VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :xqady_sign.apk (File not down)
File Size :7170906 byte
File Type :application/zip
MD5:cca9b169494b27c737aaf6e2fc1ed66d
SHA1:d01946a923ebdaa7288678fbb171aa5d4921ad65
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:6%Scanner(s) (2/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-12-11 18:13:02 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 6
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Android.Adware.Youmi.A 3
    avast 161208-3 4.7.4 2016-12-08 Found nothing 60
    avg 2109/13037 10.0.1405 2016-12-05 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
    baidusd 1.0 1.0 2014-04-02 Found nothing 2
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 22691 0.97.5 2016-12-10 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2016-12-09 Found nothing 60
    fortinet 41.300, 41.300, 41.300 5.4.233 2016-12-10 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.8610 25.8610 2016-10-12 Android.Adware.Youmi.A 12
    ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2016-12-01 Found nothing 50
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 17
    mcafee 8254 5400.1158 2016-08-11 Found nothing 60
    nod32 1777 3.0.21 2015-06-12 Found nothing 60
    panda 9.05.01 9.05.01 2016-12-10 Found nothing 5
    pcc 12.943.00 9.500-1005 2016-12-06 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2016-12-09 Found nothing 3
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 4
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 11
    thehacker 6.8.0.5 6.8.0.5 2016-11-29 Found nothing 3
    tws 17.47.17308 1.0.2.2108 2016-12-10 Found nothing 15
    vba 3.12.29.3 beta 3.12.29.3 beta 2016-12-05 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.INTERNET连接网络(2G或3G)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
  • 文件信息
    安全评分 :
    基本信息
    MD5:cca9b169494b27c737aaf6e2fc1ed66d
    包名:com.tbwkhdysq
    最低运行环境:Android 2.2.x
    版权:小奇团队
    关键行为
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x630105f4.
    Foreground window Info: HWND = 0x00000000, DC = 0xdb010485.
    Foreground window Info: HWND = 0x00000000, DC = 0x4801050a.
    Foreground window Info: HWND = 0x00000000, DC = 0x37010512.
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.ABH
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = MSCTF.SendReceive.Event.ABH.IC
    EventName = MSCTF.SendReceiveConection.Event.ABH.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000051
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000051
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:窗口信息
    详情信息:Pid = 156, Hwnd=0xb03ba, Text = 确定, ClassName = Button.
    Pid = 156, Hwnd=0x40382, Text = 路径获取失败,请运行一次DNF,再重试!, ClassName = Static.
    Pid = 156, Hwnd=0x40394, Text = 信息:, ClassName = #32770.
    Pid = 156, Hwnd=0x6037e, Text = 取消失效文件合并, ClassName = Button(CheckBox).
    Pid = 156, Hwnd=0x403ca, Text = IMG - 文件名, ClassName = Button(RadioButton).
    Pid = 156, Hwnd=0x15030c, Text = NPK - 文件名, ClassName = Button(RadioButton).
    Pid = 156, Hwnd=0xc038a, Text = 自定义 - 文本, ClassName = Button(CheckBox).
    Pid = 156, Hwnd=0x2102bc, Text = |, ClassName = _EL_Label.
    Pid = 156, Hwnd=0x1b02b6, Text = DNF-补丁文件自定义合并打包工具, ClassName = MxQ.lovely .
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x630105f4.
    Foreground window Info: HWND = 0x00000000, DC = 0xdb010485.
    Foreground window Info: HWND = 0x00000000, DC = 0x4801050a.
    Foreground window Info: HWND = 0x00000000, DC = 0x37010512.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,Afx:400000:b:10011:1900010:0]
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Activities
    活动名类型
    com.e4a.runtime.android.StartActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.StartActivityandroid.intent.category.DEFAULT
    com.e4a.runtime.android.StartActivityandroid.intent.category.LAUNCHER
    com.e4a.runtime.android.mainActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.mainActivityandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    ContentResolver;->query读取联系人、短信等数据库
    HttpClient;->execute请求远程服务器
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    启动方式
    名称信息
    net.youmi.android.AdReceiver应用安装时启动服务
    广告信息
    名称信息
    net.youmi有米广告
    权限列表
    许可名称信息
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.INTERNET连接网络(2G或3G)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    服务列表
    名称
    com.umeng.update.net.DownloadingService
    net.youmi.android.AdService
    net.youmi.android.ExpService
    crd.ayqi.draw
    www.yeah.util.Voice
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x63a50171
    META-INF/XQADY.SF 0xa3327024
    META-INF/XQADY.RSA 0x653124c3
    AndroidManifest.xml 0xd895b4b
    assets/1.jpg 0x37269f4
    assets/2.jpg 0x7565be5d
    assets/20150830200807.png 0x92555ab2
    assets/3.jpg 0xdfbe30b4
    assets/4.jpg 0x798ccd7a
    assets/5.jpg 0x7565be5d
    assets/FileDialog/1.png 0x78686c7a
    assets/FileDialog/2.png 0x7e93bac3
    assets/FileDialog/3.png 0x4608dc7e
    assets/FileDialog/4.png 0xae74269b
    assets/FileDialog/5.png 0x67adec41
    assets/FileDialog/6.png 0xcd055e6c
    assets/FileDialog/7.png 0x446d8c59
    assets/FileDialog/8.png 0x46c0be08
    assets/a.png 0xe316794
    assets/appfunc_home_search.png 0x3b649876
    assets/bf.png 0xfc1f093e
    assets/bf1.png 0x3777f332
    assets/blue_loading.png 0xd22b2962
    assets/btn_ad_game_white_normal.png 0x8195bc17
    assets/btn_ad_game_white_pressed.png 0x33bbdad4
    assets/btn_ad_green_normal.png 0xc1c232d5
    assets/btn_ad_green_pressed.png 0x345a8788
    assets/btn_arrow_left_pressed.png 0x59f3e6d2
    assets/btn_arrow_right_pressed.png 0x4cd3e33e
    assets/btn_attention_a.png 0x9733a3a0
    assets/btn_attention_b.png 0x1bf83393
    assets/btn_charge_blue_normal.png 0xa058c8cb
    assets/btn_charge_blue_pressed.png 0x9f22c5d3
    assets/btn_play_pressed.png 0x3777f332
    assets/button2.png 0x3f987f71
    assets/co.jpg 0xf4cd7adc
    assets/daemon 0xe39b6a09
    assets/ic_game_room.png 0xba432093
    assets/logl.png 0x3fd45fe
    assets/mediacontroller_bg.png 0xdc4874a4
    assets/mediacontroller_pause01.png 0xa5f87b85
    assets/mediacontroller_pause02.png 0x17f9615f
    assets/mediacontroller_play01.png 0xb20658ff
    assets/mediacontroller_play02.png 0xbdadd8da
    assets/newscreen1662861.jpg 0x492d83e4
    assets/noavatar_middle.gif 0x492121ca
    assets/qp.png 0x5dde13bf
    assets/qp1.png 0xf4b9d787
    assets/sh 0x3e3a98b1
    assets/tz.png 0x55d95d7c
    assets/tz1.png 0x1afe793
    assets/video_controller_zoom_press.png 0xa65211dd
    assets/wallpaper7.jpg 0x21871d0e
    assets/zt.png 0x17d85c4f
    assets/zt1.png 0xacbd5e54
    classes.dex 0xdfafcf83
    lib/armeabi/libbspatch.so 0x6333ecec
    lib/armeabi/libcyberplayer-core.so 0x78585e97
    lib/armeabi/libcyberplayer.so 0xe63e3a77
    lib/armeabi/libtqhsi.so 0x7f516132
    lib/armeabi/libxrghu.so 0xabc5475d
    res/drawable-hdpi-v4/cyberplayer_listbtn_normal.png 0xa2be03dc
    res/drawable-hdpi-v4/cyberplayer_listbtn_pressed.png 0x21de95cb
    res/drawable-hdpi-v4/cyberplayer_next_play.png 0x4dbc08ae
    res/drawable-hdpi-v4/cyberplayer_next_play_disable.png 0xd9509e6a
    res/drawable-hdpi-v4/cyberplayer_next_play_pressed.png 0xecd2fb3a
    res/drawable-hdpi-v4/cyberplayer_play_media.png 0x7825fccf
    res/drawable-hdpi-v4/cyberplayer_play_media_disable.png 0xd06ad4ea
    res/drawable-hdpi-v4/cyberplayer_play_media_pressed.png 0x754abc4d
    res/drawable-hdpi-v4/cyberplayer_retreat_media.png 0xc1863e71
    res/drawable-hdpi-v4/cyberplayer_retreat_media_disable.png 0x105d69ea
    res/drawable-hdpi-v4/cyberplayer_retreat_media_pressed.png 0x107d406d
    res/drawable-hdpi-v4/cyberplayer_seekbar_background.png 0x470141ee
    res/drawable-hdpi-v4/cyberplayer_seekbar_background_normal.9.png 0x52c223b4
    res/drawable-hdpi-v4/cyberplayer_seekbar_background_process.9.png 0x648c689b
    res/drawable-hdpi-v4/cyberplayer_seekbar_background_sound_normal.9.png 0xc7e1adb3
    res/drawable-hdpi-v4/cyberplayer_seekbar_background_sound_process.9.png 0x998d8075
    res/drawable-hdpi-v4/cyberplayer_seekbar_cache.png 0x273eb0ec
    res/drawable-hdpi-v4/cyberplayer_seekbar_normal.png 0x60b412f3
    res/drawable-hdpi-v4/cyberplayer_seekbar_ratio.png 0x8ec16bd1
    res/drawable-hdpi-v4/cyberplayer_seekbar_ratio_white.png 0xa7a8ded9
    res/drawable-hdpi-v4/cyberplayer_stop_media.png 0x6395a790
    res/drawable-hdpi-v4/cyberplayer_stop_media_disable.png 0xbaafc338
    res/drawable-hdpi-v4/cyberplayer_stop_media_pressed.png 0x520b1252
    res/drawable-hdpi-v4/cyberplayer_subtitle_setting.png 0xdd3621e6
    res/drawable-hdpi-v4/cyberplayer_subtitle_setting_disable.png 0xcb77113f
    res/drawable-hdpi-v4/cyberplayer_subtitle_setting_pressed.png 0x9a0a6625
    res/drawable-hdpi-v4/cyberplayer_switch_subtitle.png 0xe91d219b
    res/drawable-hdpi-v4/cyberplayer_switch_subtitle_disable.png 0x4f852d8c
    res/drawable-hdpi-v4/cyberplayer_switch_subtitle_pressed.png 0xf6580cd6
    res/drawable-hdpi-v4/cyberplayer_take_snapshot.png 0xab8e7fd5
    res/drawable-hdpi-v4/cyberplayer_take_snapshot_disable.png 0x234d73be
    res/drawable-hdpi-v4/cyberplayer_take_snapshot_pressed.png 0x241205e
    res/drawable-hdpi-v4/cyberplayer_textbtn_background_blue.9.png 0x1d8472ff
    res/drawable-hdpi-v4/cyberplayer_titlebar_return.png 0xaafad296
    res/drawable-hdpi-v4/cyberplayer_volumebar_background.9.png 0x78fde8b
    res/drawable-hdpi-v4/ic_episode_titlebar_videoplayer.png 0xc4f1ae6b
    res/drawable-hdpi-v4/ic_episode_titlebar_videoplayer_disable.png 0xaba89ad2
    res/drawable-hdpi-v4/ic_episode_titlebar_videoplayer_pressed.png 0x4b8d08e3
    res/drawable-hdpi-v4/ic_next_play.png 0x719162df
    res/drawable-hdpi-v4/ic_next_play_pressed.png 0x1da89f5
    res/drawable-hdpi-v4/ic_play_media.png 0xe1efa842
    res/drawable-hdpi-v4/ic_play_media_disable.png 0xd06ad4ea
    res/drawable-hdpi-v4/ic_play_media_pressed.png 0x369158f9
    res/drawable-hdpi-v4/ic_retreat_media.png 0xc1863e71
    res/drawable-hdpi-v4/ic_retreat_media_disable.png 0x105d69ea
    res/drawable-hdpi-v4/ic_retreat_media_pressed.png 0x107d406d
    res/drawable-hdpi-v4/ic_stop_media.png 0x5e106da4
    res/drawable-hdpi-v4/ic_stop_media_pressed.png 0x101fb9db
    res/drawable-hdpi-v4/ic_zoom_in_btn_videoplayer.png 0x986da792
    res/drawable-hdpi-v4/ic_zoom_in_btn_videoplayer_disable.png 0x590e0a34
    res/drawable-hdpi-v4/ic_zoom_in_btn_videoplayer_pressed.png 0xea9b5ca1
    res/drawable-hdpi-v4/ic_zoom_out_btn_videoplayer.png 0xa25660f0
    res/drawable-hdpi-v4/ic_zoom_out_btn_videoplayer_disable.png 0x1489a84c
    res/drawable-hdpi-v4/ic_zoom_out_btn_videoplayer_pressed.png 0x722558a6
    res/drawable-hdpi-v4/umeng_update_btn_check_off_focused_holo_light.png 0x63f5fdb0
    res/drawable-hdpi-v4/umeng_update_btn_check_off_holo_light.png 0x9dd19bd9
    res/drawable-hdpi-v4/umeng_update_btn_check_off_pressed_holo_light.png 0x3f0df474
    res/drawable-hdpi-v4/umeng_update_btn_check_on_focused_holo_light.png 0x3a86058e
    res/drawable-hdpi-v4/umeng_update_btn_check_on_holo_light.png 0x54ca4df0
    res/drawable-hdpi-v4/umeng_update_btn_check_on_pressed_holo_light.png 0xc6e0029f
    res/drawable-hdpi-v4/umeng_update_close_bg_normal.png 0xfbb3a5d2
    res/drawable-hdpi-v4/umeng_update_close_bg_tap.png 0xa852b3ec
    res/drawable-xhdpi-v4/btn_style_alert_dialog_button_normal.9.png 0xeeda2f8b
    res/drawable-xhdpi-v4/btn_style_alert_dialog_button_pressed.9.png 0x4523cce1
    res/drawable-xhdpi-v4/btn_style_alert_dialog_cancel_normal.9.png 0x4e1e9432
    res/drawable-xhdpi-v4/btn_style_alert_dialog_special_normal.9.png 0x15962bf2
    res/drawable-xhdpi-v4/btn_style_alert_dialog_special_pressed.9.png 0x927ecba9
    res/drawable-xhdpi-v4/round_48px_1071539_easyicon.png 0xc24a6722
    res/drawable-xhdpi-v4/yanse_baise.png 0xc1df8226
    res/drawable-xhdpi-v4/yanse_baisu.png 0x1da031d2
    res/drawable-xhdpi-v4/yanse_huhuise.png 0xbf5ef6c1
    res/drawable-xhdpi-v4/yanse_huise.png 0xd8256c99
    res/drawable/a.png 0xfccd2326
    res/drawable/ad_indicator_selected.png 0x3c90412a
    res/drawable/b.png 0xd6204226
    res/drawable/btn_style_alert_dialog_button.xml 0xcd197f2e
    res/drawable/btn_style_alert_dialog_cancel.xml 0x84afaa2d
    res/drawable/btn_style_alert_dialog_special.xml 0x68e85a1
    res/drawable/c.png 0x9fb1741f
    res/drawable/caidan_btn_style.xml 0x2aa375ee
    res/drawable/caidian_lie_style.xml 0x79a7831e
    res/drawable/caidian_lies_style.xml 0xe7f2da31
    res/drawable/e4alistview_new_message.png 0x1cdc5409
    res/drawable/edit.png 0xfbec1f37
    res/drawable/emoticon_pager_select_normal.png 0xd4b3274c
    res/drawable/fail.png 0xd6204226
    res/drawable/fancircle_banner_cover.png 0x635e2d55
    res/drawable/hou.png 0x356ecd7c
    res/drawable/icon.png 0xde528d72
    res/drawable/loading.png 0xcbb37825
    res/drawable/moren.png 0x8a1f4b00
    res/drawable/next_btn_style.xml 0xbc0a8d4c
    res/drawable/notexist.png 0x9fb1741f
    res/drawable/ound_easyicon.png 0x9d7c819f
    res/drawable/pause_btn_style.xml 0x688d12e1
    res/drawable/play_btn_style.xml 0xe98f16ce
    res/drawable/player_landscape_more_normal.png 0xcf66ec96
    res/drawable/player_landscape_more_press.png 0x38397897
    res/drawable/pre_btn_style.xml 0xd2b87513
    res/drawable/qcloud_player_icon_audio_vol.png 0x73be6b62
    res/drawable/qcloud_player_icon_brightness.png 0x3e7ba87b
    res/drawable/qian.png 0xf69d578
    res/drawable/search.png 0x40dc5570
    res/drawable/seekbar_define_style.xml 0x2e4b811c
    res/drawable/seekbar_thumb.xml 0xf8250388
    res/drawable/umeng_update_button_cancel_bg_focused.xml 0xe54eb703
    res/drawable/umeng_update_button_cancel_bg_normal.xml 0x7b3b4ee0
    res/drawable/umeng_update_button_cancel_bg_selector.xml 0x10b8c065
    res/drawable/umeng_update_button_cancel_bg_tap.xml 0x92d9f9a3
    res/drawable/umeng_update_button_check_selector.xml 0xe9dd02fe
    res/drawable/umeng_update_button_close_bg_selector.xml 0xa9d128b5
    res/drawable/umeng_update_button_ok_bg_focused.xml 0xce81f891
    res/drawable/umeng_update_button_ok_bg_normal.xml 0xabcd5f43
    res/drawable/umeng_update_button_ok_bg_selector.xml 0x9b5cd070
    res/drawable/umeng_update_button_ok_bg_tap.xml 0xb14a1a35
    res/drawable/umeng_update_dialog_bg.xml 0xcecaeba7
    res/drawable/umeng_update_title_bg.xml 0x313d9ecf
    res/drawable/umeng_update_wifi_disable.png 0xe635e071
    res/drawable/zidingyi_anniu_style.xml 0xc4441dd9
    res/drawable/zidingyi_anniu_style1.xml 0x8bfa6d3d
    res/drawable/zidingyi_anniu_style2.xml 0x99681368
    res/layout/canduanxiang.xml 0x3783f3b1
    res/layout/controllerplayinging.xml 0x29e67e25
    res/layout/custom_toast.xml 0xfb1af797
    res/layout/notification.xml 0xa9190037
    res/layout/push_notification.xml 0x15ded951
    res/layout/umeng_update_dialog.xml 0x7f5037fe
    resources.arsc 0xb959f390
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号