VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :Titanium+Backup-PRO-7.4.0.apk (File not down)
File Size :7430647 byte
File Type :application/jar
MD5:c0c3a9b3ebe63cab05dd749c85567d10
SHA1:6ecece077d2d12a9ba7d5f2e10c7d768618eaafc
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-05-21 13:25:50 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 3
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.6643 25.6643 2016-05-19 Found nothing 13
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 45
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 5
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 6
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 4
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 8
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 15
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_MEDIA_STORAGE
    android.permission.WRITE_MEDIA_STORAGE
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.VIBRATE允许设备震动
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.USE_CREDENTIALS获取认证令牌
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.WRITE_CALL_LOG写入通话记录
    com.android.voicemail.permission.ADD_VOICEMAIL允许添加声音邮件
    com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.ACCESS_SUPERUSER
    android.permission.BROADCAST_SMS收到短信时广播
    android.permission.BROADCAST_WAP_PUSHWAP PUSH广播
  • 文件信息
    安全评分 :
    基本信息
    MD5:c0c3a9b3ebe63cab05dd749c85567d10
    包名:com.keramidas.TitaniumBackup
    最低运行环境:Android 1.5
    版权:
    关键行为
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000b0300, Text = Setup - Desktop Ruler, ClassName = TWizardForm.
    hWnd = 0x000a032c, Text = Setup, ClassName = TApplication.
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_RegDLL.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_shfoldr.dll
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_RegDLL.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_shfoldr.dll
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp ---> Offset = 65536
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp ---> Offset = 131072
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp ---> Offset = 196608
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp ---> Offset = 262144
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_RegDLL.tmp ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_shfoldr.dll ---> Offset = 0
    行为描述:查找文件
    详情信息:FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-QE04F.tmp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-QE04F.tmp\is-JOVN7.tmp
    FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\「开始」菜单
    FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.MLJ
    行为描述:创建事件对象
    详情信息:EventName = MSCTF.SendReceive.Event.MLJ.IC
    EventName = MSCTF.SendReceiveConection.Event.MLJ.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000b0300, Text = Setup - Desktop Ruler, ClassName = TWizardForm.
    hWnd = 0x000a032c, Text = Setup, ClassName = TApplication.
    行为描述:窗口信息
    详情信息:Pid = 2488, Hwnd=0x60352, Text = Welcome to the Desktop Ruler Setup Wizard , ClassName = TNewStaticText.
    Pid = 2488, Hwnd=0xa0322, Text = This will install Desktop Ruler 3.28 on your computer. It is recommended that you close all other applications before continui, ClassName = TNewStaticText.
    Pid = 2488, Hwnd=0x40368, Text = DESKTOP RULER END USER LICENSE AGREEMENT IMPORTANT: Carefully read this End User License Agreement ("Agreement") before instal, ClassName = TRichEditViewer.
    Pid = 2488, Hwnd=0x6034a, Text = DESKTOP RULER 3.28 RELEASE NOTES 1) Single bugfix - corrected wrong positioning of information and hints in case of scale , ClassName = TRichEditViewer.
    Pid = 2488, Hwnd=0x60362, Text = &Next >, ClassName = TButton.
    Pid = 2488, Hwnd=0x90320, Text = Cancel, ClassName = TButton.
    Pid = 2488, Hwnd=0xb0300, Text = Setup - Desktop Ruler, ClassName = TWizardForm.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_RegDLL.tmp(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_shfoldr.dll(签名验证: 未通过)
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-QE04F.tmp\is-JOVN7.tmp ---> 52a01e96def81fa522fc6dd57c6cce85
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_RegDLL.tmp ---> bb211d7a8cea15072de7425403508c17
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-C9D91.tmp\_isetup\_shfoldr.dll ---> 92dc6ef532fbb4a5c3201469a5b5eb63
    Activities
    活动名类型
    .MainActivityandroid.intent.action.MAIN
    .MainActivityandroid.intent.category.LAUNCHER
    .MainActivityandroid.intent.category.MULTIWINDOW_LAUNCHER
    .MyWidgetConfigureandroid.appwidget.action.APPWIDGET_CONFIGURE
    .MyDataProfileWidgetConfigureandroid.appwidget.action.APPWIDGET_CONFIGURE
    .ImportBackupActivityandroid.intent.action.VIEW
    .ImportBackupActivityandroid.intent.category.DEFAULT
    .ImportBackupActivityandroid.intent.category.BROWSABLE
    com.dropbox.client2.android.AuthActivityandroid.intent.action.VIEW
    com.dropbox.client2.android.AuthActivityandroid.intent.category.BROWSABLE
    com.dropbox.client2.android.AuthActivityandroid.intent.category.DEFAULT
    .apiBackupRestore.DummyActivityandroid.intent.action.SEND
    .apiBackupRestore.DummyActivityandroid.intent.action.SENDTO
    .apiBackupRestore.DummyActivityandroid.intent.category.DEFAULT
    .apiBackupRestore.DummyActivityandroid.intent.category.BROWSABLE
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    启动方式
    名称信息
    com.keramidas.TitaniumBackup.MyWidget更新应用小部件时启动服务
    com.keramidas.TitaniumBackup.MyDataProfileWidget更新应用小部件时启动服务
    com.keramidas.TitaniumBackup.schedules.BootReceiver开机启动服务
    com.keramidas.TitaniumBackup.schedules.BootReceiver
    com.keramidas.TitaniumBackup.schedules.BootReceiver
    com.keramidas.TitaniumBackup.schedules.BootReceiver
    com.keramidas.TitaniumBackup.PackageEventsReceiver应用安装时启动服务
    com.keramidas.TitaniumBackup.PackageEventsReceiver应用卸载时启动服务
    com.keramidas.TitaniumBackup.PackageEventsReceiver
    com.keramidas.TitaniumBackup.schedules.WakeUpReceiver
    com.keramidas.TitaniumBackup.apiBackupRestore.DummyReceiver
    com.keramidas.TitaniumBackup.apiBackupRestore.DummyReceiver
    权限列表
    许可名称信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_MEDIA_STORAGE
    android.permission.WRITE_MEDIA_STORAGE
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.VIBRATE允许设备震动
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.USE_CREDENTIALS获取认证令牌
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.WRITE_CALL_LOG写入通话记录
    com.android.voicemail.permission.ADD_VOICEMAIL允许添加声音邮件
    com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.ACCESS_SUPERUSER
    android.permission.BROADCAST_SMS收到短信时广播
    android.permission.BROADCAST_WAP_PUSHWAP PUSH广播
    服务列表
    名称
    o.V
    o.H
    o.Ⅽ
    com.keramidas.TitaniumBackup.apiBackupRestore.DummyService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x8fd5a667
    META-INF/CERT.SF 0x9869b4e
    META-INF/CERT.RSA 0x120957d8
    A 0xb6e8f923
    AndroidManifest.xml 0x155895b7
    B 0x94591a84
    C 0x974f6f1b
    D 0x2aaf4b6a
    E 0x2ad8c087
    F 0x9a4a7976
    G 0xf4bdead1
    H 0x34481c3d
    I 0x2256c29c
    J 0xb35a0f4a
    K 0xc8a04a6c
    L 0xa5118c5d
    M 0xac5bd8ce
    N 0xc965f3b0
    O 0x8234ab75
    P 0x65b6286
    Q 0x56099587
    R 0xc51520d0
    S 0x6881a06b
    T 0xb8acb473
    U 0xd9676504
    V 0x69c76d9
    W 0xb5022954
    X 0x99e4f19
    Y 0xa0fee99d
    Z 0x23afdd2d
    a 0xa7f772c1
    a.xml 0x4bd63467
    aA 0xc4af2f2f
    aB 0x7ba48f45
    aC 0x79cb1cec
    aD 0x4b26c6bf
    aE 0xeed8ff9b
    aF 0xf0cd8f37
    aG 0x670c8a41
    aH 0x5fe136b9
    aI 0xbd7d8bd
    aJ 0xeaa91012
    aK 0x2e62619b
    aL 0xdad051be
    aM 0xc0fc3a83
    aN 0xf38d3ac9
    aO 0xa39a33f8
    aP 0x58cf9ab7
    aQ 0x3a919a85
    aR 0xa1c749be
    aS 0xda23dbbd
    aT 0xa769ef80
    aU 0x8030c8bc
    aV 0xd3f12f2
    aW 0xf373fe17
    aX 0xb9446299
    aY 0x10b7c992
    aZ 0x4a309d18
    aa 0x3032f690
    ab 0x6ea8134e
    ac 0xa6a3d4f7
    ad 0x7bfbf125
    ae 0xf06a25b8
    af 0x15f1d27a
    ag 0x18cc8c64
    ah 0xb5908f2b
    ai 0xb29c383b
    aj 0xf76697a
    ak 0x9fc8cfd6
    al 0xa52be2f1
    am 0xc4ecb4
    an 0xcf27f887
    ao 0x548404f7
    ap 0x9694bc1
    aq 0x5d8048
    ar 0xe727fb11
    as 0x78f9ff8a
    assets/MarketUpdateHelper.apk 0x731b3f2d
    assets/busybox.armeabi 0x326fc899
    assets/busybox.armeabi.pie 0x3b0cab12
    assets/busybox.mips 0xf6f06461
    assets/busybox.mips.pie 0xe9937d3a
    assets/busybox.x86 0x95e1b7d8
    assets/busybox.x86.pie 0xa82bc289
    assets/dexopt-wrapper.armeabi 0x10c55eba
    assets/dexopt-wrapper.armeabi.pie 0x34c0e9e0
    assets/dexopt-wrapper.mips 0x4ba8e2f
    assets/dexopt-wrapper.mips.pie 0x972fab58
    assets/dexopt-wrapper.x86 0xb8d50d77
    assets/dexopt-wrapper.x86.pie 0x572f1b9f
    assets/reboot.armeabi 0xbc3a6539
    assets/reboot.armeabi.pie 0xf6c7f4a5
    assets/reboot.mips 0x42fd8d0e
    assets/reboot.mips.pie 0x69c631c0
    assets/reboot.x86 0x629e83ee
    assets/reboot.x86.pie 0xcc397aeb
    assets/sqlite3.armeabi 0x3bedc65f
    assets/sqlite3.armeabi.pie 0xa5795655
    assets/sqlite3.mips 0xcf764e5b
    assets/sqlite3.mips.pie 0x412de539
    assets/sqlite3.x86 0x2af55b2d
    assets/sqlite3.x86.pie 0xf7f72df3
    assets/update-binary.armeabi 0xdbc73334
    at 0xa80cbe30
    au 0x41f1959
    av 0x6b857a3a
    aw 0x9a9cbd90
    ax 0xe35146eb
    ay 0xc5901885
    az 0x4b89e229
    b 0xf5460ee8
    b.xml 0xe5dd67f3
    bA 0xc4da9745
    bB 0xa9bec63f
    bC 0x2104e9b9
    bD 0xc13dcb62
    bE 0x6b4f6a16
    bF 0xf5937ecf
    bG 0xbe15c3d0
    bH 0x8e6882c1
    bI 0x4fa55be6
    bJ 0x5b3150dc
    bK 0x5f7d579e
    bL 0xedfe504e
    bM 0x526c2048
    bN 0x873b8369
    bO 0x75df5b6e
    bP 0x53905beb
    bQ 0x6b1977f0
    bR 0xeb5961c9
    bS 0x6c455a50
    bT 0xb3560fe3
    bU 0xab5d57a3
    bV 0x3eba5f5e
    bW 0xc40543a7
    bX 0x1832e2aa
    bY 0xf60b4191
    bZ 0x473b4e19
    ba 0x2df95a20
    bb 0x60f19460
    bc 0xe6e537c9
    bd.png 0xd1fe2344
    be 0xe59f711
    bf 0x2f734cc7
    bg 0x86ff183f
    bh 0xf2df2b63
    bi 0x97e479a7
    bj 0x25c74d6a
    bk 0x4a26c9fc
    bl 0xda83958d
    bm 0xc24e7162
    bn 0xcbdd09f0
    bo 0x4bc6fb1b
    bp 0x4af219af
    bq 0x190c53f6
    br 0xc8536416
    bs 0x6821facf
    bt 0xf67b9361
    bu 0x275089d8
    bv 0xc0900204
    bw 0x16660fe7
    bx 0x583ebf30
    by 0x29181c20
    bz 0x1e6f46e4
    c 0x151348a1
    c.xml 0xc4a252ee
    ca 0x97356fad
    cb 0xc309e17
    cc 0x4e6b5c50
    cd 0xa74cb48c
    ce 0xd5aa8108
    cf 0xe2493b1d
    classes.dex 0x116c130d
    com/google/api/client/googleapis/google.jks 0xbfb6615b
    d 0xd13c8c66
    d.xml 0xef0ee749
    e 0xbc987ec4
    e.xml 0xe886d300
    f 0x2ede9955
    f.xml 0xddf6ee42
    g 0x2092d921
    g.xml 0xbc374ac9
    h 0x9d8f9a3c
    h.xml 0xb57a9923
    i 0x65f10286
    i.xml 0xd4d216fd
    j 0x1be1227b
    j.xml 0x7d4ca047
    k 0x3950aa29
    k.xml 0xdf96b3ff
    l 0xa38c5ca0
    lib/arm64-v8a/libtitanium.so 0x1d3f98ee
    lib/armeabi/libtitanium.so 0xab7fb72b
    lib/mips/libtitanium.so 0xe54bce9
    lib/x86/libtitanium.so 0xfd6b1adc
    m 0x5a1b822d
    n 0xeaa4ed87
    o 0x13ffc1ca
    org/apache/http/entity/mime/version.properties 0x6ef9dd91
    p 0xb9d3bb84
    q 0xca1fcc5a
    r 0xb7bd6bc8
    resources.arsc 0x76b6ebbc
    s 0x66fcd3aa
    t 0x6852e7c2
    u 0x304a2c7a
    v 0x605c628e
    w 0xd0efc812
    x 0xd50c6eb1
    y 0xed66bb29
    z 0x944a22fe
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号