process 0xc24 Thread 0xc28 DBC 0x308557c Jet\UID
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
    其他行为
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    SE_INC_BASE_PRIORITY_PRIVILEGE
    行为描述:创建互斥体
    详情信息:RasPbFile
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    CritOpMutex
    Local\!PrivacIE!SharedMemory!Mutex
    MSIMGSIZECacheMutex
    MSCTF.Shared.MUTEX.ELH
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = Global\userenv: User Profile setup event
    EventName = jzyqfhdslinbc
    EventName = Global\crypt32LogoffEvent
    EventName = MSCTF.SendReceive.Event.IGM.IC
    EventName = MSCTF.SendReceiveConection.Event.IGM.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
    NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    NtUserFindWindowEx: [Class,Window] = [,]
    行为描述:窗口信息
    详情信息:Pid = 3108, Hwnd=0xc0330, Text = 下载完毕, ClassName = Static.
    Pid = 3108, Hwnd=0x1b02d8, Text = 获取文件信息:, ClassName = Static.
    Pid = 3108, Hwnd=0xd0358, Text = update.exe (来自 www.ksjcf.com), ClassName = Static.
    Pid = 3108, Hwnd=0xd039c, Text = 文件大小未知, ClassName = Static.
    Pid = 3108, Hwnd=0x31031a, Text = 估计剩余时间:, ClassName = Static.
    Pid = 3108, Hwnd=0x13030a, Text = 已下载:, ClassName = Static.
    Pid = 3108, Hwnd=0x503f2, Text = 下载到:, ClassName = Static.
    Pid = 3108, Hwnd=0x1302fc, Text = 传输速度:, ClassName = Static.
    Pid = 3108, Hwnd=0x603c2, Text = 下载完成后关闭此对话框(&C), ClassName = Button(CheckBox).
    Pid = 3108, Hwnd=0xf034e, Text = 打开(&O), ClassName = Button.
    Pid = 3108, Hwnd=0x1802b8, Text = 打开文件夹(&F), ClassName = Button.
    Pid = 3108, Hwnd=0x1702c4, Text = 取消, ClassName = Button.
    Pid = 3108, Hwnd=0x303d4, Text = 已完成安装 0% - flash.htm (来自 www.ksjcf.com), ClassName = #32770.
    Pid = 3108, Hwnd=0x30416, Text = 您想运行或保存此文件吗?, ClassName = Static.
    Pid = 3108, Hwnd=0x3041c, Text = 名称:, ClassName = Static.
    行为描述:获取TickCount值
    详情信息:TickCount = 5495453, SleepMilliseconds = 60000.
    TickCount = 5495468, SleepMilliseconds = 60000.
    TickCount = 5495515, SleepMilliseconds = 60000.
    TickCount = 5495531, SleepMilliseconds = 60000.
    TickCount = 5495546, SleepMilliseconds = 60000.
    TickCount = 5435865, SleepMilliseconds = 100.
    TickCount = 5495781, SleepMilliseconds = 60000.
    TickCount = 5495890, SleepMilliseconds = 60000.
    TickCount = 5496000, SleepMilliseconds = 60000.
    TickCount = 5496015, SleepMilliseconds = 60000.
    TickCount = 5496031, SleepMilliseconds = 60000.
    TickCount = 5496046, SleepMilliseconds = 60000.
    TickCount = 5496062, SleepMilliseconds = 60000.
    TickCount = 5496125, SleepMilliseconds = 60000.
    TickCount = 5496140, SleepMilliseconds = 60000.
    行为描述:获取光标位置
    详情信息:CursorPos = (96,18500), SleepMilliseconds = 60000.
    CursorPos = (6389,26533), SleepMilliseconds = 60000.
    CursorPos = (19224,15757), SleepMilliseconds = 60000.
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    Global\SvcctrlStartEvent_A3752DX
    \INSTALLATION_SECURITY_HOLD
    MSFT.VSA.COM.DISABLE.3108
    MSFT.VSA.IEC.STATUS.6c736db0
    jzyqfhdslinbc
    Global\crypt32LogoffEvent
    _fCanRegisterWithShellService
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000052
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000052
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0xaf010470.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\SkinH_EL.dll(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\mbupdate.ini(签名验证: 未通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 60000.
    [2]: MilliSeconds = 100.
    [3]: MilliSeconds = 60000.
    [4]: MilliSeconds = 0.
    [5]: MilliSeconds = 0.
    [6]: MilliSeconds = 1000.
    [7]: MilliSeconds = 1000.
    [8]: MilliSeconds = 1000.
    [9]: MilliSeconds = 1000.
    [10]: MilliSeconds = 1000.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [,SysLink]
    [Window,Class] = [,Static]
    [Window,Class] = [,Afx:400000:8:10011:1900015:0]
    [Window,Class] = [,Afx:400000:b:10011:1900015:0]
    [Window,Class] = [,Afx:400000:b:10011:110005b:0]
    [Window,Class] = [鼠标键盘,Button]
    [Window,Class] = [文件大小未知,Static]
    [Window,Class] = [打开此类文件前总是询问(&W),Button]
    [Window,Class] = [发行者:,Static]
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\SkinH_EL.dll ---> e14a01356d14edfc7be86d9e075deb85
    C:\Documents and Settings\Administrator\Local Settings\Temp\mbupdate.ini ---> fe1d0ee5901dd167ee9b28eece31786c
    行为描述:打开互斥体
    详情信息:RasPbFile
    ShimCacheMutex
    Local\!IETld!Mutex
    Local\WininetStartupMutex
    Local\_!MSFTHISTORY!_
    Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
    Local\c:!documents and settings!administrator!cookies!
    Local\c:!documents and settings!administrator!local settings!history!history.ie5!
    Local\WininetConnectionMutex
    Local\WininetProxyRegistryMutex
    CtfmonInstMutexDefaultS-*
    _!MSFTHISTORY!_
    c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
    c:!documents and settings!administrator!cookies!
    c:!documents and settings!administrator!local settings!history!history.ie5!
    行为描述:加载新释放的文件
    详情信息:Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\密保管家\SkinH_EL.dll.
    Activities
    活动名类型
    .Gameandroid.intent.action.MAIN
    .Gameandroid.intent.category.LAUNCHER
    .GLiveHTML.GLLiveActivityandroid.intent.action.MAIN
    .IGPActivityandroid.intent.action.MAIN
    .IGPFreemiumActivityandroid.intent.action.MAIN
    .SplashScreenActivityandroid.intent.action.MAIN
    危险函数
    函数名称信息
    ContentResolver;->query读取联系人、短信等数据库
    getRuntime获取命令行环境
    java/net/URL;->openConnection连接URL
    java/net/URLConnection;->connect连接URL
    java/net/HttpURLConnection;->connect连接URL
    HttpClient;->execute请求远程服务器
    WifiManager;->setWifiEnabled变更WIFI状态
    android/app/NotificationManager;->notify信息通知栏
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    ContentResolver;->delete删除短信、联系人
    java/lang/Runtime;->exec执行字符串命令
    启动方式
    名称信息
    com.google.android.gcm.GCMBroadcastReceiver
    com.google.android.gcm.GCMBroadcastReceiver
    com.gameloft.android.ANMP.GloftD4HM.PushNotification.LocalPushReceiver开机启动服务
    com.gameloft.android.ANMP.GloftD4HM.PushNotification.PushIntentReceiver
    com.gameloft.android.ANMP.GloftD4HM.PushNotification.PushDeleteReceiver
    com.gameloft.android.ANMP.GloftD4HM.GLUtils.NetworkStateReceiver网络连接改变时启动服务
    com.gameloft.android.ANMP.GloftD4HM.BootCompletedReceiver开机启动服务
    com.gameloft.android.ANMP.GloftD4HM.installer.IReferrerReceiver
    com.gameloft.android.ANMP.GloftD4HM.ApplicationSetUp
    权限列表
    许可名称信息
    android.permission.GET_ACCOUNTS访问账户列表
    com.android.vending.CHECK_LICENSE
    com.android.vending.BILLING
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.gameloft.android.ANMP.GloftD4HM.permission.C2D_MESSAGE
    com.google.android.c2dm.permission.RECEIVE
    android.permission.VIBRATE允许设备震动
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    glshare.permission.ACCESS_SHARED_DATA
    服务列表
    名称
    com.google.android.gms.analytics.CampaignTrackingService
    com.gameloft.android.ANMP.GloftD4HM.GCMIntentService
    Providers
    名字信息
    com.gameloft.android.ANMP.GloftD4HM.KeyProvider
    文件列表
    文件名 校验码
    assets/crm_default_config.dat 0xbb54d3d8
    res/drawable-hdpi-v11/pn_status_icon.png 0x4145b29a
    res/drawable-hdpi-v4/bg_btn.png 0x8a3859a4
    res/drawable-hdpi-v4/bg_content.9.png 0xf47d784f
    res/drawable-hdpi-v4/bg_delwords_nor.png 0xdd2c1065
    res/drawable-hdpi-v4/bg_delwords_sel.png 0x408e1508
    res/drawable-hdpi-v4/bg_title.9.png 0x2a6587d8
    res/drawable-hdpi-v4/com_facebook_button_blue_focused.9.png 0xd5da8593
    res/drawable-hdpi-v4/com_facebook_button_blue_normal.9.png 0x27f47372
    res/drawable-hdpi-v4/com_facebook_button_blue_pressed.9.png 0xb6751adb
    res/drawable-hdpi-v4/com_facebook_button_grey_focused.9.png 0x59382323
    res/drawable-hdpi-v4/com_facebook_button_grey_normal.9.png 0x8546dd7
    res/drawable-hdpi-v4/com_facebook_button_grey_pressed.9.png 0xb84201e5
    res/drawable-hdpi-v4/com_facebook_button_like_background.png 0x278ae5b3
    res/drawable-hdpi-v4/com_facebook_button_like_background_selected.png 0xa7de8b71
    res/drawable-hdpi-v4/com_facebook_button_like_icon.png 0x23d9cc91
    res/drawable-hdpi-v4/com_facebook_button_like_icon_selected.png 0xe91b110e
    res/drawable-hdpi-v4/com_facebook_button_like_pressed.png 0x6ea4076d
    res/drawable-hdpi-v4/com_facebook_close.png 0x49be85f
    res/drawable-hdpi-v4/com_facebook_inverse_icon.png 0x5136b06d
    res/drawable-hdpi-v4/com_facebook_logo.png 0x322b3c58
    res/drawable-hdpi-v4/com_facebook_picker_magnifier.png 0x4ce0a3b0
    res/drawable-hdpi-v4/com_facebook_tooltip_black_background.9.png 0x9a002e51
    res/drawable-hdpi-v4/com_facebook_tooltip_black_bottomnub.png 0xc0c1e733
    res/drawable-hdpi-v4/com_facebook_tooltip_black_topnub.png 0xe4c9d523
    res/drawable-hdpi-v4/com_facebook_tooltip_black_xout.png 0x615ecae6
    res/drawable-hdpi-v4/com_facebook_tooltip_blue_background.9.png 0xfb638c4
    res/drawable-hdpi-v4/com_facebook_tooltip_blue_bottomnub.png 0x32020bba
    res/drawable-hdpi-v4/com_facebook_tooltip_blue_topnub.png 0x34ac93ba
    res/drawable-hdpi-v4/com_facebook_tooltip_blue_xout.png 0x373144ab
    res/drawable-hdpi-v4/common_signin_btn_icon_disabled_dark.9.png 0x316c955d
    res/drawable-hdpi-v4/common_signin_btn_icon_disabled_focus_dark.9.png 0xeaa9ddd5
    res/drawable-hdpi-v4/common_signin_btn_icon_disabled_focus_light.9.png 0xeaa9ddd5
    res/drawable-hdpi-v4/common_signin_btn_icon_disabled_light.9.png 0x316c955d
    res/drawable-hdpi-v4/common_signin_btn_icon_focus_dark.9.png 0xa40b28fa
    res/drawable-hdpi-v4/common_signin_btn_icon_focus_light.9.png 0x20c8e839
    res/drawable-hdpi-v4/common_signin_btn_icon_normal_dark.9.png 0x6fa41b79
    res/drawable-hdpi-v4/common_signin_btn_icon_normal_light.9.png 0x1953a932
    res/drawable-hdpi-v4/common_signin_btn_icon_pressed_dark.9.png 0x62ac7e70
    res/drawable-hdpi-v4/common_signin_btn_icon_pressed_light.9.png 0x3b615e40
    res/drawable-hdpi-v4/common_signin_btn_text_disabled_dark.9.png 0x3748b3a9
    res/drawable-hdpi-v4/common_signin_btn_text_disabled_focus_dark.9.png 0xda32ab97
    res/drawable-hdpi-v4/common_signin_btn_text_disabled_focus_light.9.png 0xda32ab97
    res/drawable-hdpi-v4/common_signin_btn_text_disabled_light.9.png 0x3748b3a9
    res/drawable-hdpi-v4/common_signin_btn_text_focus_dark.9.png 0x2ba0f232
    res/drawable-hdpi-v4/common_signin_btn_text_focus_light.9.png 0xc42a5f05
    res/drawable-hdpi-v4/common_signin_btn_text_normal_dark.9.png 0xee5e54e9
    res/drawable-hdpi-v4/common_signin_btn_text_normal_light.9.png 0x377f0419
    res/drawable-hdpi-v4/common_signin_btn_text_pressed_dark.9.png 0x8a8fa948
    res/drawable-hdpi-v4/common_signin_btn_text_pressed_light.9.png 0xc85988e7
    res/drawable-hdpi-v4/del_pic.png 0x800c7e3f
    res/drawable-hdpi-v4/dota.png 0x24505d08
    res/drawable-hdpi-v4/iab_button_gradient.png 0xd76afd87
    res/drawable-hdpi-v4/ic_plusone_medium_off_client.png 0xbe4dfd5e
    res/drawable-hdpi-v4/ic_plusone_small_off_client.png 0x7fdd4e4a
    res/drawable-hdpi-v4/ic_plusone_standard_off_client.png 0x358e9886
    res/drawable-hdpi-v4/ic_plusone_tall_off_client.png 0x7b7cfa07
    res/drawable-hdpi-v4/icon.png 0x3345287a
    res/drawable-hdpi-v4/icon_delwords.png 0x24505d08
    res/drawable-hdpi-v4/iconiab.png 0xb6476fca
    res/drawable-hdpi-v4/installer_icon.png 0x8528251
    res/drawable-hdpi-v4/pn_status_icon.png 0x53bfdb28
    res/drawable-hdpi-v4/powered_by_google_dark.png 0x1dcdb43f
    res/drawable-hdpi-v4/powered_by_google_light.png 0x86a2153b
    res/drawable-hdpi-v9/pn_status_icon.png 0x4145b29a
    res/drawable-ldpi-v11/pn_status_icon.png 0x43f5a82b
    res/drawable-ldpi-v4/bg_btn.png 0x8a3859a4
    res/drawable-ldpi-v4/bg_content.9.png 0xf47d784f
    res/drawable-ldpi-v4/bg_delwords_nor.png 0xdd2c1065
    res/drawable-ldpi-v4/bg_delwords_sel.png 0x408e1508
    res/drawable-ldpi-v4/bg_title.9.png 0x2a6587d8
    res/drawable-ldpi-v4/com_facebook_close.png 0x1768d3d3
    res/drawable-ldpi-v4/del_pic.png 0x800c7e3f
    res/drawable-ldpi-v4/dota.png 0x24505d08
    res/drawable-ldpi-v4/icon.png 0x9961dacf
    res/drawable-ldpi-v4/icon_delwords.png 0x24505d08
    res/drawable-ldpi-v4/installer_icon.png 0x2335c25
    res/drawable-ldpi-v4/pn_status_icon.png 0x43f5a82b
    res/drawable-ldpi-v9/pn_status_icon.png 0x43f5a82b
    res/drawable-mdpi-v11/pn_status_icon.png 0xfa731f74
    res/drawable-mdpi-v4/bg_btn.png 0x8a3859a4
    res/drawable-mdpi-v4/bg_content.9.png 0xf47d784f
    res/drawable-mdpi-v4/bg_delwords_nor.png 0xdd2c1065
    res/drawable-mdpi-v4/bg_delwords_sel.png 0x408e1508
    res/drawable-mdpi-v4/bg_title.9.png 0x2a6587d8
    res/drawable-mdpi-v4/com_facebook_button_blue_focused.9.png 0x8e2ae890
    res/drawable-mdpi-v4/com_facebook_button_blue_normal.9.png 0xd7343f54
    res/drawable-mdpi-v4/com_facebook_button_blue_pressed.9.png 0xcb447a8d
    res/drawable-mdpi-v4/com_facebook_inverse_icon.png 0x20ea95ba
    res/drawable-mdpi-v4/com_facebook_picker_magnifier.png 0xfb8ad41b
    res/drawable-mdpi-v4/com_facebook_tooltip_black_background.9.png 0xd9b82b0f
    res/drawable-mdpi-v4/com_facebook_tooltip_black_bottomnub.png 0x34a377b4
    res/drawable-mdpi-v4/com_facebook_tooltip_black_topnub.png 0xe5b01b3d
    res/drawable-mdpi-v4/com_facebook_tooltip_black_xout.png 0xa98b3bea
    res/drawable-mdpi-v4/com_facebook_tooltip_blue_background.9.png 0x8cd40b8c
    res/drawable-mdpi-v4/com_facebook_tooltip_blue_bottomnub.png 0x910daa61
    res/drawable-mdpi-v4/com_facebook_tooltip_blue_topnub.png 0x19b052d6
    res/drawable-mdpi-v4/com_facebook_tooltip_blue_xout.png 0x924a8640
    res/drawable-mdpi-v4/common_signin_btn_icon_disabled_dark.9.png 0xd7c025f2
    res/drawable-mdpi-v4/common_signin_btn_icon_disabled_focus_dark.9.png 0xbf66f739
    res/drawable-mdpi-v4/common_signin_btn_icon_disabled_focus_light.9.png 0xbf66f739
    res/drawable-mdpi-v4/common_signin_btn_icon_disabled_light.9.png 0xd7c025f2
    res/drawable-mdpi-v4/common_signin_btn_icon_focus_dark.9.png 0xdb27f039
    res/drawable-mdpi-v4/common_signin_btn_icon_focus_light.9.png 0x6bfed08f
    res/drawable-mdpi-v4/common_signin_btn_icon_normal_dark.9.png 0x6dc861c3
    res/drawable-mdpi-v4/common_signin_btn_icon_normal_light.9.png 0xc9b2ce8
    res/drawable-mdpi-v4/common_signin_btn_icon_pressed_dark.9.png 0x700580ab
    res/drawable-mdpi-v4/common_signin_btn_icon_pressed_light.9.png 0x8ec13b24
    res/drawable-mdpi-v4/common_signin_btn_text_disabled_dark.9.png 0x9d3b16d0
    res/drawable-mdpi-v4/common_signin_btn_text_disabled_focus_dark.9.png 0xbe29a8ed
    res/drawable-mdpi-v4/common_signin_btn_text_disabled_focus_light.9.png 0xbe29a8ed
    res/drawable-mdpi-v4/common_signin_btn_text_disabled_light.9.png 0x9d3b16d0
    res/drawable-mdpi-v4/common_signin_btn_text_focus_dark.9.png 0xb28a3c17
    res/drawable-mdpi-v4/common_signin_btn_text_focus_light.9.png 0x170ff248
    res/drawable-mdpi-v4/common_signin_btn_text_normal_dark.9.png 0x3ffa086b
    res/drawable-mdpi-v4/common_signin_btn_text_normal_light.9.png 0x653e464e
    res/drawable-mdpi-v4/common_signin_btn_text_pressed_dark.9.png 0x8e743421
    res/drawable-mdpi-v4/common_signin_btn_text_pressed_light.9.png 0x31708b96
    res/drawable-mdpi-v4/del_pic.png 0xfa8b9bc3
    res/drawable-mdpi-v4/dota.png 0x24505d08
    res/drawable-mdpi-v4/ic_plusone_medium_off_client.png 0x211565b2
    res/drawable-mdpi-v4/ic_plusone_small_off_client.png 0xd4abbde4
    res/drawable-mdpi-v4/ic_plusone_standard_off_client.png 0x8173abf6
    res/drawable-mdpi-v4/ic_plusone_tall_off_client.png 0xe41772db
    res/drawable-mdpi-v4/icon.png 0xf544d2de
    res/drawable-mdpi-v4/icon_delwords.png 0x24505d08
    res/drawable-mdpi-v4/image_background.9.png 0x999f2cfb
    res/drawable-mdpi-v4/installer_icon.png 0x11f04b68
    res/drawable-mdpi-v4/pn_status_icon.png 0xfa731f74
    res/drawable-mdpi-v4/powered_by_google_dark.png 0x1441383f
    res/drawable-mdpi-v4/powered_by_google_light.png 0xad47a3e
    res/drawable-mdpi-v9/pn_status_icon.png 0xfa731f74
    res/drawable-xhdpi-v11/pn_status_icon.png 0xc490c9c2
    res/drawable-xhdpi-v4/com_facebook_button_blue_focused.9.png 0xa5b58881
    res/drawable-xhdpi-v4/com_facebook_button_blue_normal.9.png 0x97d88d2e
    res/drawable-xhdpi-v4/com_facebook_button_blue_pressed.9.png 0xb40f05d6
    res/drawable-xhdpi-v4/com_facebook_button_grey_focused.9.png 0x2a4672d9
    res/drawable-xhdpi-v4/com_facebook_button_grey_normal.9.png 0x6139814
    res/drawable-xhdpi-v4/com_facebook_button_grey_pressed.9.png 0x4ccd80c8
    res/drawable-xhdpi-v4/com_facebook_button_like_background.png 0x6f451d45
    res/drawable-xhdpi-v4/com_facebook_button_like_background_selected.png 0x6333fe2d
    res/drawable-xhdpi-v4/com_facebook_button_like_icon.png 0xedf9cb8
    res/drawable-xhdpi-v4/com_facebook_button_like_icon_selected.png 0x108b4a38
    res/drawable-xhdpi-v4/com_facebook_button_like_pressed.png 0x6f84431f
    res/drawable-xhdpi-v4/com_facebook_close.png 0x18ecaaa6
    res/drawable-xhdpi-v4/com_facebook_inverse_icon.png 0x8fafe153
    res/drawable-xhdpi-v4/com_facebook_logo.png 0x45da9236
    res/drawable-xhdpi-v4/com_facebook_picker_magnifier.png 0x1a929291
    res/drawable-xhdpi-v4/com_facebook_tooltip_black_background.9.png 0x8dae3c34
    res/drawable-xhdpi-v4/com_facebook_tooltip_black_bottomnub.png 0x96fb51ac
    res/drawable-xhdpi-v4/com_facebook_tooltip_black_topnub.png 0xb497f392
    res/drawable-xhdpi-v4/com_facebook_tooltip_black_xout.png 0x2d84dbb3
    res/drawable-xhdpi-v4/com_facebook_tooltip_blue_background.9.png 0x27354f0e
    res/drawable-xhdpi-v4/com_facebook_tooltip_blue_bottomnub.png 0x3967a5
    res/drawable-xhdpi-v4/com_facebook_tooltip_blue_topnub.png 0x39c2d4aa
    res/drawable-xhdpi-v4/com_facebook_tooltip_blue_xout.png 0xec21ed9e
    res/drawable-xhdpi-v4/common_signin_btn_icon_disabled_dark.9.png 0x54a4cfad
    res/drawable-xhdpi-v4/common_signin_btn_icon_disabled_focus_dark.9.png 0xa902fe3a
    res/drawable-xhdpi-v4/common_signin_btn_icon_disabled_focus_light.9.png 0xa902fe3a
    res/drawable-xhdpi-v4/common_signin_btn_icon_disabled_light.9.png 0x54a4cfad
    res/drawable-xhdpi-v4/common_signin_btn_icon_focus_dark.9.png 0xcbd8012d
    res/drawable-xhdpi-v4/common_signin_btn_icon_focus_light.9.png 0xc9c9b689
    res/drawable-xhdpi-v4/common_signin_btn_icon_normal_dark.9.png 0xa2131d37
    res/drawable-xhdpi-v4/common_signin_btn_icon_normal_light.9.png 0x4c0972fb
    res/drawable-xhdpi-v4/common_signin_btn_icon_pressed_dark.9.png 0x5c8736bd
    res/drawable-xhdpi-v4/common_signin_btn_icon_pressed_light.9.png 0x6f61c196
    res/drawable-xhdpi-v4/common_signin_btn_text_disabled_dark.9.png 0x732732fa
    res/drawable-xhdpi-v4/common_signin_btn_text_disabled_focus_dark.9.png 0xcd5680d7
    res/drawable-xhdpi-v4/common_signin_btn_text_disabled_focus_light.9.png 0xcd5680d7
    res/drawable-xhdpi-v4/common_signin_btn_text_disabled_light.9.png 0x732732fa
    res/drawable-xhdpi-v4/common_signin_btn_text_focus_dark.9.png 0x8e5ca8ad
    res/drawable-xhdpi-v4/common_signin_btn_text_focus_light.9.png 0x485a6409
    res/drawable-xhdpi-v4/common_signin_btn_text_normal_dark.9.png 0x4c9125e5
    res/drawable-xhdpi-v4/common_signin_btn_text_normal_light.9.png 0x28b3e408
    res/drawable-xhdpi-v4/common_signin_btn_text_pressed_dark.9.png 0x70b8c834
    res/drawable-xhdpi-v4/common_signin_btn_text_pressed_light.9.png 0xf3cad301
    res/drawable-xhdpi-v4/ic_plusone_medium_off_client.png 0x77d1633d
    res/drawable-xhdpi-v4/ic_plusone_small_off_client.png 0x9fd5e404
    res/drawable-xhdpi-v4/ic_plusone_standard_off_client.png 0x2a6cad9d
    res/drawable-xhdpi-v4/ic_plusone_tall_off_client.png 0x6fda91e2
    res/drawable-xhdpi-v4/icon.png 0x95e2956a
    res/drawable-xhdpi-v4/installer_icon.png 0x5cc04b74
    res/drawable-xhdpi-v4/pn_status_icon.png 0x657fcd8d
    res/drawable-xhdpi-v4/powered_by_google_dark.png 0x813a08b4
    res/drawable-xhdpi-v4/powered_by_google_light.png 0x3d8e144f
    res/drawable-xhdpi-v9/pn_status_icon.png 0xc490c9c2
    res/drawable-xlarge-v4/data_downloader_title_logo.png 0x4b66235e
    res/drawable-xlarge-v4/iab20_dlg_bg.9.png 0xbdd64023
    res/drawable-xxhdpi-v4/com_facebook_button_like_background.png 0x8aeffb5
    res/drawable-xxhdpi-v4/com_facebook_button_like_background_selected.png 0x467911dd
    res/drawable-xxhdpi-v4/com_facebook_button_like_icon.png 0xa13fbcdb
    res/drawable-xxhdpi-v4/com_facebook_button_like_icon_selected.png 0x35dd409b
    res/drawable-xxhdpi-v4/com_facebook_button_like_pressed.png 0xfd3f1436
    res/drawable-xxhdpi-v4/common_signin_btn_icon_disabled_dark.9.png 0xe7782c9f
    res/drawable-xxhdpi-v4/common_signin_btn_icon_disabled_focus_dark.9.png 0xb5337a7d
    res/drawable-xxhdpi-v4/common_signin_btn_icon_disabled_focus_light.9.png 0xb5337a7d
    res/drawable-xxhdpi-v4/common_signin_btn_icon_disabled_light.9.png 0xe7782c9f
    res/drawable-xxhdpi-v4/common_signin_btn_icon_focus_dark.9.png 0xae7737d7
    res/drawable-xxhdpi-v4/common_signin_btn_icon_focus_light.9.png 0xe50173
    res/drawable-xxhdpi-v4/common_signin_btn_icon_normal_dark.9.png 0x8e4ac9cd
    res/drawable-xxhdpi-v4/common_signin_btn_icon_normal_light.9.png 0x4175d354
    res/drawable-xxhdpi-v4/common_signin_btn_icon_pressed_dark.9.png 0xa6979a98
    res/drawable-xxhdpi-v4/common_signin_btn_icon_pressed_light.9.png 0x206facf7
    res/drawable-xxhdpi-v4/common_signin_btn_text_disabled_dark.9.png 0xad6ebeb9
    res/drawable-xxhdpi-v4/common_signin_btn_text_disabled_focus_dark.9.png 0x887b92f9
    res/drawable-xxhdpi-v4/common_signin_btn_text_disabled_focus_light.9.png 0x887b92f9
    res/drawable-xxhdpi-v4/common_signin_btn_text_disabled_light.9.png 0xad6ebeb9
    res/drawable-xxhdpi-v4/common_signin_btn_text_focus_dark.9.png 0x881b591d
    res/drawable-xxhdpi-v4/common_signin_btn_text_focus_light.9.png 0xa7a1fd51
    res/drawable-xxhdpi-v4/common_signin_btn_text_normal_dark.9.png 0x5ed5feec
    res/drawable-xxhdpi-v4/common_signin_btn_text_normal_light.9.png 0x4ff004
    res/drawable-xxhdpi-v4/common_signin_btn_text_pressed_dark.9.png 0x6d0ffa4c
    res/drawable-xxhdpi-v4/common_signin_btn_text_pressed_light.9.png 0x9ceb4533
    res/drawable-xxhdpi-v4/ic_plusone_medium_off_client.png 0x5e3d79cd
    res/drawable-xxhdpi-v4/ic_plusone_small_off_client.png 0x309ccadf
    res/drawable-xxhdpi-v4/ic_plusone_standard_off_client.png 0xd60db340
    res/drawable-xxhdpi-v4/ic_plusone_tall_off_client.png 0xfba2225d
    res/drawable-xxhdpi-v4/icon.png 0xa6f0a616
    res/drawable-xxhdpi-v4/installer_icon.png 0x5cc04b74
    res/drawable-xxhdpi-v4/powered_by_google_dark.png 0x1136561
    res/drawable-xxhdpi-v4/powered_by_google_light.png 0xb390f874
    res/drawable-xxxhdpi-v4/icon.png 0xe115bbcb
    res/drawable-xxxhdpi-v4/installer_icon.png 0x5cc04b74
    res/drawable/close_but.png 0x86fd7210
    res/drawable/com_facebook_button_blue_focused.9.png 0x8e2ae890
    res/drawable/com_facebook_button_blue_normal.9.png 0xd7343f54
    res/drawable/com_facebook_button_blue_pressed.9.png 0xcb447a8d
    res/drawable/com_facebook_button_check_off.png 0xb1fb4820
    res/drawable/com_facebook_button_check_on.png 0xd23a2024
    res/drawable/com_facebook_button_grey_focused.9.png 0xa4ebfaec
    res/drawable/com_facebook_button_grey_normal.9.png 0x18bd28f1
    res/drawable/com_facebook_button_grey_pressed.9.png 0xf083f3c6
    res/drawable/com_facebook_button_like_background.png 0xa404234
    res/drawable/com_facebook_button_like_background_selected.png 0x81905359
    res/drawable/com_facebook_button_like_icon.png 0x7c25388e
    res/drawable/com_facebook_button_like_icon_selected.png 0xc8721c1b
    res/drawable/com_facebook_button_like_pressed.png 0x17bab60
    res/drawable/com_facebook_close.png 0xe8608303
    res/drawable/com_facebook_inverse_icon.png 0x20ea95ba
    res/drawable/com_facebook_list_divider.9.png 0xc8c040bf
    res/drawable/com_facebook_list_section_header_background.9.png 0x885d2272
    res/drawable/com_facebook_logo.png 0x54212a0b
    res/drawable/com_facebook_picker_list_focused.9.png 0xce22abac
    res/drawable/com_facebook_picker_list_longpressed.9.png 0x78c37895
    res/drawable/com_facebook_picker_list_pressed.9.png 0x85485c42
    res/drawable/com_facebook_picker_list_selector_disabled.9.png 0xd6426851
    res/drawable/com_facebook_place_default_icon.png 0xa2f759ce
    res/drawable/com_facebook_profile_default_icon.png 0x387f9128
    res/drawable/com_facebook_profile_picture_blank_portrait.png 0x30c3f617
    res/drawable/com_facebook_profile_picture_blank_square.png 0xd3d9bf3f
    res/drawable/content_cursor.png 0x9e972fa6
    res/drawable/content_undo.png 0x846776ec
    res/drawable/data_downloader_background.9.png 0x7720d101
    res/drawable/data_downloader_button_focus.9.png 0xfcece34
    res/drawable/data_downloader_button_normal.9.png 0x5279cb36
    res/drawable/data_downloader_button_pressed.9.png 0x558fe87f
    res/drawable/data_downloader_main_text_image.9.png 0x110e1f9b
    res/drawable/data_downloader_spash_logo.png 0xf679b1d2
    res/drawable/data_downloader_title_background.9.png 0x55f92409
    res/drawable/data_downloader_title_logo.png 0x5029f468
    res/drawable/data_downloader_toast_background.9.png 0x3fa3e351
    res/drawable/facebook_icon.png 0x456cc6d8
    res/drawable/gi_logo_tittle_horiz.png 0x1130cf37
    res/drawable/gl_background.png 0xb6c1bbd0
    res/drawable/gl_cursor.png 0x9e972fa6
    res/drawable/iab20_back_btna.9.png 0xdf9c9e8a
    res/drawable/iab20_back_btnb.9.png 0xe9c30d77
    res/drawable/iab20_btn_sel_a.9.png 0x376d6fa4
    res/drawable/iab20_btn_sel_b.9.png 0x70f42469
    res/drawable/iab20_btna.9.png 0x5820b9d6
    res/drawable/iab20_btnb.9.png 0x18946fca
    res/drawable/iab20_dlg_bg.9.png 0x5f1a9d01
    res/drawable/iab20_obtna.9.png 0xfe85a62d
    res/drawable/iab20_obtnb.9.png 0xa91a7c77
    res/drawable/iab20_textfield_a.9.png 0x276154e8
    res/drawable/iab20_textfield_b.9.png 0x4d16fa92
    res/drawable/iab20_textfield_c.9.png 0xafcf651
    res/drawable/icon.png 0x7b40e3dc
    res/drawable/install_splash.png 0xc4d7a039
    res/drawable/installer_icon.png 0x8dc6a04
    res/drawable/local_spash_logo.png 0xf679b1d2
    res/drawable/navigation_back.png 0x8360aa7b
    res/drawable/navigation_cancel.png 0xa727153b
    res/drawable/navigation_forward.png 0x6b9a807d
    res/drawable/navigation_refresh.png 0xd9254448
    res/drawable/pn_custom_icon.png 0x126c238b
    res/drawable/pn_status_icon.png 0xc490c9c2
    res/drawable/progress_background.png 0x470ad454
    res/drawable/progress_foreground.png 0xfeffd3df
    res/drawable/window_br.png 0xcbc68011
    res/drawable/window_cn.png 0xe94f5d27
    res/drawable/window_de.png 0x14e95b55
    res/drawable/window_en.png 0x75d20f0f
    res/drawable/window_fr.png 0xd40b206e
    res/drawable/window_it.png 0xfd4b067b
    res/drawable/window_jp.png 0xc3544176
    res/drawable/window_kr.png 0xe1383e6e
    res/drawable/window_portrait_br.png 0x32a0031f
    res/drawable/window_portrait_cn.png 0xdca5f2d6
    res/drawable/window_portrait_de.png 0xefca1b68
    res/drawable/window_portrait_en.png 0x4f92c1ce
    res/drawable/window_portrait_fr.png 0x69f29a46
    res/drawable/window_portrait_it.png 0xa0dd70e5
    res/drawable/window_portrait_jp.png 0xc7b02b69
    res/drawable/window_portrait_kr.png 0x627af1f0
    res/drawable/window_portrait_ru.png 0x5941e32d
    res/drawable/window_portrait_sp.png 0x25f0c488
    res/drawable/window_portrait_tr.png 0x68ab9090
    res/drawable/window_ru.png 0xfd041d34
    res/drawable/window_sp.png 0xe47c5564
    res/drawable/window_tr.png 0x3a731212
    res/raw/crc.bin 0x0
    res/raw/data.txt 0x805f9f86
    res/raw/infoversion.txt 0xfea1d0b
    res/raw/serialkey.txt 0x0
    res/raw/sfx_push_notification.mp3 0x45feac3c
    resources.arsc 0x978325bf
    AndroidManifest.xml 0xe9d13b2
    classes.dex 0x37ae71db
    lib/armeabi-v7a/libDungeonHunter4HD.so 0x51e13b3c
    lib/armeabi-v7a/libgenerator.so 0x337cc20d
    res/color/common_signin_btn_text_dark.xml 0x5aab3e89
    res/color/common_signin_btn_text_light.xml 0x462b5c63
    res/color/wallet_primary_text_holo_light.xml 0x9f639498
    res/color/wallet_secondary_text_holo_dark.xml 0x6c94bc59
    res/drawable/bg_delwords.xml 0x380af5d9
    res/drawable/com_facebook_button_blue.xml 0xfcf7530b
    res/drawable/com_facebook_button_check.xml 0xa12ae35c
    res/drawable/com_facebook_button_like.xml 0x598fb22b
    res/drawable/com_facebook_button_like_selected.xml 0xb34e9319
    res/drawable/com_facebook_loginbutton_silver.xml 0xba09edca
    res/drawable/com_facebook_picker_item_background.xml 0x3d2198b6
    res/drawable/com_facebook_picker_list_selector.xml 0x351d416b
    res/drawable/com_facebook_picker_list_selector_background_transition.xml 0x138064e7
    res/drawable/com_facebook_picker_top_button.xml 0x7b8d3572
    res/drawable/com_facebook_top_background.xml 0x70415545
    res/drawable/com_facebook_top_button.xml 0xe6a1d319
    res/drawable/com_facebook_usersettingsfragment_background_gradient.xml 0x4efcb780
    res/drawable/common_signin_btn_icon_dark.xml 0xd8b10c4b
    res/drawable/common_signin_btn_icon_light.xml 0x6488f298
    res/drawable/common_signin_btn_text_dark.xml 0x4501707a
    res/drawable/common_signin_btn_text_light.xml 0xd4f86d94
    res/drawable/data_downloader_button_selector.xml 0xc86f8c51
    res/drawable/data_downloader_progressbar.xml 0x7bd3e692
    res/drawable/iab20_back_button_selector.xml 0xaa10c18c
    res/drawable/iab20_button_selector.xml 0x9f099785
    res/drawable/iab20_obutton_selector.xml 0xb43bd44b
    res/drawable/iab20_sel_button_selector.xml 0x25518ae7
    res/drawable/iab20_textfield.xml 0x2ea754a2
    res/drawable/logo_background_color.xml 0xdf5ee3c7
    res/layout-land/activity_in_game_browser.xml 0x44f030a0
    res/layout-port/activity_in_game_browser.xml 0x31fa97ed
    res/layout-v21/gi_notification_message.xml 0x884c3a74
    res/layout-v21/gi_notification_progress_bar.xml 0x93700ebb
    res/layout-v9/gi_notification_message.xml 0xdf062da0
    res/layout-v9/gi_notification_progress_bar.xml 0x3f809407
    res/layout-xlarge-hdpi-1024x768-v4/data_downloader_buttons_layout.xml 0x42707ab2
    res/layout-xlarge-hdpi-1024x768-v4/data_downloader_linear_progressbar_layout.xml 0x9dcb48cc
    res/layout-xlarge-hdpi-1024x768-v4/data_downloader_linear_progressbar_layout_v2.xml 0x7f2c703
    res/layout-xlarge-hdpi-1024x768-v4/data_downloader_progressbar_layout.xml 0x3bb1c762
    res/layout/com_facebook_friendpickerfragment.xml 0x3b3cdb10
    res/layout/com_facebook_login_activity_layout.xml 0xca753a21
    res/layout/com_facebook_picker_activity_circle_row.xml 0x4e818e46
    res/layout/com_facebook_picker_checkbox.xml 0xc0e0004e
    res/layout/com_facebook_picker_image.xml 0xac24b61f
    res/layout/com_facebook_picker_list_row.xml 0xa8d1ea60
    res/layout/com_facebook_picker_list_section_header.xml 0x75141b8d
    res/layout/com_facebook_picker_search_box.xml 0xd31d9af3
    res/layout/com_facebook_picker_title_bar.xml 0xb7ebce49
    res/layout/com_facebook_picker_title_bar_stub.xml 0x6f4f9d90
    res/layout/com_facebook_placepickerfragment.xml 0xfbc3b2
    res/layout/com_facebook_placepickerfragment_list_row.xml 0xa3a98e5f
    res/layout/com_facebook_search_bar_layout.xml 0x96b54b2c
    res/layout/com_facebook_tooltip_bubble.xml 0x96185009
    res/layout/com_facebook_usersettingsfragment.xml 0xa724cf43
    res/layout/custom_notification_layout.xml 0x11a5aa24
    res/layout/data_downloader_buttons_layout.xml 0x1ab32a70
    res/layout/data_downloader_linear_progressbar_layout.xml 0xd0da6334
    res/layout/data_downloader_linear_progressbar_layout_v2.xml 0x7c791543
    res/layout/data_downloader_progressbar_layout.xml 0x8ad575cc
    res/layout/gi_layout_download_toast_message.xml 0x10662339
    res/layout/gi_layout_logo.xml 0x75956934
    res/layout/gi_layout_manage_space.xml 0xaaabcd89
    res/layout/gi_main.xml 0x825c563b
    res/layout/gi_notification_message.xml 0x9c288378
    res/layout/gi_notification_progress_bar.xml 0xf4eff417
    res/layout/iab20_gldialogs.xml 0xc059e15a
    res/layout/iab_dialog_single_button.xml 0x8b85ab23
    res/layout/install_splash.xml 0xe118bfe8
    res/layout/local_layout_logo.xml 0xca672b8b
    res/layout/main.xml 0x486e76c3
    res/layout/rewards.xml 0xde7d80cd
    res/layout/share_mblog_view.xml 0x42a6a42b
    res/layout/textfield.xml 0x53e6baa2
    res/layout/timeline.xml 0xb1950c35
    res/layout/title_layout.xml 0x310de96
    res/raw/gi_settings.xml 0xd3661c97
    res/xml/analytics.xml 0x7d2ce86
    res/xml/global_config.xml 0x77846d6e
    res/xml/weibo_gameinfo.xml 0x774adfbe
    META-INF/com/android/otacert 0xc3fc0954
    META-INF/MANIFEST.MF 0x30728e4f
    META-INF/CERT.SF 0xf31e036b
    META-INF/CERT.RSA 0x527bc7a6
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号