VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :baiduinput_android_v2.0_1000e.apk (File not down)
File Size :2823192 byte
File Type :application/zip
MD5:d49041d9a24a537f7659592f9838ec1b
SHA1:ddcecc6db21bc3374beb7c59165004c00eae149f
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-10-20 08:10:22 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.3964 25.3964 2015-10-19 Found nothing 10
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 42
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 4
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 7
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 14
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.VIBRATE允许设备震动
    android.permission.VIBRATION
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
  • 文件信息
    安全评分 :
    基本信息
    MD5:d49041d9a24a537f7659592f9838ec1b
    包名:com.baidu.input
    最低运行环境:Android 1.5
    版权:Baidu Inc.
    关键行为
    行为描述:写权限映射文件
    详情信息:Global\Cor_Private_IPCBlock_1344
    Global\Cor_Public_IPCBlock_1344
    CiceroSharedMemDefaultS-*
    Global\NLS_00000804_Exception_Table_3_2
    MSCTF.MarshalInterface.FileMap.AKB..MCNFI
    MSCTF.MarshalInterface.FileMap.AKB.B.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.C.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.D.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.E.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.F.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.G.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.H.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.I.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.J.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.K.MDNFI
    进程行为
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:写权限映射文件
    详情信息:Global\Cor_Private_IPCBlock_1344
    Global\Cor_Public_IPCBlock_1344
    CiceroSharedMemDefaultS-*
    Global\NLS_00000804_Exception_Table_3_2
    MSCTF.MarshalInterface.FileMap.AKB..MCNFI
    MSCTF.MarshalInterface.FileMap.AKB.B.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.C.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.D.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.E.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.F.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.G.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.H.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.I.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.J.MDNFI
    MSCTF.MarshalInterface.FileMap.AKB.K.MDNFI
    行为描述:重命名文件
    详情信息:C:\WINDOWS\system32\d3d9caps.tmp ---> C:\WINDOWS\system32\d3d9caps.dat
    行为描述:修改文件内容
    详情信息:C:\WINDOWS\system32\d3d9caps.dat---> Offset = 28
    C:\WINDOWS\system32\d3d9caps.tmp---> Offset = 28
    行为描述:查找文件
    详情信息:FileName = C:\WINDOWS
    FileName = C:\WINDOWS\WinSxS
    FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
    FileName = C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
    FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445280652.009856.exe
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\996E.INI
    FileName = C:/DOCUME~1
    FileName = C:/DOCUME~1/ADMINI~1
    FileName = C:/DOCUME~1/ADMINI~1/LOCALS~1
    FileName = C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Direct3D\MostRecentApplication\Name
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    DDrawWindowListMutex
    __DDrawExclMode__
    __DDrawCheckExclMode__
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.AKB
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:启动系统服务
    详情信息:[服务启动成功]: NT AUTHORITY\LocalService, Windows Presentation Foundation Font Cache 3.0.0.0, c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    行为描述:获取系统权限
    详情信息:SE_DEBUG_PRIVILEGE
    行为描述:获取TickCount值
    详情信息:TickCount = 487418, SleepMilliseconds = 200.
    TickCount = 487428, SleepMilliseconds = 100.
    TickCount = 487771, SleepMilliseconds = 100.
    TickCount = 487787, SleepMilliseconds = 100.
    TickCount = 487803, SleepMilliseconds = 100.
    TickCount = 487818, SleepMilliseconds = 100.
    TickCount = 488068, SleepMilliseconds = 100.
    TickCount = 488084, SleepMilliseconds = 100.
    TickCount = 488100, SleepMilliseconds = 100.
    TickCount = 488115, SleepMilliseconds = 100.
    TickCount = 488131, SleepMilliseconds = 100.
    TickCount = 548078, SleepMilliseconds = 60000.
    TickCount = 548140, SleepMilliseconds = 60000.
    TickCount = 548156, SleepMilliseconds = 60000.
    TickCount = 548171, SleepMilliseconds = 60000.
    行为描述:窗口信息
    详情信息:Pid = 1344, Hwnd=0x202d4, Text = 初期設定, ClassName = HwndWrapper[%temp%\1445280651.925461.exe;;087fe8f0-d5ea-4d66-bfc7-5b7684fb7a2c].
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 60000.
    [2]: MilliSeconds = -1.
    动态列表行为
    行为描述:传递附加信息
    详情信息:type:2
    type:6
    android.intent.extra.TEXT:我觉得百度手机输入法很好用哦!推荐你也试试,可以在wap站:http://mo.baidu.com/input/ 下载。选择相应的机型或者平台即可。
    android.intent.extra.INTENT:{"ACTION":"android.intent.action.SEND","FLAG":0,"TYPE":"text\/plain","EXTRAS":{"android.intent.extra.TEXT":"我觉得百度手机输入法很好用哦!推荐你也试试,可以在wap站:http:\/\/mo.baidu.com\/input\/ 下载。选择相应的机型或者平台即可。"}}
    android.intent.extra.TITLE:好友推荐
    行为描述:Toast->makeText弹出提示
    详情信息:text:未装载存储卡,部分功能无法使用。 duration:0
    行为描述:读取文件
    详情信息:path:/data/data/com.baidu.input/files/channel length:10
    行为描述:加载链接库文件
    详情信息:/data/data/com.baidu.input/lib/libinputcore-2.so
    行为描述:解析通用资源标识符
    详情信息:http://r6.mo.baidu.com/ci/sk?ua=bd_768_1184_sdk-S898tp_2-0-2-32_a1&uid=bd_362449040341753&from=1000e
    行为描述:读取系统设置
    详情信息:[u'android.app.ContextImpl$ApplicationContentResolver@414e9600', u'fancy_ime_animations']
    行为描述:窗口信息
    详情信息:{"text": "Baidu Input", "class": "android.widget.TextView"}
    {"text": "开启自动更新,能保持词库最优化,有效提高输入准确率。是否开启?", "class": "android.widget.TextView"}
    {"text": "是", "class": "android.widget.Button"}
    {"text": "否", "class": "android.widget.Button"}
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41505fd8', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#8020002 pfl=0x8 fmt=-2 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414af858']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414a8530', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414af858']
    [u'android.widget.LinearLayout@414fd6e0', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    行为描述:初始化Intent
    详情信息:[]
    []
    []
    []
    []
    [u'android.intent.action.CHOOSER']
    []
    [u'android.os.Parcel@414ad168']
    行为描述:调用Intent的setAction
    详情信息:[u'android.intent.action.SEND']
    [u'android.intent.action.VIEW']
    行为描述:获取设备ID
    详情信息:357143040944263
    357143040944263
    行为描述:写入文件
    详情信息:path:/data/data/com.baidu.input/files/log length:69
    path:/data/data/com.baidu.input/files/Hz.bin length:68
    path:/data/data/com.baidu.input/files/Cz.bin length:69
    path:/data/data/com.baidu.input/files/Uz.bin length:68
    path:/data/data/com.baidu.input/files/Ft.bin length:69
    path:/data/data/com.baidu.input/files/Bh.bin length:68
    path:/data/data/com.baidu.input/files/En.bin length:69
    path:/data/data/com.baidu.input/files/Ue.bin length:69
    path:/data/data/com.baidu.input/files/Wb.bin length:68
    path:/data/data/com.baidu.input/files/Cp.bin length:69
    path:/data/data/com.baidu.input/files/Cell.bin length:69
    path:/data/data/com.baidu.input/files/sym.ini length:259
    path:/data/data/com.baidu.input/files/sp26.ini length:258
    path:/data/data/com.baidu.input/files/sp10.ini length:258
    path:/data/data/com.baidu.input/files/channel length:10
    path:/data/data/com.baidu.input/files/dlcell.bin length:69
    path:/data/data/com.baidu.input/files/hw length:69
    path:/data/data/com.baidu.input/shared_prefs/com.baidu.input_preferences.xml length:249
    Activities
    活动名类型
    .ConfigActivityandroid.intent.action.MAIN
    .ConfigActivityandroid.intent.category.DEFAULT
    .ConfigActivityandroid.intent.category.LAUNCHER
    .InstallerActivityandroid.intent.action.VIEW
    .InstallerActivityandroid.intent.category.DEFAULT
    .InstallerActivityandroid.intent.category.BROWSABLE
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    android/app/NotificationManager;->notify信息通知栏
    ContentResolver;->query读取联系人、短信等数据库
    广告信息
    名称信息
    com.baidu百度
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.VIBRATE允许设备震动
    android.permission.VIBRATION
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    服务列表
    名称
    com.baidu.input.ImeService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x7a18e4ce
    META-INF/BDMOBILE.SF 0x97473807
    META-INF/BDMOBILE.RSA 0xfa5470dd
    META-INF/ 0x0
    AndroidManifest.xml 0xfc2b10b1
    assets/ 0x0
    assets/Bh.bin 0x11cc5030
    assets/Cell.bin 0xab24e7d8
    assets/channel 0x6cbdd83e
    assets/Cp.bin 0xe6626b00
    assets/Cz.bin 0x51d0d11c
    assets/def.bin 0x0
    assets/dlcell.bin 0x73079f69
    assets/En.bin 0xfb947204
    assets/Ft.bin 0xe22476fa
    assets/help.zip 0x2a1441e7
    assets/hw 0x36d99a01
    assets/Hz.bin 0xe01e23c5
    assets/kcode1 0x62c91c9c
    assets/kcode2 0x1fba1ac4
    assets/params 0x4dd3ff8a
    assets/pytab 0xc2c80723
    assets/skin/ 0x0
    assets/skin/bh.ini 0x5589cd8f
    assets/skin/bh.png 0xb458db04
    assets/skin/def10.ini 0xcbbafd8d
    assets/skin/def10.png 0xffe40a6c
    assets/skin/def26.ini 0xd1b0152
    assets/skin/def26.png 0x6f1b78a3
    assets/skin/edit.ini 0x5dc7d6e5
    assets/skin/edit.png 0xe811b2b8
    assets/skin/en10.ini 0xc5de976e
    assets/skin/en10.png 0x676787f7
    assets/skin/en26.ini 0xc0f11fe
    assets/skin/en26.png 0xaa2dd6c5
    assets/skin/en26s.ini 0x7f6f5735
    assets/skin/en26s.png 0xc852ca5d
    assets/skin/fhw.ini 0xa0918b20
    assets/skin/fhw.png 0x3e21dd26
    assets/skin/hint.png 0xad06b925
    assets/skin/hint2.png 0xb92cbd54
    assets/skin/hw.ini 0xcf3a480b
    assets/skin/hw.png 0xb1e277ee
    assets/skin/num.ini 0x63c5b9e0
    assets/skin/num.png 0x2a42e970
    assets/skin/py10.ini 0x64997a75
    assets/skin/py10.png 0xd4b12538
    assets/skin/py26.ini 0xdb10496d
    assets/skin/py26.png 0x375fc2ce
    assets/skin/sel1.ini 0x7575db02
    assets/skin/sel1.png 0x6810ae9c
    assets/skin/sel2.ini 0xa238e788
    assets/skin/sel2.png 0xaea9abae
    assets/skink/ 0x0
    assets/skink/0.ini 0x4eedfe40
    assets/skink/0.png 0xeff149a2
    assets/skink/keycode 0xdf9ec6fc
    assets/skinw/ 0x0
    assets/skinw/bh.ini 0xf37ad756
    assets/skinw/bh.png 0x2756e557
    assets/skinw/def10.ini 0x5b1fad30
    assets/skinw/def10.png 0xb8bcc549
    assets/skinw/def26.ini 0x49d2c397
    assets/skinw/def26.png 0xaf07539b
    assets/skinw/edit.ini 0xef4e138c
    assets/skinw/edit.png 0xe6e2c29a
    assets/skinw/en10.ini 0xb73ee7ac
    assets/skinw/en10.png 0x7873d12a
    assets/skinw/en26.ini 0xba06e777
    assets/skinw/en26.png 0x3ee7b1a4
    assets/skinw/en26s.ini 0x84528636
    assets/skinw/en26s.png 0x126bbe0e
    assets/skinw/fhw.ini 0x5c68e333
    assets/skinw/fhw.png 0x4b57146e
    assets/skinw/hint.png 0xad06b925
    assets/skinw/hint2.png 0xb92cbd54
    assets/skinw/hw.ini 0x493971d6
    assets/skinw/hw.png 0xf42ec7c4
    assets/skinw/num.ini 0xf47afd39
    assets/skinw/num.png 0x59fdd3bd
    assets/skinw/py10.ini 0xf0a97ec2
    assets/skinw/py10.png 0xc313f10
    assets/skinw/py26.ini 0xed099b6
    assets/skinw/py26.png 0xbf9fdc3e
    assets/skinw/sel1.ini 0xb1507862
    assets/skinw/sel1.png 0x8cf6b3f1
    assets/skinw/sel2.ini 0x170b24e8
    assets/skinw/sel2.png 0xa5f3d572
    assets/skk1 0xd5f93781
    assets/skk2 0xba494472
    assets/sp10.ini 0x96dc4b32
    assets/sp26.ini 0x151ece39
    assets/sym.ini 0xf9a26b98
    assets/Ue.bin 0x395d7a27
    assets/Uz.bin 0x42513657
    assets/Wb.bin 0x4ccbe9f5
    assets/zh/ 0x0
    assets/zh/ABOUT 0x9e528f0f
    assets/zh/cellman 0xcbd2ed19
    assets/zh/ck 0xdbd01e72
    assets/zh/copysk 0x2e17999b
    assets/zh/fb 0xd3b4a0ba
    assets/zh/fw 0x8c98b1c4
    assets/zh/hardsym 0x2ecd6c04
    assets/zh/HCH10 0xfca5601a
    assets/zh/HEN10 0x61ea4f3b
    assets/zh/HKB26 0x55a1d661
    assets/zh/HMIX 0x81afa9ff
    assets/zh/infos 0x7a90824a
    assets/zh/installer 0xc76d5ab3
    assets/zh/myci 0x724c3e1d
    assets/zh/noti 0xcfc1f967
    assets/zh/pref 0x77ab6fad
    assets/zh/sms 0xfa33ce37
    assets/zh/sp 0xe6d32c87
    classes.dex 0xc1da185d
    lib/ 0x0
    lib/armeabi/ 0x0
    lib/armeabi/libinputcore-2.so 0xbc3bf79
    lib/armeabi/libkpen_api_so.so 0xe7b581ec
    res/ 0x0
    res/drawable/ 0x0
    res/drawable/download.png 0x40954fb8
    res/drawable/icon.png 0xfc9548d2
    res/drawable/imea1.png 0xe85fc2ba
    res/drawable/imea2.png 0xe8b7dad4
    res/drawable/imea3.png 0x13ab7fdb
    res/drawable/imebh.png 0x930ec0db
    res/drawable/imepy.png 0x8b9daf6e
    res/drawable/imes1.png 0x1b7ed4e3
    res/drawable/imes2.png 0x837db127
    res/drawable/imes3.png 0xba3dde5d
    res/drawable/imewb.png 0x728c198
    res/drawable/lt.png 0x39e38929
    res/drawable/noti.png 0xddb0269b
    res/drawable/rt.png 0x5349a775
    res/drawable-hdpi/ 0x0
    res/drawable-hdpi/download.png 0x7d82bd88
    res/drawable-hdpi/icon.png 0x12eb8a35
    res/drawable-hdpi/lt.png 0x3ee08b10
    res/drawable-hdpi/noti.png 0xdeb47407
    res/drawable-hdpi/rt.png 0x2ae6be9f
    res/drawable-ldpi/ 0x0
    res/drawable-ldpi/download.png 0x38fef309
    res/drawable-ldpi/icon.png 0x9087cdf6
    res/drawable-ldpi/lt.png 0xd1737197
    res/drawable-ldpi/noti.png 0x747b3275
    res/drawable-ldpi/rt.png 0x301c3c90
    res/layout/ 0x0
    res/layout/adjbar.xml 0x9d94d7cf
    res/layout/cellman.xml 0x392f5c1a
    res/layout/settings.xml 0xa999b864
    res/xml/ 0x0
    res/xml/method.xml 0x66f57e47
    resources.arsc 0xbf8898c0
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号