VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :4983.apk (File not down)
File Size :137577 byte
File Type :Zip archive data
MD5:935cff8f2d7fc2d704737b813cbf0376
SHA1:c99070950b39da91b235ad3546285c8e2e94cbb1
SHA256:0e6eb5c4245a63710cd132ec8ee54f0ce334f1ff83bcc64ce97ddeb982d91408
SSDEEP:
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:37%Scanner(s) (12/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2019-06-16 14:45:58 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 AVL SDK 3.0 2019-06-15 RiskWare[Monitor]/Android.FoCobers 1
    avast 18.4.3895.0 18.4.3895.0 2019-06-16 Found nothing 46
    avg 10.0.1405 10.0.1405 2019-06-16 Found nothing 1
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 2
    baidusd 1.0 1.0 2019-06-15 Found nothing 1
    bitdefender 7.141118 7.141118 2019-06-15 Found nothing 1
    clamav 25480 0.100.2 2019-06-14 Andr.Malware.Agent-1462077 1
    drweb 11.0.10.1810231600 11.0.10.1810231600 2019-06-14 Found nothing 9
    emsisoft 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    fortinet 1.000, 69.253, 69.184, 69.208 5.4.247 2019-06-16 Riskware/Generic.Z.2ED742!Android 1
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 1
    fsecure 2015-08-01-02 9.13 2019-06-16 Found nothing 56
    gdata 25.22387 25.22387 2019-06-16 Android.Monitor.Cobbler.A 12
    ikarus 5.01.05 V1.32.39.0 2019-06-15 PUA.AndroidOS.Cobblerone 4
    jiangmin 16.0.100 1.0.0.0 2019-06-15 Trojan.AndroidOS.diyr 2
    kaspersky 5.5.33 5.5.33 2019-06-15 Found nothing 20
    kingsoft 2.1 2.1 2013-09-22 Found nothing 8
    mcafee 9256 5400.1158 2019-05-13 Found nothing 12
    nod32 9516 4.5.15 2019-06-13 Android/Cobblerone.A potentially unsafe application 1
    panda 9.05.01 9.05.01 2019-05-29 Found nothing 4
    pcc 13.302.06 9.500-1005 2019-06-15 Found nothing 2
    qh360 1.0.1 1.0.1 2019-06-15 Tool.Android.Gen 3
    qqphone 2.0.0.0 2.0.0.0 2019-06-15 a.gray.fourcobblers 1
    quickheal 14.00 14.00 2019-02-10 Android.FoCobers.A (PUP) 3
    rising 5165 5165 2019-06-15 Found nothing 3
    sophos 4.62 3.16.1 2016-09-20 Andr/SmsThief-A 11
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 1
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2017-03-30 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2019-06-15 Android.M.jrdq 6
    vba 4.0.0 4.0.0 2019-06-14 Found nothing 4
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 3
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.INTERNET连接网络(2G或3G)
  • 文件信息
    安全评分 :
    基本信息
    MD5:935cff8f2d7fc2d704737b813cbf0376
    包名:com.FourCobblers.Free.PhoneLock
    最低运行环境:Android 2.2.x
    版权:zhonglin
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2584, ThreadID = 2596, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2584, ThreadID = 2600, StartAddress = 4AEA7456, Parameter = 00000000
    文件行为
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    网络行为
    行为描述:连接指定站点
    详情信息:WinHttpConnect: ServerName = te****om, PORT = 80, UserName = , Password = , hSession = 0x036b3100, hConnect = 0x036b3200, Flags = 0x00000000
    行为描述:打开HTTP连接
    详情信息:WinHttpOpen: UserAgent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5), hSession = 0x036b3100
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: te****om, IP: **.133.40.**:80, SOCKET = 0x000001f8
    行为描述:发送HTTP包
    详情信息:GET /function.php?type=0 HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36 Accept-Language: zh-CN,zh;q=0.8,en;q=0.6,ko;q=0.4 Connection: keep-alive Host: te****om
    行为描述:打开HTTP请求
    详情信息:WinHttpOpenRequest: te****om:80/function.php?type=0, hConnect = 0x036b3200, hRequest = 0x03740000, Verb: GET, Referer: , Flags = 0x00000080
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: te****om
    其他行为
    行为描述:创建互斥体
    详情信息:RasPbFile
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,WindowEx]
    [Window,Class] = [,IconboxEx]
    [Window,Class] = [,PictureEx]
    [Window,Class] = [,_EL_Timer]
    [Window,Class] = [,EditboxEx]
    [Window,Class] = [,SuperbuttonEx]
    [Window,Class] = [,LabelEx]
    [Window,Class] = [,MinutesboxEx]
    [Window,Class] = [,ProgressbarEx]
    [Window,Class] = [,ChoiceboxEx]
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    行为描述:窗口信息
    详情信息:Pid = 2584, Hwnd=0x10372, Text = 确定, ClassName = Button.
    Pid = 2584, Hwnd=0x10376, Text = 运行时出错! 错误信息:无法找到指定DLL库文件“xldl.dll”中的输出命令“XL_Init” 0, 0 , ClassName = Static.
    Pid = 2584, Hwnd=0x10370, Text = 错误, ClassName = #32770.
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    行为描述:打开互斥体
    详情信息:RasPbFile
    ShimCacheMutex
    Activities
    活动名类型
    PhoneLockandroid.intent.action.MAIN
    PhoneLockandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    android/app/NotificationManager;->notify信息通知栏
    HttpClient;->execute请求远程服务器
    SmsManager;->sendMultipartTextMessage发送彩信
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getLine1Number获取手机号
    LocationManager;->getLastKnownLocation获取地址位置
    启动方式
    名称信息
    com.FourCobblers.Free.PhoneLock.DeviceAdminHandle
    com.FourCobblers.Free.PhoneLock.SMSCommandHandle监控短信(收到短信)启动服务
    广告信息
    名称信息
    com.google.adsAdMob
    权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.INTERNET连接网络(2G或3G)
    文件列表
    文件名 校验码
    res/drawable/alert_dialog_icon.png 0x19977238
    res/drawable/arrow_w.png 0xc502864d
    res/drawable/button.png 0x99a4f90b
    res/drawable/file.png 0x14d1e425
    res/drawable/folder.png 0x71fbfa7e
    res/drawable/lock_phone.png 0xacb59746
    res/drawable/password.png 0x1b95b2a8
    res/drawable/setting.png 0x2e94ec3d
    res/drawable/up.png 0x95f50e62
    res/drawable/widget_bg_normal.png 0x99a4f90b
    res/layout/alert_dialog_buy_paid_version.xml 0x2c236d82
    res/layout/alert_dialog_set_failed_wording.xml 0xa6657843
    res/layout/detail_setting.xml 0xc6cbde81
    res/layout/device_admin_handle.xml 0x60c6d671
    res/layout/file_row.xml 0xee86df83
    res/layout/help.xml 0x80398512
    res/layout/main.xml 0x6ccff4d4
    res/layout/main_ui.xml 0xbd0af10a
    res/layout/password.xml 0x83b9568a
    res/layout/protect_other_data.xml 0x57d3d8de
    res/layout/single_list.xml 0x6fd05dbb
    res/layout/sms_remote_command_setting.xml 0xec58b736
    res/xml/device_admin_sample.xml 0xe4b68c98
    res/xml/lock_widget_provider.xml 0x7677bd67
    AndroidManifest.xml 0x6c4e65b
    resources.arsc 0x376d24bb
    classes.dex 0x59ec4cba
    assembly-descriptor.xml 0xd2a3e682
    META-INF/MANIFEST.MF 0x1d18b7e6
    META-INF/CERT.SF 0x41d52192
    META-INF/CERT.RSA 0x84bfeba7
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号