v1.98 70A .apk MD5:76755048ec719615436d857330d82b4d 6% Scanner(s) (2/32) found malware! - VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 47 AntiVirus Engines!

Main Menu

API

uploader for windows(test)

Powered By

File information

File Name :v1.98 70A .apk (File not down)

File Size :6676557 byte

File Type :application/zip

MD5:76755048ec719615436d857330d82b4d

SHA1:dd4f04a3c9e6f89e426cfd2c4930c74a851eeee5

扫描结果
权限
文件行为分析

Scanner results

Scanner results:6%Scanner(s) (2/32)found malware!

Behavior analysis report: Habo file analysis

Time: 2016-09-03 15:19:34 (CST)

Scanner	Engine Ver	Sig Ver	Sig Date	Scan result	Time
antiy	AVL SDK 3.0		1970-01-01	Found nothing	6
asquared	9.0.0.4324	9.0.0.4324	2014-07-03	Android.Adware.Youmi.A	3
avast	150725-1	4.7.4	2015-07-25	Found nothing	60
avg	2109/8133	10.0.1405	2014-11-26	Found nothing	60
baidu	2.0.1.0	4.1.3.52192	2.0.1.0	Found nothing	3
baidusd	1.0	1.0	2014-04-02	Found nothing	1
bitdefender	7.58469	7.90123	2014-12-25	Found nothing	60
clamav	19861	0.97.5	2014-12-31	Found nothing	60
drweb	5.0.2.3300	5.0.1.1	2014-12-31	Found nothing	60
fortinet	23.345, 23.345	5.1.158	2014-12-08	Found nothing	60
fprot	4.6.2.117	6.5.1.5418	2014-12-31	Found nothing	60
fsecure	2014-04-02-01	9.13	2014-04-02	Found nothing	60
gdata	25.8117	25.8117	2016-09-02	Android.Adware.Youmi.A	11
ikarus	1.06.01	V1.32.31.0	2014-12-08	Found nothing	60
jiangmin	16.0.100	1.0.0.0	2015-07-25	Found nothing	48
kaspersky	5.5.33	5.5.33	2014-04-01	Found nothing	60
kingsoft	2.1	2.1	2013-09-22	Found nothing	9
mcafee	7638	5400.1158	2014-11-30	Found nothing	60
nod32	0920	3.0.21	2014-12-23	Found nothing	60
panda	9.05.01	9.05.01	2015-07-26	Found nothing	4
pcc	11.380.07	9.500-1005	2014-12-31	Found nothing	60
qh360	1.0.1	1.0.1	1.0.1	Found nothing	4
qqphone	1.0.0.0	1.0.0.0	2014-12-09	Found nothing	60
quickheal	14.00	14.00	2015-07-25	Found nothing	3
rising	25.76.04.01	25.76.04.01	2015-07-24	Found nothing	4
sophos	5.08	3.55.0	2014-12-01	Found nothing	60
symantec	20141230.001	1.3.0.24	2014-12-30	Found nothing	60
tachyon	9.9.9	9.9.9	2013-12-27	Found nothing	11
thehacker	6.8.0.5	6.8.0.5	2015-07-23	Found nothing	8
tws	17.47.17308	1.0.2.2108	2014-12-08	Found nothing	15
vba	3.12.26.3	3.12.26.3	2014-12-31	Found nothing	60
virusbuster	15.0.985.0	5.5.2.13	2014-12-05	Found nothing	60

■Heuristic/Suspicious ■Exact

NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.

权限列表
许可名称	信息
com.android.launcher.permission.INSTALL_SHORTCUT	创建快捷方式
android.permission.GET_TASKS	获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE	写外部存储器（如：SD卡）
android.permission.ACCESS_WIFI_STATE	读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION	获取粗略的位置（通过wifi、基站）
android.permission.READ_PHONE_STATE	读取电话状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS	挂载、反挂载外部文件系统
android.permission.SYSTEM_ALERT_WINDOW	显示系统窗口
android.permission.INTERNETandroid.permission.INTERNETandroid.permission.READ_PHONE_STATEandroid.permission.ACCESS_NETWORK_STATEandroid.permission.ACCESS_WIFI_STATEandroid.permission.WRITE_EXTERNAL_STORAGEandroid.permission.GET_TASKScom.android.launcher.permission.INSTALL_SHORTCUTandroid.permission.CHANGE_CONFIGURATION
android.permission.INTERNET	连接网络（2G或3G）
android.permission.WRITE_SETTINGS	读写系统设置项
android.permission.ACCESS_FINE_LOCATION	获取精确的位置（通过GPS）
com.android.launcher.permission.READ_SETTINGS	读取快捷方式信息
android.permission.ACCESS_NETWORK_STATE	读取网络状态（2G或3G）
android.permission.WAKE_LOCK	手机屏幕关闭后后台进程仍运行
android.permission.CHANGE_CONFIGURATION	修改当前设置（如：本地化）

文件信息

安全评分 :

基本信息
MD5:76755048ec719615436d857330d82b4d
包名:com.shibajinfkxz
最低运行环境:Android 2.2.x
版权:

进程行为
行为描述:	隐藏窗口创建进程
详情信息:	ImagePath = , CmdLine = cmd.exe /C cscript.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Retrive7618206759094257248.vbs
	ImagePath = , CmdLine = cmd.exe /C cscript.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Retrive3573570355516197475.vbs
	ImagePath = , CmdLine = xcopy "C:\Program Files\Java\jre7" "C:\Documents and Settings\Administrator\Application Data\Oracle\" /e
	ImagePath = , CmdLine = cmd.exe
行为描述:	创建进程
详情信息:	ImagePath = C:\WINDOWS\system32\cmd.exe, CmdLine = cmd.exe /C cscript.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Retrive7618206759094257248.vbs
	ImagePath = C:\WINDOWS\system32\cscript.exe, CmdLine = cscript.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Retrive7618206759094257248.vbs
	ImagePath = C:\WINDOWS\system32\cmd.exe, CmdLine = cmd.exe /C cscript.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Retrive3573570355516197475.vbs
	ImagePath = C:\WINDOWS\system32\cscript.exe, CmdLine = cscript.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Retrive3573570355516197475.vbs
	ImagePath = C:\WINDOWS\system32\xcopy.exe, CmdLine = xcopy "C:\Program Files\Java\jre7" "C:\Documents and Settings\Administrator\Application Data\Oracle\" /e
	ImagePath = C:\WINDOWS\system32\cmd.exe, CmdLine = cmd.exe
行为描述:	创建本地线程
详情信息:	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 764, StartAddress = 0040A0D1, Parameter = 00036708
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 1872, StartAddress = 78AFC724, Parameter = 02CB27A0
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 120, StartAddress = 78AFC724, Parameter = 02CB27A0
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 932, StartAddress = 78AFC724, Parameter = 02CB27A0
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 1960, StartAddress = 78AFC724, Parameter = 02CB27A0
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 1608, StartAddress = 78AFC724, Parameter = 02CCE740
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 1952, StartAddress = 78AFC724, Parameter = 02CD01A0
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 1204, StartAddress = 78AFC724, Parameter = 02CD01A0
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 1844, StartAddress = 78AFC724, Parameter = 02CEF880
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 456, StartAddress = 78AFC724, Parameter = 02CD01A0
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 424, StartAddress = 78AFC724, Parameter = 02CEF880
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 940, StartAddress = 78AFC724, Parameter = 02CEF880
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 572, StartAddress = 78AFC724, Parameter = 02CEF880
	TargetProcess: java.exe, InheritedFromPID = 1944, ProcessID = 444, ThreadID = 2028, StartAddress = 78AFC724, Parameter = 02CEF880
	TargetProcess: cscript.exe, InheritedFromPID = 1760, ProcessID = 1592, ThreadID = 1096, StartAddress = 01002A66, Parameter = 008E3FA8

文件行为
行为描述:	创建文件
详情信息:	C:\Documents and Settings\Administrator\Local Settings\Temp\hsperfdata_Administrator\444
	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive7618206759094257248.vbs
	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive3573570355516197475.vbs
	C:\Documents and Settings\Administrator\Application Data\Oracle\COPYRIGHT
	C:\Documents and Settings\Administrator\Application Data\Oracle\LICENSE
	C:\Documents and Settings\Administrator\Application Data\Oracle\README.txt
	C:\Documents and Settings\Administrator\Application Data\Oracle\release
	C:\Documents and Settings\Administrator\Application Data\Oracle\THIRDPARTYLICENSEREADME.txt
	C:\Documents and Settings\Administrator\Application Data\Oracle\Welcome.html
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\axbridge.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dcpr.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deploy.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deployJava1.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dt_shmem.dll
行为描述:	创建可执行文件
详情信息:	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\axbridge.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dcpr.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deploy.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deployJava1.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dt_shmem.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dt_socket.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\eula.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\fontmanager.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\hprof.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\instrument.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\j2pcsc.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\j2pkcs11.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\jaas_nt.dll
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\java-rmi.exe
行为描述:	覆盖已有文件
详情信息:	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive7618206759094257248.vbs
	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive3573570355516197475.vbs
行为描述:	查找文件
详情信息:	FileName = C:\Program Files\Java\jre7\bin\java.dll
	FileName = C:\Program Files\Java\jre7\bin\client\jvm.dll
	FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\\hsperfdata_Administrator\.
	FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\\hsperfdata_Administrator\444
	FileName = C:\Program Files\Java\jre7\lib\resources.jar
	FileName = C:\Program Files\Java\jre7\lib\rt.jar
	FileName = C:\Program Files\Java\jre7\lib\sunrsasign.jar
	FileName = C:\Program Files\Java\jre7\lib\jsse.jar
	FileName = C:\Program Files\Java\jre7\lib\jce.jar
	FileName = C:\Program Files\Java\jre7\lib\charsets.jar
	FileName = C:\Program Files\Java\jre7\classes
	FileName = C:\Program Files
	FileName = C:\Program Files\Java
	FileName = C:\Program Files\Java\jre7
	FileName = C:\Program Files\Java\jre7\lib
行为描述:	删除文件
详情信息:	C:\Documents and Settings\Administrator\Local Settings\Temp\hsperfdata_Administrator\444
	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive7618206759094257248.vbs
	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive3573570355516197475.vbs
行为描述:	修改BAT脚本文件
详情信息:	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive7618206759094257248.vbs ---> Offset = 0
	C:\Documents and Settings\Administrator\Local Settings\Temp\Retrive3573570355516197475.vbs ---> Offset = 0
行为描述:	修改文件内容
详情信息:	C:\Documents and Settings\Administrator\Application Data\Oracle\COPYRIGHT ---> Offset = 0
	C:\Documents and Settings\Administrator\Application Data\Oracle\LICENSE ---> Offset = 0
	C:\Documents and Settings\Administrator\Application Data\Oracle\README.txt ---> Offset = 0
	C:\Documents and Settings\Administrator\Application Data\Oracle\release ---> Offset = 0
	C:\Documents and Settings\Administrator\Application Data\Oracle\THIRDPARTYLICENSEREADME.txt ---> Offset = 0
	C:\Documents and Settings\Administrator\Application Data\Oracle\THIRDPARTYLICENSEREADME.txt ---> Offset = 65536
	C:\Documents and Settings\Administrator\Application Data\Oracle\THIRDPARTYLICENSEREADME.txt ---> Offset = 131072
	C:\Documents and Settings\Administrator\Application Data\Oracle\Welcome.html ---> Offset = 0
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll ---> Offset = 0
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll ---> Offset = 65536
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll ---> Offset = 131072
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll ---> Offset = 196608
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll ---> Offset = 262144
	C:\Documents and Settings\Administrator\Application Data\Oracle\README.txt ---> Offset = 4096
	C:\Documents and Settings\Administrator\Application Data\Oracle\THIRDPARTYLICENSEREADME.txt ---> Offset = 4096

网络行为
行为描述:	按名称获取主机地址
详情信息:	gethostbyname: computer

其他行为
行为描述:	创建互斥体
详情信息:	CTF.LBES.MutexDefaultS-*
	CTF.Compart.MutexDefaultS-*
	CTF.Asm.MutexDefaultS-*
	CTF.Layouts.MutexDefaultS-*
	CTF.TMD.MutexDefaultS-*
	CTF.TimListCache.FMPDefaultS-MUTEX.DefaultS-
行为描述:	创建事件对象
详情信息:	EventName = DINPUTWINMM
	EventName = Global\userenv: User Profile setup event
	EventName = Global\crypt32LogoffEvent
行为描述:	打开事件
详情信息:	\INSTALLATION_SECURITY_HOLD
	HookSwitchHookEnabledEvent
	MSFT.VSA.COM.DISABLE.1592
	MSFT.VSA.IEC.STATUS.6c736db0
	Global\crypt32LogoffEvent
	MSFT.VSA.COM.DISABLE.1252
	Global\SvcctrlStartEvent_A3752DX
行为描述:	可执行文件签名信息
详情信息:	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\axbridge.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dcpr.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deploy.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deployJava1.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dt_shmem.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dt_socket.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\eula.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\fontmanager.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\hprof.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\instrument.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\j2pcsc.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\j2pkcs11.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\jaas_nt.dll(签名验证: 通过)
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\java-rmi.exe(签名验证: 通过)
行为描述:	可执行文件MD5
详情信息:	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\awt.dll ---> 567d46179e7a673711cd9fea512c5364
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\axbridge.dll ---> eff7a9746acee42802ac563859f28558
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dcpr.dll ---> 71418cc50746fc2cb3f517cb3f5a022e
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deploy.dll ---> a958d75082496fbd6d27d290c41f1231
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\deployJava1.dll ---> 15dd43b041053ee102b61d83297bd2bf
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dt_shmem.dll ---> 71b5450786095045b9c7a2b895d43df3
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\dt_socket.dll ---> 11abdfeb7a18677514456da84ee0e86b
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\eula.dll ---> 28dc1be7b39fb98004c4bf1b0b76ce77
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\fontmanager.dll ---> 81e5fa9746a38dc190698f917ed821e7
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\hprof.dll ---> dfa311bd38648c339dd7f0e2f3d88fc7
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\instrument.dll ---> da3f57cedd36d54ec5491f40d6cb4492
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\j2pcsc.dll ---> 8c8d07744786aeaf39f88192c247678a
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\j2pkcs11.dll ---> 0dfeb41ae7ba5eb3cab4ebf370675295
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\jaas_nt.dll ---> 4ab7312304183076ad987edcb209c483
	C:\Documents and Settings\Administrator\Application Data\Oracle\bin\java-rmi.exe ---> ac8e2614b542e0b9e8732b67fccb0c7c
行为描述:	打开互斥体
详情信息:	ShimCacheMutex

Activities
活动名	类型
com.e4a.runtime.android.StartActivity	android.intent.action.MAIN
com.e4a.runtime.android.StartActivity	android.intent.category.DEFAULT
com.e4a.runtime.android.StartActivity	android.intent.category.LAUNCHER
com.e4a.runtime.android.mainActivity	android.intent.action.MAIN
com.e4a.runtime.android.mainActivity	android.intent.category.DEFAULT
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity	android.intent.action.VIEW
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity	android.intent.category.DEFAULT
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity	android.intent.category.BROWSABLE
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity2	android.intent.action.VIEW
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity2	android.intent.category.DEFAULT
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity2	android.intent.category.BROWSABLE
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity4	android.intent.action.VIEW
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity4	android.intent.category.DEFAULT
com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity4	android.intent.category.BROWSABLE

启动方式
名称	信息
net.youmi.android.AdReceiver	应用安装时启动服务
net.youmi.android.AdReceiver
net.youmi.android.AdReceiver	应用安装时启动服务
net.youmi.android.AdReceiver

广告信息
名称	信息
net.youmi	有米广告

权限列表
许可名称	信息
com.android.launcher.permission.INSTALL_SHORTCUT	创建快捷方式
android.permission.GET_TASKS	获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE	写外部存储器（如：SD卡）
android.permission.ACCESS_WIFI_STATE	读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION	获取粗略的位置（通过wifi、基站）
android.permission.READ_PHONE_STATE	读取电话状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS	挂载、反挂载外部文件系统
android.permission.SYSTEM_ALERT_WINDOW	显示系统窗口
android.permission.INTERNETandroid.permission.INTERNETandroid.permission.READ_PHONE_STATEandroid.permission.ACCESS_NETWORK_STATEandroid.permission.ACCESS_WIFI_STATEandroid.permission.WRITE_EXTERNAL_STORAGEandroid.permission.GET_TASKScom.android.launcher.permission.INSTALL_SHORTCUTandroid.permission.CHANGE_CONFIGURATION
android.permission.INTERNET	连接网络（2G或3G）
android.permission.WRITE_SETTINGS	读写系统设置项
android.permission.ACCESS_FINE_LOCATION	获取精确的位置（通过GPS）
com.android.launcher.permission.READ_SETTINGS	读取快捷方式信息
android.permission.ACCESS_NETWORK_STATE	读取网络状态（2G或3G）
android.permission.WAKE_LOCK	手机屏幕关闭后后台进程仍运行
android.permission.CHANGE_CONFIGURATION	修改当前设置（如：本地化）

服务列表
名称
net.youmi.android.AdService
net.youmi.android.AdService

文件列表
文件名	校验码
META-INF/MANIFEST.MF	0xc99293ab
META-INF/CERT.SF	0xf787ffc3
META-INF/CERT.RSA	0x4f2bdcb9
AndroidManifest.xml	0xcdf40bf2
assets/527.txt	0x48426e14
assets/8.txt	0x24fc147e
assets/925af2ea4222a69af84320b6ed7f28ff.jpg	0x2d691dac
assets/AVTB.txt	0xe21b1e7a
assets/FileDialog/1.png	0x78686c7a
assets/FileDialog/2.png	0x7e93bac3
assets/FileDialog/3.png	0x4608dc7e
assets/FileDialog/4.png	0xae74269b
assets/FileDialog/5.png	0x67adec41
assets/FileDialog/6.png	0xcd055e6c
assets/FileDialog/7.png	0x446d8c59
assets/FileDialog/8.png	0x46c0be08
assets/WD.txt	0xfe997de
assets/qpg.txt	0xf97f9851
assets/re.txt	0x30f6d112
assets/sjj.txt	0xbd3f66bb
assets/xin.txt	0xaea4cf63
assets/zxcvb.png	0x8bf94b91
classes.dex	0x68a9db42
lib/armeabi/libcyberplayer-core.so	0xb98484e0
lib/armeabi/libcyberplayer.so	0x2350af82
res/drawable-hdpi/cyberplayer_listbtn_normal.png	0xa2be03dc
res/drawable-hdpi/cyberplayer_listbtn_pressed.png	0x21de95cb
res/drawable-hdpi/cyberplayer_next_play.png	0x4dbc08ae
res/drawable-hdpi/cyberplayer_next_play_disable.png	0xd9509e6a
res/drawable-hdpi/cyberplayer_next_play_pressed.png	0xecd2fb3a
res/drawable-hdpi/cyberplayer_play_media.png	0x7825fccf
res/drawable-hdpi/cyberplayer_play_media_disable.png	0xd06ad4ea
res/drawable-hdpi/cyberplayer_play_media_pressed.png	0x754abc4d
res/drawable-hdpi/cyberplayer_retreat_media.png	0xc1863e71
res/drawable-hdpi/cyberplayer_retreat_media_disable.png	0x105d69ea
res/drawable-hdpi/cyberplayer_retreat_media_pressed.png	0x107d406d
res/drawable-hdpi/cyberplayer_seekbar_background.png	0x470141ee
res/drawable-hdpi/cyberplayer_seekbar_background_normal.9.png	0xb682f96c
res/drawable-hdpi/cyberplayer_seekbar_background_process.9.png	0x525e50fe
res/drawable-hdpi/cyberplayer_seekbar_background_sound_normal.9.png	0xf670f95b
res/drawable-hdpi/cyberplayer_seekbar_background_sound_process.9.png	0x5e8b1ec9
res/drawable-hdpi/cyberplayer_seekbar_cache.png	0x273eb0ec
res/drawable-hdpi/cyberplayer_seekbar_normal.png	0x60b412f3
res/drawable-hdpi/cyberplayer_seekbar_ratio.png	0x8ec16bd1
res/drawable-hdpi/cyberplayer_seekbar_ratio_white.png	0xa7a8ded9
res/drawable-hdpi/cyberplayer_stop_media.png	0x6395a790
res/drawable-hdpi/cyberplayer_stop_media_disable.png	0xbaafc338
res/drawable-hdpi/cyberplayer_stop_media_pressed.png	0x520b1252
res/drawable-hdpi/cyberplayer_subtitle_setting.png	0xdd3621e6
res/drawable-hdpi/cyberplayer_subtitle_setting_disable.png	0xcb77113f
res/drawable-hdpi/cyberplayer_subtitle_setting_pressed.png	0x9a0a6625
res/drawable-hdpi/cyberplayer_switch_subtitle.png	0xe91d219b
res/drawable-hdpi/cyberplayer_switch_subtitle_disable.png	0x4f852d8c
res/drawable-hdpi/cyberplayer_switch_subtitle_pressed.png	0xf6580cd6
res/drawable-hdpi/cyberplayer_take_snapshot.png	0xab8e7fd5
res/drawable-hdpi/cyberplayer_take_snapshot_disable.png	0x234d73be
res/drawable-hdpi/cyberplayer_take_snapshot_pressed.png	0x241205e
res/drawable-hdpi/cyberplayer_textbtn_background_blue.9.png	0x84105c73
res/drawable-hdpi/cyberplayer_titlebar_return.png	0xaafad296
res/drawable-hdpi/cyberplayer_volumebar_background.9.png	0xd4992489
res/drawable-hdpi/ic_episode_titlebar_videoplayer.png	0xc4f1ae6b
res/drawable-hdpi/ic_episode_titlebar_videoplayer_disable.png	0xaba89ad2
res/drawable-hdpi/ic_episode_titlebar_videoplayer_pressed.png	0x4b8d08e3
res/drawable-hdpi/ic_next_play.png	0x719162df
res/drawable-hdpi/ic_next_play_pressed.png	0x1da89f5
res/drawable-hdpi/ic_play_media.png	0xe1efa842
res/drawable-hdpi/ic_play_media_disable.png	0xd06ad4ea
res/drawable-hdpi/ic_play_media_pressed.png	0x369158f9
res/drawable-hdpi/ic_retreat_media.png	0x62ad09c7
res/drawable-hdpi/ic_retreat_media_disable.png	0x105d69ea
res/drawable-hdpi/ic_retreat_media_pressed.png	0x9e62fb86
res/drawable-hdpi/ic_stop_media.png	0x5e106da4
res/drawable-hdpi/ic_stop_media_pressed.png	0x101fb9db
res/drawable-hdpi/ic_zoom_in_btn_videoplayer.png	0x986da792
res/drawable-hdpi/ic_zoom_in_btn_videoplayer_disable.png	0x590e0a34
res/drawable-hdpi/ic_zoom_in_btn_videoplayer_pressed.png	0xea9b5ca1
res/drawable-hdpi/ic_zoom_out_btn_videoplayer.png	0xa25660f0
res/drawable-hdpi/ic_zoom_out_btn_videoplayer_disable.png	0x1489a84c
res/drawable-hdpi/ic_zoom_out_btn_videoplayer_pressed.png	0x722558a6
res/drawable-xhdpi/bookmark_expand_icon.png	0x6639221b
res/drawable-xhdpi/bookmark_icon_folder.png	0xae8b5d6b
res/drawable-xhdpi/bookmark_unexpand_icon.png	0xf6e40be6
res/drawable-xhdpi/btn_style_alert_dialog_button_normal.9.png	0x19f80729
res/drawable-xhdpi/btn_style_alert_dialog_button_pressed.9.png	0xca61388e
res/drawable-xhdpi/btn_style_alert_dialog_cancel_normal.9.png	0x2baa5f01
res/drawable-xhdpi/btn_style_alert_dialog_special_normal.9.png	0xfb7979e3
res/drawable-xhdpi/btn_style_alert_dialog_special_pressed.9.png	0x4d13cbda
res/drawable-xhdpi/download_bookmark_toolbar_delete.png	0x3a7249be
res/drawable-xhdpi/download_toolbar_backward.png	0xa3e23cfd
res/drawable-xhdpi/ic_action_search.png	0x3294aee3
res/drawable-xhdpi/menu_exit.png	0x2983d8b8
res/drawable-xhdpi/mo_shang.png	0xf1f9fdba
res/drawable-xhdpi/mo_xia.png	0x6b9aa78a
res/drawable-xhdpi/mo_zhong.png	0x7694836b
res/drawable-xhdpi/ok_win10_1.png	0x3f2da75e
res/drawable-xhdpi/ok_win10_10.png	0xf1b2f71e
res/drawable-xhdpi/ok_win10_11.png	0xbb91fe35
res/drawable-xhdpi/ok_win10_12.png	0x8e59419e
res/drawable-xhdpi/ok_win10_13.png	0x583476b6
res/drawable-xhdpi/ok_win10_14.png	0x7e6d87da
res/drawable-xhdpi/ok_win10_15.png	0x9c5fd291
res/drawable-xhdpi/ok_win10_16.png	0xda091058
res/drawable-xhdpi/ok_win10_17.png	0xabd11b0b
res/drawable-xhdpi/ok_win10_18.png	0x7d50df6d
res/drawable-xhdpi/ok_win10_19.png	0xedd4f106
res/drawable-xhdpi/ok_win10_2.png	0x8c31996e
res/drawable-xhdpi/ok_win10_20.png	0xc2062a6
res/drawable-xhdpi/ok_win10_21.png	0x7b988fc4
res/drawable-xhdpi/ok_win10_22.png	0xb429d99c
res/drawable-xhdpi/ok_win10_23.png	0x8e25fefa
res/drawable-xhdpi/ok_win10_24.png	0x8f107ff3
res/drawable-xhdpi/ok_win10_25.png	0x23650567
res/drawable-xhdpi/ok_win10_26.png	0x7c5fadae
res/drawable-xhdpi/ok_win10_27.png	0xf9812dff
res/drawable-xhdpi/ok_win10_28.png	0x353d2aef
res/drawable-xhdpi/ok_win10_29.png	0xd6403544
res/drawable-xhdpi/ok_win10_3.png	0x30d49bea
res/drawable-xhdpi/ok_win10_30.png	0x4fd184fe
res/drawable-xhdpi/ok_win10_31.png	0xae4fcca7
res/drawable-xhdpi/ok_win10_32.png	0x1811001f
res/drawable-xhdpi/ok_win10_33.png	0xf1647bbe
res/drawable-xhdpi/ok_win10_34.png	0xee51f09b
res/drawable-xhdpi/ok_win10_35.png	0xd4560822
res/drawable-xhdpi/ok_win10_36.png	0xf2f61c5
res/drawable-xhdpi/ok_win10_37.png	0x8c34a715
res/drawable-xhdpi/ok_win10_38.png	0x54f98dd1
res/drawable-xhdpi/ok_win10_39.png	0x5b69bac3
res/drawable-xhdpi/ok_win10_4.png	0x9042ed2
res/drawable-xhdpi/ok_win10_40.png	0x5204a48e
res/drawable-xhdpi/ok_win10_41.png	0x562d4ca1
res/drawable-xhdpi/ok_win10_42.png	0xfbb04908
res/drawable-xhdpi/ok_win10_43.png	0x96e3309e
res/drawable-xhdpi/ok_win10_44.png	0x583476b6
res/drawable-xhdpi/ok_win10_45.png	0x5af76e72
res/drawable-xhdpi/ok_win10_46.png	0xdf187d2f
res/drawable-xhdpi/ok_win10_47.png	0x72bf0510
res/drawable-xhdpi/ok_win10_48.png	0x8c77307a
res/drawable-xhdpi/ok_win10_49.png	0x7d50df6d
res/drawable-xhdpi/ok_win10_5.png	0x1e969f02
res/drawable-xhdpi/ok_win10_50.png	0x93a5e64e
res/drawable-xhdpi/ok_win10_51.png	0x84db4127
res/drawable-xhdpi/ok_win10_52.png	0xf2b97805
res/drawable-xhdpi/ok_win10_53.png	0x9816bea0
res/drawable-xhdpi/ok_win10_54.png	0xa397d7dd
res/drawable-xhdpi/ok_win10_55.png	0x8f107ff3
res/drawable-xhdpi/ok_win10_56.png	0x5819d596
res/drawable-xhdpi/ok_win10_57.png	0xb37a1fd1
res/drawable-xhdpi/ok_win10_58.png	0xd02da4a6
res/drawable-xhdpi/ok_win10_59.png	0x353d2aef
res/drawable-xhdpi/ok_win10_6.png	0xf8a63f04
res/drawable-xhdpi/ok_win10_60.png	0xf3901052
res/drawable-xhdpi/ok_win10_61.png	0xb7a2ff0e
res/drawable-xhdpi/ok_win10_62.png	0xdc899480
res/drawable-xhdpi/ok_win10_63.png	0x1811001f
res/drawable-xhdpi/ok_win10_64.png	0x89777e6b
res/drawable-xhdpi/ok_win10_65.png	0x6ec37229
res/drawable-xhdpi/ok_win10_66.png	0xd849beaa
res/drawable-xhdpi/ok_win10_67.png	0x3bad2405
res/drawable-xhdpi/ok_win10_68.png	0x726b7b15
res/drawable-xhdpi/ok_win10_69.png	0xe59993a2
res/drawable-xhdpi/ok_win10_7.png	0xb5d1e2f4
res/drawable-xhdpi/ok_win10_70.png	0xd1b58aa5
res/drawable-xhdpi/ok_win10_71.png	0xa97f2961
res/drawable-xhdpi/ok_win10_72.png	0xb79aa5b7
res/drawable-xhdpi/ok_win10_73.png	0xbec3199d
res/drawable-xhdpi/ok_win10_74.png	0xf52b6e9b
res/drawable-xhdpi/ok_win10_75.png	0xc4a38d7f
res/drawable-xhdpi/ok_win10_8.png	0xb6af5baf
res/drawable-xhdpi/ok_win10_9.png	0x90a86d8c
res/drawable-xhdpi/round_48px_1071539_easyicon.png	0xc24a6722
res/drawable-xhdpi/yanse_baise.png	0xc1df8226
res/drawable-xhdpi/yanse_baisu.png	0x1da031d2
res/drawable-xhdpi/yanse_huhuise.png	0xbf5ef6c1
res/drawable-xhdpi/yanse_huise.png	0xd8256c99
res/drawable/ad_indicator_selected.png	0x3c90412a
res/drawable/btn_style_alert_dialog_button.xml	0x64bd9cdc
res/drawable/btn_style_alert_dialog_cancel.xml	0x17557faf
res/drawable/btn_style_alert_dialog_special.xml	0x52659ee6
res/drawable/caidan_btn_style.xml	0xe7d7fc0b
res/drawable/caidian_lie_style.xml	0xa3e3b0d5
res/drawable/caidian_lies_style.xml	0x3db6e9fa
res/drawable/detail_bg.9.png	0x5c0da98a
res/drawable/down_ico.png	0xff0f1830
res/drawable/e4alistview_new_message.png	0x1cdc5409
res/drawable/emoticon_pager_select_normal.png	0xd4b3274c
res/drawable/fancircle_banner_cover.png	0x635e2d55
res/drawable/hou.png	0x356ecd7c
res/drawable/icon.png	0x6999f1a2
res/drawable/item_bg.9.png	0x4167de71
res/drawable/item_text_bg.9.png	0x5c0da98a
res/drawable/moren.png	0x8a1f4b00
res/drawable/next_btn_style.xml	0xf690b7f0
res/drawable/nohistorydata.png	0x8c959af
res/drawable/ok_win10.xml	0x57ac5b43
res/drawable/ound_easyicon.png	0x9d7c819f
res/drawable/pause_btn_style.xml	0x2217285d
res/drawable/play_btn_style.xml	0xbeaa9da6
res/drawable/player_landscape_more_normal.png	0xcf66ec96
res/drawable/player_landscape_more_press.png	0x38397897
res/drawable/pre_btn_style.xml	0xd7f145db
res/drawable/qcloud_player_icon_audio_vol.png	0x73be6b62
res/drawable/qcloud_player_icon_brightness.png	0x3e7ba87b
res/drawable/qian.png	0xf69d578
res/drawable/seekbar_define_style.xml	0x4653791e
res/drawable/seekbar_thumb.xml	0xa91952d8
res/drawable/vive_yuanxing.xml	0x76e3cd1f
res/drawable/zidingyi_anniu_style.xml	0xffa82dc3
res/drawable/zidingyi_anniu_style1.xml	0x6cb752b9
res/drawable/zidingyi_anniu_style2.xml	0x96f3f5be
res/layout/canduanxiang.xml	0x10afa73b
res/layout/controllerplayinging.xml	0xe0ebf018
res/layout/controllerplayingok.xml	0x40710dc4
res/layout/detail.xml	0x8cb9027e
res/layout/loading_dialog.xml	0x94cfeab6
resources.arsc	0x9044a4b8

运行截图