VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :小小神偷波比.apk (File not down)
File Size :14905127 byte
File Type :Zip archive data
MD5:cd952139a2a4d6268f693451add07057
SHA1:39b2587cbb940207b550588eeb9fdd268be1d457
SHA256:85d2c6cc617ba903cc3e1f08cb435e19573a9a02d9209d851473e54796b6328f
SSDEEP:196608:cGZiKCXjLAqa6cbsKmC+UX3u00q7qEhJvQTjSkc4MFRqkMz46U6/++:3gKWLa6ssqu0z7P3GBc4ZkSR/r
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-12-20 11:05:27 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_COARSE
    android.permission.READ_LOGS读取系统日志
  • 文件信息
    安全评分 :
    基本信息
    MD5:cd952139a2a4d6268f693451add07057
    包名:air.top.free.fun.game.Tinyss
    最低运行环境:Android 2.2.x
    版权:Unknown
    关键行为
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x540105fd.
    Foreground window Info: HWND = 0x00000000, DC = 0x6201071c.
    Foreground window Info: HWND = 0x00000000, DC = 0x06010791.
    Foreground window Info: HWND = 0x00000000, DC = 0x0301078f.
    Foreground window Info: HWND = 0x00000000, DC = 0x43010762.
    进程行为
    行为描述:创建本地线程
    详情信息:ProcessId = 3172, ThreadId = 3152.
    ProcessId = 3172, ThreadId = 3704.
    ProcessId = 3172, ThreadId = 3556.
    文件行为
    行为描述:创建文件
    详情信息:C:\Users\Administrator\AppData\Local\%temp%\996E.cfg
    行为描述:修改文件内容
    详情信息:C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 0
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 30
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 47
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 66
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 81
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 106
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 118
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 135
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 150
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 173
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 191
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 212
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 226
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 248
    C:\Users\Administrator\AppData\Local\%temp%\996E.cfg ---> Offset = 265
    其他行为
    行为描述:检测自身是否被调试
    详情信息:N/A
    行为描述:创建互斥体
    详情信息:Local\SessionImmersiveColorMutex
    行为描述:查找指定窗口
    详情信息:FindWindowExW: [Class,Window] = [OleMainThreadWndClass,]
    FindWindowW: [Class,Window] = [ApplicationManager_DesktopShellWindow,]
    行为描述:打开事件
    详情信息:\KernelObjects\MaximumCommitCondition
    MSFT.VSA.COM.DISABLE.3172
    MSFT.VSA.IEC.STATUS.6c736db0
    行为描述:窗口信息
    详情信息:Pid = 3172, Hwnd=0x4029a, Text = 0 file(s), ClassName = msctls_statusbar32.
    Pid = 3172, Hwnd=0x2029e, Text = HashMyFiles, ClassName = HashMyFiles.
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x540105fd.
    Foreground window Info: HWND = 0x00000000, DC = 0x6201071c.
    Foreground window Info: HWND = 0x00000000, DC = 0x06010791.
    Foreground window Info: HWND = 0x00000000, DC = 0x0301078f.
    Foreground window Info: HWND = 0x00000000, DC = 0x43010762.
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 0.
    行为描述:打开互斥体
    详情信息:Local\ShimViewer
    Local\MSCTF.Asm.MutexDefault1S-1-5-21-1170589654-2814428265-349930785-500
    CicLoadWinStaWinSta0
    Local\MSCTF.CtfMonitorInstMutexDefault1
    Activities
    活动名类型
    air.top.free.fun.game.Tiny_Robber_Bob.AppEntryandroid.intent.action.MAIN
    air.top.free.fun.game.Tiny_Robber_Bob.AppEntryandroid.intent.category.LAUNCHER
    air.top.free.fun.game.Tiny_Robber_Bob.d.Xkwandroid.intent.action.CREATE_SHORTCUT
    air.top.free.fun.game.Tiny_Robber_Bob.d.Xkwandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    HttpClient;->execute请求远程服务器
    android/app/NotificationManager;->notify信息通知栏
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/URLConnection;->connect连接URL
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    DefaultHttpClient;->execute发送HTTP请求
    Camera;->open开启相机
    LocationManager;->getLastKnownLocation获取地址位置
    ContentResolver;->query读取联系人、短信等数据库
    ContentResolver;->delete删除短信、联系人
    启动方式
    名称信息
    air.top.free.fun.game.Tiny_Robber_Bob.x.Fk应用安装时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.x.Fk网络连接改变时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.x.Fk屏幕解锁启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.v.Jdn应用安装时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.v.Jdn网络连接改变时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.v.Jdn屏幕解锁启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.d.Gsf应用安装时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.d.Gsf屏幕解锁启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.d.Gsf网络连接改变时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.n.Tfl网络连接改变时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.n.Tfl屏幕解锁启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.n.Tfl应用安装时启动服务
    air.top.free.fun.game.Tiny_Robber_Bob.n.Tfl应用卸载时启动服务
    广告信息
    名称信息
    com.google.adsAdMob
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_COARSE
    android.permission.READ_LOGS读取系统日志
    服务列表
    名称
    air.top.free.fun.game.Tiny_Robber_Bob.x.Yz
    air.top.free.fun.game.Tiny_Robber_Bob.v.Rvg
    air.top.free.fun.game.Tiny_Robber_Bob.d.Bcrp
    air.top.free.fun.game.Tiny_Robber_Bob.n.Eio
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xbdd0d16c
    META-INF/CERT.SF 0xbd49bea4
    META-INF/CERT.RSA 0xe2009419
    assets/META-INF/AIR/extensions/com.corgiengine.extensions/META-INF/ANE/Android-ARM/library.swf 0x20162e44
    assets/META-INF/AIR/extensions/com.corgiengine.extensions/META-INF/ANE/extension.xml 0xb908d115
    assets/META-INF/AIR/extensions/com.corgiengine.extensions/catalog.xml 0xc8b9b2f4
    assets/META-INF/AIR/extensions/com.corgiengine.extensions/library.swf 0x20162e44
    assets/META-INF/AIR/application.xml 0xf374ad1b
    assets/adobeair.vch 0xffd0c1ff
    assets/game.swf 0x520e45aa
    assets/icon144.png 0x21a5444
    assets/icon48.png 0x370eb46e
    assets/icon72.png 0x4e16f409
    assets/icon96.png 0xc3e6189f
    lib/armeabi-v7a/libCore.so 0x2c096c45
    lib/armeabi-v7a/libstagefright_froyo.so 0x369c7e1d
    lib/armeabi-v7a/libstagefright_honeycomb.so 0xa1316ae9
    lib/armeabi-v7a/libstlport_shared.so 0xba79b1d8
    lib/armeabi-v7a/libysshared.so 0x16a80ccf
    res/drawable/air_72px_mobile_eula.png 0x5c9173ca
    res/drawable/mp_warning_32x32_n.png 0xe39ac7e5
    res/drawable-hdpi/icon.png 0x9b0abc7f
    res/drawable-ldpi/icon.png 0xf2348b97
    res/drawable-mdpi/icon.png 0xf2348b97
    res/drawable-xhdpi/icon.png 0xe0040d73
    res/drawable-xhdpi/ouya_icon.png 0x98f3eda2
    res/drawable-xxhdpi/icon.png 0x98f3eda2
    res/layout/expandable_chooser_row.xml 0x1b07cd6f
    res/layout/expandable_multiple_chooser_row.xml 0x3c356c0f
    res/layout/main.xml 0xc2da7b04
    res/layout/multiple_file_selection_panel.xml 0xe9d978d
    res/layout/ssl_certificate_warning.xml 0xe9d49be1
    res/layout/umeng_common_download_notification.xml 0x3467511f
    res/raw/adobelogo.gif 0xb9ea8478
    res/raw/debuginfo 0x0
    res/raw/icon.jpg 0x99b9d20c
    res/raw/rgba8888 0x0
    res/raw/startga.html 0x3c44c7e1
    AndroidManifest.xml 0xfbb8b444
    classes.dex 0xe20d4b88
    resources.arsc 0xbbdc2ca7
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号