VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : 25.apk (File not down)
File Size :168499 byte
File Type :application/jar
MD5:6d043c0599e6c4fec9a7d7d38d351932
SHA1:e8ce1c87ca2db6ac35a9f9595deb54578156a119
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!        Behavior
    Time: 2015-10-17 14:14:34 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.3911 25.3911 2015-10-17 Found nothing 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 60
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 4
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 6
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.REBOOT重启设备
    android.permission.BIND_DEVICE_ADMIN绑定设备管理
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.SEND_SMS发送短信
  • 文件信息
    安全评分 :
    基本信息
    MD5:6d043c0599e6c4fec9a7d7d38d351932
    包名:cn.android.cyw.onekey.zhidian
    最低运行环境:Android 2.2.x
    版权:rayma
    关键行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.MCI..EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.B.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.C.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.D.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.E.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.F.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.G.EAMHH
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [目标文件夹,Static]
    [Window,Class] = [,ComboBox]
    [Window,Class] = [浏览(&B),Button]
    [Window,Class] = [安装进度,Static]
    [Window,Class] = [,msctls_progress32]
    进程行为
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.MCI..EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.B.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.C.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.D.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.E.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.F.EAMHH
    MSCTF.MarshalInterface.FileMap.MCI.G.EAMHH
    行为描述:创建可执行文件
    详情信息:C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!插件手动注册\dm.dll
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!插件手动注册\RegDll.dll
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\姜氏绿鲨v7.1.exe
    行为描述:修改文件内容
    详情信息:C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\使用说明.txt---> Offset = 0
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\Shark.dll---> Offset = 0
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\图解01.jpg---> Offset = 0
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\图解02.png---> Offset = 131072
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\图解03.jpg---> Offset = 0
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\正常商店的样子.jpg---> Offset = 131072
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\游戏设置(必须)1.jpg---> Offset = 131072
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\游戏设置(必须)2.jpg---> Offset = 131072
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\游戏设置(必须)3.jpg---> Offset = 131072
    C:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!插件手动注册\!使用说明.jpg---> Offset = 0
    行为描述:查找文件
    详情信息:FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445014951.231547.exe
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    行为描述:窗口信息
    详情信息:Pid = 2088, Hwnd=0x202a8, Text = 安装(&I), ClassName = Button.
    Pid = 2088, Hwnd=0x202cc, Text = 取消(&C), ClassName = Button.
    Pid = 2088, Hwnd=0x202b2, Text = 请安装前关闭杀毒! 请安装到桌面! 诚招代理,定制软件,低价拿卡! V7.1 更新内容: 优化CPU占用 修复后台部分问题 , ClassName = Edit.
    Pid = 2088, Hwnd=0x302ba, Text = C:\Users\Administrator\Desktop\, ClassName = ComboBox.
    Pid = 2088, Hwnd=0x202d4, Text = C:\Users\Administrator\Desktop\, ClassName = Edit.
    Pid = 2088, Hwnd=0x302dc, Text = 浏览(&B), ClassName = Button.
    Pid = 2088, Hwnd=0x202d8, Text = 安装进度, ClassName = Static.
    Pid = 2088, Hwnd=0x202c2, Text = 目标文件夹, ClassName = Static.
    Pid = 2088, Hwnd=0x202a4, Text = 欢迎使用姜氏辅助安装程序!, ClassName = #32770.
    Pid = 2088, Hwnd=0x202b2, Text = 正在解压 姜氏绿鲨v7.1\!插件手动注册\注册.bat ... 正在解压 姜氏绿鲨v7.1\使用说明.txt ... 正在解压 姜氏绿鲨v7.1\!插件手动注册\dm, ClassName = Edit.
    Pid = 2088, Hwnd=0x202a4, Text = 正在解压缩..., ClassName = #32770.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [目标文件夹,Static]
    [Window,Class] = [,ComboBox]
    [Window,Class] = [浏览(&B),Button]
    [Window,Class] = [安装进度,Static]
    [Window,Class] = [,msctls_progress32]
    行为描述:打开图片文件
    详情信息:\Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\图解01.jpg
    \Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\图解03.jpg
    \Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\正常商店的样子.jpg
    \Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\游戏设置(必须)1.jpg
    \Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\游戏设置(必须)2.jpg
    \Users\Administrator\Desktop\姜氏绿鲨v7.1\!姜氏各项功能说明\游戏设置(必须)3.jpg
    \Users\Administrator\Desktop\姜氏绿鲨v7.1\!插件手动注册\!使用说明.jpg
    动态列表行为
    行为描述:获取本机电话号码
    详情信息:13661158120
    行为描述:获取加密实例
    详情信息:[u'DES']
    行为描述:获取用户ID
    详情信息:460000043140572
    460000043140572
    460000043140572
    460000043140572
    460000043140572
    460000043140572
    460000043140572
    460000043140572
    460000043140572
    460000043140572
    行为描述:查询上次位置信息
    详情信息:[u'gps']
    行为描述:窗口信息
    详情信息:{"text": "Friendly reminder", "class": "android.widget.TextView"}
    {"text": "When you open onekey lock screen and then OneKey Switch will become the default device manager, if you want to uninstall this software, you need to click the Uninstall menu to switch back to the default device manager, or you need to go to Settings - Device Manager and stopped it before uninstalling this application.", "class": "android.widget.TextView"}
    {"text": "I know", "class": "android.widget.Button"}
    {"text": "Not remind", "class": "android.widget.Button"}
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41595ab0', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#8020002 pfl=0x8 fmt=-2 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414afac0']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@41552980', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414afac0']
    行为描述:写入文件
    详情信息:path:/data/data/cn.android.cyw.onekey.zhidian/shared_prefs/cn.android.cyw.onekey.zhidian_preferences.xml length:127
    行为描述:初始化Intent
    详情信息:[u'android.os.Parcel@414ad1e8']
    行为描述:获取网络状态信息[*]
    详情信息:NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    行为描述:获取设备ID
    详情信息:357143040944263
    行为描述:定位移动终端
    详情信息:null
    Activities
    活动名类型
    .SettingActivityandroid.intent.action.MAIN
    .SettingActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    LocationManager;->getLastKnownLocation获取地址位置
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getLine1Number获取手机号
    HttpClient;->execute请求远程服务器
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    android/app/NotificationManager;->notify信息通知栏
    启动方式
    名称信息
    cn.android.cyw.onekey.zhidian.OneKeyProvider更新应用小部件时启动服务
    权限列表
    许可名称信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.REBOOT重启设备
    android.permission.BIND_DEVICE_ADMIN绑定设备管理
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.SEND_SMS发送短信
    服务列表
    名称
    cn.android.cyw.onekey.zhidian.OneKeyUpdateService
    文件列表
    文件名 校验码
    res/drawable/icon.png 0x9624b4f3
    res/drawable/icon_40_40.png 0xcd24a40b
    res/layout/wapsad.xml 0xde2da1c6
    res/layout/widget_layout.xml 0x8c81d811
    res/menu/menu.xml 0x5d4260d8
    res/xml/device_admin.xml 0x11435319
    res/xml/settingpre.xml 0x7a605329
    res/xml/widget_info.xml 0x5fa2c9a4
    AndroidManifest.xml 0x138843bb
    resources.arsc 0xcc2d101a
    res/drawable-hdpi/icon.png 0x6ad4280
    res/drawable-ldpi/icon.png 0x9624b4f3
    res/drawable-mdpi/icon.png 0xef7a92b0
    classes.dex 0x8b10c71e
    com/adzhidian/sundry/icon.png 0x4d1d205d
    com/adzhidian/util/bg5.png 0x63c03091
    com/adzhidian/util/icon.png 0x4d1d205d
    com/adzhidian/view/adlogo.png 0xb53bfeba
    com/adzhidian/view/bg5.png 0x63c03091
    com/adzhidian/view/button0.png 0xf98a5245
    com/adzhidian/view/button1.png 0xd45f2b38
    com/adzhidian/view/title0.png 0x714338f2
    com/adzhidian/view/title1.png 0x82de3212
    META-INF/MANIFEST.MF 0x767035b0
    META-INF/CERT.SF 0x9d9f91e6
    META-INF/CERT.RSA 0x1bcbd13a
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号