VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : 收罗***.apk (File not down)
File Size :5651376 byte
File Type :application/zip
MD5:67ec844e727fd78e298421935ccb4831
SHA1:0fef533c61cc752d5722c1b53ec4584785334185
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!        Behavior
    Time: 2017-08-28 14:35:31 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 9
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14366 10.0.1405 2017-08-23 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 2
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 23723 0.97.5 2017-08-28 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
    fortinet 1.000, 51.216, 51.106, 51.128 5.4.247 2017-08-27 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.13993 25.13993 2017-08-28 Found nothing 19
    ikarus 1.06.01 V1.32.31.0 2017-08-27 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-08-26 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2017-08-27 Found nothing 23
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 5980 3.0.21 2017-08-26 Found nothing 60
    panda 9.05.01 9.05.01 2017-08-27 Found nothing 3
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-08-26 Found nothing 4
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 6
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 21
    thehacker 6.8.0.5 6.8.0.5 2017-08-25 Found nothing 9
    tws 17.47.17308 1.0.2.2108 2017-08-27 Found nothing 19
    vba 3.12.29.5 beta 3.12.29.5 beta 2017-08-25 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    com.google.android.c2dm.permission.RECEIVE
    co.solovpn.permission.C2D_MESSAGE
  • 文件信息
    安全评分 :
    基本信息
    MD5:67ec844e727fd78e298421935ccb4831
    包名:co.solovpn
    最低运行环境:Android 4.0.3, 4.0.4
    版权:EASY4U
    关键行为
    行为描述:杀掉进程
    详情信息:TASKKILL = taskkill /f /im rutserv.exe
    TASKKILL = taskkill /f /im rfusclient.exe
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x9e0102cf.
    Foreground window Info: HWND = 0x00000000, DC = 0x2f0105ea.
    Foreground window Info: HWND = 0x00000000, DC = 0xce0104c5.
    Foreground window Info: HWND = 0x00000000, DC = 0xde010520.
    Foreground window Info: HWND = 0x00000000, DC = 0xb60100a0.
    Foreground window Info: HWND = 0x00000000, DC = 0x7e010658.
    Foreground window Info: HWND = 0x00000000, DC = 0xf2010588.
    行为描述:创建系统服务
    详情信息:[服务创建成功]: RManService, C:\Program Files (x86)\Java\rutserv.exe
    行为描述:获取TickCount值
    详情信息:TickCount = 5432890, SleepMilliseconds = 1000.
    TickCount = 5449937, SleepMilliseconds = 5000.
    TickCount = 5445088, SleepMilliseconds = 10.
    TickCount = 5445103, SleepMilliseconds = 10.
    TickCount = 5445119, SleepMilliseconds = 10.
    TickCount = 5445150, SleepMilliseconds = 10.
    TickCount = 5445166, SleepMilliseconds = 10.
    TickCount = 5445213, SleepMilliseconds = 10.
    TickCount = 5445666, SleepMilliseconds = 10.
    TickCount = 5445681, SleepMilliseconds = 10.
    TickCount = 5445697, SleepMilliseconds = 10.
    TickCount = 5446103, SleepMilliseconds = 10.
    TickCount = 5446119, SleepMilliseconds = 10.
    TickCount = 5446525, SleepMilliseconds = 10.
    TickCount = 5446556, SleepMilliseconds = 10.
    进程行为
    行为描述:隐藏窗口创建进程
    详情信息:ImagePath = , CmdLine = "C:\Program Files (x86)\Java\install.bat"
    行为描述:创建进程
    详情信息:ImagePath = C:\WINDOWS\system32\wscript.exe, CmdLine = "C:\WINDOWS\System32\WScript.exe" "C:\Program Files (x86)\Java\install.vbs"
    ImagePath = C:\WINDOWS\system32\cmd.exe, CmdLine = cmd /c ""C:\Program Files (x86)\Java\install.bat" "
    ImagePath = C:\WINDOWS\system32\taskkill.exe, CmdLine = taskkill /f /im rutserv.exe
    ImagePath = C:\WINDOWS\system32\taskkill.exe, CmdLine = taskkill /f /im rfusclient.exe
    ImagePath = C:\WINDOWS\system32\reg.exe, CmdLine = reg delete "HKLM\SYSTEM\Remote Manipulator System" /f
    ImagePath = C:\WINDOWS\regedit.exe, CmdLine = regedit /s "regedit.reg"
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 2792, ThreadID = 2888, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: wscript.exe, InheritedFromPID = 2792, ProcessID = 2880, ThreadID = 2892, StartAddress = 01002FD4, Parameter = 008E4130
    TargetProcess: wscript.exe, InheritedFromPID = 2792, ProcessID = 2880, ThreadID = 2912, StartAddress = 765E964D, Parameter = 001BCB20
    TargetProcess: wscript.exe, InheritedFromPID = 2792, ProcessID = 2880, ThreadID = 2916, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: taskkill.exe, InheritedFromPID = 2932, ProcessID = 2940, ThreadID = 2948, StartAddress = 77E56C7D, Parameter = 000EAC28
    TargetProcess: taskkill.exe, InheritedFromPID = 2932, ProcessID = 2940, ThreadID = 2952, StartAddress = 769AE43B, Parameter = 000ED4A8
    TargetProcess: taskkill.exe, InheritedFromPID = 2932, ProcessID = 2940, ThreadID = 2956, StartAddress = 77E56C7D, Parameter = 000EDC40
    TargetProcess: taskkill.exe, InheritedFromPID = 2932, ProcessID = 3004, ThreadID = 3024, StartAddress = 77E56C7D, Parameter = 000EAC28
    TargetProcess: taskkill.exe, InheritedFromPID = 2932, ProcessID = 3004, ThreadID = 3028, StartAddress = 769AE43B, Parameter = 000ED5C8
    TargetProcess: taskkill.exe, InheritedFromPID = 2932, ProcessID = 3004, ThreadID = 3032, StartAddress = 77E56C7D, Parameter = 000EDD50
    TargetProcess: rutserv.exe, InheritedFromPID = 2932, ProcessID = 3168, ThreadID = 3176, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: rutserv.exe, InheritedFromPID = 2932, ProcessID = 3204, ThreadID = 3228, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: rutserv.exe, InheritedFromPID = 2932, ProcessID = 3264, ThreadID = 3272, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: rutserv.exe, InheritedFromPID = 656, ProcessID = 3288, ThreadID = 3296, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: rutserv.exe, InheritedFromPID = 656, ProcessID = 3288, ThreadID = 3304, StartAddress = 0040A39C, Parameter = 014815B0
    行为描述:枚举进程
    详情信息:N/A
    行为描述:杀掉进程
    详情信息:TASKKILL = taskkill /f /im rutserv.exe
    TASKKILL = taskkill /f /im rfusclient.exe
    行为描述:创建新文件进程
    详情信息:ImagePath = C:\Program Files (x86)\Java\rutserv.exe, CmdLine = rutserv.exe /silentinstall
    ImagePath = C:\Program Files (x86)\Java\rutserv.exe, CmdLine = rutserv.exe /firewall
    ImagePath = C:\Program Files (x86)\Java\rutserv.exe, CmdLine = rutserv.exe /start
    ImagePath = C:\Program Files (x86)\Java\rutserv.exe, CmdLine = "C:\Program Files (x86)\Java\rutserv.exe"
    ImagePath = C:\Program Files (x86)\Java\rfusclient.exe, CmdLine = "C:\Program Files (x86)\Java\rfusclient.exe" /tray
    文件行为
    行为描述:创建文件
    详情信息:C:\Program Files (x86)\Java\__tmp_rar_sfx_access_check_5427843
    C:\Program Files (x86)\Java\install.vbs
    C:\Program Files (x86)\Java\regedit.reg
    C:\Program Files (x86)\Java\rfusclient.exe
    C:\Program Files (x86)\Java\rutserv.exe
    C:\Program Files (x86)\Java\vp8decoder.dll
    C:\Program Files (x86)\Java\vp8encoder.dll
    C:\Program Files (x86)\Java\install.bat
    C:\Program Files (x86)\Java\StopSite\StopSite.exe
    C:\Program Files (x86)\Java\StopSite\StopSite.pdb
    C:\Program Files (x86)\Java\StopSite\StopSite.vshost.exe
    C:\Program Files (x86)\Java\StopSite\StopSite.vshost.exe.manifest
    行为描述:创建可执行文件
    详情信息:C:\Program Files (x86)\Java\rfusclient.exe
    C:\Program Files (x86)\Java\rutserv.exe
    C:\Program Files (x86)\Java\vp8decoder.dll
    C:\Program Files (x86)\Java\vp8encoder.dll
    C:\Program Files (x86)\Java\StopSite\StopSite.exe
    C:\Program Files (x86)\Java\StopSite\StopSite.vshost.exe
    行为描述:复制文件
    详情信息:C:\Program Files (x86)\Java\RWLN.dll ---> C:\WINDOWS\system32\RWLN.dll
    行为描述:删除文件
    详情信息:C:\Program Files (x86)\Java\__tmp_rar_sfx_access_check_5427843
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
    FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\My Documents
    FileName = C:\Documents and Settings\All Users
    FileName = C:\Documents and Settings\All Users\Documents
    FileName = C:\Documents and Settings\Administrator\桌面
    FileName = C:\Documents and Settings\All Users\桌面
    FileName = C:\Program Files (x86)\Java
    FileName = C:\Program Files (x86)\Java\install.vbs
    FileName = C:\WINDOWS
    FileName = C:\WINDOWS\System32
    FileName = C:\WINDOWS\System32\WScript.exe
    FileName = C:\WINDOWS\system32
    FileName = C:\WINDOWS\system32\wscript.exe
    行为描述:修改BAT脚本文件
    详情信息:C:\Program Files (x86)\Java\install.vbs ---> Offset = 0
    C:\Program Files (x86)\Java\install.bat ---> Offset = 0
    行为描述:重命名文件
    详情信息:C:\Program Files (x86)\Java\StopSite ---> C:\Documents and Settings\Administrator\Desktop
    行为描述:修改文件内容
    详情信息:C:\Program Files (x86)\Java\regedit.reg ---> Offset = 0
    C:\Program Files (x86)\Java\rfusclient.exe ---> Offset = 0
    C:\Program Files (x86)\Java\rfusclient.exe ---> Offset = 65536
    C:\Program Files (x86)\Java\rfusclient.exe ---> Offset = 131072
    C:\Program Files (x86)\Java\rfusclient.exe ---> Offset = 196608
    C:\Program Files (x86)\Java\rfusclient.exe ---> Offset = 262144
    C:\Program Files (x86)\Java\rutserv.exe ---> Offset = 0
    C:\Program Files (x86)\Java\rutserv.exe ---> Offset = 65536
    C:\Program Files (x86)\Java\rutserv.exe ---> Offset = 131072
    C:\Program Files (x86)\Java\rutserv.exe ---> Offset = 196608
    C:\Program Files (x86)\Java\rutserv.exe ---> Offset = 262144
    C:\Program Files (x86)\Java\vp8decoder.dll ---> Offset = 0
    C:\Program Files (x86)\Java\vp8decoder.dll ---> Offset = 4096
    C:\Program Files (x86)\Java\vp8decoder.dll ---> Offset = 8192
    C:\Program Files (x86)\Java\vp8decoder.dll ---> Offset = 12288
    网络行为
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: rm****ru, IP: **.133.40.**:80, SOCKET = 0x000002c4
    URL: rm****ru, IP: **.133.40.**:80, SOCKET = 0x000002f0
    URL: rm****ru, IP: **.133.40.**:80, SOCKET = 0x00000240
    URL: rm****ru, IP: **.133.40.**:80, SOCKET = 0x000002b8
    URL: rm****ru, IP: **.133.40.**:80, SOCKET = 0x000002bc
    URL: rm****ru, IP: **.133.40.**:80, SOCKET = 0x00000238
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: rm****ru
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\WINDOWS\System32\WScript.exe
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program Files (x86)\Java\install.bat
    \REGISTRY\MACHINE\SYSTEM\Remote Manipulator System\v4\Server\Parameters\InternetId
    \REGISTRY\MACHINE\SYSTEM\Remote Manipulator System\v4\Server\Parameters\FUSClientPath
    \REGISTRY\MACHINE\SYSTEM\Remote Manipulator System\v4\Server\Parameters\Password
    \REGISTRY\MACHINE\SYSTEM\Remote Manipulator System\v4\Server\Parameters\UserAccess
    \REGISTRY\MACHINE\SYSTEM\Remote Manipulator System\v4\Server\Parameters\notification
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RWLN\Asynchronous
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RWLN\Impersonate
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RWLN\Logoff
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RWLN\Logon
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RWLN\Startup
    行为描述:修改注册表_系统登录管理
    详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RWLN\DllName
    其他行为
    行为描述:检测自身是否被调试
    详情信息:N/A
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    _SHuassist.mtx
    MutexNPA_UnitVersioning_3168
    MutexNPA_UnitVersioning_3204
    MutexNPA_UnitVersioning_3264
    行为描述:创建事件对象
    详情信息:EventName = Global\crypt32LogoffEvent
    EventName = DINPUTWINMM
    EventName = Global\RMSServerGlobal
    EventName = Global\RMSGlobalHost
    EventName = Global\userenv: User Profile setup event
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [EDIT,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [,]
    NtUserFindWindowEx: [Class,Window] = [RegEdit_RegEdit,]
    行为描述:启动系统服务
    详情信息:[服务启动成功]: LocalSystem, TektonIT - RMS Host, C:\Program Files (x86)\Java\rutserv.exe
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    SE_DEBUG_PRIVILEGE
    SE_TAKE_OWNERSHIP_PRIVILEGE
    SE_TCB_PRIVILEGE
    SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000051
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000051
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    _fCanRegisterWithShellService
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    Global\crypt32LogoffEvent
    MSFT.VSA.COM.DISABLE.2880
    MSFT.VSA.IEC.STATUS.6c736db0
    MSFT.VSA.COM.DISABLE.2940
    MSFT.VSA.COM.DISABLE.3004
    Global\SvcctrlStartEvent_A3752DX
    \INSTALLATION_SECURITY_HOLD
    行为描述:获取TickCount值
    详情信息:TickCount = 5432890, SleepMilliseconds = 1000.
    TickCount = 5449937, SleepMilliseconds = 5000.
    TickCount = 5445088, SleepMilliseconds = 10.
    TickCount = 5445103, SleepMilliseconds = 10.
    TickCount = 5445119, SleepMilliseconds = 10.
    TickCount = 5445150, SleepMilliseconds = 10.
    TickCount = 5445166, SleepMilliseconds = 10.
    TickCount = 5445213, SleepMilliseconds = 10.
    TickCount = 5445666, SleepMilliseconds = 10.
    TickCount = 5445681, SleepMilliseconds = 10.
    TickCount = 5445697, SleepMilliseconds = 10.
    TickCount = 5446103, SleepMilliseconds = 10.
    TickCount = 5446119, SleepMilliseconds = 10.
    TickCount = 5446525, SleepMilliseconds = 10.
    TickCount = 5446556, SleepMilliseconds = 10.
    行为描述:获取光标位置
    详情信息:CursorPos = (96,18500), SleepMilliseconds = 500.
    CursorPos = (6389,26533), SleepMilliseconds = 500.
    CursorPos = (19224,15757), SleepMilliseconds = 500.
    CursorPos = (11533,29391), SleepMilliseconds = 500.
    CursorPos = (27017,24497), SleepMilliseconds = 500.
    CursorPos = (6389,26533), SleepMilliseconds = 10.
    CursorPos = (5760,28178), SleepMilliseconds = 500.
    CursorPos = (23336,16860), SleepMilliseconds = 500.
    CursorPos = (10016,524), SleepMilliseconds = 500.
    CursorPos = (3050,11975), SleepMilliseconds = 500.
    CursorPos = (4882,5469), SleepMilliseconds = 500.
    CursorPos = (32446,14637), SleepMilliseconds = 500.
    CursorPos = (19224,15757), SleepMilliseconds = 10.
    CursorPos = (3957,186), SleepMilliseconds = 500.
    CursorPos = (347,12415), SleepMilliseconds = 500.
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x9e0102cf.
    Foreground window Info: HWND = 0x00000000, DC = 0x2f0105ea.
    Foreground window Info: HWND = 0x00000000, DC = 0xce0104c5.
    Foreground window Info: HWND = 0x00000000, DC = 0xde010520.
    Foreground window Info: HWND = 0x00000000, DC = 0xb60100a0.
    Foreground window Info: HWND = 0x00000000, DC = 0x7e010658.
    Foreground window Info: HWND = 0x00000000, DC = 0xf2010588.
    行为描述:可执行文件签名信息
    详情信息:C:\Program Files (x86)\Java\rfusclient.exe(签名验证: 未通过)
    C:\Program Files (x86)\Java\rutserv.exe(签名验证: 未通过)
    C:\Program Files (x86)\Java\vp8decoder.dll(签名验证: 未通过)
    C:\Program Files (x86)\Java\vp8encoder.dll(签名验证: 未通过)
    C:\Program Files (x86)\Java\StopSite\StopSite.exe(签名验证: 未通过)
    C:\Program Files (x86)\Java\StopSite\StopSite.vshost.exe(签名验证: 通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 1000.
    [1]: MilliSeconds = 5000.
    [2]: MilliSeconds = 0.
    [3]: MilliSeconds = 60000.
    [4]: MilliSeconds = 500.
    [5]: MilliSeconds = 10.
    [6]: MilliSeconds = 10.
    [7]: MilliSeconds = 10.
    [8]: MilliSeconds = 10.
    [9]: MilliSeconds = 10.
    [10]: MilliSeconds = 10.
    [2]: MilliSeconds = 500.
    [3]: MilliSeconds = 500.
    [5]: MilliSeconds = 500.
    [6]: MilliSeconds = 500.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [,Auto-Suggest Dropdown]
    [Window,Class] = [&Обзор...,Button]
    [Window,Class] = [C:\Program Files (x86)\Java,ComboBox]
    行为描述:可执行文件MD5
    详情信息:C:\Program Files (x86)\Java\rfusclient.exe ---> b8667a1e84567fcf7821bcefb6a444af
    C:\Program Files (x86)\Java\rutserv.exe ---> 37a8802017a212bb7f5255abc7857969
    C:\Program Files (x86)\Java\vp8decoder.dll ---> 88318158527985702f61d169434a4940
    C:\Program Files (x86)\Java\vp8encoder.dll ---> 6298c0af3d1d563834a218a9cc9f54bd
    C:\Program Files (x86)\Java\StopSite\StopSite.exe ---> e727b310c8bd9de1a9edba9860a96d77
    C:\Program Files (x86)\Java\StopSite\StopSite.vshost.exe ---> 02be6d33b1edbc61c79882d3f556bd8a
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Local\!IETld!Mutex
    DBWinMutex
    行为描述:创建系统服务
    详情信息:[服务创建成功]: RManService, C:\Program Files (x86)\Java\rutserv.exe
    Activities
    活动名类型
    co.easy4u.ll.ui.MainActivityandroid.intent.action.MAIN
    co.easy4u.ll.ui.MainActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    LocationManager;->getLastKnownLocation获取地址位置
    ContentResolver;->query读取联系人、短信等数据库
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/URL;->openConnection连接URL
    getRuntime获取命令行环境
    ContentResolver;->delete删除短信、联系人
    HttpClient;->execute请求远程服务器
    java/net/HttpURLConnection;->connect连接URL
    android/app/NotificationManager;->notify信息通知栏
    启动方式
    名称信息
    com.google.android.gms.measurement.AppMeasurementReceiver
    com.google.firebase.iid.FirebaseInstanceIdReceiver
    com.google.firebase.iid.FirebaseInstanceIdReceiver
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    com.google.android.c2dm.permission.RECEIVE
    co.solovpn.permission.C2D_MESSAGE
    服务列表
    名称
    co.easy4u.ll.core.RpcService
    de.blinkt.openvpn.core.OpenVPNService
    com.google.android.gms.measurement.AppMeasurementService
    com.google.firebase.iid.FirebaseInstanceIdService
    Providers
    名字信息
    co.easy4u.ll.model.LlProvider
    com.google.firebase.provider.FirebaseInitProvider
    文件列表
    文件名 校验码
    AndroidManifest.xml 0x106cfced
    META-INF/CERT.RSA 0x278a220c
    META-INF/CERT.SF 0x3795c0c5
    META-INF/MANIFEST.MF 0xd6d95bf1
    assets/flags.gif 0xeedea57c
    assets/fonts/Merriweather-Regular.ttf 0x6bdfcf7
    assets/nopie_openvpn.arm64-v8a 0x3aa86d8f
    assets/nopie_openvpn.armeabi 0x42fca98
    assets/nopie_openvpn.armeabi-v7a 0xa3d5b328
    assets/pie_openvpn.arm64-v8a 0x3aa86d8f
    assets/pie_openvpn.armeabi 0x25d18eb3
    assets/pie_openvpn.armeabi-v7a 0xee9d30f
    build-data.properties 0x9bd05e2a
    classes.dex 0x3ad4e113
    fabric/com.mopub.sdk.android.mopub.properties 0xe7c5fbd9
    jsr305_annotations/Jsr305_annotations.gwt.xml 0xda2c535b
    lib/arm64-v8a/libjbcrypto.so 0x8af3f0db
    lib/arm64-v8a/libopenvpn.so 0x74578dfa
    lib/arm64-v8a/libopvpnutil.so 0xbe4924d2
    lib/armeabi-v7a/libjbcrypto.so 0x1edaa2db
    lib/armeabi-v7a/libopenvpn.so 0xdc0059a2
    lib/armeabi-v7a/libopvpnutil.so 0x9b80cd3e
    lib/armeabi/libjbcrypto.so 0x1c97d3b3
    lib/armeabi/libopenvpn.so 0xb20d17a6
    lib/armeabi/libopvpnutil.so 0xdd66f4c1
    res/anim-v21/design_bottom_sheet_slide_in.xml 0x407d5645
    res/anim-v21/design_bottom_sheet_slide_out.xml 0xf38dafed
    res/anim/abc_fade_in.xml 0x2f94166b
    res/anim/abc_fade_out.xml 0x396f7a13
    res/anim/abc_grow_fade_in_from_bottom.xml 0x4ec7348f
    res/anim/abc_popup_enter.xml 0xa271c268
    res/anim/abc_popup_exit.xml 0x49fe54d9
    res/anim/abc_shrink_fade_out_from_bottom.xml 0xebf504ed
    res/anim/abc_slide_in_bottom.xml 0x73663fbe
    res/anim/abc_slide_in_top.xml 0x41f8f3af
    res/anim/abc_slide_out_bottom.xml 0x51b9c50a
    res/anim/abc_slide_out_top.xml 0x4f613364
    res/anim/background_connecting.xml 0x46bb03c0
    res/anim/connection_hover_down.xml 0x18c05b2b
    res/anim/connection_hover_up.xml 0x7d57d34d
    res/anim/connection_idle.xml 0x3fb811ad
    res/anim/design_bottom_sheet_slide_in.xml 0x8dae6790
    res/anim/design_bottom_sheet_slide_out.xml 0xcf5a1c5
    res/anim/design_fab_in.xml 0x4cc1d922
    res/anim/design_fab_out.xml 0x8d676b4b
    res/anim/design_snackbar_in.xml 0x89444de8
    res/anim/design_snackbar_out.xml 0x501bbe4c
    res/color-v11/abc_background_cache_hint_selector_material_dark.xml 0xebb19075
    res/color-v11/abc_background_cache_hint_selector_material_light.xml 0x59d4092
    res/color-v23/abc_color_highlight_material.xml 0x50fa081e
    res/color/abc_primary_text_disable_only_material_dark.xml 0x6e7d2e0c
    res/color/abc_primary_text_disable_only_material_light.xml 0xfd625176
    res/color/abc_primary_text_material_dark.xml 0x47a205c1
    res/color/abc_primary_text_material_light.xml 0xa59def3d
    res/color/abc_search_url_text.xml 0x591d8e24
    res/color/abc_secondary_text_material_dark.xml 0xfe14beac
    res/color/abc_secondary_text_material_light.xml 0xc4ddf758
    res/color/common_google_signin_btn_text_dark.xml 0xfab35e83
    res/color/common_google_signin_btn_text_light.xml 0xa9dd9a9c
    res/color/common_plus_signin_btn_text_dark.xml 0x6afd470f
    res/color/common_plus_signin_btn_text_light.xml 0xd511c99e
    res/color/switch_thumb_material_dark.xml 0xaa68da6f
    res/color/switch_thumb_material_light.xml 0x5ba11690
    res/drawable-ldrtl-xhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x8e0918ec
    res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0xfb85aab2
    res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0xfd3b518e
    res/drawable-ldrtl-xhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x64a842b9
    res/drawable-v21/abc_action_bar_item_background_material.xml 0xb794af16
    res/drawable-v21/abc_btn_colored_material.xml 0x76716951
    res/drawable-v21/abc_edit_text_material.xml 0xdc7cc88f
    res/drawable-v21/abc_ratingbar_indicator_material.xml 0x5b57a222
    res/drawable-v21/abc_ratingbar_small_material.xml 0xbed7f6fc
    res/drawable-v23/abc_control_background_material.xml 0xc6fc5223
    res/drawable-xhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xcf127e45
    res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xead36c57
    res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xc6db123
    res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0x22f95d51
    res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0xb236fd62
    res/drawable-xhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x27bd7ef3
    res/drawable-xhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x4d98f972
    res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xcd563567
    res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x3e9a5317
    res/drawable-xhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xf70ddcc0
    res/drawable-xhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xe77fb8af
    res/drawable-xhdpi-v4/abc_ic_clear_mtrl_alpha.png 0x66cdf861
    res/drawable-xhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xa0cfd3d4
    res/drawable-xhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x72379b10
    res/drawable-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xb132574a
    res/drawable-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x879b4472
    res/drawable-xhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x99206925
    res/drawable-xhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0x3daacdd
    res/drawable-xhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x44c9dd49
    res/drawable-xhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xb9af7f4f
    res/drawable-xhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x7e1bf087
    res/drawable-xhdpi-v4/abc_ic_star_black_16dp.png 0x3f8a65d1
    res/drawable-xhdpi-v4/abc_ic_star_black_36dp.png 0x8e8d8274
    res/drawable-xhdpi-v4/abc_ic_star_half_black_16dp.png 0xfab97236
    res/drawable-xhdpi-v4/abc_ic_star_half_black_36dp.png 0x5c88f962
    res/drawable-xhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x7a24de37
    res/drawable-xhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
    res/drawable-xhdpi-v4/abc_list_focused_holo.9.png 0xbde23956
    res/drawable-xhdpi-v4/abc_list_longpressed_holo.9.png 0x84a788a6
    res/drawable-xhdpi-v4/abc_list_pressed_holo_dark.9.png 0x98f7c81a
    res/drawable-xhdpi-v4/abc_list_pressed_holo_light.9.png 0x5314692b
    res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x41748705
    res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1c2ff2be
    res/drawable-xhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0x63ee6937
    res/drawable-xhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x79067b02
    res/drawable-xhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x74534284
    res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x6a20e5ff
    res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xc0953071
    res/drawable-xhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0xbf40ca92
    res/drawable-xhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x1a186496
    res/drawable-xhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xfbc5d182
    res/drawable-xhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x4ebe0617
    res/drawable-xhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x361544c6
    res/drawable-xhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4853c2d6
    res/drawable-xhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x7a6dbe65
    res/drawable-xhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xeaa0434b
    res/drawable-xhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x4cfa2def
    res/drawable-xhdpi-v4/common_full_open_on_phone.png 0xfdf4f67
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_disabled.9.png 0x6d82fc05
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_focused.9.png 0x6d0ac0af
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_normal.9.png 0x7a800559
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_pressed.9.png 0xd4803fe9
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_disabled.9.png 0x40dda853
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_focused.9.png 0x111e39a0
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_normal.9.png 0x72785183
    res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_pressed.9.png 0xf5c74697
    res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_disabled.9.png 0x7ea73061
    res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_focused.9.png 0x8bc0a607
    res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_normal.9.png 0xbbdad92d
    res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_pressed.9.png 0xb98a397d
    res/drawable-xhdpi-v4/common_google_signin_btn_text_light_disabled.9.png 0x28b7769d
    res/drawable-xhdpi-v4/common_google_signin_btn_text_light_focused.9.png 0xcf589f1d
    res/drawable-xhdpi-v4/common_google_signin_btn_text_light_normal.9.png 0xeb51462c
    res/drawable-xhdpi-v4/common_google_signin_btn_text_light_pressed.9.png 0x502895f
    res/drawable-xhdpi-v4/common_ic_googleplayservices.png 0x2f723983
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_disabled.9.png 0xdbf990fd
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_focused.9.png 0xba3cf6cd
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_normal.9.png 0xb8c7789
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_pressed.9.png 0x2c2ad16a
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_disabled.9.png 0x388fbead
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_focused.9.png 0xaedf1249
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_normal.9.png 0xc8e8ee19
    res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_pressed.9.png 0x6cfb5445
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_disabled.9.png 0x763012b3
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_focused.9.png 0x8b765baa
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_normal.9.png 0xc4920467
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_pressed.9.png 0x6b93ec5d
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_disabled.9.png 0xdee09baa
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_focused.9.png 0x6c49629e
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_normal.9.png 0x5f4b83de
    res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_pressed.9.png 0xd1c29179
    res/drawable-xhdpi-v4/eur__stars.png 0x88b2a3b0
    res/drawable-xhdpi-v4/ic_country_auto.png 0x88b2a3b0
    res/drawable-xhdpi-v4/ic_facebook.png 0x7edd99be
    res/drawable-xhdpi-v4/ic_google.png 0x88b2a3b0
    res/drawable-xhdpi-v4/ic_menu_filter_all.png 0x98030013
    res/drawable-xhdpi-v4/ic_menu_filter_available.png 0x88b2a3b0
    res/drawable-xhdpi-v4/ic_menu_gift.png 0x36b92d48
    res/drawable-xhdpi-v4/ic_menu_more.png 0x88b2a3b0
    res/drawable-xhdpi-v4/ic_menu_refresh.png 0x89697ad0
    res/drawable-xhdpi-v4/ic_menu_share.png 0x90b2c7ab
    res/drawable-xhdpi-v4/ic_more.png 0x8a9a0ba
    res/drawable-xhdpi-v4/ic_red_dot.png 0xfff1a97a
    res/drawable-xhdpi-v4/ic_stat_vpn.png 0x27e6d61f
    res/drawable-xhdpi-v4/ic_stat_vpn_empty_halo.png 0x9f58a00
    res/drawable-xhdpi-v4/ic_stat_vpn_offline.png 0x8c874811
    res/drawable-xhdpi-v4/ic_stat_vpn_outline.png 0x9f58a00
    res/drawable-xhdpi-v4/ic_twitter.png 0x495a0658
    res/drawable-xhdpi-v4/ic_youtube.png 0x21ce439f
    res/drawable-xxhdpi-v4/bg_world_map.png 0xe78eec59
    res/drawable-xxhdpi-v4/ic_arrow_down.png 0xb56606ad
    res/drawable/abc_btn_borderless_material.xml 0xf341af1c
    res/drawable/abc_btn_check_material.xml 0xe2f70d0a
    res/drawable/abc_btn_colored_material.xml 0x1522b03
    res/drawable/abc_btn_default_mtrl_shape.xml 0x38f4789f
    res/drawable/abc_btn_radio_material.xml 0x2960f785
    res/drawable/abc_cab_background_internal_bg.xml 0x9c5b1555
    res/drawable/abc_cab_background_top_material.xml 0x789cac73
    res/drawable/abc_dialog_material_background_dark.xml 0x24501f82
    res/drawable/abc_dialog_material_background_light.xml 0xade2707a
    res/drawable/abc_edit_text_material.xml 0xf9b10fe2
    res/drawable/abc_item_background_holo_dark.xml 0xd1b21c63
    res/drawable/abc_item_background_holo_light.xml 0x5c0f0b25
    res/drawable/abc_list_selector_background_transition_holo_dark.xml 0xad127204
    res/drawable/abc_list_selector_background_transition_holo_light.xml 0xff8319d8
    res/drawable/abc_list_selector_holo_dark.xml 0xd3230273
    res/drawable/abc_list_selector_holo_light.xml 0x4ca62f47
    res/drawable/abc_ratingbar_full_material.xml 0xf00f836e
    res/drawable/abc_ratingbar_indicator_material.xml 0xdbcfdb9a
    res/drawable/abc_ratingbar_small_material.xml 0xecbbc468
    res/drawable/abc_seekbar_thumb_material.xml 0xf5569f09
    res/drawable/abc_seekbar_track_material.xml 0xd86c6936
    res/drawable/abc_spinner_textfield_background_material.xml 0xfae1f2e8
    res/drawable/abc_switch_thumb_material.xml 0x88e00ae
    res/drawable/abc_tab_indicator_material.xml 0x20683102
    res/drawable/abc_text_cursor_material.xml 0x9fd1fc63
    res/drawable/abc_textfield_search_material.xml 0x82e87b85
    res/drawable/btn_gray.xml 0xf0888ea7
    res/drawable/common_google_signin_btn_icon_dark.xml 0x501bcbba
    res/drawable/common_google_signin_btn_icon_light.xml 0x6384452b
    res/drawable/common_google_signin_btn_text_dark.xml 0x4b9d762f
    res/drawable/common_google_signin_btn_text_light.xml 0xde2f8f21
    res/drawable/common_plus_signin_btn_icon_dark.xml 0xce381be
    res/drawable/common_plus_signin_btn_icon_light.xml 0xb6ee9891
    res/drawable/common_plus_signin_btn_text_dark.xml 0xd24d7859
    res/drawable/common_plus_signin_btn_text_light.xml 0x41d3806
    res/drawable/cta_btn_bg.xml 0xdc5b5834
    res/drawable/design_fab_background.xml 0x516623a0
    res/drawable/design_snackbar_background.xml 0xae32b75f
    res/drawable/eur__dialog_bg.xml 0xd7e65643
    res/drawable/giftbox.xml 0x8f073cec
    res/drawable/header.xml 0x5ab4d16e
    res/drawable/interstitial_video_text_bg.xml 0xd2bf8abe
    res/drawable/item.xml 0x793d2241
    res/drawable/learn_more_bg.xml 0xc90a9f37
    res/drawable/play_btn_bg.xml 0x7398ec10
    res/layout-sw600dp-v13/design_layout_snackbar.xml 0xd7e65643
    res/layout-v17/abc_alert_dialog_button_bar_material.xml 0x51c21152
    res/layout-v17/abc_alert_dialog_material.xml 0x179fd059
    res/layout-v17/abc_dialog_title_material.xml 0x1772d080
    res/layout-v17/abc_search_view.xml 0xd8c7d8bb
    res/layout-v17/design_layout_snackbar_include.xml 0x51bf8c77
    res/layout-v17/notification_template_big_media.xml 0xb07b1303
    res/layout-v17/notification_template_big_media_narrow.xml 0x3fe6a096
    res/layout-v17/notification_template_lines.xml 0x4703bfe4
    res/layout-v17/notification_template_media.xml 0x1e16018e
    res/layout-v17/notification_template_part_chronometer.xml 0xdda7d13e
    res/layout-v17/notification_template_part_time.xml 0xd4507411
    res/layout-v17/select_dialog_multichoice_material.xml 0x459b59e8
    res/layout-v17/select_dialog_singlechoice_material.xml 0xf21ab28b
    res/layout-v21/abc_screen_toolbar.xml 0xdf17c50f
    res/layout-v21/progress_action.xml 0xbd764f96
    res/layout/abc_action_bar_title_item.xml 0xf55510da
    res/layout/abc_action_bar_up_container.xml 0x67683810
    res/layout/abc_action_bar_view_list_nav_layout.xml 0x83e7277b
    res/layout/abc_action_menu_item_layout.xml 0x93497190
    res/layout/abc_action_menu_layout.xml 0x930813ac
    res/layout/abc_action_mode_bar.xml 0xb357c1a0
    res/layout/abc_action_mode_close_item_material.xml 0xde5d5696
    res/layout/abc_activity_chooser_view.xml 0xaf3ad7c
    res/layout/abc_activity_chooser_view_list_item.xml 0xd02af125
    res/layout/abc_alert_dialog_button_bar_material.xml 0x969270bc
    res/layout/abc_alert_dialog_material.xml 0xced4b4e
    res/layout/abc_dialog_title_material.xml 0xce799070
    res/layout/abc_expanded_menu_layout.xml 0xd6a61fe3
    res/layout/abc_list_menu_item_checkbox.xml 0xeb9912d6
    res/layout/abc_list_menu_item_icon.xml 0x9f72eb72
    res/layout/abc_list_menu_item_layout.xml 0x7a0cb88
    res/layout/abc_list_menu_item_radio.xml 0xa54362ba
    res/layout/abc_popup_menu_item_layout.xml 0xa85a4fdd
    res/layout/abc_screen_content_include.xml 0xeb62dcaa
    res/layout/abc_screen_simple.xml 0x39226a8f
    res/layout/abc_screen_simple_overlay_action_mode.xml 0x271e0ff4
    res/layout/abc_screen_toolbar.xml 0xd51acd92
    res/layout/abc_search_dropdown_item_icons_2line.xml 0x5f533b77
    res/layout/abc_search_view.xml 0xab626b4e
    res/layout/abc_select_dialog_material.xml 0xfba34085
    res/layout/activity_about.xml 0x18dfa877
    res/layout/activity_blocker.xml 0x9e9a480f
    res/layout/activity_country.xml 0x7aeb21cb
    res/layout/activity_main.xml 0x313ae412
    res/layout/activity_terms.xml 0x5908865d
    res/layout/blocker_with_text.xml 0xc667d9ac
    res/layout/card_fb_native_mediaview.xml 0x2549ee2e
    res/layout/card_mo_native.xml 0x2476748f
    res/layout/connection_status.xml 0x804b2f29
    res/layout/design_bottom_sheet_dialog.xml 0x41d88655
    res/layout/design_layout_snackbar.xml 0xd7e65643
    res/layout/design_layout_snackbar_include.xml 0x1b3e2b44
    res/layout/design_layout_tab_icon.xml 0x5385fa45
    res/layout/design_layout_tab_text.xml 0xb64e76d9
    res/layout/design_menu_item_action_area.xml 0x290eb1a5
    res/layout/design_navigation_item.xml 0xb66d2c2c
    res/layout/design_navigation_item_header.xml 0x5ba4e956
    res/layout/design_navigation_item_separator.xml 0x3ef5e21
    res/layout/design_navigation_item_subheader.xml 0x8a0ddd9e
    res/layout/design_navigation_menu.xml 0x941a1132
    res/layout/design_navigation_menu_item.xml 0x9a759df0
    res/layout/eur__dialog_rate.xml 0xd7e65643
    res/layout/eut__activity_webview.xml 0x37bb4cbe
    res/layout/fragment_result_page.xml 0xa9dc1b3e
    res/layout/notification_media_action.xml 0xaefa727b
    res/layout/notification_media_cancel_action.xml 0x52010c6c
    res/layout/notification_template_big_media.xml 0xef80f958
    res/layout/notification_template_big_media_narrow.xml 0x2a987650
    res/layout/notification_template_lines.xml 0x7ae95e03
    res/layout/notification_template_media.xml 0xbbaa864d
    res/layout/notification_template_part_chronometer.xml 0xf988e506
    res/layout/notification_template_part_time.xml 0xb62e6a26
    res/layout/progress_action.xml 0xac03fbff
    res/layout/select_dialog_item_material.xml 0xb47e5e61
    res/layout/select_dialog_multichoice_material.xml 0xd2aac910
    res/layout/select_dialog_singlechoice_material.xml 0x58d1a854
    res/layout/support_simple_spinner_dropdown_item.xml 0x1df84691
    res/layout/view_country.xml 0x2318c921
    res/menu/menu_country.xml 0x4f0cea7
    res/menu/menu_main.xml 0x796aff08
    res/mipmap-hdpi-v4/ic_ad_choices.png 0xf8035054
    res/mipmap-hdpi-v4/ic_launcher.png 0x451061a4
    res/mipmap-mdpi-v4/ic_ad_choices.png 0x25a954a
    res/mipmap-mdpi-v4/ic_launcher.png 0xdd3415c2
    res/mipmap-xhdpi-v4/ic_ad_choices.png 0xf7b6ea7d
    res/mipmap-xhdpi-v4/ic_launcher.png 0xa9685b25
    res/mipmap-xxhdpi-v4/ic_ad_choices.png 0xdc096ee4
    res/mipmap-xxhdpi-v4/ic_launcher.png 0x6a4a7467
    res/mipmap-xxxhdpi-v4/ic_ad_choices.png 0x2ec17cf9
    res/mipmap-xxxhdpi-v4/ic_launcher.png 0xacc60b92
    res/xml/remote_config_defaults.xml 0xe02b6d4d
    resources.arsc 0x18d45d70
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号