VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name :QQ透明气泡生成器.apk (File not down)
File Size :5273533 byte
File Type :application/zip
MD5:8411a82df60849f1bab41eee9371d142
SHA1:0f59e22bde693a046d080f44a2998b9982953e1e
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:6%Scanner(s) (2/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-10-25 17:03:02 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Android.Adware.Youmi.A 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4043 25.4043 2015-10-25 Android.Adware.Youmi.A 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 43
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 12
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 4
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 3
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 15
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.READ_PHONE_STATE读取电话状态
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.INTERNET连接网络(2G或3G)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
    android.permission.WRITE_SETTINGS读写系统设置项
  • 文件信息
    安全评分 :
    基本信息
    MD5:8411a82df60849f1bab41eee9371d142
    包名:com.Inqipap
    最低运行环境:Android 2.2.x
    版权:Unknown
    危险行为
    行为描述:执行系统命令
    详情信息:[u'getprop ro.product.cpu.abi']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art.20']
    [u'[sh, -c, chmod 775 /data/data/com.Inqipap/app_bangcleplugin/libcpu]']
    [u'[sh, -c, /data/data/com.Inqipap/app_bangcleplugin/libcpu /mnt/sdcard/.91d69dbc-1d9b-393f-b282-9e09d4209af3 16 1 com.Inqipap]']
    [u'getprop ro.product.cpu.abi']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art.20']
    动态列表行为
    行为描述:发送广播
    详情信息:{"ACTION":"com.secneo.plugin.action.APP_STARTED","FLAG":0}
    行为描述:调用哈希算法
    详情信息:MD5
    SHA1
    MD5
    行为描述:读取文件
    详情信息:path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:68
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:69
    path:/data/dalvik-cache/data@app@com.Inqipap-1.apk@classes.dex length:5
    path:unknown length:17
    path:/data/app/com.Inqipap-1.apk length:9
    path:/data/app/com.Inqipap-1.apk length:23
    path:/data/app/com.Inqipap-1.apk length:68
    path:/data/app/com.Inqipap-1.apk length:7
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk length:66
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk length:5
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk length:9
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk length:23
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk length:68
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk length:7
    path:/data/data/com.Inqipap/.md5 length:37
    path:/data/data/com.Inqipap/.md5 length:5
    path:/data/data/com.Inqipap/.sec_version length:10
    path:/data/data/com.Inqipap/.sec_version length:5
    行为描述:获取加密实例
    详情信息:[u'DES/CBC/PKCS5Padding']
    行为描述:启动服务
    详情信息:{"ACTION":"com.secneo.plugin.action.APP_STARTED","FLAG":16,"COMPONENT_NAME":"ComponentInfo{com.Inqipap\/neo.proxy.FastService}"}
    行为描述:读取系统设置
    详情信息:[u'android.app.ContextImpl$ApplicationContentResolver@414d3960', u'multiplule_id_flag_date']
    行为描述:初始化URL
    详情信息:[u'file', u'', u'-1', u'/data/data/com.Inqipap/app_bangcleplugin/container.apk', u'null']
    [u'jar:file:/data/data/com.Inqipap/app_bangcleplugin/container.apk!/libcpu_20']
    行为描述:类加载
    详情信息:path:/data/data/com.Inqipap/.cache/classes.dex
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk
    path:/data/data/com.Inqipap/.cache/classes.dex
    行为描述:读取URL数据
    详情信息:[]
    行为描述:执行系统命令
    详情信息:[u'getprop ro.product.cpu.abi']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art.20']
    [u'[sh, -c, chmod 775 /data/data/com.Inqipap/app_bangcleplugin/libcpu]']
    [u'[sh, -c, /data/data/com.Inqipap/app_bangcleplugin/libcpu /mnt/sdcard/.91d69dbc-1d9b-393f-b282-9e09d4209af3 16 1 com.Inqipap]']
    [u'getprop ro.product.cpu.abi']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art']
    [u'chmod 755 /data/data/com.Inqipap/.cache/com.Inqipap.art.20']
    行为描述:缓冲区读取一行数据
    详情信息:armeabi-v7a
    2
    1.1
    armeabi-v7a
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41550b90', u'WM.LayoutParams{(0,0)(fillxfill) sim=#120 ty=1 fl=#9010100 pfl=0x8 fmt=-2 wanim=0x103028f}', u'android.view.CompatibilityInfoHolder@414b8790']
    行为描述:写入文件
    详情信息:path:/data/data/com.Inqipap/.md5 length:37
    path:/data/data/com.Inqipap/.sec_version length:10
    path:/data/data/com.Inqipap/.cache/libsecexe.so length:69
    path:/data/data/com.Inqipap/.cache/libsecexe.so length:65
    path:/data/data/com.Inqipap/.cache/libsecmain.so length:69
    path:/data/data/com.Inqipap/.cache/libsecmain.so length:61
    path:/data/data/com.Inqipap/.cache/libsecmain.so length:64
    path:/data/data/com.Inqipap/.cache/libsecpreload.so length:69
    path:/data/data/com.Inqipap/app_bangcleplugin/container.apk length:66
    path:/data/data/com.Inqipap/shared_prefs/device_id.xml.xml length:146
    path:/data/data/com.Inqipap/app_data/container.pre_global_config length:7
    path:/data/data/com.Inqipap/app_data/container.pre_global_config length:7
    path:/data/data/com.Inqipap/app_data/container.pre_global_config length:69
    path:/data/data/com.Inqipap/shared_prefs/com.Inqipap_preferences.xml length:148
    path:/data/data/com.Inqipap/shared_prefs/com.Inqipap_preferences.xml length:225
    path:/data/data/com.Inqipap/shared_prefs/com.Inqipap_preferences.xml length:261
    path:/data/data/com.Inqipap/shared_prefs/com.Inqipap_preferences.xml length:261
    path:/data/data/com.Inqipap/shared_prefs/com.Inqipap_preferences.xml length:261
    path:/data/data/com.Inqipap/shared_prefs/com.Inqipap_preferences.xml length:261
    path:/data/data/com.Inqipap/app_bangcleplugin/libcpu length:69
    行为描述:Android运行时错误
    详情信息:E/AndroidRuntime( 1657): FATAL EXCEPTION: main
    E/AndroidRuntime( 1657): java.lang.RuntimeException: Unable to instantiate service com.e4a.runtime.android.j.Ac: java.lang.ClassNotFoundException: com.e4a.runtime.android.j.Ac
    E/AndroidRuntime( 1657): at android.app.ActivityThread.handleCreateService(ActivityThread.java:2347)
    E/AndroidRuntime( 1657): at android.app.ActivityThread.access$1600(ActivityThread.java:130)
    E/AndroidRuntime( 1657): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1277)
    E/AndroidRuntime( 1657): at android.os.Handler.dispatchMessage(Handler.java:99)
    E/AndroidRuntime( 1657): at android.os.Looper.loop(Looper.java:137)
    E/AndroidRuntime( 1657): at android.app.ActivityThread.main(ActivityThread.java:4745)
    E/AndroidRuntime( 1657): at java.lang.reflect.Method.invokeNative(Native Method)
    E/AndroidRuntime( 1657): at java.lang.reflect.Method.invoke(Method.java:511)
    E/AndroidRuntime( 1657): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786)
    E/AndroidRuntime( 1657): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553)
    E/AndroidRuntime( 1657): at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:135)
    E/AndroidRuntime( 1657): at dalvik.system.NativeStart.main(Native Method)
    E/AndroidRuntime( 1657): Caused by: java.lang.ClassNotFoundException: com.e4a.runtime.android.j.Ac
    E/AndroidRuntime( 1657): at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:61)
    E/AndroidRuntime( 1657): at java.lang.ClassLoader.loadClass(ClassLoader.java:501)
    E/AndroidRuntime( 1657): at java.lang.ClassLoader.loadClass(ClassLoader.java:461)
    E/AndroidRuntime( 1657): at android.app.ActivityThread.handleCreateService(ActivityThread.java:2344)
    E/AndroidRuntime( 1657): ... 11 more
    行为描述:获取网络状态信息[*]
    详情信息:NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    行为描述:循环任务
    详情信息:[u'1', u'1439268239066', u'3600000', u'PendingIntent{4170abf0: android.os.BinderProxy@414ba228}']
    [u'0', u'1439283600000', u'86400000', u'PendingIntent{4151d4b0: android.os.BinderProxy@41564df8}']
    行为描述:初始化Intent
    详情信息:[u'com.secneo.plugin.action.APP_STARTED']
    [u'android.os.Parcel@414b5f40']
    [u'android.os.Parcel@414b5f40']
    [u'com.secneo.plugin.action.HOURLY']
    [u'com.secneo.plugin.action.DAILY']
    [u'android.os.Parcel@414adeb0']
    [u'android.os.Parcel@414adeb0']
    [u'android.os.Parcel@414adeb0']
    [u'android.os.Parcel@414adeb0']
    Activities
    活动名类型
    com.e4a.runtime.android.mainActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.mainActivityandroid.intent.category.DEFAULT
    com.e4a.runtime.android.mainActivityandroid.intent.category.LAUNCHER
    neo.proxy.ToolActivitycom.secneo.proxy.action.CUSTOM
    neo.proxy.ToolActivityandroid.intent.category.DEFAULT
    com.e4a.runtime.android.w.Wyxaandroid.intent.action.CREATE_SHORTCUT
    com.e4a.runtime.android.w.Wyxaandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    启动方式
    名称信息
    neo.proxy.DistributeReceiver网络连接改变时启动服务
    com.e4a.runtime.android.f.Us网络连接改变时启动服务
    com.e4a.runtime.android.x.Dp网络连接改变时启动服务
    com.e4a.runtime.android.w.Xa屏幕解锁启动服务
    com.e4a.runtime.android.w.Xa网络连接改变时启动服务
    com.e4a.runtime.android.j.Pic屏幕解锁启动服务
    com.e4a.runtime.android.j.Pic网络连接改变时启动服务
    com.e4a.runtime.android.a.Fjx屏幕解锁启动服务
    com.e4a.runtime.android.a.Fjx网络连接改变时启动服务
    权限列表
    许可名称信息
    android.permission.READ_PHONE_STATE读取电话状态
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.INTERNET连接网络(2G或3G)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
    android.permission.WRITE_SETTINGS读写系统设置项
    服务列表
    名称
    neo.proxy.FastService
    com.e4a.runtime.android.f.Nfgf
    com.e4a.runtime.android.x.Dvxh
    com.e4a.runtime.android.w.Oihs
    com.e4a.runtime.android.j.Ac
    com.e4a.runtime.android.a.Xgat
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x90c62bc1
    META-INF/CERT.SF 0xffb3c66
    META-INF/CERT.RSA 0xbb9587be
    assets/bangcleplugin/container.apk 0xc0ccf58a
    assets/bangcleplugin/dgc 0xeb1dc18b
    assets/meta-data/manifest.mf 0xce649b69
    assets/meta-data/rsa.pub 0x605ddc03
    assets/meta-data/rsa.sig 0x6c143972
    assets/0012.png 0x155628a2
    assets/07.png 0x50b678d4
    assets/10.png 0xa7db6cc1
    assets/14212.png 0xe663e86d
    assets/1439980898037.png 0xf840e6d8
    assets/21231.jpg 0xdf28ef71
    assets/55555.jpg 0xae7c54e9
    assets/bangcle_classes.jar 0x6cf06bef
    assets/com.Inqipap 0xa40c066f
    assets/com.Inqipap.L 0x333fe636
    assets/com.Inqipap.art 0x18ee04b
    assets/com.Inqipap.art.20 0xc443b8b3
    assets/com.Inqipap.x86 0x79a90b7f
    assets/com.Inqipap.x86.L 0x8bff740
    assets/com.netway.gamehelper.apk 0x2d054600
    assets/libsecexe.so 0x990580de
    assets/libsecexe.x86.so 0x9b72c27f
    assets/libsecmain.so 0xd3f06789
    assets/libsecmain.x86.so 0xe5bdf687
    assets/libsecpreload.so 0xe2d73746
    assets/libsecpreload.x86.so 0x4993f73
    assets/logo.png 0x36c46f3b
    assets/logo2.png 0x248be08f
    assets/t01521485c2d8e76f2f.gif 0x8ae3a1c0
    res/drawable/icon.png 0x4a05fd48
    AndroidManifest.xml 0x610ee6d1
    classes.dex 0x6db4779b
    resources.arsc 0x75da3480
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号