VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : 爱转组件必装(用自带浏览器打开)普通下载.apk (File not down)
File Size :4324991 byte
File Type :application/zip
MD5:f45e93996feb8d0af0d3d08442ea9158
SHA1:3f16537d0cd9d00f79772f781d873b78b1aa367a
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:12%Scanner(s) (4/32)found malware!        Behavior
    Time: 2017-09-04 21:57:56 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 6
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Android.Riskware.SmsPay.N 2
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14366 10.0.1405 2017-08-23 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 33
    baidusd 1.0 1.0 2017-03-22 Found nothing 2
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 23759 0.97.5 2017-09-03 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
    fortinet 1.000, 51.409, 51.320, 51.290 5.4.247 2017-09-04 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.14063 25.14063 2017-09-03 Android.Trojan.Dropper.gQJV 13
    ikarus 1.06.01 V1.32.31.0 2017-09-03 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-09-01 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2017-09-03 Android.Troj.iDownloade.mc.(kcloud) 5
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 6018 3.0.21 2017-09-02 Found nothing 60
    panda 9.05.01 9.05.01 2017-09-03 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-09-01 Android.Syringe.GEN6535 4
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 9
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
    thehacker 6.8.0.5 6.8.0.5 2017-08-28 Found nothing 4
    tws 17.47.17308 1.0.2.2108 2017-09-04 Found nothing 18
    vba 3.12.29.5 beta 3.12.29.5 beta 2017-09-01 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_OWNER_DATA
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.READ_CALENDAR读取日程提醒
    android.permission.WRITE_CALENDAR写入日程提醒
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    android.permission.READ_LOGS读取系统日志
    android.permission.VIBRATE允许设备震动
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.BROADCAST_PACKAGE_ADDED添加应用时广播
    android.permission.BROADCAST_PACKAGE_CHANGED
    android.permission.BROADCAST_PACKAGE_INSTALL
    android.permission.BROADCAST_PACKAGE_REPLACED
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.SEND_SMS发送短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.READ_SMS读取短信
  • 文件信息
    安全评分 :
    基本信息
    MD5:f45e93996feb8d0af0d3d08442ea9158
    包名:com.boly.wxmultopen
    最低运行环境:Android 4.1, 4.1.1
    版权:Android
    关键行为
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    行为描述:设置消息钩子
    详情信息:C:\WINDOWS\system32\IEFRAME.dll
    行为描述:获取TickCount值
    详情信息:TickCount = 66796, SleepMilliseconds = 250.
    TickCount = 66812, SleepMilliseconds = 250.
    TickCount = 67031, SleepMilliseconds = 250.
    TickCount = 67140, SleepMilliseconds = 250.
    TickCount = 67156, SleepMilliseconds = 250.
    TickCount = 67171, SleepMilliseconds = 250.
    TickCount = 67187, SleepMilliseconds = 250.
    TickCount = 67203, SleepMilliseconds = 250.
    TickCount = 67218, SleepMilliseconds = 250.
    TickCount = 67234, SleepMilliseconds = 250.
    TickCount = 67250, SleepMilliseconds = 250.
    TickCount = 67562, SleepMilliseconds = 500.
    TickCount = 67578, SleepMilliseconds = 500.
    TickCount = 67625, SleepMilliseconds = 500.
    TickCount = 67656, SleepMilliseconds = 500.
    进程行为
    行为描述:创建进程
    详情信息:ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:908 CREDAT:79873
    行为描述:创建本地线程
    详情信息:C:\Program Files\Internet Explorer\iexplore.exe
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FAAF8113-FCEE-11E5-91C0-000000000000}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF3423.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\wpad[1].dat
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FBC411D9-FCEE-11E5-91C0-000000000000}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF42AF.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\favicon[1].ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\tools[1].js
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FBC411DA-FCEE-11E5-91C0-000000000000}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF9E0A.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\dnserrordiagoff[1]
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB3A0.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB3C4.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB4AF.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB4D4.tmp
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\dnserrordiagoff[1]
    行为描述:查找文件
    详情信息:FileName = C:\Program Files\Common Files\Adobe
    FileName = C:\Program Files\Common Files\Adobe\Acrobat
    FileName = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX
    FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\%temp%\1460054059.029073.html
    FileName = C:\Program Files\Internet Explorer\iexplore.exe
    FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS\system32\Ras\*.pbk
    FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\Documents and Settings\Administrator\Favorites
    FileName = C:\Documents and Settings\Administrator\Favorites\链接
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\~DF3423.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\wpad[1].dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF42AF.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\favicon[1].ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\tools[1].js
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF9E0A.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\dnserrordiagoff[2]
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB3A0.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB3C4.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB4AF.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB4D4.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB602.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB615.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFF1CE.tmp
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FAAF8113-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FAAF8113-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF3423.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF3423.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FAAF8113-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FAAF8113-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FBC411D9-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FBC411D9-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF42AF.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF42AF.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FBC411D9-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FBC411D9-FCEE-11E5-91C0-000000000000}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\tools[1].js ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\tools[1].js ---> Offset = 1024
    网络行为
    行为描述:联网打开网址
    详情信息:InternetOpenUrlA: http://<FAKE_SERVER_IP>:128/wpad.dat, hInternet = 0x00cc0004, Flags = 0x80000010
    InternetOpenUrlA: http://<FAKE_SERVER_IP>:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x00000010
    行为描述:下载文件
    详情信息:URLDownloadToFileW: http://www.live.com/favicon.ico ---> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    行为描述:连接指定站点
    详情信息:InternetConnectA: ServerName = <FAKE_SERVER_IP>, PORT = 128, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x80000010
    InternetConnectA: ServerName = im***********rg, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = ww********om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = <FAKE_SERVER_IP>, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000010
    行为描述:打开HTTP连接
    详情信息:InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0004
    InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
    InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: wpad, IP: <FAKE_SERVER_IP>:128, SOCKET = 0x000004d0
    URL: ww********om, IP: <FAKE_SERVER_IP>:80, SOCKET = 0x000004ec
    URL: wpad, IP: <FAKE_SERVER_IP>:128, SOCKET = 0x000005dc
    URL: im***********rg, IP: <FAKE_SERVER_IP>:80, SOCKET = 0x000005d0
    URL: ww********om, IP: <FAKE_SERVER_IP>:80, SOCKET = 0x000006b4
    行为描述:读取网络文件
    详情信息:hFile = 0x00cc000c, BytesToRead =4010, BytesRead = 4010.
    hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
    行为描述:发送HTTP包
    详情信息:GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: <FAKE_SERVER_IP>:128 Cache-Control: no-cache
    GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww********om Connection: Keep-Alive
    GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: <FAKE_SERVER_IP>:128
    GET /js/tools.js HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Accept-Encoding: gzip, deflate Host: im***********rg Connection: Keep-Alive
    行为描述:打开HTTP请求
    详情信息:HttpOpenRequestA: <FAKE_SERVER_IP>:128/wpad.dat, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x80000010
    HttpOpenRequestA: im***********rg:80/js/tools.js, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400000
    HttpOpenRequestA: ww********om:80/favicon.ico, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00600010
    HttpOpenRequestA: <FAKE_SERVER_IP>:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x00000010
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: computer
    GetAddrInfoW: wpad
    GetAddrInfoW: ww********om
    GetAddrInfoW: im***********rg
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{FAAF8113-FCEE-11E5-91C0-000000000000}
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\Enable
    \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32\
    \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\TypeLib\
    \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\TypeLib\Version
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Type
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Flags
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Count
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Time
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping\NextId
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
    行为描述:删除注册表键值_IE连接设置
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
    行为描述:删除注册表键
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    Local\!BrowserEmulation!SharedMemory!Mutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    RasPbFile
    ConnHashTable<908>_HashTable_Mutex
    Local\ZonesCounterMutex
    oleacc-msaa-loaded
    Local\RSS Eventing Connection Database Mutex 0000038c
    行为描述:创建事件对象
    详情信息:EventName = Isolation Signal Registry Event (FAAF8111-FCEE-11E5-91C0-000000000000, 0)
    EventName = IE_EarlyTabStart_0x380
    EventName = Isolation Signal Registry Event (FAAF8112-FCEE-11E5-91C0-000000000000, 0)
    EventName = DINPUTWINMM
    EventName = Global\userenv: User Profile setup event
    EventName = Global\crypt32LogoffEvent
    EventName = Local\RSS Eventing Event Event 0000038c
    EventName = MSCTF.SendReceive.Event.AHJ.IC
    EventName = MSCTF.SendReceiveConection.Event.AHJ.IC
    EventName = MSCTF.SendReceive.Event.AID.IC
    EventName = MSCTF.SendReceiveConection.Event.AID.IC
    EventName = Local\Feed Arbitration Lock Event [ Process : 0x0000038c ]
    EventName = Local\Feed Arbitration Unlock Event [ Process : 0x0000038c ]
    EventName = Local\724_3719
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
    NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
    NtUserFindWindowEx: [Class,Window] = [Static,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:启动系统服务
    详情信息:[服务启动成功]: LocalSystem, Remote Access Connection Manager, C:\WINDOWS\system32\svchost.exe -k netsvcs
    行为描述:窗口信息
    详情信息:Pid = 908, Hwnd=0x101b0, Text = 导航栏, ClassName = WorkerW.
    Pid = 908, Hwnd=0x101ba, Text = 地址组合控制, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x101be, Text = 页面控制, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x101ce, Text = 搜索..., ClassName = Edit.
    Pid = 908, Hwnd=0x101d2, Text = 搜索组合控制, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x101d4, Text = 搜索控制, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x101ee, Text = 命令栏, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x101e6, Text = 收藏夹命令栏, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x101da, Text = LinksBand, ClassName = LinksBandClass.
    Pid = 908, Hwnd=0x101e2, Text = 收藏夹栏, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x101de, Text = 添加到收藏夹栏, ClassName = ToolbarWindow32.
    Pid = 908, Hwnd=0x30170, Text = Windows Internet Explorer, ClassName = IEFrame.
    Pid = 908, Hwnd=0x101c0, Text = C:\Documents and Settings\Administrator\Local Settings\%temp%\%temp%\1460054059.388197.html, ClassName = Edit.
    Pid = 908, Hwnd=0x101ce, Text = Live Search, ClassName = Edit.
    Pid = 1828, Hwnd=0x10204, Text = ITBarHost, ClassName = InternetToolbarHost.
    行为描述:获取系统权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:获取TickCount值
    详情信息:TickCount = 66796, SleepMilliseconds = 250.
    TickCount = 66812, SleepMilliseconds = 250.
    TickCount = 67031, SleepMilliseconds = 250.
    TickCount = 67140, SleepMilliseconds = 250.
    TickCount = 67156, SleepMilliseconds = 250.
    TickCount = 67171, SleepMilliseconds = 250.
    TickCount = 67187, SleepMilliseconds = 250.
    TickCount = 67203, SleepMilliseconds = 250.
    TickCount = 67218, SleepMilliseconds = 250.
    TickCount = 67234, SleepMilliseconds = 250.
    TickCount = 67250, SleepMilliseconds = 250.
    TickCount = 67562, SleepMilliseconds = 500.
    TickCount = 67578, SleepMilliseconds = 500.
    TickCount = 67625, SleepMilliseconds = 500.
    TickCount = 67656, SleepMilliseconds = 500.
    行为描述:获取光标位置
    详情信息:CursorPos = (152,18469), SleepMilliseconds = 60000.
    CursorPos = (6445,26502), SleepMilliseconds = 60000.
    CursorPos = (19280,15726), SleepMilliseconds = 60000.
    CursorPos = (11589,29360), SleepMilliseconds = 60000.
    CursorPos = (27073,24466), SleepMilliseconds = 60000.
    CursorPos = (5816,28147), SleepMilliseconds = 60000.
    CursorPos = (23392,16829), SleepMilliseconds = 60000.
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico(签名验证: 未通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 250.
    [2]: MilliSeconds = 500.
    [3]: MilliSeconds = 500.
    [4]: MilliSeconds = 60000.
    [5]: MilliSeconds = 500.
    [6]: MilliSeconds = 60000.
    [7]: MilliSeconds = 60000.
    [2]: MilliSeconds = 60000.
    [3]: MilliSeconds = 60000.
    [5]: MilliSeconds = 60000.
    [8]: MilliSeconds = 60000.
    [9]: MilliSeconds = 60000.
    [10]: MilliSeconds = 60000.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,BrowserFrameGripperClass]
    [Window,Class] = [,AddressDisplay Control]
    [Window,Class] = [,CtrlNotifySink]
    [Window,Class] = [缩放级别,ToolbarWindow32]
    [Window,Class] = [,msctls_progress32]
    [Window,Class] = [C:\Documents and Settings\Administrator\Local Settings\%temp%\%temp%\1460054059.382422.html - Windows Internet Explorer,IEFrame]
    [Window,Class] = [,Internet Explorer_Server]
    [Window,Class] = [,UniversalSearchBand]
    [Window,Class] = [,TravelBand]
    [Window,Class] = [,CommandBarClass]
    [Window,Class] = [,ReBarWindow32]
    [Window,Class] = [,TabBandClass]
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> fe1d0ee5901dd167ee9b28eece31786c
    Activities
    活动名类型
    com.boly.wxmultopen.ui.Act_Welcomeandroid.intent.action.MAIN
    com.boly.wxmultopen.ui.Act_Welcomeandroid.intent.category.DEFAULT
    com.qihoo.util.StartActivityandroid.intent.action.MAIN
    com.qihoo.util.StartActivityandroid.intent.category.DEFAULT
    启动方式
    名称信息
    com.umeng.message.NotificationProxyBroadcastReceiver
    com.umeng.message.SystemReceiver应用卸载时启动服务
    com.umeng.message.MessageReceiver
    com.umeng.message.ElectionReceiver
    com.umeng.message.RegistrationReceiver
    com.umeng.message.UmengMessageBootReceiver开机启动服务
    权限列表
    许可名称信息
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_OWNER_DATA
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.READ_CALENDAR读取日程提醒
    android.permission.WRITE_CALENDAR写入日程提醒
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    android.permission.READ_LOGS读取系统日志
    android.permission.VIBRATE允许设备震动
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.BROADCAST_PACKAGE_ADDED添加应用时广播
    android.permission.BROADCAST_PACKAGE_CHANGED
    android.permission.BROADCAST_PACKAGE_INSTALL
    android.permission.BROADCAST_PACKAGE_REPLACED
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.SEND_SMS发送短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.READ_SMS读取短信
    服务列表
    名称
    com.boly.wxmultopen.ui.MyPushIntentService
    com.umeng.update.net.DownloadingService
    com.umeng.message.UmengService
    com.umeng.message.UmengIntentService
    com.umeng.message.UmengMessageIntentReceiverService
    com.umeng.message.UmengMessageCallbackHandlerService
    com.umeng.message.UmengDownloadResourceService
    com.umeng.message.local.UmengLocalNotificationService
    文件列表
    文件名 校验码
    AndroidManifest.xml 0xd272ca4a
    res/drawable-xxhdpi-v4/ic_launcher.png 0xcb497bd7
    res/drawable-xhdpi-v4/ic_launcher.png 0xcb497bd7
    res/drawable-xhdpi-v4/logo.png 0xcb497bd7
    res/drawable-xhdpi-v4/wei_logo.png 0xcb497bd7
    res/drawable-mdpi-v4/ic_launcher.png 0xcb497bd7
    res/drawable-ldpi-v4/ic_launcher.png 0xcb497bd7
    res/drawable-hdpi-v4/ic_launcher.png 0xcb497bd7
    assets/.appkey 0xbf16596f
    assets/docX001.pro 0x1a94021d
    assets/docX002.pro 0x410d7cd7
    assets/libjiagu.so 0xa6b4a284
    assets/libjiagu_64.so 0x520b1e28
    assets/libjiagu_x86.so 0xbabd1588
    classes.dex 0x8c2e7dd8
    keys/keystore.ks 0x3d7ea71f
    keys/media.pk8 0xb2ff8b4b
    keys/media.sbt 0x787af273
    keys/media.x509.pem 0xb2b93fdc
    keys/platform.pk8 0x7d91e3b8
    keys/platform.sbt 0x78fc5c38
    keys/platform.x509.pem 0xe2b43571
    keys/shared.pk8 0x44b55be
    keys/shared.sbt 0xcb0d9b76
    keys/shared.x509.pem 0x52234887
    keys/testkey.pk8 0x5c6d8836
    keys/testkey.sbt 0x197cd57f
    keys/testkey.x509.pem 0xc3fc0954
    lib/arm64-v8a/libcocklogic.so 0xe2eb3984
    lib/arm64-v8a/libtnet-2.1.20.1-agoo.so 0xf4a01aec
    lib/armeabi-v7a/libcocklogic.so 0xe2eb3984
    lib/armeabi-v7a/libtnet-2.1.20.1-agoo.so 0x6e9d252c
    lib/armeabi/libcocklogic.so 0x60d8e980
    lib/armeabi/libtnet-2.1.20.1-agoo.so 0x6e9d252c
    lib/mips/libcocklogic.so 0x61cde293
    lib/mips/libtnet-2.1.20.1-agoo.so 0xcf8b3398
    lib/mips64/libcocklogic.so 0x61cde293
    lib/mips64/libtnet-2.1.20.1-agoo.so 0x694aea73
    lib/x86/libcocklogic.so 0xdff2e4a
    lib/x86/libtnet-2.1.20.1-agoo.so 0xbcc659d2
    lib/x86_64/libcocklogic.so 0x61cde293
    lib/x86_64/libtnet-2.1.20.1-agoo.so 0xd78d95ab
    res/anim/dialog_load_animation.xml 0xd8ac56a9
    res/anim/fade_in.xml 0x7cf3d0b4
    res/anim/fade_out.xml 0x6a08bccc
    res/anim/fanzhuan.xml 0x4cef21f8
    res/anim/push_up_in.xml 0xcf809a4d
    res/anim/push_up_out.xml 0x2f866441
    res/anim/slide_in_from_left.xml 0x2a02bdc0
    res/anim/slide_in_from_right.xml 0x61b75de7
    res/anim/slide_out_to_left.xml 0xd4991ee7
    res/anim/slide_out_to_right.xml 0x190b557d
    res/anim/umeng_fb_audio_play_anim.xml 0x3bef717c
    res/anim/umeng_fb_dialog_enter_anim.xml 0x4103d130
    res/anim/umeng_fb_dialog_exit_anim.xml 0xba9f068f
    res/anim/zhengzhuan.xml 0xbbcc52ce
    res/drawable-hdpi-v4/msp_demo_title.png 0x66c70b04
    res/drawable-hdpi-v4/msp_demo_title_bg.png 0x5088f5dd
    res/drawable-hdpi-v4/umeng_update_btn_check_off_focused_holo_light.png 0x57ca0f38
    res/drawable-hdpi-v4/umeng_update_btn_check_off_holo_light.png 0x5d31df56
    res/drawable-hdpi-v4/umeng_update_btn_check_off_pressed_holo_light.png 0xdef5be4
    res/drawable-hdpi-v4/umeng_update_btn_check_on_focused_holo_light.png 0x6e3f43b0
    res/drawable-hdpi-v4/umeng_update_btn_check_on_holo_light.png 0xffb59901
    res/drawable-hdpi-v4/umeng_update_btn_check_on_pressed_holo_light.png 0xb6c95082
    res/drawable-hdpi-v4/umeng_update_close_bg_normal.png 0x486e364b
    res/drawable-hdpi-v4/umeng_update_close_bg_tap.png 0x6c406e93
    res/drawable-xhdpi-v4/about_dic.png 0x3caaa42d
    res/drawable-xhdpi-v4/about_wenzi.png 0xd759e3d7
    res/drawable-xhdpi-v4/againbtn.png 0x69bf4c87
    res/drawable-xhdpi-v4/againbtn_hover.png 0x5b5b161b
    res/drawable-xhdpi-v4/bg_header.9.png 0xdf142850
    res/drawable-xhdpi-v4/caidan_dic.png 0xca29a810
    res/drawable-xhdpi-v4/close_dic.png 0xc5ad5eeb
    res/drawable-xhdpi-v4/delbtn.png 0x9d1e515e
    res/drawable-xhdpi-v4/delbtn_hover.png 0x82313ed7
    res/drawable-xhdpi-v4/design_name.png 0xbc784658
    res/drawable-xhdpi-v4/dev_head_pic.png 0x6c6907bb
    res/drawable-xhdpi-v4/dialog_load_bg.9.png 0x8190a355
    res/drawable-xhdpi-v4/dialog_make_img.png 0x268f0f2e
    res/drawable-xhdpi-v4/dialog_nomake_img.png 0xbd821952
    res/drawable-xhdpi-v4/dic_group.png 0x2346d434
    res/drawable-xhdpi-v4/dic_manage.png 0x667307d2
    res/drawable-xhdpi-v4/dic_shezhi.png 0xc73b6678
    res/drawable-xhdpi-v4/dic_wenti.png 0x5aa40fe1
    res/drawable-xhdpi-v4/erweima.png 0x3926e762
    res/drawable-xhdpi-v4/et_setname_bg.png 0x91b091a1
    res/drawable-xhdpi-v4/f.png 0x5033c843
    res/drawable-xhdpi-v4/f_hui.png 0xb720a884
    res/drawable-xhdpi-v4/f_now.png 0x813967f0
    res/drawable-xhdpi-v4/fanhui.png 0xfc875794
    res/drawable-xhdpi-v4/fanhui_dic.png 0xf8a238d0
    res/drawable-xhdpi-v4/fcode.png 0x880f71c1
    res/drawable-xhdpi-v4/fcodecorrect.png 0x706a6a05
    res/drawable-xhdpi-v4/group_btn.png 0x54cede07
    res/drawable-xhdpi-v4/group_btn_hover.png 0xfb8521c8
    res/drawable-xhdpi-v4/group_wai.png 0xec0ffd9c
    res/drawable-xhdpi-v4/imagebtn.png 0xe4160b72
    res/drawable-xhdpi-v4/imagebtn_hover.png 0xe73b9684
    res/drawable-xhdpi-v4/index_btn.png 0x9d34b02d
    res/drawable-xhdpi-v4/index_btn_hover.png 0x9bef4773
    res/drawable-xhdpi-v4/index_name.png 0xad459afe
    res/drawable-xhdpi-v4/input_bg.png 0xde7d50f3
    res/drawable-xhdpi-v4/loading_icon.png 0xbe0a462c
    res/drawable-xhdpi-v4/main_logo.png 0x8a945596
    res/drawable-xhdpi-v4/menu_bg.9.png 0x18053db5
    res/drawable-xhdpi-v4/nei.png 0xe746f5a3
    res/drawable-xhdpi-v4/nei_hit.png 0x25c14753
    res/drawable-xhdpi-v4/nei_yuan.png 0x8c1e6c45
    res/drawable-xhdpi-v4/newbtn.png 0x385ddbf0
    res/drawable-xhdpi-v4/newbtn_hover.png 0xa9397e92
    res/drawable-xhdpi-v4/nextbtn.png 0x52484c95
    res/drawable-xhdpi-v4/nextbtn_hover.png 0xd86f6a6c
    res/drawable-xhdpi-v4/no_app.png 0x957a07be
    res/drawable-xhdpi-v4/no_hao.png 0xc9957a4f
    res/drawable-xhdpi-v4/open_btn.png 0x8410c131
    res/drawable-xhdpi-v4/open_dic.png 0x941436b
    res/drawable-xhdpi-v4/publicloading.png 0xd42fce89
    res/drawable-xhdpi-v4/qq.png 0x5e2bb334
    res/drawable-xhdpi-v4/qun_shubg.png 0x8222e096
    res/drawable-xhdpi-v4/quxiao.png 0xa719221
    res/drawable-xhdpi-v4/rebtn.png 0xacf3a35a
    res/drawable-xhdpi-v4/rebtn_hover.png 0x6e26e33a
    res/drawable-xhdpi-v4/right_dic.png 0xe277a9e
    res/drawable-xhdpi-v4/select_li.png 0x99019ece
    res/drawable-xhdpi-v4/select_now.png 0x63bcd2b7
    res/drawable-xhdpi-v4/send_photo_icon.png 0x760e26e1
    res/drawable-xhdpi-v4/send_xian.png 0x1ec839ac
    res/drawable-xhdpi-v4/sendbtn.png 0xd147d337
    res/drawable-xhdpi-v4/sendbtn_hover.png 0x904c757c
    res/drawable-xhdpi-v4/sendbtn_not.png 0x940d6d92
    res/drawable-xhdpi-v4/share_dic.png 0x67f9978b
    res/drawable-xhdpi-v4/umeng_dev_msgbox.9.png 0x2fcb265d
    res/drawable-xhdpi-v4/umeng_fb_audio_dialog_cancel.png 0x743b988c
    res/drawable-xhdpi-v4/umeng_fb_audio_dialog_content.png 0x2c6518b0
    res/drawable-xhdpi-v4/umeng_fb_audio_play_01.png 0x31905937
    res/drawable-xhdpi-v4/umeng_fb_audio_play_02.png 0x50c0ecfd
    res/drawable-xhdpi-v4/umeng_fb_audio_play_03.png 0x356a8fa
    res/drawable-xhdpi-v4/umeng_fb_audio_play_bg.9.png 0xa403827e
    res/drawable-xhdpi-v4/umeng_fb_bg.png 0xdcc83fac
    res/drawable-xhdpi-v4/umeng_fb_inputbox.9.png 0xcf1bea46
    res/drawable-xhdpi-v4/umeng_fb_keyboard.png 0xdc7f8eee
    res/drawable-xhdpi-v4/umeng_fb_msg_error_icon.png 0xfa4d0454
    res/drawable-xhdpi-v4/umeng_fb_plus.png 0x8dfa08a4
    res/drawable-xhdpi-v4/umeng_fb_record.png 0xdc4b1bc
    res/drawable-xhdpi-v4/umeng_user_msgbox.9.png 0x4fb598
    res/drawable-xhdpi-v4/user_head_photo.png 0x9d393bb7
    res/drawable-xhdpi-v4/videobtn.png 0x879bc29b
    res/drawable-xhdpi-v4/videobtn_hover.png 0x82588651
    res/drawable-xhdpi-v4/wai_yuan.png 0x806b9cc9
    res/drawable-xhdpi-v4/wei_pay.png 0x86b5d4e8
    res/drawable-xhdpi-v4/wei_pay_hover.png 0xba635624
    res/drawable-xhdpi-v4/wellcome.png 0xae3f6f42
    res/drawable-xhdpi-v4/wirte_dic.png 0xe0dc1c1a
    res/drawable-xhdpi-v4/wrong_dic.png 0x545329b4
    res/drawable-xhdpi-v4/xiezai.png 0xf7aaafbf
    res/drawable-xhdpi-v4/xiezai_btn.png 0x6d6ef6d6
    res/drawable-xhdpi-v4/zhi_pay.png 0xc1e9c17b
    res/drawable-xhdpi-v4/zhi_pay_hover.png 0x85c4ea48
    res/drawable/again_mass_selector.xml 0xa8686e0a
    res/drawable/bank_selector.xml 0xd95920ae
    res/drawable/btn_enabled_shape.xml 0x6d1663b6
    res/drawable/btn_unabled_shape.xml 0xeb55f201
    res/drawable/checkbox_selector.xml 0xc89b0ed6
    res/drawable/checkbutton_selector.xml 0xae733e06
    res/drawable/delete_select.xml 0x36576c29
    res/drawable/fb_dev_reply_bg.9.png 0x4d615e2c
    res/drawable/fcode_btn_border.xml 0x4d7555b1
    res/drawable/fcode_ed_border.xml 0x6be8210b
    res/drawable/image_selector.xml 0x3e908dcf
    res/drawable/make_selector.xml 0x7cd5c84
    res/drawable/mass_selector.xml 0x73de2900
    res/drawable/my_dialog.xml 0x4cd0a1fa
    res/drawable/new_mass_selector.xml 0xe241c925
    res/drawable/next_selector.xml 0x62ab24b
    res/drawable/resend_selector.xml 0xcc8c7e53
    res/drawable/send_selector.xml 0x8e62389a
    res/drawable/shape_bg.xml 0x7ec8bde3
    res/drawable/shape_message.xml 0xea864a9e
    res/drawable/shape_onekey.xml 0x7db0d654
    res/drawable/shape_send.xml 0x593f66d
    res/drawable/shape_time.xml 0xe034c4de
    res/drawable/sharp_title_bg.xml 0xfa8e3900
    res/drawable/tb_munion_icon.xml 0x3c4bbb89
    res/drawable/tb_munion_item_selector.xml 0xb028dc18
    res/drawable/uemg_fb_btn_bg_selector.xml 0xef97386c
    res/drawable/umeng_common_gradient_green.xml 0x962bb903
    res/drawable/umeng_common_gradient_orange.xml 0xd5106ae2
    res/drawable/umeng_common_gradient_red.xml 0x133ade08
    res/drawable/umeng_fb_action_replay.png 0xaa74362b
    res/drawable/umeng_fb_arrow_right.png 0xd0df691e
    res/drawable/umeng_fb_help_tab_bg.xml 0xabe09113
    res/drawable/umeng_fb_round_white_bg.xml 0x25a5a0e0
    res/drawable/umeng_update_button_cancel_bg_focused.xml 0xe15186e2
    res/drawable/umeng_update_button_cancel_bg_normal.xml 0x7f247f01
    res/drawable/umeng_update_button_cancel_bg_selector.xml 0x6a48e921
    res/drawable/umeng_update_button_cancel_bg_tap.xml 0x8b9edc3
    res/drawable/umeng_update_button_check_selector.xml 0xb43fe343
    res/drawable/umeng_update_button_close_bg_selector.xml 0xe6ae1fa1
    res/drawable/umeng_update_button_ok_bg_focused.xml 0xca9ec970
    res/drawable/umeng_update_button_ok_bg_normal.xml 0xafd26ea2
    res/drawable/umeng_update_button_ok_bg_selector.xml 0x820d29f5
    res/drawable/umeng_update_button_ok_bg_tap.xml 0x2b2a0e55
    res/drawable/umeng_update_dialog_bg.xml 0x565551a3
    res/drawable/umeng_update_title_bg.xml 0x9173f89e
    res/drawable/umeng_update_wifi_disable.png 0xe635e071
    res/drawable/video_selector.xml 0x6f258e81
    res/drawable/weixin_selector.xml 0x11987b88
    res/drawable/zhifubao_selector.xml 0x5e56fd5
    res/layout/act__one_key__mass.xml 0x77802f5a
    res/layout/act_about.xml 0x97367710
    res/layout/act_dialog.xml 0x85a125a8
    res/layout/act_f_code.xml 0x2f5071ea
    res/layout/act_help.xml 0x3ecc21b
    res/layout/act_main.xml 0x43f6ea
    res/layout/act_manage.xml 0x8f9b43a
    res/layout/act_mass.xml 0xf867cdae
    res/layout/act_mass_select.xml 0xc8bd9ad4
    res/layout/act_mass_send.xml 0xc780b6f3
    res/layout/act_one_key_mass.xml 0x4294163f
    res/layout/act_setting.xml 0xce006c2d
    res/layout/act_share.xml 0xf7fddaed
    res/layout/act_welcome.xml 0xd68d261a
    res/layout/activity_item_twopane.xml 0xc70f64f4
    res/layout/activity_umeng_push.xml 0x26f2087d
    res/layout/custom_dailog.xml 0xaba1f11
    res/layout/fcode_dailog.xml 0x1cc63130
    res/layout/item_manage.xml 0xf0ffd3af
    res/layout/item_select.xml 0xa6bb2c6e
    res/layout/loading_dialog_view.xml 0xda64d064
    res/layout/make_anim_layout.xml 0xff8a01f7
    res/layout/mass_anim.xml 0x2a5daee3
    res/layout/onekey_mass_select.xml 0xefabf45
    res/layout/pay_external.xml 0xcf159b06
    res/layout/pay_main.xml 0xbb264b6f
    res/layout/pay_result.xml 0xaf10bc98
    res/layout/paydialog.xml 0x1efb36ec
    res/layout/share_item.xml 0xebb103f9
    res/layout/umeng_common_download_notification.xml 0x3c133e08
    res/layout/umeng_fb_activity_conversation.xml 0xaf756615
    res/layout/umeng_fb_activity_help.xml 0xdcf63d10
    res/layout/umeng_fb_audio_dialog.xml 0xa98d1399
    res/layout/umeng_fb_contact.xml 0x72526da5
    res/layout/umeng_fb_contact_spinner.xml 0x6ed95c2e
    res/layout/umeng_fb_fragment.xml 0xf6a1702d
    res/layout/umeng_fb_fragment_question.xml 0x9f914431
    res/layout/umeng_fb_image_dialog.xml 0x404e05a1
    res/layout/umeng_fb_input_contact.xml 0xcc21f884
    res/layout/umeng_fb_input_conversation.xml 0x25c9f36a
    res/layout/umeng_fb_input_conversation_audio.xml 0x7292a820
    res/layout/umeng_fb_reply_item_audio.xml 0x8e665574
    res/layout/umeng_fb_reply_item_image.xml 0xa3e0306f
    res/layout/umeng_fb_reply_item_text.xml 0x6ca9a4fc
    res/layout/umeng_fb_welcome_item.xml 0x48b6b067
    res/layout/umeng_feedback_dev_reply.xml 0xdad2383f
    res/layout/umeng_feedback_main.xml 0xc608e810
    res/layout/umeng_feedback_msg_time.xml 0x287f8546
    res/layout/umeng_feedback_user_reply.xml 0x1291dae2
    res/layout/umeng_update_dialog.xml 0x17410c7d
    res/layout/uninstall_dailog.xml 0x50252886
    META-INF/MANIFEST.MF 0x28b66780
    META-INF/CERT.SF 0xbfcd5ebb
    META-INF/CERT.RSA 0x7d99912d
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号