VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : Qx_src.apk (File not down)
File Size :393464 byte
File Type :application/zip
MD5:10929592d17921c9602fd8703546f73c
SHA1:be9e1e0bef18c279cebf44e437c9e260ce6cab9e
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!        Behavior
    Time: 2015-10-23 21:56:31 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4014 25.4014 2015-10-23 Android.Trojan.SMSSend.AEU 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 41
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 11
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 12
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.SEND_SMS发送短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_CONTACTS读取联系人信息
  • 文件信息
    安全评分 :
    基本信息
    MD5:10929592d17921c9602fd8703546f73c
    包名:com.www.abc
    最低运行环境:Android 2.2.x
    版权:
    危险行为
    行为描述:发送短信
    详情信息:number:18344430626 data:message:已激活08月11日 11时44分 型号:sdk 手机:Lenovo 系统版本:4.1.2
    动态列表行为
    行为描述:启动服务
    详情信息:{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.www.abc\/com.www.cxx.s}"}
    行为描述:获取加密实例
    详情信息:[u'DES']
    行为描述:读取URL数据
    详情信息:[]
    []
    行为描述:添加View
    详情信息:[u'android.widget.LinearLayout@414b0228', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414b9858', u'WM.LayoutParams{(0,0)(fillxfill) ty=1 fl=#1810100 pfl=0x8 wanim=0x103028f}', u'android.view.CompatibilityInfoHolder@414b8618']
    [u'android.widget.LinearLayout@4152c8b8', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    [u'android.widget.LinearLayout@414ef708', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
    行为描述:获取邮件Session
    详情信息:[u'{mail.smtp.port=25, mail.smtp.host=smtp.163.com, mail.smtp.auth=true}', u'com.xxx.wa@41525958']
    [u'{mail.smtp.port=25, mail.smtp.host=smtp.163.com, mail.smtp.auth=true}', u'com.xxx.wa@41530ea8']
    行为描述:读取文件
    详情信息:path:/data/app/com.www.abc-1.apk length:9
    path:/data/app/com.www.abc-1.apk length:23
    path:/data/app/com.www.abc-1.apk length:69
    path:/data/app/com.www.abc-1.apk length:7
    path:/data/app/com.www.abc-1.apk length:7
    行为描述:Android运行时错误
    详情信息:E/AndroidRuntime( 1545): FATAL EXCEPTION: main
    E/AndroidRuntime( 1545): java.lang.RuntimeException: Unable to start service com.www.s.se@4152d308 with Intent { cmp=com.www.abc/com.www.s.se }: java.lang.NumberFormatException: Invalid int: "null"
    E/AndroidRuntime( 1545): at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:2507)
    E/AndroidRuntime( 1545): at android.app.ActivityThread.access$1900(ActivityThread.java:130)
    E/AndroidRuntime( 1545): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1292)
    E/AndroidRuntime( 1545): at android.os.Handler.dispatchMessage(Handler.java:99)
    E/AndroidRuntime( 1545): at android.os.Looper.loop(Looper.java:137)
    E/AndroidRuntime( 1545): at android.app.ActivityThread.main(ActivityThread.java:4745)
    E/AndroidRuntime( 1545): at java.lang.reflect.Method.invokeNative(Native Method)
    E/AndroidRuntime( 1545): at java.lang.reflect.Method.invoke(Method.java:511)
    E/AndroidRuntime( 1545): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786)
    E/AndroidRuntime( 1545): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553)
    E/AndroidRuntime( 1545): at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:135)
    E/AndroidRuntime( 1545): at dalvik.system.NativeStart.main(Native Method)
    E/AndroidRuntime( 1545): Caused by: java.lang.NumberFormatException: Invalid int: "null"
    E/AndroidRuntime( 1545): at java.lang.Integer.invalidInt(Integer.java:138)
    E/AndroidRuntime( 1545): at java.lang.Integer.parseInt(Integer.java:355)
    E/AndroidRuntime( 1545): at java.lang.Integer.parseInt(Integer.java:332)
    E/AndroidRuntime( 1545): at java.lang.Integer.valueOf(Integer.java:490)
    E/AndroidRuntime( 1545): at com.www.s.se.onStart(se.java:24)
    E/AndroidRuntime( 1545): at android.app.Service.onStartCommand(Service.java:450)
    E/AndroidRuntime( 1545): at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:2490)
    E/AndroidRuntime( 1545): ... 11 more
    行为描述:激活ActivityForResult
    详情信息:{"ACTION":"android.app.action.ADD_DEVICE_ADMIN","FLAG":0,"EXTRAS":{"android.app.extra.DEVICE_ADMIN":"ComponentInfo{com.www.abc\/com.xxx.LR}","android.app.extra.ADD_EXPLANATION":"请激活设备管理器以提升系统安全性"}}
    行为描述:登录邮箱
    详情信息:name:youhk574294@163.com,password:flowerxxx
    name:youhk574294@163.com,password:flowerxxx
    行为描述:初始化Intent
    详情信息:[u'com.www.cxx.a@41550b78', u'class com.www.cxx.s']
    [u'android.os.Parcel@414b6040']
    [u'android.app.action.ADD_DEVICE_ADMIN']
    [u'android.os.Parcel@414b6000']
    [u'android.os.Parcel@414b6040']
    [u'android.os.Parcel@414b6040']
    [u'android.os.Parcel@414b6040']
    [u'android.os.Parcel@414b6000']
    行为描述:传递附加信息
    详情信息:android.app.extra.DEVICE_ADMIN:ComponentInfo{com.www.abc/com.xxx.LR}
    android.app.extra.ADD_EXPLANATION:请激活设备管理器以提升系统安全性
    行为描述:调用哈希算法
    详情信息:SHA1
    行为描述:解析通用资源标识符
    详情信息:content://sms/
    content://com.android.contacts
    content://icc/adn
    行为描述:注册ContentObserver
    详情信息:URI=content://sms/
    URI=content://sms/
    行为描述:初始化URL
    详情信息:[u'file', u'', u'-1', u'/data/app/com.www.abc-1.apk', u'null']
    [u'jar:file:/data/app/com.www.abc-1.apk!/mailcap']
    [u'file', u'', u'-1', u'/data/app/com.www.abc-1.apk', u'null']
    [u'jar:file:/data/app/com.www.abc-1.apk!/mailcap']
    行为描述:发送短信
    详情信息:number:18344430626 data:message:已激活08月11日 11时44分 型号:sdk 手机:Lenovo 系统版本:4.1.2
    行为描述:发送邮件
    详情信息:[u'{"content":"*************\u8054\u7cfb\u4eba*************\\nblank:+8613800138001\\n*************\u8054\u7cfb\u4eba*************\\n\u4f1f\u54e5:1-381-173-1123\\n*************\u8054\u7cfb\u4eba*************\\n\u5d14\u8001\u5e08:1-381-173-1321\\n*************\u8054\u7cfb\u4eba*************\\n\u79fb\u52a8:10086\\n","to":"[18588438855@163.com]","from":"[youhk574294@163.com]"}']
    [u'{"content":"********\u5df2\u6fc0\u6d3b15\u5e7408\u670811\u65e5 11\u65f644\u520608\u79d2*********\\n\u578b\u53f7:sdk\\n\u624b\u673a:Lenovo\\n\u7cfb\u7edf\u7248\u672c:4.1.2","to":"[18588438855@163.com]","from":"[youhk574294@163.com]"}']
    行为描述:Toast->makeText弹出提示
    详情信息:text:请激活设备管理器以提升系统安全性 duration:1
    text:激活使用 duration:1
    text:软件安装失败,系统版本不支持 duration:1
    行为描述:隐藏桌面快捷图标
    详情信息:[u'ComponentInfo{com.www.abc/com.www.cxx.a}', u'2', u'1']
    行为描述:设置组件属性
    详情信息:[u'ComponentInfo{com.www.abc/com.www.cxx.a}', u'2', u'1']
    行为描述:缓冲区读取一行数据
    详情信息:#
    # @(#)mailcap 1.8 05/04/20
    #
    # Default mailcap file for the JavaMail System.
    #
    # JavaMail content-handlers:
    #
    text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
    text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
    text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
    multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
    message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
    #
    # can't support image types because myjava.awt.Toolkit doesn't work on servers
    #
    #image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
    #image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
    null
    #
    # @(#)mailcap 1.8 05/04/20
    #
    # Default mailcap file for the JavaMail System.
    #
    # JavaMail content-handlers:
    #
    text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
    text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
    text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
    multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
    message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
    #
    # can't support image types because myjava.awt.Toolkit doesn't work on servers
    #
    #image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
    #image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
    null
    行为描述:查询App共享数据
    详情信息:[u'content://com.android.contacts/data/phones', u'[display_name, data1, photo_id, contact_id]', u'null', u'null', u'null']
    [u'content://icc/adn', u'[display_name, data1, photo_id, contact_id]', u'null', u'null', u'null']
    Activities
    活动名类型
    com.www.cxx.aandroid.intent.action.MAIN
    com.www.cxx.aandroid.intent.category.LAUNCHER
    com.xxx.AAandroid.intent.action.DELETE
    com.xxx.AAandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    ContentResolver;->query读取联系人、短信等数据库
    ContentResolver;->delete删除短信、联系人
    SmsManager;->sendTextMessage发送普通短信
    java/net/URL;->openConnection连接URL
    启动方式
    名称信息
    com.www.r.sr监控短信(收到短信)启动服务
    com.www.r.ss监控短信(收到短信)启动服务
    com.www.r.ss开机启动服务
    com.www.r.ss网络连接改变时启动服务
    com.www.r.ss监控短信(收到短信)启动服务
    权限列表
    许可名称信息
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.SEND_SMS发送短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_CONTACTS读取联系人信息
    服务列表
    名称
    com.www.cxx.s
    com.www.s.ms
    com.www.s.se
    文件列表
    文件名 校验码
    assets/a 0xa84d3b1e
    res/drawable-hdpi/di.png 0x53c94f03
    res/drawable-hdpi/ji.png 0x67fdbcad
    res/drawable-hdpi/ping.png 0xeb64b2d6
    res/drawable-hdpi/xin.jpg 0x5763b1bb
    res/drawable-hdpi/yun.png 0x4486a61a
    res/drawable-hdpi/yunw.png 0xdd0f976f
    res/drawable-mdpi/app_logox.jpg 0xd61f25f5
    res/drawable-mdpi/icon.png 0x9a3ba313
    res/drawable-mdpi/lian.png 0x1c41596e
    res/drawable-mdpi/lv.png 0x19292da0
    res/drawable-mdpi/sp.png 0xcc476d23
    res/drawable-mdpi/tao.png 0x562cd602
    res/drawable-mdpi/tu.png 0xc7f6f487
    res/drawable-mdpi/wang.png 0x23f8209d
    res/drawable-mdpi/yid.png 0x2ad14de6
    res/xml/lock.xml 0x5174a133
    AndroidManifest.xml 0xf0d754c0
    classes.dex 0x9d3b4128
    resources.arsc 0x2098f058
    dsn.mf 0x1e4e9355
    javamail.default.address.map 0xf20496b
    javamail.smtp.provider 0x990c469d
    javamail.imap.provider 0x8934555a
    mimetypes.default 0x97dd5cdb
    javamail.pop3.provider 0xa23c9bc
    mailcap.default 0x6f616b6
    javamail.default.providers 0x45ea1b21
    javamail.smtp.address.map 0xf20496b
    javamail.charset.map 0xad0dfcee
    mailcap 0xd7759e43
    com/ 0x0
    com/sun/ 0x0
    com/sun/mail/ 0x0
    com/sun/mail/dsn/ 0x0
    com/sun/mail/dsn/mailcap 0x7605dc17
    com/sun/mail/dsn/package.html 0xdd756efd
    com/sun/mail/smtp/ 0x0
    com/sun/mail/smtp/package.html 0x5b24795c
    com/sun/mail/pop3/ 0x0
    com/sun/mail/pop3/package.html 0x4523d4b9
    com/sun/mail/imap/ 0x0
    com/sun/mail/imap/package.html 0x808710e9
    javax/ 0x0
    javax/mail/ 0x0
    javax/mail/package.html 0x1d74cfc4
    javax/mail/util/ 0x0
    javax/mail/util/package.html 0x3b109ca3
    javax/mail/internet/ 0x0
    javax/mail/internet/package.html 0x10f14484
    javax/mail/event/ 0x0
    javax/mail/event/package.html 0xb3a0da3c
    javax/mail/search/ 0x0
    javax/mail/search/package.html 0xb01884a8
    javax/activation/ 0x0
    javax/activation/package.html 0x70fa7910
    org/ 0x0
    org/apache/ 0x0
    org/apache/harmony/ 0x0
    org/apache/harmony/awt/ 0x0
    org/apache/harmony/awt/internal/ 0x0
    org/apache/harmony/awt/internal/nls/ 0x0
    org/apache/harmony/awt/internal/nls/messages.properties 0x5f88eb12
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号