VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : 27.apk (File not down)
File Size :171899 byte
File Type :application/jar
MD5:26ab75f8baa7020ac6b126a004a70541
SHA1:91fa0261db27a00ec037735bc01f0b83cd0a7859
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!        Behavior
    Time: 2015-10-17 14:17:14 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.3911 25.3911 2015-10-17 Found nothing 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 60
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 12
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 5
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 12
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
  • 文件信息
    安全评分 :
    基本信息
    MD5:26ab75f8baa7020ac6b126a004a70541
    包名:shutdown.namespace
    最低运行环境:Android 2.3.3, 2.3.4
    版权:xn
    危险行为
    行为描述:执行系统命令
    详情信息:[u'su']
    动态列表行为
    行为描述:访问网络
    详情信息:host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    行为描述:调用哈希算法
    详情信息:MD5
    行为描述:读取文件
    详情信息:path:/sys/class/net/lo/ifindex length:7
    path:/sys/class/net/lo/ifindex length:5
    path:/proc/net/if_inet6 length:69
    path:/proc/net/if_inet6 length:5
    path:/sys/class/net/eth0/ifindex length:7
    path:/sys/class/net/eth0/ifindex length:5
    path:/sys/class/net/sit0/ifindex length:7
    path:/sys/class/net/sit0/ifindex length:5
    行为描述:加载链接库文件
    详情信息:/data/data/shutdown.namespace/lib/liblbs.so
    行为描述:解析通用资源标识符
    详情信息:http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2back.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2back_disable.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2back_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2forward.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2forward_disable.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2forward_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2jumpout.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2jumpout_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2quit.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2quit_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2refresh.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2refresh_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2close_album.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2close_album_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2toolbar_body.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2toolbar_body_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2toolbar_header.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2divideline.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/320_1_2process_bar.png
    http://softfile.3g.qq.com:8080/mobwin/sdk_res/320_1_2banner_frame.png
    http://softfile.3g.qq.com:8080/mobwin/sdk_res/320_1_2button.png
    http://softfile.3g.qq.com:8080/mobwin/sdk_res/320_1_2button_pressed.png
    http://softfile.3g.qq.com:8080/mobwin/sdk_res/320_1_2mobwinLogo.png
    行为描述:获取root权限
    详情信息:su
    行为描述:执行系统命令
    详情信息:[u'su']
    行为描述:缓冲区读取一行数据
    详情信息:00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@4154b1f8', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414af898']
    行为描述:写入文件
    详情信息:path:unknown length:50
    path:unknown length:10
    path:/data/data/shutdown.namespace/shared_prefs/mobwin.xml length:137
    行为描述:获取网络状态信息[*]
    详情信息:NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    行为描述:root权限检测
    详情信息:/system/bin/su
    Activities
    活动名类型
    .shutdownActivityandroid.intent.action.MAIN
    .shutdownActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getLine1Number获取手机号
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    HttpClient;->execute请求远程服务器
    java/net/URL;->openConnection连接URL
    android/app/NotificationManager;->notify信息通知栏
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    文件列表
    文件名 校验码
    res/drawable/android.jpg 0x64303c7c
    res/drawable/bn.png 0x2ad3e278
    res/drawable/checkbox_normal.png 0xb3b66862
    res/drawable/checkbox_pressed.png 0xc3b1b5c9
    res/drawable/checkbox_style.xml 0x2ec186f9
    res/drawable/ic_launcher.png 0x542ac154
    res/layout/main.xml 0x4f4ce402
    AndroidManifest.xml 0xa4607339
    resources.arsc 0xce7eb94e
    res/drawable-hdpi/ic_launcher.png 0x542ac154
    res/drawable-ldpi/ic_launcher.png 0x7100224c
    res/drawable-mdpi/ic_launcher.png 0xb4061462
    classes.dex 0x685d0836
    com/qq/jce/wup/wup.properties 0xd035e2bf
    lib/armeabi/liblbs.so 0xbe8edb00
    META-INF/MANIFEST.MF 0xcdb5816
    META-INF/CERT.SF 0xce5d7590
    META-INF/CERT.RSA 0x4c29a52a
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号