VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : 19.apk (File not down)
File Size :132463 byte
File Type :application/jar
MD5:6ec08869f554ac44c7f65c89caeecaf5
SHA1:463a55e4ccec3ea8696ded4f63b1e595867f6f38
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!        Behavior
    Time: 2015-10-16 14:43:15 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.3894 25.3894 2015-10-16 Found nothing 9
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 60
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 7
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 2
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.BIND_DEVICE_ADMIN绑定设备管理
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.REBOOT重启设备
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.VIBRATE允许设备震动
    android.permission.CAMERA访问照相机设备
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
  • 文件信息
    安全评分 :
    基本信息
    MD5:6ec08869f554ac44c7f65c89caeecaf5
    包名:mobwin.cn.android.cyw.onekey
    最低运行环境:Android 2.2.x
    版权:rayma
    关键行为
    行为描述:写权限映射文件
    详情信息:Global\Cor_Private_IPCBlock_416
    Global\Cor_Public_IPCBlock_416
    Global\NLS_00000804_Exception_Table_3_2
    进程行为
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:写权限映射文件
    详情信息:Global\Cor_Private_IPCBlock_416
    Global\Cor_Public_IPCBlock_416
    Global\NLS_00000804_Exception_Table_3_2
    行为描述:查找文件
    详情信息:FileName = C:\WINDOWS
    FileName = C:\WINDOWS\WinSxS
    FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
    FileName = C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
    FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935095.473159.exe
    FileName = C:\Documents and Settings\ADMINI~1
    FileName = C:\Documents and Settings\Administrator\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\996E.INI
    FileName = C:/DOCUME~1
    FileName = C:/DOCUME~1/ADMINI~1
    其他行为
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 1000.
    行为描述:获取TickCount值
    详情信息:TickCount = 486906, SleepMilliseconds = 1000.
    TickCount = 486953, SleepMilliseconds = 1000.
    TickCount = 487062, SleepMilliseconds = 1000.
    TickCount = 487078, SleepMilliseconds = 1000.
    动态列表行为
    行为描述:访问网络
    详情信息:host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    host:120.196.211.8 port:80
    行为描述:调用哈希算法
    详情信息:MD5
    行为描述:读取文件
    详情信息:path:/sys/class/net/lo/ifindex length:7
    path:/sys/class/net/lo/ifindex length:5
    path:/proc/net/if_inet6 length:69
    path:/proc/net/if_inet6 length:5
    path:/sys/class/net/eth0/ifindex length:7
    path:/sys/class/net/eth0/ifindex length:5
    path:/sys/class/net/sit0/ifindex length:7
    path:/sys/class/net/sit0/ifindex length:5
    行为描述:解析通用资源标识符
    详情信息:http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/back.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/back_disable.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/back_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/forward.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/forward_disable.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/forward_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/jumpout.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/jumpout_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/quit.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/quit_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/refresh.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/refresh_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/close_album.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/close_album_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/toolbar_body.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/toolbar_body_pressed.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/toolbar_header.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/divideline.png
    http://120.196.211.8/mobwin/embed_browser/mobWIN_pic/process_bar.png
    行为描述:缓冲区读取一行数据
    详情信息:00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    00000000000000000000000000000001 01 80 10 80 lo
    fe80000000000000505400fffe123456 02 40 20 80 eth0
    null
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@415ab358', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#8020002 pfl=0x8 fmt=-2 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414afb10']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414c4ef8', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414afb10']
    行为描述:写入文件
    详情信息:path:/data/data/mobwin.cn.android.cyw.onekey/shared_prefs/mobwin.cn.android.cyw.onekey_preferences.xml length:127
    path:/data/data/mobwin.cn.android.cyw.onekey/shared_prefs/mobwin.xml length:137
    行为描述:获取网络状态信息[*]
    详情信息:NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    行为描述:初始化Intent
    详情信息:[u'android.os.Parcel@414ad1f8']
    Activities
    活动名类型
    mobwin.cn.android.cyw.onekey.SettingActivityandroid.intent.action.MAIN
    mobwin.cn.android.cyw.onekey.SettingActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    HttpClient;->execute请求远程服务器
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getLine1Number获取手机号
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    java/net/URL;->openConnection连接URL
    android/app/NotificationManager;->notify信息通知栏
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    启动方式
    名称信息
    mobwin.cn.android.cyw.onekey.OneKeyProvider更新应用小部件时启动服务
    权限列表
    许可名称信息
    android.permission.BIND_DEVICE_ADMIN绑定设备管理
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.REBOOT重启设备
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.VIBRATE允许设备震动
    android.permission.CAMERA访问照相机设备
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    服务列表
    名称
    mobwin.cn.android.cyw.onekey.OneKeyUpdateService
    文件列表
    文件名 校验码
    res/drawable/icon.png 0x9624b4f3
    res/drawable/icon_40_40.png 0xcd24a40b
    res/layout/wapsad.xml 0x5569a1da
    res/layout/widget_layout.xml 0xdf39324e
    res/menu/menu.xml 0x5b58d9e4
    res/xml/device_admin.xml 0x474ca9ac
    res/xml/settingpre.xml 0x25b0b386
    res/xml/widget_info.xml 0x5e8eca72
    AndroidManifest.xml 0x28cd8696
    resources.arsc 0xe7f9c546
    res/drawable-hdpi/icon.png 0x6ad4280
    res/drawable-ldpi/icon.png 0x9624b4f3
    res/drawable-mdpi/icon.png 0xef7a92b0
    classes.dex 0x500d3705
    com/qq/jce/wup/wup.properties 0xd035e2bf
    META-INF/MANIFEST.MF 0x8e6f394d
    META-INF/CERT.SF 0x3f3ac97c
    META-INF/CERT.RSA 0x19323902
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号