VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name :调试版_手机蛋蛋.apk (File not down)
File Size :869888 byte
File Type :application/zip
MD5:490edb802f96ac0d4674f08c01c7bdfb
SHA1:2c5111501fd9986a1b178a3906e63a731e210a88
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2018-02-09 16:53:29 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14865 10.0.1405 2018-02-02 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 8
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 24293 0.97.5 2018-02-07 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2018-02-02 Found nothing 60
    fortinet 1.000, 54.989, 54.836, 54.859 5.4.247 2018-02-07 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.15955 25.15955 2018-02-08 Found nothing 14
    ikarus 4.00.05 V1.32.31.0 2018-02-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-12-22 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2018-02-08 Found nothing 4
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 6866 3.0.21 2018-02-07 Found nothing 60
    panda 9.05.01 9.05.01 2018-02-08 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-11-18 Android.Styricka.GEN6254 3
    rising 3201 3201 2017-12-26 Found nothing 1
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2018-02-05 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2018-02-08 Found nothing 14
    vba 3.12.29.5 beta 3.12.29.5 beta 2018-02-08 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_WIFI_STATE.android.permission.READ_PHONE_STATE
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.READ_SETTINGS
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
  • 文件信息
    安全评分 :
    基本信息
    MD5:490edb802f96ac0d4674f08c01c7bdfb
    包名:com.avdandan
    最低运行环境:Android 2.2.x
    版权:Android
    关键行为
    行为描述:直接调用系统关键API
    详情信息:Index = 0x0000009A, Name: NtQueryInformationProcess, Instruction Address = 0x00401653
    文件行为
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
    FileName = C:\WINDOWS
    FileName = C:\WINDOWS\system32
    FileName = C:\Program Files
    FileName = C:\Program Files\Common Files
    FileName = C:\Documents and Settings\Administrator\「开始」菜单
    FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序
    FileName = C:\Documents and Settings\Administrator\Application Data
    FileName = C:\Documents and Settings\Administrator\Local Settings\Application Data
    FileName = C:\Documents and Settings\Administrator\桌面
    FileName = C:\Documents and Settings\Administrator\Templates
    其他行为
    行为描述:创建互斥体
    详情信息:__NjServer.exe_0x2450EBC7
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    行为描述:创建事件对象
    详情信息:EventName = Global\userenv: User Profile setup event
    行为描述:直接调用系统关键API
    详情信息:Index = 0x0000009A, Name: NtQueryInformationProcess, Instruction Address = 0x00401653
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:窗口信息
    详情信息:Pid = 2644, Hwnd=0x10340, Text = 确定, ClassName = Button.
    Pid = 2644, Hwnd=0x10344, Text = A security monitoring product is interfering with the proper operation of this application. Please contact the security product vendor for assistance, or disable the security monitoring software and try again., ClassName = Static.
    Pid = 2644, Hwnd=0x1033c, Text = Xenocode Virtual Appliance Runtime, ClassName = #32770.
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Activities
    活动名类型
    com.e4a.runtime.android.StartActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.StartActivityandroid.intent.category.DEFAULT
    com.e4a.runtime.android.StartActivityandroid.intent.category.LAUNCHER
    com.e4a.runtime.android.mainActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.mainActivityandroid.intent.category.DEFAULT
    com.tencent.tauth.AuthActivityandroid.intent.action.VIEW
    com.tencent.tauth.AuthActivityandroid.intent.category.DEFAULT
    com.tencent.tauth.AuthActivityandroid.intent.category.BROWSABLE
    com.tencent.smtt.sdk.VideoActivitycom.tencent.smtt.tbs.video.PLAY
    com.tencent.smtt.sdk.VideoActivityandroid.intent.category.DEFAULT
    权限列表
    许可名称信息
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_WIFI_STATE.android.permission.READ_PHONE_STATE
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.READ_SETTINGS
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xe9b397d0
    META-INF/ANDROIDD.SF 0xc233e52c
    META-INF/ANDROIDD.RSA 0x250230e5
    assets/actiivty_btn_1.png 0xb3ae95f2
    assets/applogo.jpg 0xb6acae1c
    assets/btn_ad_blue_normal.9.png 0xbdb9f70d
    assets/btn_ad_blue_pressed.9.png 0xe9bde19c
    assets/btn_click.9.png 0x47647ecc
    assets/btn_normal.9.png 0xd1454530
    assets/btn_web_back_normal.png 0xcc71ac45
    assets/btn_web_back_pressed.png 0x32c3b23f
    assets/button.png 0xdfc7dea9
    assets/fail.png 0x2a73867a
    assets/greenbutton1.png 0xbd41a0c5
    assets/greenbutton2.png 0xac2e9000
    assets/httpicon.png 0xaf68945e
    assets/kfe.png 0xe0f6a087
    assets/kfw.png 0x1648af3e
    assets/kfx.png 0xf5b439d8
    assets/loading.png 0xca7c2c17
    assets/notexist.png 0x3a26e0e8
    assets/play_history_btn_bg_normal.9.png 0x11a8a1a7
    assets/redbutton1.png 0xabc69e6d
    assets/redbutton2.png 0xdfc7dea9
    res/drawable/icon.png 0xc50ecea8
    res/drawable/pulltorefresh_arrow.png 0x32192a53
    res/layout/loadmore_footer.xml 0xb2847cfa
    res/layout/pull_to_refresh_header.xml 0x9a309a87
    AndroidManifest.xml 0x8cfd1e0d
    resources.arsc 0x60be7184
    classes.dex 0x310270d7
    lib/armeabi/liblbs.so 0xbe8edb00
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号