VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :小鹏3.3.apk (File not down)
File Size :2955798 byte
File Type :Zip archive data
MD5:3d499204f2df324ba1c121c64efc5007
SHA1:e0ae668371421e041a046e9076647e45f66f6bb4
SHA256:474f341bcb1fac0761d6b28379f900de991f21aebb7a4ca77703ea271c29f112
SSDEEP:49152:7hTJHlBVlxZewSMyX6SrW4ggA2N2WAzd6Ri0tTrAUZ0SIuh6IXlulg:7xJHlBVlxQMsrhggA2tAzQRZ/zDNXx
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-08-27 10:25:50 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 41
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.8046 25.8046 2016-08-27 Found nothing 10
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 42
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 6
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 6
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 15
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.CAMERA访问照相机设备
    android.permission.VIBRATE允许设备震动
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.FLASHLIGHT访问闪光灯
  • 文件信息
    安全评分 :
    基本信息
    MD5:3d499204f2df324ba1c121c64efc5007
    包名:com.tangshuqin.talk
    最低运行环境:Android 2.2.x
    版权:ipuser
    关键行为
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    行为描述:获取TickCount值
    详情信息:TickCount = 5353909, SleepMilliseconds = 50.
    TickCount = 5354018, SleepMilliseconds = 50.
    TickCount = 5354034, SleepMilliseconds = 50.
    TickCount = 5354065, SleepMilliseconds = 50.
    TickCount = 5354096, SleepMilliseconds = 50.
    TickCount = 5354112, SleepMilliseconds = 50.
    TickCount = 5354143, SleepMilliseconds = 50.
    TickCount = 5354159, SleepMilliseconds = 50.
    TickCount = 5354175, SleepMilliseconds = 50.
    TickCount = 5354206, SleepMilliseconds = 50.
    TickCount = 5354221, SleepMilliseconds = 50.
    TickCount = 5354237, SleepMilliseconds = 50.
    TickCount = 5354253, SleepMilliseconds = 50.
    TickCount = 5354456, SleepMilliseconds = 50.
    TickCount = 5354753, SleepMilliseconds = 50.
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 444, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 1372, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 1408, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 556, StartAddress = 6302B849, Parameter = 00222C88
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 1872, StartAddress = 77E56C7D, Parameter = 00223CF0
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 744, StartAddress = 769AE43B, Parameter = 002233F0
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 2044, StartAddress = 00E3507F, Parameter = 00129770
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 1172, StartAddress = 6359727B, Parameter = 00270698
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 280, StartAddress = 6359727B, Parameter = 00287658
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 424, ThreadID = 1628, StartAddress = 6359727B, Parameter = 002876F8
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\index[1].php
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1]
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1]
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS\system32\Ras\*.pbk
    FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS
    FileName = C:\WINDOWS\system32
    FileName = C:\WINDOWS\system32\urlmon.dll
    FileName = C:\WINDOWS\system32\ieframe.dll
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\index[1].php
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\navcancl[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\ErrorPageTemplate[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\background_gradient[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\info_48[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\bullet[1]
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT ---> Offset = 4096
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT ---> Offset = 12288
    网络行为
    行为描述:联网打开网址
    详情信息:InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x00000010
    行为描述:连接指定站点
    详情信息:InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000010
    行为描述:打开HTTP连接
    详情信息:InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
    InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: wpad, IP: **.133.40.**:128, SOCKET = 0x0000045c
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000450
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x0000035c
    行为描述:读取网络文件
    详情信息:hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
    hFile = 0x00cc000c, BytesToRead =4096, BytesRead = 4096.
    行为描述:发送HTTP包
    详情信息:GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128
    GET /index.php HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
    行为描述:打开HTTP请求
    详情信息:HttpOpenRequestA: ww****om:80/index.php, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400000
    HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x00000010
    HttpOpenRequestA: ww****om:80/index.php, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: computer
    GetAddrInfoW: wpad
    GetAddrInfoW: ww****om
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\996E\DEBUG\Trace Level
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\996E\DEBUG\Trace Level
    其他行为
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    RasPbFile
    CritOpMutex
    Local\!PrivacIE!SharedMemory!Mutex
    MSIMGSIZECacheMutex
    MSCTF.Shared.MUTEX.ELH
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = Global\userenv: User Profile setup event
    EventName = Global\crypt32LogoffEvent
    EventName = MSCTF.SendReceiveConection.Event.MPH.IC
    EventName = MSCTF.SendReceive.Event.MPH.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
    NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:窗口信息
    详情信息:Pid = 424, Hwnd=0xe02aa, Text = 下载完毕, ClassName = Static.
    Pid = 424, Hwnd=0x1203be, Text = 获取文件信息:, ClassName = Static.
    Pid = 424, Hwnd=0x503b8, Text = update.exe (来自 www.xi-guan.com), ClassName = Static.
    Pid = 424, Hwnd=0x120340, Text = 文件大小未知, ClassName = Static.
    Pid = 424, Hwnd=0x1302b8, Text = 估计剩余时间:, ClassName = Static.
    Pid = 424, Hwnd=0xc03a8, Text = 已下载:, ClassName = Static.
    Pid = 424, Hwnd=0x160324, Text = 下载到:, ClassName = Static.
    Pid = 424, Hwnd=0x1702b6, Text = 传输速度:, ClassName = Static.
    Pid = 424, Hwnd=0xc034a, Text = 下载完成后关闭此对话框(&C), ClassName = Button(CheckBox).
    Pid = 424, Hwnd=0xa0368, Text = 打开(&O), ClassName = Button.
    Pid = 424, Hwnd=0x10030a, Text = 打开文件夹(&F), ClassName = Button.
    Pid = 424, Hwnd=0xb0370, Text = 取消, ClassName = Button.
    Pid = 424, Hwnd=0x603ac, Text = 已完成安装 0% - index.php (来自 www.xi-guan.com), ClassName = #32770.
    Pid = 424, Hwnd=0x1d02bc, Text = 使用说明:将需要播放的VIP视频地址,复制粘贴到上面编辑框内,点击播放即可!现支持:爱奇艺、腾讯、优酷等,多家视频!, ClassName = _EL_Label.
    Pid = 424, Hwnd=0x9039c, Text = 习惯SEM群, ClassName = Button.
    行为描述:获取TickCount值
    详情信息:TickCount = 5353909, SleepMilliseconds = 50.
    TickCount = 5354018, SleepMilliseconds = 50.
    TickCount = 5354034, SleepMilliseconds = 50.
    TickCount = 5354065, SleepMilliseconds = 50.
    TickCount = 5354096, SleepMilliseconds = 50.
    TickCount = 5354112, SleepMilliseconds = 50.
    TickCount = 5354143, SleepMilliseconds = 50.
    TickCount = 5354159, SleepMilliseconds = 50.
    TickCount = 5354175, SleepMilliseconds = 50.
    TickCount = 5354206, SleepMilliseconds = 50.
    TickCount = 5354221, SleepMilliseconds = 50.
    TickCount = 5354237, SleepMilliseconds = 50.
    TickCount = 5354253, SleepMilliseconds = 50.
    TickCount = 5354456, SleepMilliseconds = 50.
    TickCount = 5354753, SleepMilliseconds = 50.
    行为描述:获取光标位置
    详情信息:CursorPos = (71,18468), SleepMilliseconds = 60000.
    CursorPos = (6364,26501), SleepMilliseconds = 60000.
    CursorPos = (19199,15725), SleepMilliseconds = 60000.
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    Global\SvcctrlStartEvent_A3752DX
    \INSTALLATION_SECURITY_HOLD
    Global\crypt32LogoffEvent
    MSFT.VSA.COM.DISABLE.424
    MSFT.VSA.IEC.STATUS.6c736db0
    _fCanRegisterWithShellService
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 60000.
    [2]: MilliSeconds = 100.
    [3]: MilliSeconds = 60000.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,SysLink]
    [Window,Class] = [,Static]
    [Window,Class] = [文件大小未知,Static]
    [Window,Class] = [打开此类文件前总是询问(&W),Button]
    [Window,Class] = [发行者:,Static]
    [Window,Class] = [,Shell Embedding]
    [Window,Class] = [,Internet Explorer_Server]
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Local\!IETld!Mutex
    Local\WininetStartupMutex
    Local\_!MSFTHISTORY!_
    Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
    Local\c:!documents and settings!administrator!cookies!
    Local\c:!documents and settings!administrator!local settings!history!history.ie5!
    Local\WininetConnectionMutex
    Local\WininetProxyRegistryMutex
    RasPbFile
    CtfmonInstMutexDefaultS-*
    Activities
    活动名类型
    com.iapp.app.logoActivityandroid.intent.action.MAIN
    com.iapp.app.logoActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    android/app/NotificationManager;->notify信息通知栏
    java/net/URL;->openConnection连接URL
    HttpClient;->execute请求远程服务器
    DefaultHttpClient;->execute发送HTTP请求
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    MediaRecorder;->setAudioSource开启录音功能
    Camera;->open开启相机
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.CAMERA访问照相机设备
    android.permission.VIBRATE允许设备震动
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.FLASHLIGHT访问闪光灯
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xc9be92d6
    META-INF/CERT.SF 0x18e567cc
    META-INF/CERT.RSA 0xdb46ddcb
    AndroidManifest.xml 0x310ef299
    assets/lib.so 0xdcd13c7b
    assets/res/-6582cc22cd12c5bb.jpg 0x6f06674c
    assets/res/02c40bdb676f0690afff56842e645c9a.jpeg 0x6cac67f6
    assets/res/1202654.png 0x475e0231
    assets/res/187125f5ef5470ef.jpg 0x9535aa11
    assets/res/3bc532800fbbcc503bd883e8b7797797.jpg 0x94564bca
    assets/res/40.png 0xb2d06a82
    assets/res/58db501063a49c22.jpg 0x26881011
    assets/res/5eaf3d485c6a006c4938fc0717bcba7f.jpg 0x4c5a0425
    assets/res/6cb1ae473d291d0d7d4f04cb9addc0ce.jpg 0x90f9c201
    assets/res/99f38fbfd6e40a0b3d224887660f352b.png 0xb900c0bc
    assets/res/appfunc_folderback_4_def3.png 0xb635cc5c
    assets/res/appfunc_mediamanagement_switch_menu_music.png 0xee6b371
    assets/res/appfunc_switch_menu_search.png 0x26acfe7b
    assets/res/appx_loading.png 0x6ecc0382
    assets/res/b795b59da58ec1b7004330b9742a0e5c.jpeg 0xb13634bc
    assets/res/ch 0xe58ccad
    assets/res/cyun.png 0x32f9e254
    assets/res/d65642d22c1f2f21b0e1aafd478fa84e.jpeg 0xcc4d7369
    assets/res/default_wallpaper.jpg 0x677bfb4b
    assets/res/flc.png 0xf7c865b7
    assets/res/gco 1.png 0x419db102
    assets/res/hlz.png 0xd7def8d6
    assets/res/hsgj.png 0x1a07db88
    assets/res/ic_account.png 0x2e23fc82
    assets/res/ic_file_music.png 0x4488a86
    assets/res/ic_music_circle.gif 0x7840d915
    assets/res/ico70.png 0xa86a0e4a
    assets/res/icon_iapp.png 0xfa89b3b3
    assets/res/iconback.jpg 0x29f4c6a9
    assets/res/iconbssoack.jpg 0xe6c1ad11
    assets/res/iconmask.jpg 0x5a20cb3
    assets/res/kks1.png 0xa552ced
    assets/res/kks2.png 0x475e0231
    assets/res/kks3.png 0xa1a7e88c
    assets/res/nav_fix_community_cancel__ios7__pink.png 0xab19ef38
    assets/res/nav_fix_community_select.png 0xdc0c0b3e
    assets/res/nav_fix_district_square_cancel.png 0xb84fcfe8
    assets/res/nav_fix_district_square_select.png 0xdba2227f
    assets/res/nav_fix_district_vip_cancel.png 0xcd64eb5b
    assets/res/nav_fix_tougao_cancel__ios7__ckxx.png 0x1eafd774
    assets/res/nav_fix_tougao_select.png 0x5d2fd51c
    assets/res/ohg.png 0x1ed7484e
    assets/res/pwd.png 0x945affd6
    assets/res/rc_ic_bubble_white.9.png 0x1d0252c9
    assets/res/rc_ic_bubble_white.9b.png 0x4e42bea6
    assets/res/rc_ic_menu_keyboard.png 0xc8c844a4
    assets/res/tabbar_home_down.png 0x470d334b
    assets/res/tabbar_home_up.png 0x8b9106be
    assets/res/tabbar_sendout_down.png 0x7dab7da
    assets/res/tabbar_user_down.png 0x8c3b282d
    assets/res/tabbar_user_up.png 0xcd736a93
    assets/res/txi11.png 0xa6af015d
    assets/res/txi4.png 0x3cc79145
    assets/res/ufuk20.png 0x68862ef9
    assets/res/ufuk27.png 0x73ef74d2
    assets/res/ufuk28.png 0x53694b3b
    assets/res/ufuk32.png 0x57757b03
    assets/res/ufuk38.png 0xc2dcec18
    assets/res/ufuk44.png 0x2d628a66
    assets/res/ufuk5.png 0xa4c9f744
    assets/res/ufuk53.png 0xe3f7cd7f
    assets/res/ufuk55.png 0x70b88b62
    assets/res/ufuk65.png 0x6af01f64
    assets/res/ufuk66.png 0x1165c0b1
    assets/res/ufuk73.png 0x7bc162d4
    assets/res/user.png 0x3e0caa81
    classes.dex 0x37ea7eb3
    lib/armeabi-v7a/libygsiyu.so 0x9f92728
    lib/armeabi/libygsiyu.so 0xb027594d
    lib/x86/libygsiyu.so 0x9fadae5c
    res/anim/fade.xml 0xdea0186f
    res/anim/hold.xml 0xe88a6ff3
    res/anim/hyperspace_in.xml 0x4e158c9e
    res/anim/hyperspace_out.xml 0x38820aba
    res/anim/my_alpha_action.xml 0xdb4301e2
    res/anim/my_scale_action.xml 0xd52bce0c
    res/anim/push_left_in.xml 0xd22cac64
    res/anim/push_left_in2.xml 0xd22cac64
    res/anim/push_left_out.xml 0x22adf124
    res/anim/push_left_out2.xml 0x22adf124
    res/anim/push_up_in.xml 0xcdca50c3
    res/anim/push_up_out.xml 0x6b4d2b46
    res/anim/scale_rotate.xml 0x8327f408
    res/anim/scale_translate.xml 0x90a76167
    res/anim/scale_translate_rotate.xml 0x2bbe82af
    res/anim/slide_down_out.xml 0xb15d52ac
    res/anim/slide_left.xml 0x1c98ba48
    res/anim/slide_right.xml 0x572d5a6f
    res/anim/slide_up_in.xml 0x33ea183
    res/anim/wave_scale.xml 0x56cc4796
    res/anim/zoom_enter.xml 0x75a5d582
    res/anim/zoom_exit.xml 0xdb9e8694
    res/drawable-hdpi-v4/ic_launcher.png 0xf248df62
    res/drawable-hdpi-v4/img_back_g.png 0xd76a7ae4
    res/drawable-hdpi-v4/img_delete.png 0x43f56755
    res/drawable-hdpi-v4/img_down_go.png 0x7d3df75
    res/drawable-hdpi-v4/img_down_inst.png 0xfb87f64e
    res/drawable-hdpi-v4/img_down_ok.png 0x52b4a04f
    res/drawable-hdpi-v4/img_down_open.png 0xd7a95a9a
    res/drawable-hdpi-v4/img_down_select_all.png 0x7a44c6a1
    res/drawable-hdpi-v4/img_down_select_no.png 0x3391aa0f
    res/drawable-hdpi-v4/img_down_select_off.png 0x918e12ef
    res/drawable-hdpi-v4/img_down_stop.png 0xb699afdc
    res/drawable-hdpi-v4/img_iapp.png 0xb900c0bc
    res/drawable-hdpi-v4/img_ing.png 0x7b38c0ae
    res/drawable-hdpi-v4/img_list_img.png 0x2e015f64
    res/drawable-hdpi-v4/img_list_mp3.png 0x84c94797
    res/drawable-hdpi-v4/img_list_mp4.png 0xd2caf87d
    res/drawable-hdpi-v4/img_list_myu.png 0x8a8394d3
    res/drawable-hdpi-v4/img_list_object.png 0x3767032f
    res/drawable-hdpi-v4/img_list_txt.png 0xb1747efb
    res/drawable-hdpi-v4/img_list_xml.png 0x5f84b459
    res/drawable-hdpi-v4/img_list_zip.png 0xae92324
    res/drawable-hdpi-v4/img_menu.png 0x6e8fc407
    res/drawable-mdpi-v4/ic_launcher.png 0x6a84dfd9
    res/drawable-mdpi-v4/navbar.9.png 0xdcbb720d
    res/drawable-xhdpi-v4/ic_launcher.png 0xa227fc8a
    res/drawable-xxhdpi-v4/ic_launcher.png 0x2a4a99d1
    res/drawable/ui_app_tab_clicks.xml 0x64018fa
    res/drawable/ui_app_tab_clicks_select.xml 0x2f995002
    res/drawable/ui_app_tab_clicks_unselect.xml 0x3f9de6be
    res/drawable/ui_clicks_00.xml 0x9afe8712
    res/drawable/ui_clicks_00_select.xml 0xee9472ac
    res/drawable/ui_clicks_00_unselect.xml 0x92a88605
    res/drawable/ui_progressbar.xml 0x79204641
    res/layout-v9/ui_downlist.xml 0x68bef297
    res/layout/ui_downlist.xml 0x536689b8
    res/layout/ui_downlist_listitem.xml 0xedbb3303
    res/layout/ui_qr_camera.xml 0x4de43575
    res/layout/ui_qr_main.xml 0x219f5daf
    res/layout/ui_run_mian.xml 0x6f9001ab
    res/layout/ui_webview.xml 0x5c2af38a
    res/raw/beep.ogg 0x1bac0bfc
    res/raw/realm_properties 0x76e960ad
    resources.arsc 0x76e3f00c
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号