VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load


File information
File Name : 1.apk (File not down)
File Size :380694 byte
File Type :application/jar
MD5:a2327f254a5d74046f2a52895f1cf636
SHA1:12619ebc1ab3286ab41e4ae731597390f10aa964
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!        Behavior
    Time: 2015-10-27 09:58:05 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4073 25.4073 2015-10-26 Found nothing 9
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 42
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 17
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.SEND_SMS发送短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_CONTACTS读取联系人信息
  • 文件信息
    安全评分 :
    基本信息
    MD5:a2327f254a5d74046f2a52895f1cf636
    包名:com.www.abcd
    最低运行环境:Android 2.2.x
    版权:Android
    危险行为
    行为描述:发送短信
    详情信息:number:17052680277 data:message:********已激活15年08月11日 11时44分07秒********* 型号:sdk 手机:Lenovo 系统版本:4.1.2
    number:+8613800138001 data:message:blank:null
    number:1-381-173-1123 data:message:伟哥:null
    number:1-381-173-1321 data:message:崔老师:null
    number:10086 data:message:移动:null
    动态列表行为
    行为描述:启动服务
    详情信息:{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.www.abcd\/com.www.cxxx.s}"}
    行为描述:获取安装应用列表
    详情信息:[u'0']
    行为描述:获取加密实例
    详情信息:[u'DES']
    行为描述:读取URL数据
    详情信息:[]
    []
    行为描述:添加View
    详情信息:[u'android.widget.LinearLayout@414db218', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    [u'android.widget.LinearLayout@415477d8', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    [u'android.widget.LinearLayout@414f5310', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    行为描述:获取邮件Session
    详情信息:[u'{mail.smtp.port=25, mail.smtp.host=smtp.163.com, mail.smtp.auth=true}', u'com.xxx.wa@414c4700']
    [u'{mail.smtp.port=25, mail.smtp.host=smtp.163.com, mail.smtp.auth=true}', u'com.xxx.wa@41553400']
    行为描述:读取文件
    详情信息:path:/data/app/com.www.abcd-1.apk length:9
    path:/data/app/com.www.abcd-1.apk length:22
    path:/data/app/com.www.abcd-1.apk length:69
    path:/data/app/com.www.abcd-1.apk length:69
    path:/data/app/com.www.abcd-1.apk length:7
    path:/data/app/com.www.abcd-1.apk length:7
    行为描述:Android运行时错误
    详情信息:E/AndroidRuntime( 1539): FATAL EXCEPTION: main
    E/AndroidRuntime( 1539): java.lang.RuntimeException: Unable to start service com.www.s.se@414f1108 with Intent { cmp=com.www.abcd/com.www.s.se }: java.lang.NumberFormatException: Invalid int: "null"
    E/AndroidRuntime( 1539): at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:2507)
    E/AndroidRuntime( 1539): at android.app.ActivityThread.access$1900(ActivityThread.java:130)
    E/AndroidRuntime( 1539): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1292)
    E/AndroidRuntime( 1539): at android.os.Handler.dispatchMessage(Handler.java:99)
    E/AndroidRuntime( 1539): at android.os.Looper.loop(Looper.java:137)
    E/AndroidRuntime( 1539): at android.app.ActivityThread.main(ActivityThread.java:4745)
    E/AndroidRuntime( 1539): at java.lang.reflect.Method.invokeNative(Native Method)
    E/AndroidRuntime( 1539): at java.lang.reflect.Method.invoke(Method.java:511)
    E/AndroidRuntime( 1539): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786)
    E/AndroidRuntime( 1539): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553)
    E/AndroidRuntime( 1539): at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:135)
    E/AndroidRuntime( 1539): at dalvik.system.NativeStart.main(Native Method)
    E/AndroidRuntime( 1539): Caused by: java.lang.NumberFormatException: Invalid int: "null"
    E/AndroidRuntime( 1539): at java.lang.Integer.invalidInt(Integer.java:138)
    E/AndroidRuntime( 1539): at java.lang.Integer.parseInt(Integer.java:355)
    E/AndroidRuntime( 1539): at java.lang.Integer.parseInt(Integer.java:332)
    E/AndroidRuntime( 1539): at java.lang.Integer.valueOf(Integer.java:490)
    E/AndroidRuntime( 1539): at com.www.s.se.onStart(se.java:24)
    E/AndroidRuntime( 1539): at android.app.Service.onStartCommand(Service.java:450)
    E/AndroidRuntime( 1539): at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:2490)
    E/AndroidRuntime( 1539): ... 11 more
    行为描述:激活ActivityForResult
    详情信息:{"ACTION":"android.app.action.ADD_DEVICE_ADMIN","FLAG":0,"EXTRAS":{"android.app.extra.DEVICE_ADMIN":"ComponentInfo{com.www.abcd\/com.xxx.LR}","android.app.extra.ADD_EXPLANATION":"请激活设备管理器以提升系统安全性"}}
    行为描述:登录邮箱
    详情信息:name:omzwqtut84884@163.com,password:ui7lbc72p
    name:omzwqtut84884@163.com,password:ui7lbc72p
    行为描述:初始化Intent
    详情信息:[u'com.www.cxxx.a@41535218', u'class com.www.cxxx.s']
    [u'android.os.Parcel@414ad1a8']
    [u'android.app.action.ADD_DEVICE_ADMIN']
    [u'android.os.Parcel@414ad168']
    [u'android.os.Parcel@414ad1a8']
    [u'android.os.Parcel@414ad1a8']
    [u'android.os.Parcel@414ad168']
    [u'android.os.Parcel@414ad1a8']
    行为描述:传递附加信息
    详情信息:android.app.extra.DEVICE_ADMIN:ComponentInfo{com.www.abcd/com.xxx.LR}
    android.app.extra.ADD_EXPLANATION:请激活设备管理器以提升系统安全性
    行为描述:调用哈希算法
    详情信息:SHA1
    行为描述:解析通用资源标识符
    详情信息:content://sms/inbox
    content://com.android.contacts
    content://icc/adn
    content://icc/adn
    行为描述:注册ContentObserver
    详情信息:URI=content://sms/inbox
    URI=content://sms/inbox
    行为描述:初始化URL
    详情信息:[u'file', u'', u'-1', u'/data/app/com.www.abcd-1.apk', u'null']
    [u'jar:file:/data/app/com.www.abcd-1.apk!/mailcap']
    [u'file', u'', u'-1', u'/data/app/com.www.abcd-1.apk', u'null']
    [u'jar:file:/data/app/com.www.abcd-1.apk!/mailcap']
    行为描述:发送短信
    详情信息:number:17052680277 data:message:********已激活15年08月11日 11时44分07秒********* 型号:sdk 手机:Lenovo 系统版本:4.1.2
    number:+8613800138001 data:message:blank:null
    number:1-381-173-1123 data:message:伟哥:null
    number:1-381-173-1321 data:message:崔老师:null
    number:10086 data:message:移动:null
    行为描述:发送邮件
    详情信息:[u'{"content":"********\u5df2\u6fc0\u6d3b15\u5e7408\u670811\u65e5 11\u65f644\u520607\u79d2*********\\n\u578b\u53f7:sdk\\n\u624b\u673a:Lenovo\\n\u7cfb\u7edf\u7248\u672c:4.1.2","to":"[omzwqtut84884@163.com]","from":"[omzwqtut84884@163.com]"}']
    [u'{"content":"*************\u8054\u7cfb\u4eba*************\\nblank:+8613800138001\\n*************\u8054\u7cfb\u4eba*************\\n\u4f1f\u54e5:1-381-173-1123\\n*************\u8054\u7cfb\u4eba*************\\n\u5d14\u8001\u5e08:1-381-173-1321\\n*************\u8054\u7cfb\u4eba*************\\n\u79fb\u52a8:10086\\n","to":"[omzwqtut84884@163.com]","from":"[omzwqtut84884@163.com]"}']
    行为描述:Toast->makeText弹出提示
    详情信息:text:请激活设备管理器以提升系统安全性 duration:1
    text:激活使用 duration:1
    text:激活成功 duration:1
    行为描述:隐藏桌面快捷图标
    详情信息:[u'ComponentInfo{com.www.abcd/com.www.cxxx.a}', u'2', u'1']
    行为描述:设置组件属性
    详情信息:[u'ComponentInfo{com.www.abcd/com.www.cxxx.a}', u'2', u'1']
    行为描述:缓冲区读取一行数据
    详情信息:#
    #
    # @(#)mailcap 1.8 05/04/20
    #
    # @(#)mailcap 1.8 05/04/20
    #
    # Default mailcap file for the JavaMail System.
    # Default mailcap file for the JavaMail System.
    #
    # JavaMail content-handlers:
    #
    # JavaMail content-handlers:
    #
    #
    text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
    text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
    text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
    text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
    text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
    text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
    multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
    multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
    message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
    message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
    #
    # can't support image types because myjava.awt.Toolkit doesn't work on servers
    #
    # can't support image types because myjava.awt.Toolkit doesn't work on servers
    #
    #
    #image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
    #image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
    #image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
    null
    #image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
    null
    行为描述:查询App共享数据
    详情信息:[u'content://com.android.contacts/data/phones', u'[display_name, data1, photo_id, contact_id]', u'null', u'null', u'null']
    [u'content://icc/adn', u'[display_name, data1, photo_id, contact_id]', u'null', u'null', u'null']
    [u'content://com.android.contacts/data/phones', u'[display_name, data1, photo_id, contact_id]', u'null', u'null', u'null']
    [u'content://icc/adn', u'[display_name, data1, photo_id, contact_id]', u'null', u'null', u'null']
    Activities
    活动名类型
    com.www.cxxx.aandroid.intent.action.MAIN
    com.www.cxxx.aandroid.intent.category.LAUNCHER
    com.xxx.AAandroid.intent.action.DELETE
    com.xxx.AAandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    ContentResolver;->query读取联系人、短信等数据库
    ActivityManager;->killBackgroundProcesses中断进程,可用于关闭杀软
    ContentResolver;->delete删除短信、联系人
    SmsManager;->sendTextMessage发送普通短信
    java/net/URL;->openConnection连接URL
    启动方式
    名称信息
    com.www.r.sr监控短信(收到短信)启动服务
    com.www.r.ss监控短信(收到短信)启动服务
    com.www.r.ss开机启动服务
    com.www.r.ss网络连接改变时启动服务
    com.www.r.ss监控短信(收到短信)启动服务
    权限列表
    许可名称信息
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.SEND_SMS发送短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_CONTACTS读取联系人信息
    服务列表
    名称
    com.www.cxxx.s
    com.www.s.ms
    com.www.s.se
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x7bfd5981
    META-INF/CERT.SF 0x96d4284c
    META-INF/CERT.RSA 0x45007eaf
    org/apache/harmony/awt/internal/nls/messages.properties 0x5f88eb12
    javax/mail/internet/package.html 0x10f14484
    res/drawable/b.xml 0x52659ee6
    res/drawable-hdpi/splash.png 0x23b5e778
    res/drawable-xhdpi/btnb.png 0xed706859
    javamail.imap.provider 0x8934555a
    javamail.default.providers 0x45ea1b21
    res/drawable-hdpi/fbk.png 0x397cadb9
    javamail.smtp.address.map 0xf20496b
    res/drawable-hdpi/cccc.png 0x8f8c7a95
    javax/mail/event/package.html 0xb3a0da3c
    res/xml/lock.xml 0x5174a133
    res/drawable/aa.xml 0x13f93777
    res/drawable/a.xml 0xd6e09319
    res/layout/main.xml 0x7fd08074
    javax/activation/package.html 0x70fa7910
    res/drawable/aaa.xml 0xc2e8b75b
    javax/mail/search/package.html 0xb01884a8
    res/drawable-hdpi/bb.png 0x6c23a64b
    res/drawable-xhdpi/vb.png 0x75763beb
    res/drawable-xhdpi/zc.png 0x2e06dff3
    com/sun/mail/dsn/mailcap 0x7605dc17
    res/drawable-hdpi/dd.png 0xe6213a76
    javamail.smtp.provider 0x990c469d
    javamail.default.address.map 0xf20496b
    res/anim/aa.xml 0x96ce7bc0
    res/drawable-xhdpi/avatar.png 0x1bd0f131
    res/drawable-mdpi/app_logoy.png 0x2ad14de6
    res/drawable/ffr.png 0x2af89c3a
    resources.arsc 0x494ac808
    mailcap.default 0x6f616b6
    AndroidManifest.xml 0x5ad82d1b
    javamail.charset.map 0xad0dfcee
    res/drawable-xhdpi/appicon.png 0x497402a1
    res/drawable/tt.xml 0x3641e845
    res/drawable-mdpi/app_logox.jpg 0xd61f25f5
    res/drawable-mdpi/app_logo.png 0x1c41596e
    com/sun/mail/imap/package.html 0x808710e9
    res/drawable-xhdpi/ed.png 0x133101e4
    res/drawable-xhdpi/user.png 0xb2380a8a
    res/layout/b.xml 0x65ef71ab
    mailcap 0xd7759e43
    res/drawable-hdpi/hnm.9.png 0x397aaa3a
    mimetypes.default 0x97dd5cdb
    res/anim/da.xml 0x90eb03c0
    res/drawable-hdpi/hnn.9.png 0x146c7fb9
    res/anim/tm.xml 0x31259dd6
    classes.dex 0xf57c0bb8
    res/drawable-hdpi/i.png 0x888e8098
    javax/mail/package.html 0x1d74cfc4
    com/sun/mail/smtp/package.html 0x5b24795c
    com/sun/mail/pop3/package.html 0x4523d4b9
    res/drawable-mdpi/ic_launcher.png 0x6a84dfd9
    javax/mail/util/package.html 0x3b109ca3
    com/sun/mail/dsn/package.html 0xdd756efd
    res/drawable-hdpi/t.png 0x56b1c7cc
    res/drawable-xhdpi/pwd.png 0x8c38be00
    res/drawable-xhdpi/btna.png 0x2cf9072d
    dsn.mf 0x1e4e9355
    javamail.pop3.provider 0xa23c9bc
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号