VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :LBE平行空间(原双开大师).apk (File not down)
File Size :2832904 byte
File Type :application/zip
MD5:816de0f32abb6893b699c9e4ce41aa4f
SHA1:8cb26db1c2d4d6fb97b4dac22e071237f70cf722
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-09-05 16:35:54 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 3
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.8133 25.8133 2016-09-03 Found nothing 11
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 42
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 4
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 6
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 8
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 3
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 16
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.ACCOUNT_MANAGER账户管理
    android.permission.USE_CREDENTIALS获取认证令牌
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.MANAGE_ACCOUNTS管理账户
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.AUTHENTICATE_ACCOUNTS验证账户
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    android.permission.ACCESS_MOCK_LOCATION获取模拟定位信息
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_WIMAX_STATE
    android.permission.BIND_APPWIDGET绑定插件
    android.permission.BLUETOOTH连接蓝牙设备
    android.permission.BLUETOOTH_ADMIN搜寻蓝牙设备
    android.permission.BODY_SENSORS
    android.permission.BROADCAST_STICKY发送持久广播
    android.permission.CALL_PHONE拨打电话
    android.permission.CAMERA访问照相机设备
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.CHANGE_WIFI_MULTICAST_STATE变更WIFI多播状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.CHANGE_WIMAX_STATE
    android.permission.CLEAR_APP_CACHE清除应用缓存
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
    android.permission.EXPAND_STATUS_BAR操控状态栏
    android.permission.FLASHLIGHT访问闪光灯
    android.permission.GET_PACKAGE_SIZE获取应用大小
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
    android.permission.NFC允许NFC通讯
    android.permission.PERSISTENT_ACTIVITY创建长期驻留的Activity
    android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
    android.permission.READ_CALENDAR读取日程提醒
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.READ_CELL_BROADCASTS
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.READ_INSTALL_SESSIONS
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.READ_PROFILE读取个人配置文件
    android.permission.READ_SMS读取短信
    android.permission.READ_SOCIAL_STREAM读取用户社交数据
    android.permission.READ_SYNC_SETTINGS读取同步设置
    android.permission.READ_SYNC_STATS读取同步状态
    android.permission.READ_USER_DICTIONARY读取用户字典
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.RECEIVE_MMS接收彩信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.RECEIVE_WAP_PUSH接收wap push信息
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.REORDER_TASKS系统任务排序
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.SEND_SMS发送短信
    android.permission.SET_TIME_ZONE设置系统时区
    android.permission.SET_WALLPAPER设置桌面壁纸
    android.permission.SET_WALLPAPER_HINTS设置壁纸提示
    android.permission.SUBSCRIBED_FEEDS_READ访问订阅内容
    android.permission.SUBSCRIBED_FEEDS_WRITE写入订阅内容
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.TRANSMIT_IR访问设备的IR
    android.permission.USE_SIP允许使用SIP视频服务
    android.permission.VIBRATE允许设备震动
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.WRITE_CALENDAR写入日程提醒
    android.permission.WRITE_CALL_LOG写入通话记录
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.WRITE_PROFILE写入个人配置信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.WRITE_SMS写短信
    android.permission.WRITE_SOCIAL_STREAM写入用户社交数据
    android.permission.WRITE_SYNC_SETTINGS写入同步设置
    android.permission.WRITE_USER_DICTIONARY写入用户字典
    android.permission.USE_FINGERPRINT
    com.android.alarm.permission.SET_ALARM设置闹铃提醒
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
    com.android.voicemail.permission.ADD_VOICEMAIL允许添加声音邮件
    com.google.android.launcher.permission.READ_SETTINGS
    com.google.android.providers.gsf.permission.READ_GSERVICES
    com.google.android.providers.talk.permission.READ_ONLY
    com.google.android.providers.talk.permission.WRITE_ONLY
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_LOGS读取系统日志
    android.permission.INSTALL_PACKAGES安装应用
    android.permission.DELETE_PACKAGES删除应用
    android.permission.CLEAR_APP_USER_DATA清除用户数据
    android.permission.WRITE_MEDIA_STORAGE
    android.permission.ACCESS_CACHE_FILESYSTEM
    android.permission.READ_OWNER_DATA
    android.permission.WRITE_OWNER_DATA
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.DEVICE_POWER电源管理
    android.permission.BATTERY_STATS电量统计
    android.permission.ACCESS_DOWNLOAD_MANAGER
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    com.android.launcher.permission.WRITE_SETTINGS
    android.permission.WRITE_APN_SETTINGS改写APN设置(如:cmwap)
    android.permission.MEDIA_CONTENT_CONTROL操控Content
    com.android.launcher3.permission.READ_SETTINGS
    com.android.launcher2.permission.READ_SETTINGS
    com.teslacoilsw.launcher.permission.READ_SETTINGS
    com.actionlauncher.playstore.permission.READ_SETTINGS
    com.mx.launcher.permission.READ_SETTINGS
    com.anddoes.launcher.permission.READ_SETTINGS
    com.apusapps.launcher.permission.READ_SETTINGS
    com.tsf.shell.permission.READ_SETTINGS
    com.htc.launcher.permission.READ_SETTINGS
    com.lenovo.launcher.permission.READ_SETTINGS
    com.oppo.launcher.permission.READ_SETTINGS
    com.bbk.launcher2.permission.READ_SETTINGS
    com.s.launcher.permission.READ_SETTINGS
    cn.nubia.launcher.permission.READ_SETTINGS
    com.huawei.android.launcher.permission.READ_SETTINGS
    com.huawei.android.launcher.permission.CHANGE_BADGE
  • 文件信息
    安全评分 :
    基本信息
    MD5:816de0f32abb6893b699c9e4ce41aa4f
    包名:com.lbe.parallel
    最低运行环境:Android 4.0, 4.0.1, 4.0.2
    版权:lbesec
    关键行为
    行为描述:在桌面创建快捷方式
    详情信息:C:\Documents and Settings\All Users\桌面\NCH Suite.lnk
    C:\Documents and Settings\All Users\桌面\PhotoPad Image Editor.lnk
    行为描述:获取User基本信息
    详情信息:Level = 1(Get user account Info).
    进程行为
    行为描述:隐藏窗口创建进程
    详情信息:ImagePath = C:\Program Files\NCH Software\PhotoPad\photopad.exe, CmdLine = "C:\Program Files\NCH Software\PhotoPad\photopad.exe" -installsched
    行为描述:创建新文件进程
    详情信息:ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\n1s\nchsetup.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\n1s\nchsetup.exe" -installer "C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe" -instdata "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\n1s\nchdata.dat"
    ImagePath = C:\Program Files\NCH Software\PhotoPad\photopad.exe, CmdLine = "C:\Program Files\NCH Software\PhotoPad\photopad.exe"
    ImagePath = C:\Program Files\NCH Software\PhotoPad\photopad.exe, CmdLine = "C:\Program Files\NCH Software\PhotoPad\photopad.exe" -installsched
    行为描述:创建本地线程
    详情信息:TargetProcess: nchsetup.exe, InheritedFromPID = 252, ProcessID = 1276, ThreadID = 1388, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: nchsetup.exe, InheritedFromPID = 252, ProcessID = 1276, ThreadID = 1808, StartAddress = 4AEA7456, Parameter = 00000000
    TargetProcess: nchsetup.exe, InheritedFromPID = 252, ProcessID = 1276, ThreadID = 1188, StartAddress = 00508D3E, Parameter = 0012EEA4
    TargetProcess: photopad.exe, InheritedFromPID = 1276, ProcessID = 2384, ThreadID = 2416, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: photopad.exe, InheritedFromPID = 1276, ProcessID = 2384, ThreadID = 2428, StartAddress = 4AEA7456, Parameter = 00000000
    TargetProcess: photopad.exe, InheritedFromPID = 1276, ProcessID = 2420, ThreadID = 2444, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: photopad.exe, InheritedFromPID = 1276, ProcessID = 2420, ThreadID = 2448, StartAddress = 4AEA7456, Parameter = 00000000
    TargetProcess: photopad.exe, InheritedFromPID = 1276, ProcessID = 2384, ThreadID = 2452, StartAddress = 00508D3E, Parameter = 005A81A8
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.cab
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchdata.cab
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchdata.dat
    C:\Program Files\NCH Software\PhotoPad\photopad.exe
    C:\Documents and Settings\All Users\Application Data\NCH Software\PhotoPad\firefoxsearchplugins\defaults\google.xml
    C:\Documents and Settings\All Users\Application Data\NCH Software\PhotoPad\firefoxsearchplugins\defaults\yahoo.xml
    C:\Documents and Settings\All Users\Application Data\NCH Software\PhotoPad\firefoxsearchplugins\profile\duckduckgo.xml
    C:\Documents and Settings\All Users\Application Data\NCH Software\PhotoPad\firefoxsearchplugins\profile\nchfastsearch.xml
    C:\Documents and Settings\All Users\Application Data\NCH Software\PhotoPad\firefoxsearchplugins\defaults\bing.xml
    C:\Documents and Settings\Administrator\Favorites\NCH Software Download Site.lnk
    C:\Program Files\NCH Software\PhotoPad\photopadsetup_v2.76.exe
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF479.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\_photopad_rl_Administrator
    C:\Documents and Settings\Administrator\Local Settings\Temp\FILELOCK.TMP
    行为描述:在系统敏感位置(如开始菜单等)释放链接或快捷方式
    详情信息:C:\Documents and Settings\All Users\「开始」菜单\程序\PhotoPad Image Editor.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\Graphics Related Programs\PhotoPad Editor.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\Graphics Related Programs\Graphics File Converter.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\Graphics Related Programs\Video File Converter.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Classic FTP Software.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Video Capture Software.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Doxillion Document Converter.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Express Dictate Recorder.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Accounting Software.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Express Burn CD, DVD or Blu-Ray.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Invoicing Software.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Express Zip File Compression.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Express Rip CD Ripper.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\MixPad MultiTrack Mixer.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\NCH Software Suite\Graphics File Converter.lnk
    行为描述:添加计划任务
    详情信息:C:\WINDOWS\Tasks\PhotoPadSevenDays.job
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe
    C:\Program Files\NCH Software\PhotoPad\photopad.exe
    C:\Program Files\NCH Software\PhotoPad\photopadsetup_v2.76.exe
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    行为描述:复制文件
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\n1s\nchsetup.exe ---> C:\Program Files\NCH Software\PhotoPad\photopad.exe
    C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe ---> C:\Program Files\NCH Software\PhotoPad\photopadsetup_v2.76.exe
    行为描述:在桌面创建快捷方式
    详情信息:C:\Documents and Settings\All Users\桌面\NCH Suite.lnk
    C:\Documents and Settings\All Users\桌面\PhotoPad Image Editor.lnk
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.cab
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchdata.cab
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchdata.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\FILELOCK.TMP
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\My Documents
    FileName = C:\Documents and Settings\All Users
    FileName = C:\Documents and Settings\All Users\Documents
    FileName = C:\Documents and Settings\Administrator\桌面
    FileName = C:\Documents and Settings\All Users\桌面
    FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\n1s
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\n1s\nchsetup.exe
    FileName = C:\Program Files
    FileName = C:\Program Files\NCH Software
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.cab ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe ---> Offset = 32768
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe ---> Offset = 65536
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe ---> Offset = 98304
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe ---> Offset = 131072
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchdata.cab ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchdata.dat ---> Offset = 0
    C:\Program Files\NCH Software\PhotoPad\photopad.exe ---> Offset = 0
    C:\Program Files\NCH Software\PhotoPad\photopad.exe ---> Offset = 65536
    C:\Program Files\NCH Software\PhotoPad\photopad.exe ---> Offset = 131072
    C:\Program Files\NCH Software\PhotoPad\photopad.exe ---> Offset = 196608
    C:\Program Files\NCH Software\PhotoPad\photopad.exe ---> Offset = 262144
    C:\Documents and Settings\All Users\Application Data\NCH Software\PhotoPad\firefoxsearchplugins\defaults\google.xml ---> Offset = 0
    C:\Documents and Settings\All Users\Application Data\NCH Software\PhotoPad\firefoxsearchplugins\defaults\yahoo.xml ---> Offset = 0
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\n1s\nchsetup.exe
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Software\SVar
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Settings\InstalledByAdmin
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Settings\InstallerPath
    \REGISTRY\MACHINE\SOFTWARE\NCH Software\PhotoPad\Settings\InstallerPath
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\DisplayName
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\Publisher
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\UninstallString
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\DisplayIcon
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\Version
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\DisplayVersion
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\URLInfoAbout
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\URLUpdateInfo
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\VersionMajor
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PhotoPad\VersionMinor
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Software\ShowSurvey
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Software\_ShowSurvey
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Software\ShowSurveyNow
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Software\_ShowSurveyNow
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Software\InstalledBy
    \REGISTRY\USER\S-*\Software\NCH Software\PhotoPad\Software\_InstalledBy
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.AEH
    Global\PhotoPadStarting
    MSCTF.Shared.MUTEX.EFJ
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [帮助,Button]
    [Window,Class] = [完成,Button]
    [Window,Class] = [下一步(&N) >,Button]
    [Window,Class] = [< 上一步(&B),Button]
    [Window,Class] = [Next >,Button]
    [Window,Class] = [PhotoPad Image Editor,#32770]
    [Window,Class] = [Finish,Button]
    [Window,Class] = [,msctls_progress32]
    [Window,Class] = [,LPC]
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [NCHSoftware_InstanceWindow,PhotoPad]
    NtUserFindWindowEx: [Class,Window] = [NCHSoftware_InstanceChain,PhotoPad]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    NtUserFindWindowEx: [Class,Window] = [Twain Twunk_16,Twain Twunk_16]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    _fCanRegisterWithShellService
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000040
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000040
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000042
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000042
    行为描述:获取User基本信息
    详情信息:Level = 1(Get user account Info).
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:窗口信息
    详情信息:Pid = 1276, Hwnd=0x1702d8, Text = PhotoPad Image Editor, ClassName = #32770.
    Pid = 1276, Hwnd=0x9039c, Text = Welcome. To get started please accept the following License Agreement. You must accept the terms of this agreement before continu, ClassName = Static.
    Pid = 1276, Hwnd=0x1d02bc, Text = SOFTWARE END USER LICENSE AGREEMENT (EULA) 1. The copyrights in this software and any visual or audio work distributed with th, ClassName = Edit.
    Pid = 1276, Hwnd=0x603ac, Text = I &accept the license terms, ClassName = Button(RadioButton).
    Pid = 1276, Hwnd=0xc03a0, Text = I do not accept the license terms, ClassName = Button(RadioButton).
    Pid = 1276, Hwnd=0x503b0, Text = < 上一步(&B), ClassName = Button.
    Pid = 1276, Hwnd=0x703ba, Text = Next >, ClassName = Button.
    Pid = 1276, Hwnd=0x40392, Text = Next >, ClassName = Button.
    Pid = 1276, Hwnd=0x403a2, Text = 取消, ClassName = Button.
    Pid = 1276, Hwnd=0x1902ce, Text = 帮助, ClassName = Button.
    Pid = 1276, Hwnd=0xd035e, Text = PhotoPad Image Editor, ClassName = #32770.
    Pid = 1276, Hwnd=0x13033a, Text = PhotoPad Image Editor, ClassName = #32770.
    Pid = 1276, Hwnd=0xe039e, Text = Please wait..., ClassName = Static.
    Pid = 1276, Hwnd=0xb0398, Text = PhotoPad is installing and will be ready to use soon., ClassName = Static.
    Pid = 1276, Hwnd=0x40392, Text = Finish, ClassName = Button.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe(签名验证: 通过)
    C:\Program Files\NCH Software\PhotoPad\photopad.exe(签名验证: 通过)
    C:\Program Files\NCH Software\PhotoPad\photopadsetup_v2.76.exe(签名验证: 通过)
    行为描述:创建事件对象
    详情信息:EventName = MSCTF.SendReceive.Event.AEH.IC
    EventName = MSCTF.SendReceiveConection.Event.AEH.IC
    EventName = Global\userenv: User Profile setup event
    EventName = MSCTF.SendReceive.Event.EFJ.IC
    EventName = MSCTF.SendReceiveConection.Event.EFJ.IC
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\n1s\nchsetup.exe ---> 998424cdbe03e8ff789ad7525ff8a6f6
    C:\Program Files\NCH Software\PhotoPad\photopad.exe ---> 998424cdbe03e8ff789ad7525ff8a6f6
    C:\Program Files\NCH Software\PhotoPad\photopadsetup_v2.76.exe ---> 73ef4bcc4cd7eed807c1affef88e14e9
    行为描述:打开互斥体
    详情信息:Local\!IETld!Mutex
    ShimCacheMutex
    Activities
    活动名类型
    com.lbe.parallel.ui.tour.SplashActivityandroid.intent.action.MAIN
    com.lbe.parallel.ui.tour.SplashActivityandroid.intent.category.LAUNCHER
    com.lbe.parallel.ui.HomeActivityandroid.intent.action.MAIN
    com.lbe.parallel.ui.ShortcutActivityandroid.intent.action.MAIN
    com.lbe.parallel.ui.LaunchDelegateActivitycom.lbe.parallel.ACTION_LAUNCH_PACKAGE
    parallel.share_com.tencent.mmandroid.intent.action.SEND
    parallel.share_com.tencent.mmandroid.intent.category.DEFAULT
    parallel.share_com.facebook.katanaandroid.intent.action.SEND
    parallel.share_com.facebook.katanaandroid.intent.category.DEFAULT
    parallel.share_com.instagram.androidandroid.intent.action.SEND
    parallel.share_com.instagram.androidandroid.intent.category.DEFAULT
    parallel.share_remain.appsandroid.intent.action.SEND
    parallel.share_remain.appsandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    ContentResolver;->query读取联系人、短信等数据库
    LocationManager;->getLastKnownLocation获取地址位置
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    getRuntime获取命令行环境
    android/app/NotificationManager;->notify信息通知栏
    java/lang/Runtime;->exec执行字符串命令
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    启动方式
    名称信息
    com.lbe.parallel.receiver.PackageInstallReceiver应用安装时启动服务
    com.lbe.parallel.receiver.PackageInstallReceiver应用卸载时启动服务
    com.lbe.parallel.test.TestServerReceiver
    com.lbe.doubleagent.service.proxy.SystemBroadcastReceiver开机启动服务
    com.lbe.doubleagent.service.proxy.SystemBroadcastReceiver网络连接改变时启动服务
    权限列表
    许可名称信息
    android.permission.ACCOUNT_MANAGER账户管理
    android.permission.USE_CREDENTIALS获取认证令牌
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.MANAGE_ACCOUNTS管理账户
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.AUTHENTICATE_ACCOUNTS验证账户
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    android.permission.ACCESS_MOCK_LOCATION获取模拟定位信息
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_WIMAX_STATE
    android.permission.BIND_APPWIDGET绑定插件
    android.permission.BLUETOOTH连接蓝牙设备
    android.permission.BLUETOOTH_ADMIN搜寻蓝牙设备
    android.permission.BODY_SENSORS
    android.permission.BROADCAST_STICKY发送持久广播
    android.permission.CALL_PHONE拨打电话
    android.permission.CAMERA访问照相机设备
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.CHANGE_WIFI_MULTICAST_STATE变更WIFI多播状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.CHANGE_WIMAX_STATE
    android.permission.CLEAR_APP_CACHE清除应用缓存
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
    android.permission.EXPAND_STATUS_BAR操控状态栏
    android.permission.FLASHLIGHT访问闪光灯
    android.permission.GET_PACKAGE_SIZE获取应用大小
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
    android.permission.NFC允许NFC通讯
    android.permission.PERSISTENT_ACTIVITY创建长期驻留的Activity
    android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
    android.permission.READ_CALENDAR读取日程提醒
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.READ_CELL_BROADCASTS
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.READ_INSTALL_SESSIONS
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.READ_PROFILE读取个人配置文件
    android.permission.READ_SMS读取短信
    android.permission.READ_SOCIAL_STREAM读取用户社交数据
    android.permission.READ_SYNC_SETTINGS读取同步设置
    android.permission.READ_SYNC_STATS读取同步状态
    android.permission.READ_USER_DICTIONARY读取用户字典
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.RECEIVE_MMS接收彩信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.RECEIVE_WAP_PUSH接收wap push信息
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.REORDER_TASKS系统任务排序
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.SEND_SMS发送短信
    android.permission.SET_TIME_ZONE设置系统时区
    android.permission.SET_WALLPAPER设置桌面壁纸
    android.permission.SET_WALLPAPER_HINTS设置壁纸提示
    android.permission.SUBSCRIBED_FEEDS_READ访问订阅内容
    android.permission.SUBSCRIBED_FEEDS_WRITE写入订阅内容
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.TRANSMIT_IR访问设备的IR
    android.permission.USE_SIP允许使用SIP视频服务
    android.permission.VIBRATE允许设备震动
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.WRITE_CALENDAR写入日程提醒
    android.permission.WRITE_CALL_LOG写入通话记录
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.WRITE_PROFILE写入个人配置信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.WRITE_SMS写短信
    android.permission.WRITE_SOCIAL_STREAM写入用户社交数据
    android.permission.WRITE_SYNC_SETTINGS写入同步设置
    android.permission.WRITE_USER_DICTIONARY写入用户字典
    android.permission.USE_FINGERPRINT
    com.android.alarm.permission.SET_ALARM设置闹铃提醒
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
    com.android.voicemail.permission.ADD_VOICEMAIL允许添加声音邮件
    com.google.android.launcher.permission.READ_SETTINGS
    com.google.android.providers.gsf.permission.READ_GSERVICES
    com.google.android.providers.talk.permission.READ_ONLY
    com.google.android.providers.talk.permission.WRITE_ONLY
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_LOGS读取系统日志
    android.permission.INSTALL_PACKAGES安装应用
    android.permission.DELETE_PACKAGES删除应用
    android.permission.CLEAR_APP_USER_DATA清除用户数据
    android.permission.WRITE_MEDIA_STORAGE
    android.permission.ACCESS_CACHE_FILESYSTEM
    android.permission.READ_OWNER_DATA
    android.permission.WRITE_OWNER_DATA
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.DEVICE_POWER电源管理
    android.permission.BATTERY_STATS电量统计
    android.permission.ACCESS_DOWNLOAD_MANAGER
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    com.android.launcher.permission.WRITE_SETTINGS
    android.permission.WRITE_APN_SETTINGS改写APN设置(如:cmwap)
    android.permission.MEDIA_CONTENT_CONTROL操控Content
    com.android.launcher3.permission.READ_SETTINGS
    com.android.launcher2.permission.READ_SETTINGS
    com.teslacoilsw.launcher.permission.READ_SETTINGS
    com.actionlauncher.playstore.permission.READ_SETTINGS
    com.mx.launcher.permission.READ_SETTINGS
    com.anddoes.launcher.permission.READ_SETTINGS
    com.apusapps.launcher.permission.READ_SETTINGS
    com.tsf.shell.permission.READ_SETTINGS
    com.htc.launcher.permission.READ_SETTINGS
    com.lenovo.launcher.permission.READ_SETTINGS
    com.oppo.launcher.permission.READ_SETTINGS
    com.bbk.launcher2.permission.READ_SETTINGS
    com.s.launcher.permission.READ_SETTINGS
    cn.nubia.launcher.permission.READ_SETTINGS
    com.huawei.android.launcher.permission.READ_SETTINGS
    com.huawei.android.launcher.permission.CHANGE_BADGE
    服务列表
    名称
    com.lbe.parallel.service.GestureService
    com.lbe.doubleagent.service.proxy.PendingIntentServiceProxy
    com.lbe.doubleagent.service.proxy.JobProxy
    com.lbe.doubleagent.service.proxy.EmptyService
    com.lbe.doubleagent.service.proxy.EmptyService$EmptyService1
    com.lbe.doubleagent.client.proxy.ServiceProxy$P0
    com.lbe.doubleagent.client.proxy.ServiceProxy$P1
    com.lbe.doubleagent.client.proxy.ServiceProxy$P2
    com.lbe.doubleagent.client.proxy.ServiceProxy$P3
    com.lbe.doubleagent.client.proxy.ServiceProxy$P4
    com.lbe.doubleagent.client.proxy.ServiceProxy$P5
    com.lbe.doubleagent.client.proxy.ServiceProxy$P6
    com.lbe.doubleagent.client.proxy.ServiceProxy$P7
    com.lbe.doubleagent.client.proxy.ServiceProxy$P8
    com.lbe.doubleagent.client.proxy.ServiceProxy$P9
    com.lbe.doubleagent.client.proxy.ServiceProxy$P10
    com.lbe.doubleagent.client.proxy.ServiceProxy$P11
    com.lbe.doubleagent.client.proxy.ServiceProxy$P12
    com.lbe.doubleagent.client.proxy.ServiceProxy$P13
    com.lbe.doubleagent.client.proxy.ServiceProxy$P14
    com.lbe.doubleagent.client.proxy.ServiceProxy$P15
    com.lbe.doubleagent.client.proxy.ServiceProxy$P16
    com.lbe.doubleagent.client.proxy.ServiceProxy$P17
    com.lbe.doubleagent.client.proxy.ServiceProxy$P18
    com.lbe.doubleagent.client.proxy.ServiceProxy$P19
    com.lbe.doubleagent.client.proxy.ServiceProxy$P20
    com.lbe.doubleagent.client.proxy.ServiceProxy$P21
    com.lbe.doubleagent.client.proxy.ServiceProxy$P22
    com.lbe.doubleagent.client.proxy.ServiceProxy$P23
    com.lbe.doubleagent.client.proxy.ServiceProxy$P24
    com.lbe.doubleagent.client.proxy.ServiceProxy$P25
    com.lbe.doubleagent.client.proxy.ServiceProxy$P26
    com.lbe.doubleagent.client.proxy.ServiceProxy$P27
    com.lbe.doubleagent.client.proxy.ServiceProxy$P28
    com.lbe.doubleagent.client.proxy.ServiceProxy$P29
    com.lbe.doubleagent.client.proxy.ServiceProxy$P30
    com.lbe.doubleagent.client.proxy.ServiceProxy$P31
    com.lbe.doubleagent.client.proxy.ServiceProxy$P32
    com.lbe.doubleagent.client.proxy.ServiceProxy$P33
    com.lbe.doubleagent.client.proxy.ServiceProxy$P34
    com.lbe.doubleagent.client.proxy.ServiceProxy$P35
    com.lbe.doubleagent.client.proxy.ServiceProxy$P36
    com.lbe.doubleagent.client.proxy.ServiceProxy$P37
    com.lbe.doubleagent.client.proxy.ServiceProxy$P38
    com.lbe.doubleagent.client.proxy.ServiceProxy$P39
    com.lbe.doubleagent.client.proxy.ServiceProxy$P40
    com.lbe.doubleagent.client.proxy.ServiceProxy$P41
    com.lbe.doubleagent.client.proxy.ServiceProxy$P42
    com.lbe.doubleagent.client.proxy.ServiceProxy$P43
    com.lbe.doubleagent.client.proxy.ServiceProxy$P44
    com.lbe.doubleagent.client.proxy.ServiceProxy$P45
    com.lbe.doubleagent.client.proxy.ServiceProxy$P46
    com.lbe.doubleagent.client.proxy.ServiceProxy$P47
    com.lbe.doubleagent.client.proxy.ServiceProxy$P48
    com.lbe.doubleagent.client.proxy.ServiceProxy$P49
    com.lbe.doubleagent.client.proxy.ServiceProxy$P50
    com.lbe.doubleagent.client.proxy.ServiceProxy$P51
    com.lbe.doubleagent.client.proxy.ServiceProxy$P52
    com.lbe.doubleagent.client.proxy.ServiceProxy$P53
    com.lbe.doubleagent.client.proxy.ServiceProxy$P54
    com.lbe.doubleagent.client.proxy.ServiceProxy$P55
    com.lbe.doubleagent.client.proxy.ServiceProxy$P56
    com.lbe.doubleagent.client.proxy.ServiceProxy$P57
    com.lbe.doubleagent.client.proxy.ServiceProxy$P58
    com.lbe.doubleagent.client.proxy.ServiceProxy$P59
    com.lbe.doubleagent.client.proxy.ServiceProxy$P60
    com.lbe.doubleagent.client.proxy.ServiceProxy$P61
    com.lbe.doubleagent.client.proxy.ServiceProxy$P62
    com.lbe.doubleagent.client.proxy.ServiceProxy$P63
    com.lbe.doubleagent.client.proxy.ServiceProxy$P64
    com.lbe.doubleagent.client.proxy.ServiceProxy$P65
    com.lbe.doubleagent.client.proxy.ServiceProxy$P66
    com.lbe.doubleagent.client.proxy.ServiceProxy$P67
    com.lbe.doubleagent.client.proxy.ServiceProxy$P68
    com.lbe.doubleagent.client.proxy.ServiceProxy$P69
    com.lbe.doubleagent.client.proxy.ServiceProxy$P70
    com.lbe.doubleagent.client.proxy.ServiceProxy$P71
    com.lbe.doubleagent.client.proxy.ServiceProxy$P72
    com.lbe.doubleagent.client.proxy.ServiceProxy$P73
    com.lbe.doubleagent.client.proxy.ServiceProxy$P74
    com.lbe.doubleagent.client.proxy.ServiceProxy$P75
    com.lbe.doubleagent.client.proxy.ServiceProxy$P76
    com.lbe.doubleagent.client.proxy.ServiceProxy$P77
    com.lbe.doubleagent.client.proxy.ServiceProxy$P78
    com.lbe.doubleagent.client.proxy.ServiceProxy$P79
    com.lbe.doubleagent.client.proxy.ServiceProxy$P80
    com.lbe.doubleagent.client.proxy.ServiceProxy$P81
    com.lbe.doubleagent.client.proxy.ServiceProxy$P82
    com.lbe.doubleagent.client.proxy.ServiceProxy$P83
    com.lbe.doubleagent.client.proxy.ServiceProxy$P84
    com.lbe.doubleagent.client.proxy.ServiceProxy$P85
    com.lbe.doubleagent.client.proxy.ServiceProxy$P86
    com.lbe.doubleagent.client.proxy.ServiceProxy$P87
    com.lbe.doubleagent.client.proxy.ServiceProxy$P88
    com.lbe.doubleagent.client.proxy.ServiceProxy$P89
    com.lbe.doubleagent.client.proxy.ServiceProxy$P90
    com.lbe.doubleagent.client.proxy.ServiceProxy$P91
    com.lbe.doubleagent.client.proxy.ServiceProxy$P92
    com.lbe.doubleagent.client.proxy.ServiceProxy$P93
    com.lbe.doubleagent.client.proxy.ServiceProxy$P94
    com.lbe.doubleagent.client.proxy.ServiceProxy$P95
    com.lbe.doubleagent.client.proxy.ServiceProxy$P96
    com.lbe.doubleagent.client.proxy.ServiceProxy$P97
    com.lbe.doubleagent.client.proxy.ServiceProxy$P98
    com.lbe.doubleagent.client.proxy.ServiceProxy$P99
    Providers
    名字信息
    com.lbe.doubleagent.service.proxy.InitializeProvider
    com.lbe.doubleagent.client.proxy.ProviderProxy$P0
    com.lbe.doubleagent.client.proxy.ProviderProxy$P1
    com.lbe.doubleagent.client.proxy.ProviderProxy$P2
    com.lbe.doubleagent.client.proxy.ProviderProxy$P3
    com.lbe.doubleagent.client.proxy.ProviderProxy$P4
    com.lbe.doubleagent.client.proxy.ProviderProxy$P5
    com.lbe.doubleagent.client.proxy.ProviderProxy$P6
    com.lbe.doubleagent.client.proxy.ProviderProxy$P7
    com.lbe.doubleagent.client.proxy.ProviderProxy$P8
    com.lbe.doubleagent.client.proxy.ProviderProxy$P9
    com.lbe.doubleagent.client.proxy.ProviderProxy$P10
    com.lbe.doubleagent.client.proxy.ProviderProxy$P11
    com.lbe.doubleagent.client.proxy.ProviderProxy$P12
    com.lbe.doubleagent.client.proxy.ProviderProxy$P13
    com.lbe.doubleagent.client.proxy.ProviderProxy$P14
    com.lbe.doubleagent.client.proxy.ProviderProxy$P15
    com.lbe.doubleagent.client.proxy.ProviderProxy$P16
    com.lbe.doubleagent.client.proxy.ProviderProxy$P17
    com.lbe.doubleagent.client.proxy.ProviderProxy$P18
    com.lbe.doubleagent.client.proxy.ProviderProxy$P19
    com.lbe.doubleagent.client.proxy.ProviderProxy$P20
    com.lbe.doubleagent.client.proxy.ProviderProxy$P21
    com.lbe.doubleagent.client.proxy.ProviderProxy$P22
    com.lbe.doubleagent.client.proxy.ProviderProxy$P23
    com.lbe.doubleagent.client.proxy.ProviderProxy$P24
    com.lbe.doubleagent.client.proxy.ProviderProxy$P25
    com.lbe.doubleagent.client.proxy.ProviderProxy$P26
    com.lbe.doubleagent.client.proxy.ProviderProxy$P27
    com.lbe.doubleagent.client.proxy.ProviderProxy$P28
    com.lbe.doubleagent.client.proxy.ProviderProxy$P29
    com.lbe.doubleagent.client.proxy.ProviderProxy$P30
    com.lbe.doubleagent.client.proxy.ProviderProxy$P31
    com.lbe.doubleagent.client.proxy.ProviderProxy$P32
    com.lbe.doubleagent.client.proxy.ProviderProxy$P33
    com.lbe.doubleagent.client.proxy.ProviderProxy$P34
    com.lbe.doubleagent.client.proxy.ProviderProxy$P35
    com.lbe.doubleagent.client.proxy.ProviderProxy$P36
    com.lbe.doubleagent.client.proxy.ProviderProxy$P37
    com.lbe.doubleagent.client.proxy.ProviderProxy$P38
    com.lbe.doubleagent.client.proxy.ProviderProxy$P39
    com.lbe.doubleagent.client.proxy.ProviderProxy$P40
    com.lbe.doubleagent.client.proxy.ProviderProxy$P41
    com.lbe.doubleagent.client.proxy.ProviderProxy$P42
    com.lbe.doubleagent.client.proxy.ProviderProxy$P43
    com.lbe.doubleagent.client.proxy.ProviderProxy$P44
    com.lbe.doubleagent.client.proxy.ProviderProxy$P45
    com.lbe.doubleagent.client.proxy.ProviderProxy$P46
    com.lbe.doubleagent.client.proxy.ProviderProxy$P47
    com.lbe.doubleagent.client.proxy.ProviderProxy$P48
    com.lbe.doubleagent.client.proxy.ProviderProxy$P49
    com.lbe.doubleagent.client.proxy.ProviderProxy$P50
    com.lbe.doubleagent.client.proxy.ProviderProxy$P51
    com.lbe.doubleagent.client.proxy.ProviderProxy$P52
    com.lbe.doubleagent.client.proxy.ProviderProxy$P53
    com.lbe.doubleagent.client.proxy.ProviderProxy$P54
    com.lbe.doubleagent.client.proxy.ProviderProxy$P55
    com.lbe.doubleagent.client.proxy.ProviderProxy$P56
    com.lbe.doubleagent.client.proxy.ProviderProxy$P57
    com.lbe.doubleagent.client.proxy.ProviderProxy$P58
    com.lbe.doubleagent.client.proxy.ProviderProxy$P59
    com.lbe.doubleagent.client.proxy.ProviderProxy$P60
    com.lbe.doubleagent.client.proxy.ProviderProxy$P61
    com.lbe.doubleagent.client.proxy.ProviderProxy$P62
    com.lbe.doubleagent.client.proxy.ProviderProxy$P63
    com.lbe.doubleagent.client.proxy.ProviderProxy$P64
    com.lbe.doubleagent.client.proxy.ProviderProxy$P65
    com.lbe.doubleagent.client.proxy.ProviderProxy$P66
    com.lbe.doubleagent.client.proxy.ProviderProxy$P67
    com.lbe.doubleagent.client.proxy.ProviderProxy$P68
    com.lbe.doubleagent.client.proxy.ProviderProxy$P69
    com.lbe.doubleagent.client.proxy.ProviderProxy$P70
    com.lbe.doubleagent.client.proxy.ProviderProxy$P71
    com.lbe.doubleagent.client.proxy.ProviderProxy$P72
    com.lbe.doubleagent.client.proxy.ProviderProxy$P73
    com.lbe.doubleagent.client.proxy.ProviderProxy$P74
    com.lbe.doubleagent.client.proxy.ProviderProxy$P75
    com.lbe.doubleagent.client.proxy.ProviderProxy$P76
    com.lbe.doubleagent.client.proxy.ProviderProxy$P77
    com.lbe.doubleagent.client.proxy.ProviderProxy$P78
    com.lbe.doubleagent.client.proxy.ProviderProxy$P79
    com.lbe.doubleagent.client.proxy.ProviderProxy$P80
    com.lbe.doubleagent.client.proxy.ProviderProxy$P81
    com.lbe.doubleagent.client.proxy.ProviderProxy$P82
    com.lbe.doubleagent.client.proxy.ProviderProxy$P83
    com.lbe.doubleagent.client.proxy.ProviderProxy$P84
    com.lbe.doubleagent.client.proxy.ProviderProxy$P85
    com.lbe.doubleagent.client.proxy.ProviderProxy$P86
    com.lbe.doubleagent.client.proxy.ProviderProxy$P87
    com.lbe.doubleagent.client.proxy.ProviderProxy$P88
    com.lbe.doubleagent.client.proxy.ProviderProxy$P89
    com.lbe.doubleagent.client.proxy.ProviderProxy$P90
    com.lbe.doubleagent.client.proxy.ProviderProxy$P91
    com.lbe.doubleagent.client.proxy.ProviderProxy$P92
    com.lbe.doubleagent.client.proxy.ProviderProxy$P93
    com.lbe.doubleagent.client.proxy.ProviderProxy$P94
    com.lbe.doubleagent.client.proxy.ProviderProxy$P95
    com.lbe.doubleagent.client.proxy.ProviderProxy$P96
    com.lbe.doubleagent.client.proxy.ProviderProxy$P97
    com.lbe.doubleagent.client.proxy.ProviderProxy$P98
    com.lbe.doubleagent.client.proxy.ProviderProxy$P99
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xcbea78e7
    META-INF/LBESEC.SF 0x68bb1859
    META-INF/LBESEC.RSA 0x6cf2ad84
    assets/ 0x0
    assets/ca.crt.der 0x7390fdba
    assets/lbesec.pem 0xf6fcdaf6
    classes.dex 0x949ad30e
    res/ 0x0
    r/ 0x0
    r/6e.png 0xf5c17862
    r/4w.png 0x9be4fdc3
    r/6q.xml 0x6b174873
    r/3e.xml 0x785633dd
    r/5n.png 0xbcdfa7d3
    r/8c.xml 0x3d8d65df
    r/bg.xml 0x59d4092
    r/be.xml 0xbe29d341
    r/47.png 0x7cd87445
    r/97.xml 0xe0a9c19b
    r/1r.xml 0xe2f70d0a
    r/90.xml 0x371be093
    r/2v.xml 0xa4c0cc67
    r/8q.xml 0xfd8628fe
    r/au.xml 0x7f7225e2
    r/3c.xml 0xb315b465
    r/3a.xml 0x3b7484b6
    r/78.xml 0xf9557a2e
    r/57.png 0xa81ba017
    r/93.xml 0xf07ff471
    r/2.webp 0x882124a
    r/66.png 0xdbb5b067
    r/35.xml 0xc46a3925
    r/1w.xml 0x789cac73
    r/3n.xml 0x82170e71
    r/t.png 0xcd0729cf
    r/9a.xml 0x64bf5511
    r/f.png 0xda93682d
    r/6y.xml 0x186deb0c
    r/36.xml 0x516623a0
    r/2s.xml 0x1f4da45c
    r/d.png 0x7a9e4bd3
    r/5b.png 0x4c093269
    r/a6.xml 0x18dd101f
    r/4f.png 0xdddaae2e
    r/9j.xml 0xa308925e
    r/aw.xml 0xf32d6de5
    r/6m.xml 0x1bd6f4a1
    r/2t.xml 0x5eb8a7c
    r/9n.xml 0xe7a41c22
    r/6f.png 0xd09adb59
    r/28.xml 0xeee509ed
    r/9d.xml 0x3f1920c6
    r/1s.xml 0x1522b03
    r/2l.xml 0xfc6e5cd6
    r/4a.png 0x2d5a2100
    r/14.png 0xb87ed3c6
    r/6h.png 0x6e8728ea
    r/8s.xml 0xc3da0a9f
    r/6.png 0xab2a5890
    r/9u.xml 0x5815c01d
    r/a4.xml 0xaa870dc8
    r/2r.xml 0x409e9b9
    r/7d.xml 0x452f3bab
    r/76.xml 0xc80e9700
    r/n.png 0x4b3a5bfb
    r/2h.xml 0xe6e4bd0e
    r/k.png 0xd06e4907
    r/8g.xml 0xfd68bd3e
    r/7v.xml 0xb690febc
    r/51.png 0xd070b7d0
    r/ap.xml 0x4cc1d922
    r/9h.xml 0xd6e8b5da
    r/a.png 0x73947361
    r/a1.xml 0xb3f0dd7e
    r/4i.png 0x478db1d1
    r/y.png 0xf1f0087d
    r/9b.xml 0xe2708876
    r/1y.xml 0xd87db6e7
    r/aq.xml 0x8d676b4b
    r/53.png 0x28eb7dee
    r/6j.xml 0xfda3feee
    r/ah.xml 0x230b3ab8
    r/8v.xml 0xe35e0418
    r/8z.xml 0x861cee40
    r/b0.xml 0x9cf629c
    r/10.webp 0x275d072d
    r/69.png 0x1a7d6c07
    r/3p.xml 0xf9dcf5c9
    r/a2.xml 0xfbbb1909
    r/24.xml 0xfa7fd34a
    r/5m.png 0x9356f50b
    r/6o.xml 0xcb734465
    r/26.xml 0xf00f836e
    r/1o.webp 0x5636fd79
    r/q.png 0x8a835a43
    r/43.png 0x44c9a497
    r/5w.png 0x23f1af9d
    r/4y.png 0x144d61a9
    r/8e.xml 0x529fdc4e
    r/ar.xml 0x89444de8
    r/70.xml 0xeb62dcaa
    r/9p.xml 0x6ce1ac7d
    r/7e.xml 0xf2079cb4
    r/9g.xml 0xa5e333d9
    r/2c.xml 0x9fd1fc63
    r/7h.xml 0x9c56faa4
    r/z.png 0xacec45ca
    r/1f.png 0x2258cc39
    r/87.xml 0x3a1fb01a
    r/4o.png 0x77c42d34
    r/an.xml 0x51b9c50a
    r/v.png 0x7efe0a0e
    r/75.xml 0xa8e2f6c2
    r/4p.png 0x9e0d73d
    r/1z.xml 0x181023f1
    r/6i.xml 0xae99dc87
    r/98.xml 0xb06a5748
    r/9.png 0x17464598
    r/9f.xml 0x5af0bd57
    r/2u.xml 0xa8698ec8
    r/2e.xml 0xb6cfae9b
    r/3z.xml 0x2e2935ad
    r/6w.xml 0xd4de23ce
    r/4r.xml 0xfe81b275
    r/8i.xml 0x50d3f6fd
    r/82.xml 0xc34aaa8b
    r/a0.xml 0x8356b606
    r/3y.xml 0xcd44ca43
    r/12.png 0x3ef02db4
    r/6c.xml 0xffd1bc5
    r/73.xml 0xe7f929f4
    r/7s.xml 0x56dd383a
    r/56.png 0xde4e9cb4
    r/b4.xml 0x98b7b27
    r/5k.png 0x7a6fbcfe
    r/8x.xml 0x38422b79
    r/7r.xml 0x290eb1a5
    r/2g.xml 0x6c2d3b67
    r/99.xml 0xd21338aa
    r/7p.xml 0x5385fa45
    r/ae.xml 0xe6ac8f24
    r/38.xml 0x3055f45e
    r/8k.xml 0x4d46a44f
    r/7w.xml 0x2ee3041d
    r/44.png 0x7758fe71
    r/bh.xml 0x5f86f0cf
    r/5z.png 0x75c455c9
    r/6k.xml 0xfbd3b63
    r/9q.xml 0x613519f3
    r/2i.xml 0xb43c833d
    r/b3.xml 0x266beeb8
    r/s.png 0xaec49986
    r/4e.png 0x813ae23c
    r/5p.png 0x9cbfe549
    r/m.png 0x48d78f9e
    r/l.png 0x7e643d70
    r/8y.xml 0xf7dac183
    r/8d.xml 0x1b6d0104
    r/3t.xml 0x41982968
    r/3f.xml 0xfa9006ec
    r/8l.xml 0x591c8cc9
    r/5v.png 0xa817850a
    r/49.png 0x978987bf
    r/2q.xml 0x509021e
    r/1p.webp 0x6ec8c2d6
    r/7l.xml 0xec74fa84
    r/ba.xml 0x591d8e24
    r/b2.xml 0xc36a2f90
    r/8j.xml 0x4fe27cf0
    r/6a.png 0x74529d2e
    r/az.xml 0xd0b8ffcb
    r/bi.xml 0x5b8f1648
    r/11.webp 0x12a2a778
    r/8p.xml 0x69c084ca
    r/2w.xml 0x5e102b01
    r/83.xml 0x22d82273
    r/5s.png 0xed039207
    r/5y.png 0x832ed3dd
    r/as.xml 0x501bbe4c
    r/u.png 0x138714c7
    r/1h.png 0x953ca89e
    r/65.png 0xaeb4ae57
    r/6r.xml 0x863a812c
    r/27.xml 0x498aa30c
    r/86.xml 0x74502a82
    r/2y.xml 0xdf9aa2d4
    r/16.png 0xff9adfe2
    r/17.png 0x902c1163
    r/6p.xml 0xe8d33866
    r/6d.png 0x3b53a9eb
    r/7n.xml 0x2cd520cf
    r/92.xml 0x18b4d6b5
    r/4c.png 0x236b6e98
    r/3v.xml 0xe605f435
    r/5j.png 0xbd58dff
    r/6z.xml 0x5b4cde1e
    r/42.xml 0x8d8da22e
    r/45.png 0x4467ff45
    r/5g.png 0x3aa577ec
    r/ai.xml 0xdc76e900
    r/7b.xml 0xed84e6ea
    r/8b.xml 0x8f24a390
    r/9e.xml 0x767f68e6
    r/8n.xml 0xc128b81
    r/w.png 0x57bb851c
    r/68.png 0xbf1479e6
    r/29.xml 0x42fb3401
    r/7i.xml 0xa304275
    r/8w.xml 0xad000862
    r/3h.xml 0x807a5b9d
    r/9y.xml 0xd7c5db27
    r/6l.xml 0x4f84732a
    r/4j.png 0xc57037f7
    r/8t.xml 0xd73d8202
    r/b8.xml 0xc4ddf758
    r/o.png 0x17bdbbe2
    r/aj.xml 0x37f97fb1
    r/b9.xml 0x57c28822
    r/4x.png 0xb0cf2315
    r/25.xml 0x8e4acec4
    r/5d.png 0x7e1c59b7
    r/33.xml 0xfe340f55
    r/1u.xml 0x2960f785
    r/1q.xml 0xf341af1c
    r/6x.xml 0x64892447
    r/b6.xml 0x6e7d2e0c
    r/x.png 0xaf96d2bb
    r/9l.xml 0x60486ae0
    r/aa.xml 0x98efb520
    r/5f.png 0xc44e62b0
    r/6g.png 0x175c7e0d
    r/0.png 0x3d52b4be
    r/37.xml 0xeb20bbcf
    r/74.xml 0x712f795d
    r/7k.xml 0x5921854a
    r/b1.xml 0xc3a06977
    r/54.png 0xdd47f7ca
    r/g.png 0xb7eaebd2
    r/3x.xml 0x48d447db
    r/40.xml 0x8d8da22e
    r/5a.png 0x3d527823
    r/1t.xml 0x22112bdb
    r/60.png 0xeb5b1fdc
    r/1k.png 0xc4466977
    r/13.png 0xaba8cf76
    r/1x.xml 0xade2707a
    r/9s.xml 0xbe1e6250
    r/2b.xml 0xd97c71ad
    r/b5.xml 0x92f3bbd9
    r/88.xml 0xc7f067ae
    r/b7.xml 0xfd625176
    r/8a.xml 0xbee4e07d
    r/31.xml 0xaed41687
    r/5x.png 0x2db5bf28
    r/ax.xml 0xe5b4b900
    r/81.xml 0xfb732b0c
    r/5h.png 0xee85e380
    r/72.xml 0xc50392a0
    r/ao.xml 0x4f613364
    r/1m.png 0x6d411a81
    r/2k.xml 0x241ae66e
    r/9x.xml 0x9eca5a2d
    r/8u.xml 0x7f7eceab
    r/2x.xml 0xbdadb34
    r/2f.xml 0x58848a8
    r/80.xml 0x36819c70
    r/34.xml 0xe9053ae2
    r/b.png 0x4f5c96e
    r/62.png 0x8151ea77
    r/96.xml 0xccb9ef0e
    r/3m.xml 0xeb71a3b3
    r/7q.xml 0xb64e76d9
    r/55.png 0x3fbd7183
    r/22.xml 0xcf216b79
    r/3r.xml 0x5579a48c
    r/8o.xml 0xfb638704
    r/9t.xml 0xee449ef9
    r/1b.webp 0x18133550
    r/1j.webp 0x67ee4e73
    r/1e.png 0x1120d380
    r/58.png 0xb8aa52aa
    r/am.xml 0x41f8f3af
    r/9r.xml 0xc6dddbcc
    r/9o.xml 0xdc54d71d
    r/5o.png 0x175014fa
    r/7a.xml 0x2a676cb1
    r/8h.xml 0x2cdd2a63
    r/1i.webp 0x7e50281b
    r/4k.png 0x5902ed5c
    r/7j.xml 0xf166cf40
    r/bf.xml 0x2d36ac3b
    r/4v.png 0x6f79b225
    r/5r.png 0x2ea066c3
    r/59.png 0x35c65495
    r/4t.png 0x89c4a5a8
    r/30.xml 0x1317f19b
    r/3u.xml 0x987a6e98
    r/3q.xml 0xb794af16
    r/4m.png 0x2fa093c4
    r/61.png 0x9d6b6c53
    r/a9.xml 0x2f6e5e43
    r/af.xml 0x2f94166b
    r/89.xml 0xae845486
    r/bc.xml 0xeb7b488a
    r/9c.xml 0x7a474e6e
    r/al.xml 0x73663fbe
    r/4s.png 0x19fcf768
    r/7m.xml 0xc896c8a1
    r/7g.xml 0xc7454b92
    r/9i.xml 0x2b119538
    r/48.png 0x75e2a0e0
    r/7y.xml 0xed67ab4f
    r/3d.xml 0x4a1cb627
    r/2n.xml 0x1b308c33
    r/6n.xml 0xdb47999a
    r/bb.xml 0x141f6674
    r/1g.png 0xb93e63e1
    r/5l.png 0x639fa011
    r/18.png 0x12caf2dc
    r/15.webp 0xf0c90aa1
    r/9k.xml 0xb97fdb7f
    r/1d.png 0xd1d12e1f
    r/a3.xml 0x8546f6b5
    r/5u.png 0x4f6e087d
    r/63.png 0x2fc5a011
    r/7u.xml 0x3ef5e21
    r/ay.xml 0xe57effe7
    r/79.xml 0x2c89fa74
    r/1c.png 0x5028b9f0
    r/5e.png 0x27d0c77e
    r/1a.webp 0x28ca5ad6
    r/7x.xml 0x5bb10b85
    r/4z.png 0xe9b02aa2
    r/4u.png 0x1024ab0f
    r/5t.png 0x590aeae3
    r/8f.xml 0xd6a6c299
    r/6u.xml 0x63038647
    r/2a.xml 0x88e00ae
    r/71.xml 0x98bd333e
    r/50.png 0xb8cf9868
    r/ab.xml 0x42bb51c5
    r/p.png 0x68596849
    r/21.xml 0x2aa4c363
    r/2m.xml 0x115ad1a
    r/7z.xml 0x21ba3d86
    r/3j.xml 0xa25933fd
    r/6t.xml 0xa61b837b
    r/23.xml 0x775e7285
    r/3i.xml 0x101c3a16
    r/77.xml 0x871624f2
    r/91.xml 0x11adbcba
    r/52.png 0xfee3aa0
    r/at.xml 0x94fdb353
    r/3b.xml 0x3addeb58
    r/2p.xml 0x1b308c33
    r/av.xml 0xf3e4a18
    r/ac.xml 0xb9e5ab5f
    r/3l.xml 0x4af7b2b7
    r/a7.xml 0xfb117681
    r/ad.xml 0xd0fa36
    r/r.png 0x6b9aa65b
    r/5i.png 0x6ab29038
    r/4d.png 0x823780d0
    r/41.xml 0xdf559c1d
    r/1v.xml 0x9c5b1555
    r/2j.xml 0xa4dd1230
    r/85.xml 0x63f57bd1
    r/1n.png 0xd092569
    r/8.png 0xf9b3b9bd
    r/3s.xml 0x9af8ae7c
    r/95.xml 0x8319e6cf
    r/7t.xml 0xc9050bf
    r/6v.xml 0xca7236e
    r/32.xml 0x2575884b
    r/7f.xml 0x39231f2
    r/4.png 0xc241e790
    r/46.png 0xbf3a37c9
    r/bd.xml 0x5746d861
    r/1l.png 0x346acb0f
    r/19.png 0x90369836
    r/4n.png 0x4d07b4a9
    r/9v.xml 0xf9ed91b1
    r/2o.xml 0x66d4277
    r/5.png 0x1edf916d
    r/2z.xml 0x7723a704
    r/4l.png 0x95776bdd
    r/5q.png 0x23bc6175
    r/20.xml 0xc71084dc
    r/4h.png 0xba26ed10
    r/ak.xml 0x86390ada
    r/7.png 0xd37a399a
    r/6b.xml 0x5d2525f6
    r/6s.xml 0xca0b04ff
    r/c.png 0xdd62dd86
    r/9z.xml 0x259287a9
    r/a5.xml 0x2d76bc6a
    r/ag.xml 0x396f7a13
    r/j.png 0x7e58e1f6
    r/8r.xml 0x49a16bdb
    r/i.png 0xa8af503a
    r/3w.xml 0xa48e1493
    r/7o.xml 0x46faf412
    r/64.png 0x840a40da
    r/3.png 0xe40bb2cc
    r/3o.xml 0xe057a53b
    r/4b.png 0x19c09c27
    r/84.xml 0x120bb7f0
    r/3g.xml 0xf3ee9096
    r/7c.xml 0xb22b3d67
    r/a8.xml 0xbc282285
    r/5c.png 0x64bafc27
    r/67.png 0xd1165fc
    r/9m.xml 0x9d34eda3
    r/4g.png 0x1ff1856f
    r/1.png 0x12b234a2
    r/94.xml 0x28364f06
    r/3k.xml 0x6d67b964
    r/8m.xml 0x9580f585
    r/e.png 0x81a8075
    r/4q.xml 0xac598c46
    r/9w.xml 0xebe108c3
    r/39.xml 0xa311350d
    r/h.png 0x68b7e5b5
    r/2d.xml 0xc6d2371b
    lib/ 0x0
    lib/armeabi/ 0x0
    lib/armeabi/libdaclient_64.so 0x74c5508
    lib/armeabi/libuninstmon.so 0x4b8c77cd
    lib/armeabi/libdaclient.so 0x24c746c9
    lib/armeabi/libdaclient_x86.so 0x54289963
    AndroidManifest.xml 0xee1a584f
    resources.arsc 0x8ef4743a
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号