VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :iApp_7_com.iapp.xiaok_OK_sign_signed.apk (File not down)
File Size :568000 byte
File Type :application/zip
MD5:1368f02b2b00ec5aedb9ff4ba881651b
SHA1:7fba6b97aa755e7bc2bfb4054bd4b41228b21c32
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-11-01 14:11:55 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4154 25.4154 2015-10-31 Android.Riskware.SMSReg.MW 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 43
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 5
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.SEND_SMS发送短信
    android.permission.CALL_PHONE拨打电话
  • 文件信息
    安全评分 :
    基本信息
    MD5:1368f02b2b00ec5aedb9ff4ba881651b
    包名:com.iapp.xiaok
    最低运行环境:Android 2.2.x
    版权:IAPP
    关键行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.EEH..OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.B.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.C.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.D.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.E.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.F.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.G.OIFGH
    行为描述:DLL样本(x86)
    详情信息:N/A
    进程行为
    行为描述:创建进程
    详情信息:ImagePath = C:\WINDOWS\system32\Regsvr32.exe, CmdLine = Regsvr32.exe c:\docume~1\admini~1\locals~1\%temp%\996e.dll
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.EEH..OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.B.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.C.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.D.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.E.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.F.OIFGH
    MSCTF.MarshalInterface.FileMap.EEH.G.OIFGH
    其他行为
    行为描述:创建互斥体
    详情信息:SHIMLIB_LOG_MUTEX
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    行为描述:DLL样本(x86)
    详情信息:N/A
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    行为描述:获取系统权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    SE_DEBUG_PRIVILEGE
    动态列表行为
    行为描述:调用哈希算法
    详情信息:MD5
    行为描述:窗口信息
    详情信息:{"text": "小K刷钻 V1.4开发版", "class": "android.widget.TextView"}
    {"text": "请选择你要刷的钻!", "class": "android.widget.TextView"}
    {"text": "代码查询", "class": "android.widget.Button"}
    {"text": "QQ会员", "class": "android.widget.Button"}
    {"text": "QQ黄钻", "class": "android.widget.Button"}
    {"text": "QQ绿钻", "class": "android.widget.Button"}
    {"text": "QQ红钻", "class": "android.widget.Button"}
    {"text": "QQ蓝钻", "class": "android.widget.Button"}
    {"text": "刷钻时请确保网络畅通并将应用短信权限加入白名单!", "class": "android.widget.TextView"}
    行为描述:Toast->makeText弹出提示
    详情信息:text:此软件部分收费 duration:1
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41561558', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414b8688']
    [u'android.widget.LinearLayout@4150af90', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    行为描述:初始化Intent
    详情信息:[]
    [u'android.os.Parcel@414b5fd0']
    行为描述:激活Activity
    详情信息:{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.iapp.xiaok\/com.yougaile.iapp.MainActivity}"}
    行为描述:获取设备ID
    详情信息:357143040944263
    Activities
    活动名类型
    com.yougaile.iapp.logoActivityandroid.intent.action.MAIN
    com.yougaile.iapp.logoActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    SmsManager;->sendTextMessage发送普通短信
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getLine1Number获取手机号
    ActivityManager;->killBackgroundProcesses中断进程,可用于关闭杀软
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    java/net/URL;->openConnection连接URL
    HttpClient;->execute请求远程服务器
    DefaultHttpClient;->execute发送HTTP请求
    android/app/NotificationManager;->notify信息通知栏
    WifiManager;->setWifiEnabled变更WIFI状态
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.SEND_SMS发送短信
    android.permission.CALL_PHONE拨打电话
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x4cbb7ec9
    META-INF/MYKEY.SF 0xd3a804b1
    META-INF/MYKEY.RSA 0xd9f179a4
    keys/ 0x0
    assets/ 0x0
    lib/armeabi/ 0x0
    lib/ 0x0
    res/ 0x0
    res/drawable/ 0x0
    res/drawable-hdpi/ 0x0
    res/layout/ 0x0
    lib/x86/ 0x0
    classes.dex 0x365b10be
    AndroidManifest.xml 0x233a9057
    assets/fps_images.png 0x112b3776
    assets/hongzhuan.iyu 0x42d4490e
    assets/hongzhuan60.iyu 0x2adf9fa9
    assets/hongzhuanSH.iyu 0x74c02a7
    assets/huangjh.iyu 0xe3468954
    assets/huangzhuan.iyu 0xc152c2cc
    assets/lanzhuan.iyu 0x89e48fa3
    assets/lujh.iyu 0x8f626049
    assets/luzhuan.iyu 0xa994f19
    assets/xiaok.iyu 0x7dcad367
    assets/qqvip.iyu 0x5c3f9ce2
    assets/vipjh.iyu 0xa0e79344
    assets/xiaok.txt 0xb2fdc8d2
    keys/keystore.ks 0x3d7ea71f
    keys/media.pk8 0xb2ff8b4b
    keys/media.sbt 0x787af273
    keys/media.x509.pem 0xb2b93fdc
    keys/platform.pk8 0x7d91e3b8
    keys/platform.sbt 0x78fc5c38
    keys/platform.x509.pem 0xe2b43571
    keys/shared.pk8 0x44b55be
    keys/shared.sbt 0xcb0d9b76
    keys/shared.x509.pem 0x52234887
    keys/testkey.pk8 0x5c6d8836
    keys/testkey.sbt 0x197cd57f
    keys/testkey.x509.pem 0xc3fc0954
    lib/armeabi/libgdx.so 0x39a6b20c
    lib/x86/libgdx.so 0x7ec621b5
    res/drawable-hdpi/ic_arrow_left.png 0xede5ec62
    res/drawable-hdpi/icon.png 0x5b8d7806
    res/drawable-hdpi/notice_down_icon.png 0x13e56a9c
    res/drawable/hy_xml_ui_user_it32.xml 0x21d7e958
    res/drawable/hy_xml_ui_user_it52.xml 0xb8c8613b
    res/drawable/hy_xml_ui_user_itt.xml 0xfe94a4fa
    res/drawable/hy_xml_ui_user_itt2.xml 0x4e1a3cf8
    res/drawable/hy_xml_ui_user_t.xml 0xabcb17fa
    res/drawable/list_itemshighlighted_translucent.xml 0xaeb7b32c
    res/layout/activity_main.xml 0x3600e315
    res/layout/activity_webview.xml 0xde99f8a3
    resources.arsc 0x2d45c87c
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号