VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :maolv.apk (File not down)
File Size :4526513 byte
File Type :application/zip
MD5:7f7e7397da04e5950e10429d9e18d22b
SHA1:ae8bc93b9ad4f85b5e4d87d1eda04a02808d4fa0
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2017-09-19 21:54:54 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14460 10.0.1405 2017-09-14 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 23845 0.97.5 2017-09-17 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2017-09-11 Found nothing 60
    fortinet 1.000, 51.740, 51.597, 51.621 5.4.247 2017-09-19 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.14236 25.14236 2017-09-18 Found nothing 12
    ikarus 3.02.09 V1.32.31.0 2017-09-18 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-09-18 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2017-09-18 Found nothing 60
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 6095 3.0.21 2017-09-17 Found nothing 60
    panda 9.05.01 9.05.01 2017-09-18 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Android mobile malware 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-09-18 Found nothing 3
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 2
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2017-09-16 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2017-09-18 Found nothing 15
    vba 3.12.29.5 beta 3.12.29.5 beta 2017-09-18 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_PHONE_STATE读取电话状态
    android.hardware.camera
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.CAMERA访问照相机设备
    android.permission.WRITE_EXTERNAL_STORAG
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.FLASHLIGHT访问闪光灯
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
  • 文件信息
    安全评分 :
    基本信息
    MD5:7f7e7397da04e5950e10429d9e18d22b
    包名:com.MaoLv
    最低运行环境:Android 2.2.x
    版权:gifmama
    关键行为
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0xb5bfd0db, EDX = 0x00000076
    EAX = 0xb5bfd127, EDX = 0x00000076
    EAX = 0xb847a0b0, EDX = 0x00000076
    EAX = 0xb847a0fc, EDX = 0x00000076
    EAX = 0xdfeca559, EDX = 0x00000076
    EAX = 0xf5030f4c, EDX = 0x00000076
    EAX = 0x85ecf3f9, EDX = 0x00000077
    EAX = 0x85ecf445, EDX = 0x00000077
    EAX = 0x889ff3c1, EDX = 0x00000077
    EAX = 0xb019c82b, EDX = 0x00000077
    文件行为
    行为描述:创建文件
    详情信息:C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
    行为描述:查找文件
    详情信息:FileName = C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
    FileName = C:\Windows\Microsoft.NET\Framework\\*
    FileName = C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\*
    FileName = C:\Users
    FileName = C:\Users\Administrator\AppData
    FileName = C:\Users\Administrator\AppData\Local
    FileName = C:\Users\Administrator\AppData\Local\Temp
    FileName = C:\Users\Administrator\AppData\Local\%temp%
    FileName = C:\Users\Administrator\AppData\Local\%temp%\b70c.exe
    FileName = C:\Users\Administrator
    FileName = C:\Windows\assembly\NativeImages_v4.0.30319_32\keymaker\*
    FileName = C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\*
    FileName = C:\Windows\assembly\NativeImages_v4.0.30319_32\System\*
    FileName = C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\*
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\GDIPlus\FontCachePath
    其他行为
    行为描述:检测自身是否被调试
    详情信息:IsDebuggerPresent
    行为描述:创建事件对象
    详情信息:EventName = Global\CPFATE_2756_v4.0.30319
    行为描述:打开互斥体
    详情信息:Local\MSCTF.Asm.MutexDefault1
    行为描述:打开事件
    详情信息:Global\CLR_PerfMon_StartEnumEvent
    \KernelObjects\LowMemoryCondition
    HookSwitchHookEnabledEvent
    Local\MSCTF.CtfActivated.Default1
    Local\MSCTF.AsmCacheReady.Default1
    行为描述:窗口信息
    详情信息:Pid = 2756, Hwnd=0x40196, Text = License key, ClassName = WindowsForms10.Window.8.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x40184, Text = 21G6Y-KE2MC-DXG4C-NRWLP-BK0R7, ClassName = WindowsForms10.EDIT.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x401b6, Text = Product list, ClassName = WindowsForms10.Window.8.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x3024a, Text = Remote Desktop Manager Enterprise v11.x, ClassName = WindowsForms10.COMBOBOX.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x801d2, Text = Generate, ClassName = WindowsForms10.BUTTON.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x501e4, Text = Close, ClassName = WindowsForms10.BUTTON.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x501dc, Text = Copy, ClassName = WindowsForms10.BUTTON.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x501e0, Text = z!DVT, ClassName = WindowsForms10.STATIC.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x501e8, Text = Devolutions Products Keymaker v2016.04, ClassName = WindowsForms10.STATIC.app.0.141b42a_r14_ad1.
    Pid = 2756, Hwnd=0x701b2, Text = Devolutions Products Keymaker v2016.04, ClassName = WindowsForms10.Window.8.app.0.141b42a_r14_ad1.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0xb5bfd0db, EDX = 0x00000076
    EAX = 0xb5bfd127, EDX = 0x00000076
    EAX = 0xb847a0b0, EDX = 0x00000076
    EAX = 0xb847a0fc, EDX = 0x00000076
    EAX = 0xdfeca559, EDX = 0x00000076
    EAX = 0xf5030f4c, EDX = 0x00000076
    EAX = 0x85ecf3f9, EDX = 0x00000077
    EAX = 0x85ecf445, EDX = 0x00000077
    EAX = 0x889ff3c1, EDX = 0x00000077
    EAX = 0xb019c82b, EDX = 0x00000077
    Activities
    活动名类型
    com.e4a.runtime.android.StartActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.StartActivityandroid.intent.category.DEFAULT
    com.stub.plugin.Stub01android.intent.action.MAIN
    com.stub.plugin.Stub01android.intent.category.LAUNCHER
    com.e4a.runtime.android.mainActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.mainActivityandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    权限列表
    许可名称信息
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_PHONE_STATE读取电话状态
    android.hardware.camera
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.CAMERA访问照相机设备
    android.permission.WRITE_EXTERNAL_STORAG
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.FLASHLIGHT访问闪光灯
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    服务列表
    名称
    com.stub.plugin.Stub02
    Providers
    名字信息
    com.stub.plugin.Stub04
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xd3e73a83
    META-INF/GIFMAMA.SF 0x915fe5d8
    META-INF/GIFMAMA.RSA 0x470ab272
    AndroidManifest.xml 0x52aa1bd0
    assets/.appkey 0x31e0def9
    assets/01.gif 0x36f643de
    assets/FileDialog/1.png 0x78686c7a
    assets/FileDialog/2.png 0x7e93bac3
    assets/FileDialog/3.png 0x4608dc7e
    assets/FileDialog/4.png 0xae74269b
    assets/FileDialog/5.png 0x67adec41
    assets/FileDialog/6.png 0xcd055e6c
    assets/FileDialog/7.png 0x446d8c59
    assets/FileDialog/8.png 0x46c0be08
    assets/FileDialog/9.png 0xbdadc5b1
    assets/Flipagram.png 0x3890bbba
    assets/Flipagram2.png 0xa49aacd6
    assets/YY.png 0xe0955c51
    assets/YY2.png 0x11f74587
    assets/a79.png 0xfdf1dfc9
    assets/a792.png 0x67dfe0ce
    assets/anan.png 0xc84af36f
    assets/anniu00.png 0xb71e890f
    assets/anniu01.png 0x1997934e
    assets/anniu02.png 0x66486e01
    assets/anniubeijing.png 0x6b8e6bc0
    assets/anquan.png 0x55c88c58
    assets/baocun.png 0xa76a3f77
    assets/baocun2.png 0xf9931e71
    assets/baocun3.png 0x8fb07744
    assets/baocuntishi.png 0xec2c3ee8
    assets/caidan.png 0x321cfe3e
    assets/caidan1.png 0x241d9d9
    assets/denglu.png 0xfc4281a1
    assets/denglu2.png 0xc57a0669
    assets/douyin.png 0x66869f0d
    assets/douyin2.png 0x6832590e
    assets/fabu.png 0x34d68489
    assets/fabu2.png 0x5ef7c80b
    assets/fuwuqi.png 0xc6443e87
    assets/gear.png 0x5d92686f
    assets/gear2.png 0xd541ec52
    assets/guanggao.png 0xaa908c2f
    assets/guanzhu.png 0xa34198f0
    assets/huoshan.png 0x8f508c7
    assets/huoshan2.png 0x9a11fe0c
    assets/jianji.png 0x79cc7335
    assets/jianji001.png 0x1213a773
    assets/jianji2.png 0x3eedc21d
    assets/kuaishou.png 0xf44d47b6
    assets/kuaishou.txt 0x686321e0
    assets/kuaishou2.png 0x23e57086
    assets/laifeng.png 0x43e6a990
    assets/laifeng2.png 0x50401b00
    assets/libjiagu.so 0x8453ad53
    assets/libjiagu_x86.so 0xbd70a4f8
    assets/lishipin.png 0x66f0e418
    assets/lishipin2.png 0xb8e384b0
    assets/logo.png 0x984f758
    assets/logo1.png 0x96096a1a
    assets/logo2.png 0x751220fc
    assets/lyb.txt 0x81a5a950
    assets/lybbj.png 0x2e15a74f
    assets/lybl.png 0xca37000b
    assets/lybnr.png 0x8b69c1b9
    assets/meipai.png 0x368f3f87
    assets/meipai2.png 0x1405b7da
    assets/miaopai.png 0x6ed5e458
    assets/miaopai2.png 0xa8eac4b3
    assets/mohe.png 0x57fa4e2
    assets/mohe2.png 0x6b8b45e4
    assets/mulu.png 0xf5c8a62a
    assets/mulu2.png 0x39da8c84
    assets/muse.png 0xd3604eaa
    assets/muse2.png 0xe3aaf2e3
    assets/naitang.png 0xe9063bf1
    assets/naitang2.png 0x1674d6ae
    assets/nav_btn_back_black_normal.png 0x8ed3c7aa
    assets/nav_btn_back_gray_normal.png 0x1443481f
    assets/piliang.png 0xa27e303e
    assets/piliang2.png 0xaf4276e1
    assets/qd2.png 0xad105a64
    assets/qiehuantishi.png 0xf76c56da
    assets/quanbu.png 0x845fe7a8
    assets/shengji.png 0x6fbaa52b
    assets/shuiyin.png 0xff6a1fc6
    assets/shuiyin001.png 0xf98950bd
    assets/shuiyin2.png 0x579305af
    assets/shurukong.png 0xd750deb5
    assets/sosuo.png 0x4a66b87d
    assets/sr.png 0x7716dd59
    assets/tishi.png 0x990c4f7a
    assets/tishi2.png 0x592ef3f2
    assets/tishizhantie.png 0x7cdde4cd
    assets/top.png 0xf8d4ccb0
    assets/vf.png 0x302486e3
    assets/vf01.png 0x683a385
    assets/vf3.png 0xf1e10b07
    assets/vf33.png 0x2ab78f5d
    assets/weiguan.png 0x80be4333
    assets/weiguan2.png 0xed605f0f
    assets/weixin.png 0x2d61d54
    assets/wenhao.png 0xcfb3444f
    assets/wo.png 0xb55deb46
    assets/wo2.png 0x1daea746
    assets/woanniu.png 0xc5d0f8c2
    assets/woanniu2.png 0xed1b4149
    assets/wxts.png 0x4658f8b5
    assets/x2.png 0x562be8ff
    assets/xiangji.png 0x79147c10
    assets/xianshi.png 0x92e86b6e
    assets/xiaokaxiu.png 0x3ba9899f
    assets/xiaokaxiu2.png 0x8fff5aa6
    assets/xiaoying.png 0xe5734572
    assets/xiaoying2.png 0x8863c7d4
    assets/xuenzekuang.png 0x643277de
    assets/yingke.png 0x8d6be716
    assets/yingke.txt 0x13fdd7b4
    assets/yingke2.png 0xe99d5464
    assets/yuanchuang.png 0xd334fe33
    assets/yuanchuang2.png 0x84d9db04
    assets/zhantie.png 0x75694f87
    assets/zhantie2.png 0x92154f80
    assets/zhantiekuang.png 0xd67e1005
    assets/zhuancun.png 0xb26b2c6
    assets/zhuancun2.png 0x7955d5f2
    classes.dex 0x6cdd32c9
    lib/armeabi/ 0x0
    lib/armeabi/libjiagu_art.so 0x0
    lib/x86/ 0x0
    lib/x86/libjiagu_art.so 0x0
    res/drawable-hdpi/switch_off.png 0x96e06f6
    res/drawable-hdpi/switch_on.png 0x8cbe24aa
    res/drawable-hdpi/switch_slider.png 0x4133f6b1
    res/drawable/beijing.png 0xc037b402
    res/drawable/e4a_seekbar_1.xml 0xdc2c025d
    res/drawable/e4a_seekbar_10.xml 0xdc2c025d
    res/drawable/e4a_seekbar_11.xml 0xe3aa653f
    res/drawable/e4a_seekbar_12.xml 0xdc2c025d
    res/drawable/e4a_seekbar_2.xml 0xe3aa653f
    res/drawable/e4a_seekbar_3.xml 0x5e207a13
    res/drawable/e4a_seekbar_4.xml 0xe3aa653f
    res/drawable/e4a_seekbar_5.xml 0xe3aa653f
    res/drawable/e4a_seekbar_6.xml 0xe3aa653f
    res/drawable/e4a_seekbar_7.xml 0xe3aa653f
    res/drawable/e4a_seekbar_8.xml 0xe3aa653f
    res/drawable/e4a_seekbar_9.xml 0xe3aa653f
    res/drawable/e4alistview_new_message.png 0x1cdc5409
    res/drawable/icon.png 0xc3b32797
    res/drawable/qianjing.png 0xbc625bec
    res/drawable/qianjing2.png 0x73c20521
    res/drawable/shengji2.png 0x1c77d9f4
    res/drawable/shibai.png 0xcc615a09
    resources.arsc 0xb7e27c13
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号