调试版_蜜桃影院.apk MD5:ccf1bcc31e75f2be147cf3cec479f329 3% Scanner(s) (1/32) found malware! - VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 47 AntiVirus Engines!

Main Menu

API

uploader for windows(test)

Powered By

File information

File Name :调试版_蜜桃影院.apk (File not down)

File Size :4028244 byte

File Type :application/zip

MD5:ccf1bcc31e75f2be147cf3cec479f329

SHA1:a6868c0c476fd55a2263568877625e9ca3e74682

扫描结果
权限
文件行为分析

Scanner results

Scanner results:3%Scanner(s) (1/32)found malware!

Behavior analysis report: Habo file analysis

Time: 2016-08-30 07:53:06 (CST)

Scanner	Engine Ver	Sig Ver	Sig Date	Scan result	Time
antiy	AVL SDK 3.0		1970-01-01	Found nothing	5
asquared	9.0.0.4324	9.0.0.4324	2014-07-03	Found nothing	3
avast	150725-1	4.7.4	2015-07-25	Found nothing	60
avg	2109/8133	10.0.1405	2014-11-26	Found nothing	60
baidu	2.0.1.0	4.1.3.52192	2.0.1.0	Found nothing	5
baidusd	1.0	1.0	2014-04-02	Found nothing	1
bitdefender	7.58469	7.90123	2014-12-25	Found nothing	60
clamav	19861	0.97.5	2014-12-31	Found nothing	60
drweb	5.0.2.3300	5.0.1.1	2014-12-31	Found nothing	60
fortinet	23.345, 23.345	5.1.158	2014-12-08	Found nothing	60
fprot	4.6.2.117	6.5.1.5418	2014-12-31	Found nothing	60
fsecure	2014-04-02-01	9.13	2014-04-02	Found nothing	60
gdata	25.8084	25.8084	2016-08-30	Found nothing	12
ikarus	1.06.01	V1.32.31.0	2014-12-08	Found nothing	60
jiangmin	16.0.100	1.0.0.0	2015-07-25	Backdoor/AndroidOS.apik	44
kaspersky	5.5.33	5.5.33	2014-04-01	Found nothing	60
kingsoft	2.1	2.1	2013-09-22	Found nothing	6
mcafee	7638	5400.1158	2014-11-30	Found nothing	60
nod32	0920	3.0.21	2014-12-23	Found nothing	60
panda	9.05.01	9.05.01	2015-07-26	Found nothing	4
pcc	11.380.07	9.500-1005	2014-12-31	Found nothing	60
qh360	1.0.1	1.0.1	1.0.1	Found nothing	3
qqphone	1.0.0.0	1.0.0.0	2014-12-09	Found nothing	60
quickheal	14.00	14.00	2015-07-25	Found nothing	2
rising	25.76.04.01	25.76.04.01	2015-07-24	Found nothing	2
sophos	5.08	3.55.0	2014-12-01	Found nothing	60
symantec	20141230.001	1.3.0.24	2014-12-30	Found nothing	60
tachyon	9.9.9	9.9.9	2013-12-27	Found nothing	7
thehacker	6.8.0.5	6.8.0.5	2015-07-23	Found nothing	2
tws	17.47.17308	1.0.2.2108	2014-12-08	Found nothing	15
vba	3.12.26.3	3.12.26.3	2014-12-31	Found nothing	60
virusbuster	15.0.985.0	5.5.2.13	2014-12-05	Found nothing	60

■Heuristic/Suspicious ■Exact

NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.

权限列表
许可名称	信息
com.android.launcher.permission.INSTALL_SHORTCUT	创建快捷方式
android.permission.GET_TASKS	获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE	写外部存储器（如：SD卡）
android.permission.PROCESS_OUTGOING_CALLS	监视、修改有关拨出电话
android.permission.ACCESS_WIFI_STATE	读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION	获取粗略的位置（通过wifi、基站）
android.permission.CALL_PHONE	拨打电话
android.permission.MODIFY_AUDIO_SETTINGS	修改声音设置
android.permission.MOUNT_UNMOUNT_FILESYSTEMS	挂载、反挂载外部文件系统
android.permission.READ_PHONE_STATE	读取电话状态
android.permission.SYSTEM_ALERT_WINDOW	显示系统窗口
android.permission.MODIFY_PHONE_STATE	修改电话状态
android.permission.INTERNET	连接网络（2G或3G）
android.permission.VIBRATE	允许设备震动
com.android.launcher.permission.READ_SETTINGS	读取快捷方式信息
android.permission.READ_CALL_LOG	读取通话记录
android.permission.WAKE_LOCK	手机屏幕关闭后后台进程仍运行
android.permission.ACCESS_NETWORK_STATE	读取网络状态（2G或3G）
android.permission.CHANGE_CONFIGURATION	修改当前设置（如：本地化）

文件信息

安全评分 :

基本信息
MD5:ccf1bcc31e75f2be147cf3cec479f329
包名:com.mtyy
最低运行环境:Android 2.2.x
版权:Android

关键行为
行为描述:	设置特殊文件夹属性
详情信息:	C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
	C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
	C:\Documents and Settings\Administrator\Local Settings\History
	C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
	C:\Documents and Settings\Administrator\Cookies

进程行为
行为描述:	创建本地线程
详情信息:	TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 408, ThreadID = 792, StartAddress = 77DC845A, Parameter = 00000000
	TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 408, ThreadID = 556, StartAddress = 00489850, Parameter = 0012D28E
	TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 408, ThreadID = 764, StartAddress = 00489850, Parameter = 0012D2D9
	TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 408, ThreadID = 1856, StartAddress = 00489850, Parameter = 0012D324
	TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 408, ThreadID = 744, StartAddress = 78AFC724, Parameter = 00DDC3C0

文件行为
行为描述:	创建文件
详情信息:	C:\Documents and Settings\Administrator\Local Settings\%temp%\UpdateLog.txt
	C:\WINDOWS\system32\d3d9caps.tmp
	C:\Documents and Settings\Administrator\Local Settings\%temp%\update.log
	C:\Documents and Settings\Administrator\Local Settings\%temp%\Config.ini
	C:\Documents and Settings\Administrator\Local Settings\%temp%\cfg\client\serverlist.txt
行为描述:	查找文件
详情信息:	FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\Config.ini
行为描述:	删除文件
详情信息:	C:\WINDOWS\system32\d3d9caps.dat
行为描述:	重命名文件
详情信息:	C:\WINDOWS\system32\d3d9caps.tmp ---> C:\WINDOWS\system32\d3d9caps.dat
行为描述:	设置特殊文件夹属性
详情信息:	C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
	C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
	C:\Documents and Settings\Administrator\Local Settings\History
	C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
	C:\Documents and Settings\Administrator\Cookies
行为描述:	修改文件内容
详情信息:	C:\Documents and Settings\Administrator\Local Settings\%temp%\UpdateLog.txt ---> Offset = 0
	C:\Documents and Settings\Administrator\Local Settings\%temp%\UpdateLog.txt ---> Offset = 37
	C:\WINDOWS\system32\d3d9caps.tmp ---> Offset = 0
	C:\WINDOWS\system32\d3d9caps.tmp ---> Offset = 4
	C:\WINDOWS\system32\d3d9caps.tmp ---> Offset = 28
	C:\Documents and Settings\Administrator\Local Settings\%temp%\update.log ---> Offset = 0
	C:\Documents and Settings\Administrator\Local Settings\%temp%\UpdateLog.txt ---> Offset = 71
	C:\Documents and Settings\Administrator\Local Settings\%temp%\Config.ini ---> Offset = 0
	C:\Documents and Settings\Administrator\Local Settings\%temp%\cfg\client\serverlist.txt ---> Offset = 0
	C:\Documents and Settings\Administrator\Local Settings\%temp%\cfg\client\serverlist.txt ---> Offset = 4096
	C:\Documents and Settings\Administrator\Local Settings\%temp%\cfg\client\serverlist.txt ---> Offset = 8192
	C:\Documents and Settings\Administrator\Local Settings\%temp%\cfg\client\serverlist.txt ---> Offset = 12288
	C:\Documents and Settings\Administrator\Local Settings\%temp%\cfg\client\serverlist.txt ---> Offset = 16384

网络行为
行为描述:	打开HTTP连接
详情信息:	InternetOpenA: UserAgent: 996E, hSession = 0x00cc0004
行为描述:	建立到一个指定的套接字连接
详情信息:	URL: up**om, IP: .133.40.**:128, SOCKET = 0x00000628
行为描述:	发送HTTP包
详情信息:	GET /bo/version/serverlist.txt?random=9445 HTTP/1.1 Host: up***om Accept: /*
行为描述:	按名称获取主机地址
详情信息:	GetAddrInfoW: up****om

注册表行为
行为描述:	修改注册表
详情信息:	\REGISTRY\USER\S-*\Software\Microsoft\Direct3D\MostRecentApplication\Name

其他行为
行为描述:	创建互斥体
详情信息:	DDrawWindowListMutex
	__DDrawExclMode__
	__DDrawCheckExclMode__
	CTF.LBES.MutexDefaultS-*
	CTF.Compart.MutexDefaultS-*
	CTF.Asm.MutexDefaultS-*
	CTF.Layouts.MutexDefaultS-*
	CTF.TMD.MutexDefaultS-*
	CTF.TimListCache.FMPDefaultS-MUTEX.DefaultS-
	BoOnline
行为描述:	创建事件对象
详情信息:	EventName = DINPUTWINMM
行为描述:	查找指定窗口
详情信息:	NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述:	打开事件
详情信息:	HookSwitchHookEnabledEvent
	\SECURITY\LSA_AUTHENTICATION_INITIALIZED
行为描述:	窗口信息
详情信息:	Pid = 408, Hwnd=0x1002c8, Text = 确定, ClassName = Button.
	Pid = 408, Hwnd=0xb032a, Text = 打开Config.ini文件失败., ClassName = Static.
	Pid = 408, Hwnd=0xd035e, Text = 996E, ClassName = #32770.
行为描述:	打开互斥体
详情信息:	DBWinMutex
	Local\_!MSFTHISTORY!_
	Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
	Local\c:!documents and settings!administrator!cookies!
	Local\c:!documents and settings!administrator!local settings!history!history.ie5!
	Local\WininetStartupMutex
	Local\WininetConnectionMutex
	Local\WininetProxyRegistryMutex
	ShimCacheMutex

Activities
活动名	类型
com.e4a.runtime.android.StartActivity	android.intent.action.MAIN
com.e4a.runtime.android.StartActivity	android.intent.category.DEFAULT
com.e4a.runtime.android.StartActivity	android.intent.category.LAUNCHER
com.e4a.runtime.android.mainActivity	android.intent.action.MAIN
com.e4a.runtime.android.mainActivity	android.intent.category.DEFAULT
com.e4a.runtime.components.impl.android.我的视频播放器类库.multimedia_player	android.intent.action.VIEW
com.e4a.runtime.components.impl.android.我的视频播放器类库.multimedia_player	android.intent.category.DEFAULT
com.e4a.runtime.components.impl.android.我的视频播放器类库.multimedia_player	android.intent.category.BROWSABLE

危险函数
函数名称	信息
ContentResolver;->query	读取联系人、短信等数据库
HttpClient;->execute	请求远程服务器
DefaultHttpClient;->execute	发送HTTP请求
TelephonyManager;->getDeviceId	搜集用户手机IMEI码、电话号码、系统版本号等信息
getRuntime	获取命令行环境
java/lang/Runtime;->exec	执行字符串命令
TelephonyManager;->getLine1Number	获取手机号
TelephonyManager;->getSimSerialNumber	获取SIM序列号
java/net/URL;->openConnection	连接URL

权限列表
许可名称	信息
com.android.launcher.permission.INSTALL_SHORTCUT	创建快捷方式
android.permission.GET_TASKS	获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE	写外部存储器（如：SD卡）
android.permission.PROCESS_OUTGOING_CALLS	监视、修改有关拨出电话
android.permission.ACCESS_WIFI_STATE	读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION	获取粗略的位置（通过wifi、基站）
android.permission.CALL_PHONE	拨打电话
android.permission.MODIFY_AUDIO_SETTINGS	修改声音设置
android.permission.MOUNT_UNMOUNT_FILESYSTEMS	挂载、反挂载外部文件系统
android.permission.READ_PHONE_STATE	读取电话状态
android.permission.SYSTEM_ALERT_WINDOW	显示系统窗口
android.permission.MODIFY_PHONE_STATE	修改电话状态
android.permission.INTERNET	连接网络（2G或3G）
android.permission.VIBRATE	允许设备震动
com.android.launcher.permission.READ_SETTINGS	读取快捷方式信息
android.permission.READ_CALL_LOG	读取通话记录
android.permission.WAKE_LOCK	手机屏幕关闭后后台进程仍运行
android.permission.ACCESS_NETWORK_STATE	读取网络状态（2G或3G）
android.permission.CHANGE_CONFIGURATION	修改当前设置（如：本地化）

文件列表
文件名	校验码
META-INF/MANIFEST.MF	0xd02b870
META-INF/ANDROIDD.SF	0x77cfc4f2
META-INF/ANDROIDD.RSA	0xfcce8901
assets/FileDialog/1.png	0x78686c7a
assets/FileDialog/2.png	0x7e93bac3
assets/FileDialog/3.png	0x4608dc7e
assets/FileDialog/4.png	0xae74269b
assets/FileDialog/5.png	0x67adec41
assets/FileDialog/6.png	0xcd055e6c
assets/FileDialog/7.png	0x446d8c59
assets/FileDialog/8.png	0x46c0be08
assets/1.jpg	0x9c81386e
assets/1080.png	0x1f99a8e2
assets/1080HD.jpg	0xd50449b9
assets/111.jpg	0x1124c804
assets/112.jpg	0xfaa29570
assets/113.jpg	0xee722812
assets/114.jpg	0xb2462818
assets/116.jpg	0x90e5f1a4
assets/118.jpg	0xca700270
assets/125.jpg	0x72293cc6
assets/126.jpg	0x865f0197
assets/127.jpg	0x513143aa
assets/128.jpg	0x611f001b
assets/129.jpg	0xa58576ce
assets/130.jpg	0xc50ca18
assets/2.jpg	0xd0ca3719
assets/4.jpg	0x81801e4e
assets/9.jpg	0xeb0ae676
assets/BmobPayPlugin.apk	0x194e225d
assets/MFSK.png	0x72573d74
assets/XX.mp4	0x44398599
assets/ZRYP.png	0x46257c18
assets/ZXYP.png	0x424b9f5d
assets/aishangzhubo.jpg	0xc96f8cdb
assets/aszb.png	0x2c52dde
assets/baidian.png	0x9187735
assets/bj.png	0xd912de8b
assets/bj1.png	0x97d6d150
assets/btl.png	0x524d00d0
assets/chahao.png	0xf5b61ff3
assets/czan.png	0xb8f664a1
assets/data.bin	0x593c04fe
assets/dhl.png	0xba4bc76
assets/fanhui.png	0x7283e8cd
assets/fx.jpg	0x551d7e8a
assets/gcxl.png	0x75c9b8e5
assets/guochanxilie.jpg	0x9f9f01a3
assets/hongdian.png	0xd7b3c5a8
assets/hyxx.png	0x87b7c0fd
assets/ic_op_comment.png	0xc3dc7a62
assets/ic_op_like.png	0x99940977
assets/ic_op_share.png	0xfb44baee
assets/ic_play.png	0x852e2fbd
assets/jrgx.png	0xe7150da3
assets/km.png	0xeed086ae
assets/l2.jpg	0xfadb9492
assets/l3.jpg	0x750e3709
assets/l4.jpg	0x1013a0b6
assets/menubar_centre_focus.png	0x7ab22949
assets/menubar_centre_normal.png	0x83c9f605
assets/menubar_channel_focus.png	0x47b396f0
assets/menubar_channel_normal.png	0xe7752ec9
assets/menubar_recommend_focus.png	0x6f9ef193
assets/menubar_recommend_normal.png	0xd7be9c80
assets/menubar_store_focus.png	0x9beec2da
assets/menubar_store_normal.png	0xaa6f4ea9
assets/ntxl.png	0xee58fba
assets/nvtongxilie.jpg	0x9e2a7802
assets/omeixilie.jpg	0x91021163
assets/omxl.png	0x8df7283c
assets/pdfl.png	0x92a36a
assets/sanjilunli.jpg	0xee68596e
assets/settings_aboutus.png	0xf4dd6b7b
assets/settings_more.png	0x620e6383
assets/settings_person.png	0xfb691b81
assets/settings_phone.png	0xeafc6763
assets/settings_playrecord.png	0xe439902f
assets/settings_protocol.png	0xd7ce07ce
assets/settings_recommend.png	0xd693cafc
assets/shikanzhuanqu.jpg	0x5739a819
assets/shugang.png	0xaf344158
assets/sjll.png	0xb82678f0
assets/skzq.png	0x2f2b7cc9
assets/toolbar_forward.png	0xc4b8df76
assets/wxzf.png	0x13725517
assets/xedm.png	0xb6a2c5d2
assets/xieedongman.jpg	0xd4e127d1
assets/yazhoububing.jpg	0xedbf929a
assets/yazhouqibing.jpg	0xafc468cf
assets/yijianfenxiang.png	0x7c112f7
assets/yzbb.png	0x6af4352d
assets/yzqb.png	0x7c1cf624
assets/zf.png	0x672d8f4a
res/drawable/e4alistview_new_message.png	0x1cdc5409
res/drawable/icon.png	0x8f8cc58f
res/layout/myvideo.xml	0xee6c7eea
res/layout/pic3d.xml	0xe45cf93e
AndroidManifest.xml	0xfb20acb2
resources.arsc	0x381af8a2
classes.dex	0xe4945a7

运行截图