VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name :12.apk (File not down)
File Size :42444 byte
File Type :application/jar
MD5:16af2f08bcb5275bcb3c36b2f4d1ca36
SHA1:ef4cd7c97d15d318e3b02e536804f5e365afb9e6
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-10-16 14:37:44 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.3894 25.3894 2015-10-16 Found nothing 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 60
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Android.Troj.luomao.cr.(kcloud) 5
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 2
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.WRITE_SETTINGS读写系统设置项
  • 文件信息
    安全评分 :75
    基本信息
    MD5:16af2f08bcb5275bcb3c36b2f4d1ca36
    包名:com.wwdev.rebooter
    最低运行环境:
    版权:
    关键行为
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    网络行为
    行为描述:发送一个已连接的套接字数据
    详情信息:SOCKET = 0x000005c4, TotalSize = 52, Offset = 0, ReadSize = 52.
    行为描述:建立到一个指定的套接字连接
    详情信息:0.1.226.64:1433
    行为描述:枚举网络共享资源
    详情信息:N/A
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Control Panel\International\sShortDate
    \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Control Panel\International\sLongDate
    \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Control Panel\International\sTimeFormat
    \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Control Panel\International\iTLZero
    \REGISTRY\MACHINE\SOFTWARE\Description\Microsoft\Rpc\UuidTemporaryData\NetworkAddress
    \REGISTRY\MACHINE\SOFTWARE\Description\Microsoft\Rpc\UuidTemporaryData\NetworkAddressLocal
    其他行为
    行为描述:窗口信息
    详情信息:Pid = 1268, Hwnd=0xb0200, Text = 退出(F4), ClassName = TButton.
    Pid = 1268, Hwnd=0xc01a6, Text = 确定(F5), ClassName = TButton.
    Pid = 1268, Hwnd=0xc01ee, Text = 选择服务器, ClassName = TFfwq.
    Pid = 1268, Hwnd=0xb018a, Text = 123456, ClassName = TComboBox.
    Pid = 1268, Hwnd=0x803be, Text = 确定, ClassName = Button.
    Pid = 1268, Hwnd=0x803fe, Text = 连接数据库失败, 请查看所选服务器是否已经启动!, ClassName = Static.
    Pid = 1268, Hwnd=0x80390, Text = 系统信息, ClassName = #32770.
    Pid = 1268, Hwnd=0x80388, Text = 确定, ClassName = Button.
    Pid = 1268, Hwnd=0x9036a, Text = 连接数据库失败, 请查看所选服务器是否已经启动!, ClassName = Static.
    Pid = 1268, Hwnd=0x80396, Text = 系统信息, ClassName = #32770.
    Pid = 1268, Hwnd=0x903ca, Text = 确定, ClassName = Button.
    Pid = 1268, Hwnd=0x9036c, Text = 连接数据库失败, 请查看所选服务器是否已经启动!, ClassName = Static.
    Pid = 1268, Hwnd=0xc0344, Text = 系统信息, ClassName = #32770.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    行为描述:创建互斥体
    详情信息:mpjxc
    动态列表行为
    行为描述:启动服务
    详情信息:com.android.musicfx.Compatibility$Service
    com.android.mms.transaction.SmsReceiverService
    行为描述:读取文件
    详情信息:path:/proc/783/cmdline length:105
    path:/proc/799/cmdline length:105
    path:/proc/811/cmdline length:105
    path:/proc/841/cmdline length:105
    path:/proc/854/cmdline length:105
    行为描述:类加载
    详情信息:path:/system/app/PicoTts.apk
    path:/system/app/MusicFX.apk
    path:/system/framework/am.jar
    path:/data/app/com.wwdev.rebooter-1.apk
    行为描述:写入文件
    详情信息:path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
    path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
    path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
    Activities
    活动名类型
    .Rebooterandroid.intent.action.MAIN
    .Rebooterandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    权限列表
    许可名称信息
    android.permission.WRITE_SETTINGS读写系统设置项
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xc65f6e45
    META-INF/CERT.SF 0x43f19cc7
    META-INF/CERT.RSA 0xd899d148
    AndroidManifest.xml 0x8f3e490c
    classes.dex 0xa9830a35
    res/drawable-hdpi/icon.png 0x5983c821
    res/drawable-hdpi/icon_setting.png 0xc4de1323
    res/drawable/btn_close_focused.png 0x6b882a15
    res/drawable/btn_close_normal.png 0xeb244ce4
    res/drawable/btn_close_pressed.png 0x82b955ab
    res/drawable/btn_close_selector.xml 0x6d5120d2
    res/drawable/btn_focused.png 0x1246f43f
    res/drawable/btn_normal.png 0x840b3b49
    res/drawable/btn_pressed.png 0x1fa0f988
    res/drawable/btn_selector.xml 0xff7d4d7e
    res/drawable/icon.png 0x8dcb2008
    res/layout/main.xml 0xb4bae1c2
    res/menu/menu.xml 0x7a978c32
    res/raw/rebooter 0x5c6d853f
    res/xml/preferences.xml 0x8059f5b8
    resources.arsc 0x3f3e65e9
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号