VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :armo.apk (File not down)
File Size :68631 byte
File Type :application/jar
MD5:90a7d24570beb04722f02174ecf958b1
SHA1:28b55dd8802a9e1fc1715892e8502cf1af8f91f3
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:12%Scanner(s) (4/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-12-14 16:55:52 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Android.Riskware.AndroRat.A 1
    avast 161213-0 4.7.4 2016-12-13 Found nothing 60
    avg 2109/13073 10.0.1405 2016-12-11 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 38
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 22697 0.97.5 2016-12-11 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2016-12-09 Found nothing 60
    fortinet 41.333, 41.333, 41.333 5.4.233 2016-12-12 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.8610 25.8610 2016-10-12 Android.Riskware.AndroRat.A 9
    ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2016-12-01 Found nothing 42
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 7
    mcafee 8254 5400.1158 2016-08-11 Found nothing 60
    nod32 1777 3.0.21 2015-06-12 Found nothing 60
    panda 9.05.01 9.05.01 2016-12-13 Found nothing 4
    pcc 12.954.06 9.500-1005 2016-12-11 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2016-12-13 Android.Climap.A (Suspicious) 2
    rising 26.28.00.01 26.28.00.01 2016-07-18 Backdoor.Android.Climap.a 1
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2016-12-12 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2016-12-13 Found nothing 13
    vba 3.12.29.3 beta 3.12.29.3 beta 2016-12-08 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.READ_SMS读取短信
    android.permission.SEND_SMS发送短信
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.CAMERA访问照相机设备
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.CALL_PHONE拨打电话
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.VIBRATE允许设备震动
  • 文件信息
    安全评分 :
    基本信息
    MD5:90a7d24570beb04722f02174ecf958b1
    包名:my.app.client
    最低运行环境:Android 2.2.x
    版权:Android
    关键行为
    行为描述:查询注册表_检测虚拟机相关
    详情信息:\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x190104c0.
    Foreground window Info: HWND = 0x00000000, DC = 0x1d010681.
    Foreground window Info: HWND = 0x00000000, DC = 0x92010583.
    文件行为
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.zh-CN
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.zh-Hans
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.zh
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.CHS
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.CH
    注册表行为
    行为描述:查询注册表_检测虚拟机相关
    详情信息:\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.IKJ
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = MSCTF.SendReceive.Event.IKJ.IC
    EventName = MSCTF.SendReceiveConection.Event.IKJ.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:窗口信息
    详情信息:Pid = 2468, Hwnd=0x1f02fe, Text = 确定, ClassName = Button.
    Pid = 2468, Hwnd=0xa03ac, Text = 您的系统非NT6以上版本,无法使用本激活!, ClassName = Static.
    Pid = 2468, Hwnd=0x503b2, Text = Oem7, ClassName = #32770.
    Pid = 2468, Hwnd=0x1102aa, Text = 使用我的密钥和证书:, ClassName = TGroupBox.
    Pid = 2468, Hwnd=0xe0372, Text = 导入我的证书, ClassName = TButton.
    Pid = 2468, Hwnd=0xb036a, Text = 浏览文件..., ClassName = TButton.
    Pid = 2468, Hwnd=0x903a4, Text = 导入我的密钥, ClassName = TButton.
    Pid = 2468, Hwnd=0xd0368, Text = 卸载, ClassName = TButton.
    Pid = 2468, Hwnd=0x303d6, Text = 修复引导(可PE下), ClassName = TButton.
    Pid = 2468, Hwnd=0xa03b0, Text = 引导文件设置:, ClassName = TGroupBox.
    Pid = 2468, Hwnd=0x1302fc, Text = 引导保护, ClassName = TCheckBox.
    Pid = 2468, Hwnd=0x403ca, Text = G, ClassName = TComboBox.
    Pid = 2468, Hwnd=0xc038a, Text = N, ClassName = TComboBox.
    Pid = 2468, Hwnd=0xf034a, Text = V, ClassName = TComboBox.
    Pid = 2468, Hwnd=0x16032e, Text = O, ClassName = TComboBox.
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000054
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000054
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x190104c0.
    Foreground window Info: HWND = 0x00000000, DC = 0x1d010681.
    Foreground window Info: HWND = 0x00000000, DC = 0x92010583.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [Oem7F7 By小马,TForm1]
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Activities
    活动名类型
    my.app.client.LauncherActivityandroid.intent.action.MAIN
    my.app.client.LauncherActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    SmsManager;->sendTextMessage发送普通短信
    SmsManager;->sendMultipartTextMessage发送彩信
    TelephonyManager;->getLine1Number获取手机号
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    ContentResolver;->query读取联系人、短信等数据库
    Camera;->open开启相机
    启动方式
    名称信息
    my.app.client.BootReceiver开机启动服务
    权限列表
    许可名称信息
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.READ_SMS读取短信
    android.permission.SEND_SMS发送短信
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.CAMERA访问照相机设备
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.CALL_PHONE拨打电话
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.VIBRATE允许设备震动
    服务列表
    名称
    my.app.client.Client
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x8f4dd57d
    META-INF/CERT.SF 0x843d4eb6
    META-INF/CERT.RSA 0x719893d6
    res/drawable-ldpi/ic_launcher.png 0xe1c8ce7e
    res/xml/preferences.xml 0x810af25d
    AndroidManifest.xml 0x8fa1e9da
    res/drawable-mdpi/ic_launcher.png 0x9e64017
    res/layout/main.xml 0xceedbee
    resources.arsc 0x42bcbc42
    res/drawable-hdpi/ic_launcher.png 0x6418fece
    res/drawable-xhdpi/ic_launcher.png 0x4cf45bd6
    classes.dex 0x80781135
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号