VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :Shark抓包工具.apk (File not down)
File Size :446839 byte
File Type :application/zip
MD5:fa9d454c3e81307d72287a490849c3e5
SHA1:ce5610d0c99d2e259a676587950d6af97c51ae85
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-03-09 21:50:09 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 60
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 60
    avast 141231-0 4.7.4 2014-12-31 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 6
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 60
    baidusd 1.0 1.0 2014-04-02 Found nothing 60
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
    clamav 19745 0.97.5 2014-12-07 Found nothing 1
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 44
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 2
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 12
    gdata 25.473 25.473 2015-03-01 Found nothing 60
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 5
    jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 60
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 32
    kingsoft 2.1 2.1 2013-09-22 Found nothing 60
    mcafee 7638 5400.1158 2014-11-30 Found nothing 27
    nod32 0920 3.0.21 2014-12-23 Found nothing 4
    panda 9.05.01 9.05.01 2014-12-31 Found nothing 60
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 2
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 60
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
    quickheal 14.00 14.00 2014-12-31 Found nothing 60
    rising 25.46.06.04 25.46.06.04 2014-12-28 Found nothing 60
    sophos 5.08 3.55.0 2014-12-01 Found nothing 7
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 2
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 60
    thehacker 6.8.0.5 6.8.0.5 2014-12-29 Found nothing 60
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 60
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 9
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 20
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.READ_PHONE_STATE读取电话状态
  • 文件信息
    安全评分 :75
    基本信息
    MD5:fa9d454c3e81307d72287a490849c3e5
    包名:lv.n3o.shark
    最低运行环境:Android 1.6
    版权:Android
    关键行为
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [About PuTTY,#32770]
    文件行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
    MSCTF.MarshalInterface.FileMap.MNJ..OGHFF
    MSCTF.MarshalInterface.FileMap.MNJ.B.OHHFF
    MSCTF.MarshalInterface.FileMap.MNJ.C.OHHFF
    MSCTF.MarshalInterface.FileMap.MNJ.D.NIHFF
    MSCTF.MarshalInterface.FileMap.MNJ.E.NIHFF
    MSCTF.MarshalInterface.FileMap.MNJ.F.NIHFF
    MSCTF.MarshalInterface.FileMap.MNJ.G.NIHFF
    MSCTF.Shared.SFM.MNJ
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
    CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
    CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
    CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
    CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
    CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
    MSCTF.Shared.MUTEX.AEH
    MSCTF.Shared.MUTEX.MNJ
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [About PuTTY,#32770]
    行为描述:窗口信息
    详情信息:Pid = 2520, Hwnd=0x20356, Text = &Open, ClassName = Button.
    Pid = 2520, Hwnd=0x20354, Text = &Cancel, ClassName = Button.
    Pid = 2520, Hwnd=0x20352, Text = &About, ClassName = Button.
    Pid = 2520, Hwnd=0x20350, Text = Cate&gory:, ClassName = Static.
    Pid = 2520, Hwnd=0x10360, Text = Host &Name (or IP address), ClassName = Static.
    Pid = 2520, Hwnd=0x10364, Text = &Port, ClassName = Static.
    Pid = 2520, Hwnd=0x10366, Text = 22, ClassName = Edit.
    Pid = 2520, Hwnd=0x10368, Text = Connection type:, ClassName = Static.
    Pid = 2520, Hwnd=0x1036a, Text = Ra&w, ClassName = Button(RadioButton).
    Pid = 2520, Hwnd=0x1036c, Text = &Telnet, ClassName = Button(RadioButton).
    Pid = 2520, Hwnd=0x1036e, Text = Rlog&in, ClassName = Button(RadioButton).
    Pid = 2520, Hwnd=0x10370, Text = &SSH, ClassName = Button(RadioButton).
    Pid = 2520, Hwnd=0x10372, Text = Se&rial, ClassName = Button(RadioButton).
    Pid = 2520, Hwnd=0x10374, Text = Specify the destination you want to connect to, ClassName = Button(GroupBox).
    Pid = 2520, Hwnd=0x10376, Text = Sav&ed Sessions, ClassName = Static.
    Activities
    活动名类型
    .SharkMainandroid.intent.action.MAIN
    .SharkMainandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    HttpClient;->execute请求远程服务器
    DefaultHttpClient;->execute发送HTTP请求
    java/net/URL;->openConnection连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/HttpURLConnection;->connect连接URL
    LocationManager;->getLastKnownLocation获取地址位置
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.READ_PHONE_STATE读取电话状态
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x1e9777c2
    META-INF/CERT.SF 0x82d7f803
    META-INF/CERT.RSA 0x9672dad4
    AndroidManifest.xml 0x5810de30
    classes.dex 0x99e70e52
    res/drawable/icon.png 0x68cfe860
    res/layout/main.xml 0xdd05ce75
    res/raw/tcpdump 0x3fc822be
    resources.arsc 0xa6e59a32
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号