VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : thepaper_thepapercn_3.1.0.apk (File not down)
File Size :13722285 byte
File Type :application/jar
MD5:eb8a7136c2a428cb63976fbc7431990d
SHA1:81eeef069e85a1cedc458fbf558f951aee17c456
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!        Behavior
    Time: 2015-11-02 15:19:54 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 6
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 7
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
    baidusd 1.0 1.0 2014-04-02 Found nothing 3
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4169 25.4169 2015-11-02 Android.Adware.Tekwon.A 11
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 53
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 22
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 5
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 9
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 20
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 6
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 20
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.VIBRATE允许设备震动
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ADD_SYSTEM_SERVICE
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_SURFACE_FLINGER访问SurfaceFlinger
    android.permission.EXPAND_STATUS_BAR操控状态栏
    android.permission.BROADCAST_STICKY发送持久广播
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.WRITE_APN_SETTINGS改写APN设置(如:cmwap)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.CAMERA访问照相机设备
    android.permission.CALL_PHONE拨打电话
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.UPDATE_DEVICE_STATS更新设备状态
    adnroid.permission.ACCESS_CHECKIN_PROPERTTES
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.MODIFY_PHONE_STATE修改电话状态
    android.permission.BATTERY_STATS电量统计
    android.permission.MANAGE_ACCOUNTS管理账户
    android.permission.GET_ACCOUNTS访问账户列表
  • 文件信息
    安全评分 :
    基本信息
    MD5:eb8a7136c2a428cb63976fbc7431990d
    包名:com.wondertek.paper
    最低运行环境:Android 2.1.x
    版权:wd
    关键行为
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x0005027e, Text = Notepad++ v6.8.6 安装 , ClassName = #32770.
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    行为描述:获取TickCount值
    详情信息:TickCount = 512928, SleepMilliseconds = 100.
    TickCount = 512975, SleepMilliseconds = 100.
    TickCount = 513193, SleepMilliseconds = 100.
    TickCount = 513256, SleepMilliseconds = 100.
    TickCount = 513475, SleepMilliseconds = 100.
    TickCount = 513521, SleepMilliseconds = 100.
    TickCount = 513740, SleepMilliseconds = 100.
    TickCount = 513787, SleepMilliseconds = 100.
    TickCount = 514006, SleepMilliseconds = 100.
    TickCount = 514053, SleepMilliseconds = 100.
    TickCount = 514271, SleepMilliseconds = 100.
    TickCount = 514287, SleepMilliseconds = 100.
    TickCount = 514303, SleepMilliseconds = 100.
    TickCount = 514318, SleepMilliseconds = 100.
    TickCount = 514334, SleepMilliseconds = 100.
    进程行为
    行为描述:隐藏窗口创建进程
    详情信息:ImagePath = , CmdLine = "c:\docume~1\admini~1\locals~1\temp\nsf5.tmp\ns7.tmp" "c:\docume~1\admini~1\locals~1\temp\xmlupdater.exe" "c:\docume~1\admini~1\locals~1\temp\langsmodel.xml" "c:\docume~1\admini~1\locals~1\temp\langs.model.xml" "c:\documents and setting
    ImagePath = , CmdLine = "c:\docume~1\admini~1\locals~1\temp\nsf5.tmp\ns8.tmp" "c:\docume~1\admini~1\locals~1\temp\xmlupdater.exe" "c:\docume~1\admini~1\locals~1\temp\configmodel.xml" "c:\docume~1\admini~1\locals~1\temp\config.model.xml" "c:\documents and setti
    ImagePath = , CmdLine = "c:\docume~1\admini~1\locals~1\temp\nsf5.tmp\ns9.tmp" "c:\docume~1\admini~1\locals~1\temp\xmlupdater.exe" "c:\docume~1\admini~1\locals~1\temp\stylesglobalmodel.xml" "c:\docume~1\admini~1\locals~1\temp\stylers.model.xml" "c:\documents an
    ImagePath = , CmdLine = "c:\docume~1\admini~1\locals~1\temp\nsf5.tmp\nsa.tmp" "c:\docume~1\admini~1\locals~1\temp\xmlupdater.exe" "c:\docume~1\admini~1\locals~1\temp\styleslexermodel.xml" "c:\docume~1\admini~1\locals~1\temp\stylers_remove.xml" "c:\documents an
    ImagePath = , CmdLine = "c:\docume~1\admini~1\locals~1\temp\nsf5.tmp\nsb.tmp" "c:\docume~1\admini~1\locals~1\temp\xmlupdater.exe" "c:\docume~1\admini~1\locals~1\temp\styleslexermodel.xml" "c:\docume~1\admini~1\locals~1\temp\stylers.model.xml" "c:\documents and
    ImagePath = , CmdLine = "c:\docume~1\admini~1\locals~1\temp\nsf5.tmp\nsc.tmp" "c:\docume~1\admini~1\locals~1\temp\xmlupdater.exe" "c:\docume~1\admini~1\locals~1\temp\styleslexermodel.xml" "c:\docume~1\admini~1\locals~1\temp\stylers.model.xml" "c:\documents and
    行为描述:创建进程
    详情信息:ImagePath = C:\WINDOWS\system32\regsvr32.exe, CmdLine = regsvr32 /s "C:\Program Files\Notepad++\NppShell_06.dll"
    行为描述:创建新文件进程
    详情信息:ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\langsModel.xml" "C:\DOCUME~1\ADMINI~1\LOCAL
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\langsModel.xml" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\langs.model.xml" "C:\Documents and Settings\Adm
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\configModel.xml" "C:\DOCUME~1\ADMINI~1\LOCA
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\configModel.xml" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\config.model.xml" "C:\Documents and Settings\A
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesGlobalModel.xml" "C:\DOCUME~1\ADMINI~
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesGlobalModel.xml" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylers.model.xml" "C:\Documents and Set
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesLexerModel.xml" "C:\DOCUME~1\ADMINI~1
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesLexerModel.xml" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylers_remove.xml" "C:\Documents and Set
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesLexerModel.xml" "C:\DOCUME~1\ADMINI~1
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesLexerModel.xml" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylers.model.xml" "C:\Documents and Sett
    ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesLexerModel.xml" "C:\DOCUME~1\ADMINI~1
    ImagePath = C:\Program Files\Notepad++\notepad++.exe, CmdLine = "C:\Program Files\Notepad++\notepad++.exe" "C:\Program Files\Notepad++\change.log"
    行为描述:枚举进程
    详情信息:N/A
    行为描述:创建本地线程
    详情信息:N/A
    行为描述:进程退出
    详情信息:N/A
    文件行为
    行为描述:创建文件
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsu4.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\LangDLL.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\modern-wizard.bmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\modern-header.bmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\InstallOptions.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsDialogs.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\langsModel.xml
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\configModel.xml
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesGlobalModel.xml
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylesLexerModel.xml
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stylers_remove.xml
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\langs.model.xml
    行为描述:在系统敏感位置(如开始菜单等)释放链接或快捷方式
    详情信息:C:\Documents and Settings\All Users\「开始」菜单\程序\Notepad++\Notepad++.lnk
    行为描述:创建可执行文件
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\LangDLL.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\InstallOptions.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsDialogs.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp
    C:\Program Files\Notepad++\SciLexer.dll
    C:\Program Files\Notepad++\notepad++.exe
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\UserInfo.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\System.dll
    行为描述:覆盖已有文件
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp
    行为描述:复制文件
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp
    C:\Program Files\Notepad++\langs.model.xml ---> C:\Documents and Settings\Administrator\Application Data\Notepad++\langs.xml
    C:\Program Files\Notepad++\config.model.xml ---> C:\Documents and Settings\Administrator\Application Data\Notepad++\config.xml
    C:\Program Files\Notepad++\stylers.model.xml ---> C:\Documents and Settings\Administrator\Application Data\Notepad++\stylers.xml
    C:\Program Files\Notepad++\shortcuts.xml ---> C:\Documents and Settings\Administrator\Application Data\Notepad++\shortcuts.xml
    行为描述:删除文件
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsu4.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\InstallOptions.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\InstallOptions.dll-newfile
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini-newfile
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\LangDLL.dll
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\LangDLL.dll-newfile
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\modern-header.bmp
    行为描述:查找文件
    详情信息:FileName = C:\DOCUME~1
    FileName = C:\Documents and Settings\ADMINI~1
    FileName = C:\Documents and Settings\Administrator\LOCALS~1
    FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp
    FileName = C:\Program Files\Notepad++
    FileName = C:\Program Files
    FileName = C:\Program Files\Notepad++\doLocalConf.xml
    FileName = C:\Program Files\Notepad++\allowAppDataPlugins.xml
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    行为描述:修改文件内容
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 0
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 74
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\modern-wizard.bmp---> Offset = 32851
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 250
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 224
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\modern-header.bmp---> Offset = 22911
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 68
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 88
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 122
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 534
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 600
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 710
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 726
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 750
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ioSpecial.ini---> Offset = 430
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\notepad++.exe\
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\InprocServer32\
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\InprocServer32\ThreadingModel
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\Settings\Title
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\Settings\Path
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\Settings\Custom
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\Settings\ShowIcon
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\Settings\Dynamic
    \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}\Settings\Maxtext
    \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ANotepad++\
    \REGISTRY\MACHINE\SOFTWARE\Notepad++\
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++\DisplayName
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++\Publisher
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++\VersionMajor
    行为描述:修改注册表_延迟重命名项
    详情信息:\REGISTRY\MACHINE\SYSTEM\ControlSet002\Control\Session Manager\PendingFileRenameOperations
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.MAG
    SHIMLIB_LOG_MUTEX
    nppInstance
    MSCTF.Shared.MUTEX.EKH
    行为描述:创建事件对象
    详情信息:EventName = MSCTF.SendReceive.Event.MAG.IC
    EventName = MSCTF.SendReceiveConection.Event.MAG.IC
    EventName = ShellCopyEngineRunning
    EventName = ShellCopyEngineFinished
    EventName = Global\userenv: User Profile setup event
    EventName = DINPUTWINMM
    EventName = MSCTF.SendReceiveConection.Event.EKH.IC
    EventName = MSCTF.SendReceive.Event.EKH.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    NtUserFindWindowEx: [Class,Window] = [#32770,]
    NtUserFindWindowEx: [Class,Window] = [SysListView32,]
    行为描述:获取系统权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:获取TickCount值
    详情信息:TickCount = 512928, SleepMilliseconds = 100.
    TickCount = 512975, SleepMilliseconds = 100.
    TickCount = 513193, SleepMilliseconds = 100.
    TickCount = 513256, SleepMilliseconds = 100.
    TickCount = 513475, SleepMilliseconds = 100.
    TickCount = 513521, SleepMilliseconds = 100.
    TickCount = 513740, SleepMilliseconds = 100.
    TickCount = 513787, SleepMilliseconds = 100.
    TickCount = 514006, SleepMilliseconds = 100.
    TickCount = 514053, SleepMilliseconds = 100.
    TickCount = 514271, SleepMilliseconds = 100.
    TickCount = 514287, SleepMilliseconds = 100.
    TickCount = 514303, SleepMilliseconds = 100.
    TickCount = 514318, SleepMilliseconds = 100.
    TickCount = 514334, SleepMilliseconds = 100.
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x0005027e, Text = Notepad++ v6.8.6 安装 , ClassName = #32770.
    行为描述:窗口信息
    详情信息:Pid = 2036, Hwnd=0x202a2, Text = 简体中文, ClassName = ComboBox.
    Pid = 2036, Hwnd=0x202a6, Text = OK, ClassName = Button.
    Pid = 2036, Hwnd=0x202a8, Text = Cancel, ClassName = Button.
    Pid = 2036, Hwnd=0x202cc, Text = Please select a language., ClassName = Static.
    Pid = 2036, Hwnd=0x4027e, Text = Installer Language, ClassName = #32770.
    Pid = 2036, Hwnd=0x302a2, Text = 下一步(&N) >, ClassName = Button.
    Pid = 2036, Hwnd=0x302a4, Text = 取消(&C), ClassName = Button.
    Pid = 2036, Hwnd=0x402bc, Text = Don HO , ClassName = Static.
    Pid = 2036, Hwnd=0x202d4, Text = Don HO, ClassName = Static.
    Pid = 2036, Hwnd=0x302da, Text = 欢迎使用“Notepad++ v6.8.6”安装向导, ClassName = Static.
    Pid = 2036, Hwnd=0x302b8, Text = 这个向导将指引你完成“Notepad++ v6.8.6”的安装进程。 在开始安装之前,建议先关闭其他所有应用程序。这将允许“安装程序”更新指定的, ClassName = Static.
    Pid = 2036, Hwnd=0x5027e, Text = Notepad++ v6.8.6 安装, ClassName = #32770.
    Pid = 2036, Hwnd=0x302a2, Text = 我接受(&I), ClassName = Button.
    Pid = 2036, Hwnd=0x402b8, Text = 按 [PgDn] 阅读“授权协议”的其余部分。, ClassName = Static.
    Pid = 2036, Hwnd=0x402da, Text = COPYING -- Describes the terms under which Notepad++ is distributed. A copy of the GNU GPL is appended to this file. IMPORTAN, ClassName = RichEdit20W.
    行为描述:可执行文件签名信息
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\LangDLL.dll(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\InstallOptions.dll(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsDialogs.dll(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp(签名验证: 未通过)
    C:\Program Files\Notepad++\SciLexer.dll(签名验证: 未通过)
    C:\Program Files\Notepad++\notepad++.exe(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\UserInfo.dll(签名验证: 未通过)
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\System.dll(签名验证: 未通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 1000.
    [2]: MilliSeconds = 1000.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [,Button]
    [Window,Class] = [Don HO,Static]
    [Window,Class] = [Don HO ,Static]
    [Window,Class] = [,Static]
    [Window,Class] = [,Auto-Suggest Dropdown]
    [Window,Class] = [安装完成,Static]
    [Window,Class] = [安装已成功完成。,Static]
    [Window,Class] = [Tab,SysTabControl32]
    [Window,Class] = [Selected Tab,#32770]
    [Window,Class] = [,nsdockspliter]
    [Window,Class] = [,wedockspliter]
    [Window,Class] = [,splitterContainer]
    [Window,Class] = [,wespliter]
    [Window,Class] = [,Scintilla]
    行为描述:可执行文件MD5
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\LangDLL.dll ---> a1cd3f159ef78d9ace162f067b544fd9
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\InstallOptions.dll ---> 89351a0a6a89519c86c5531e20dab9ea
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsDialogs.dll ---> 4ccc4a742d4423f2f0ed744fd9c81f63
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xmlUpdater.exe ---> 887173f53072cd2d238014f4199b35cf
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll ---> 132e6153717a7f9710dcea4536f364cd
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns7.tmp ---> 132e6153717a7f9710dcea4536f364cd
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns8.tmp ---> 132e6153717a7f9710dcea4536f364cd
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\ns9.tmp ---> 132e6153717a7f9710dcea4536f364cd
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsA.tmp ---> 132e6153717a7f9710dcea4536f364cd
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsB.tmp ---> 132e6153717a7f9710dcea4536f364cd
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsC.tmp ---> 132e6153717a7f9710dcea4536f364cd
    C:\Program Files\Notepad++\SciLexer.dll ---> 21b24bc279530e07ca15d93c7f929f04
    C:\Program Files\Notepad++\notepad++.exe ---> 32b5d47b42a6d21feac063bbcbe5ef16
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\UserInfo.dll ---> c7ce0e47c83525983fd2c4c9566b4aad
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\System.dll ---> bf712f32249029466fa86756f5546950
    行为描述:加载新释放的文件
    详情信息:Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\LangDLL.dll.
    Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\InstallOptions.dll.
    Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsDialogs.dll.
    Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\nsExec.dll.
    Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\UserInfo.dll.
    Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsf5.tmp\System.dll.
    Image: C:\Program Files\Notepad++\NppShell_06.dll.
    Image: C:\Program Files\Notepad++\SciLexer.dll.
    Image: C:\Program Files\Notepad++\plugins\mimeTools.dll.
    Image: C:\Program Files\Notepad++\plugins\NppConverter.dll.
    Image: C:\Program Files\Notepad++\plugins\NppExport.dll.
    Image: C:\Program Files\Notepad++\plugins\PluginManager.dll.
    Activities
    活动名类型
    com.wondertek.activity.AppFakeActivityandroid.intent.action.MAIN
    com.wondertek.activity.AppFakeActivityandroid.intent.category.LAUNCHER
    com.mob.tools.MobUIShellandroid.intent.action.VIEW
    com.mob.tools.MobUIShellandroid.intent.category.BROWSABLE
    com.mob.tools.MobUIShellandroid.intent.category.DEFAULT
    com.tencent.tauth.AuthActivityandroid.intent.action.VIEW
    com.tencent.tauth.AuthActivityandroid.intent.category.DEFAULT
    com.tencent.tauth.AuthActivityandroid.intent.category.BROWSABLE
    危险函数
    函数名称信息
    ContentResolver;->query读取联系人、短信等数据库
    java/net/URL;->openConnection连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    HttpClient;->execute请求远程服务器
    TelephonyManager;->getLine1Number获取手机号
    java/net/HttpURLConnection;->connect连接URL
    LocationManager;->getLastKnownLocation获取地址位置
    DefaultHttpClient;->execute发送HTTP请求
    getRuntime获取命令行环境
    java/net/URLConnection;->connect连接URL
    java/lang/Runtime;->exec执行字符串命令
    android/app/NotificationManager;->notify信息通知栏
    MediaRecorder;->setAudioSource开启录音功能
    ContentResolver;->delete删除短信、联系人
    WifiManager;->setWifiEnabled变更WIFI状态
    启动方式
    名称信息
    com.umeng.message.SystemReceiver开机启动服务
    com.umeng.message.SystemReceiver网络连接改变时启动服务
    com.umeng.message.SystemReceiver应用卸载时启动服务
    com.umeng.message.BootBroadcastReceiver开机启动服务
    com.wondertek.video.appupdate.UpdateReceiver开机启动服务
    权限列表
    许可名称信息
    android.permission.VIBRATE允许设备震动
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ADD_SYSTEM_SERVICE
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_SURFACE_FLINGER访问SurfaceFlinger
    android.permission.EXPAND_STATUS_BAR操控状态栏
    android.permission.BROADCAST_STICKY发送持久广播
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.WRITE_APN_SETTINGS改写APN设置(如:cmwap)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.CAMERA访问照相机设备
    android.permission.CALL_PHONE拨打电话
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.UPDATE_DEVICE_STATS更新设备状态
    adnroid.permission.ACCESS_CHECKIN_PROPERTTES
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.MODIFY_PHONE_STATE修改电话状态
    android.permission.BATTERY_STATS电量统计
    android.permission.MANAGE_ACCOUNTS管理账户
    android.permission.GET_ACCOUNTS访问账户列表
    服务列表
    名称
    com.umeng.message.UmengService
    com.umeng.message.UmengIntentService
    com.umeng.message.UmengMessageIntentReceiverService
    com.wondertek.video.appupdate.UpdateService
    文件列表
    文件名 校验码
    assets/ShareSDK.xml 0x3f3d05f
    assets/venus.zip 0x8b163737
    res/drawable/adbutton.png 0x8596adb6
    res/drawable/divider.png 0x8e90b1df
    res/drawable/icon.png 0x6a02a3d5
    res/drawable/launcher_icon.png 0x88218517
    res/drawable/loading.png 0x1d797c89
    res/drawable/notification.png 0x1ca1efe4
    res/drawable/pop.png 0x19f9bc07
    res/layout/notification_item.xml 0x9e3dbc97
    res/layout/notification_process.xml 0x49fcfa39
    res/layout/notification_showtext.xml 0x10e875bf
    res/layout/notification_standard.xml 0x34eed342
    res/layout/notification_view.xml 0x8fde78fd
    res/raw/beep.ogg 0xc2805e07
    res/raw/xface.properties 0x8e09e547
    res/xml/phonegap.xml 0x5e3df84d
    res/xml/plugins.xml 0x9119c6c6
    AndroidManifest.xml 0xff9f5149
    resources.arsc 0x1ef97eaf
    res/drawable-hdpi/notification.png 0x538fd95b
    res/drawable-mdpi/umeng_push_notification_default_large_icon.png 0x46781c69
    res/drawable-mdpi/umeng_push_notification_default_small_icon.png 0x6fc45a3b
    res/drawable-xhdpi/notification.png 0x538fd95b
    res/drawable-xhdpi/ssdk_auth_title_back.png 0xbcd2767e
    res/drawable-xhdpi/ssdk_back_arr.png 0x616e2f01
    res/drawable-xhdpi/ssdk_logo.png 0xbcd2767e
    res/drawable-xhdpi/ssdk_title_div.png 0xf5a963d
    res/drawable-xhdpi/umeng_push_notification_default_large_icon.png 0xf60f751c
    classes.dex 0x5270ed8
    assets/background.9.png 0x2b654113
    assets/buttonNegt.png 0xbf8691b8
    assets/buttonPost.png 0x6231c3b4
    assets/button_green.9.png 0xab4b0557
    assets/button_red.9.png 0xded221c2
    assets/com.tencent.open.config.json 0xb3d4a81a
    assets/com.tencent.plus.bar.png 0x5fd36d43
    assets/com.tencent.plus.blue_disable.png 0xf0e0db56
    assets/com.tencent.plus.blue_down.png 0xb6bdc1b
    assets/com.tencent.plus.blue_normal.png 0x18382c6e
    assets/com.tencent.plus.gray_disable.png 0x9375206c
    assets/com.tencent.plus.gray_down.png 0xcbe30e37
    assets/com.tencent.plus.gray_normal.png 0xbf8cba3
    assets/com.tencent.plus.ic_error.png 0xed6b2186
    assets/com.tencent.plus.ic_success.png 0x20ea665b
    assets/com.tencent.plus.logo.png 0x91dff5be
    assets/libwbsafeedit 0xb05a63a9
    assets/yyb_appdetail_bg_floatingwindow.9.png 0x2e9abd8b
    assets/yyb_appdetail_showmore.png 0xcfd41321
    assets/yyb_friends.png 0xf969c41e
    assets/yyb_icon_back.png 0x58d07682
    assets/yyb_qq.png 0xa289050d
    assets/yyb_qzone.png 0x20e15be3
    assets/yyb_topbar.9.png 0x410133f6
    assets/yyb_weixin.png 0x3402b818
    assets/adsame_browser.png 0x592dd001
    assets/adsame_close.png 0xa495ca68
    assets/adsame_close1.png 0x7cfad6d
    assets/adsame_forward.png 0x14d763b9
    assets/adsame_forward1.png 0x87ec70b1
    assets/adsame_goback.png 0x75ef9ccb
    assets/adsame_goback1.png 0xc46baf29
    assets/adsame_opentype.png 0x592dd001
    assets/adsame_refresh.png 0x828f66bb
    assets/adsame_refresh1.png 0x31a171cd
    assets/adsamewindowsclose.png 0x581d481e
    assets/btn_pause_normal.png 0xcfdba8d5
    assets/btn_pause_pressed.png 0xcf373bfd
    assets/btn_play_normal.png 0xed01ca97
    assets/btn_play_pressed.png 0x2476a584
    assets/common_loading.png 0xfe178b3d
    assets/mediaplayer_play.png 0x22be8117
    assets/mediaplayer_replay.png 0x56b58402
    assets/progress.png 0x964b7208
    assets/progress_bg.png 0xa0e5d460
    assets/progress_secondary.png 0xa0e5d460
    assets/progress_thumb_normal.png 0xe2ab5a47
    assets/progress_thumb_pressed.png 0x9732eaa8
    lib/x86/libcocklogic.so 0x61cde293
    lib/x86/libtnet-2.0.17-agoo.so 0x3ff703b0
    lib/armeabi/libcocklogic.so 0xe2eb3984
    lib/armeabi/libtnet-2.0.17-agoo.so 0x17cb8204
    META-INF/MANIFEST.MF 0x999eb54e
    META-INF/CERT.SF 0x913e52cc
    META-INF/CERT.RSA 0xc51c0ec9
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号