VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name :Nexus_Media_Importer_6.0.apk (File not down)
File Size :398486 byte
File Type :application/zip
MD5:ebe8cfd77013746fb7ed3cb5cda6b404
SHA1:d1174084a944f6f79933e795c29713e6acbdaa22
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-10-25 19:48:59 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4043 25.4043 2015-10-25 Found nothing 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 41
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 16
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 8
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    com.android.vending.CHECK_LICENSE
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
  • 文件信息
    安全评分 :
    基本信息
    MD5:ebe8cfd77013746fb7ed3cb5cda6b404
    包名:com.homeysoft.nexususb.importer
    最低运行环境:Android 4.0, 4.0.1, 4.0.2
    版权:PDA World
    关键行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.AFH..JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.B.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.C.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.D.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.E.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.F.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.G.JNIGH
    MSCTF.Shared.SFM.AFH
    MSCTF.MarshalInterface.FileMap.AFH.H.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.I.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.J.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.K.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.L.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.M.HIPKH
    行为描述:DLL样本(x86)
    详情信息:N/A
    进程行为
    行为描述:创建进程
    详情信息:ImagePath = C:\WINDOWS\system32\Regsvr32.exe, CmdLine = Regsvr32.exe c:\docume~1\admini~1\locals~1\%temp%\996e.dll
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.AFH..JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.B.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.C.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.D.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.E.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.F.JNIGH
    MSCTF.MarshalInterface.FileMap.AFH.G.JNIGH
    MSCTF.Shared.SFM.AFH
    MSCTF.MarshalInterface.FileMap.AFH.H.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.I.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.J.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.K.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.L.HIPKH
    MSCTF.MarshalInterface.FileMap.AFH.M.HIPKH
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{03be3ac4-84b7-4e0e-a78d-d3524e60395a}\InprocServer32\
    \REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\03be3ac4-84b7-4e0e-a78d-d3524e60395a\
    \REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\03be3ac4-84b7-4e0e-a78d-d3524e60395a\InputTypes
    \REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\03be3ac4-84b7-4e0e-a78d-d3524e60395a\OutputTypes
    行为描述:删除注册表键
    详情信息:\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\03be3ac4-84b7-4e0e-a78d-d3524e60395a
    其他行为
    行为描述:创建互斥体
    详情信息:SHIMLIB_LOG_MUTEX
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.AFH
    行为描述:DLL样本(x86)
    详情信息:N/A
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:获取系统权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    SE_DEBUG_PRIVILEGE
    动态列表行为
    行为描述:Toast->makeText弹出提示
    详情信息:text: duration:1
    行为描述:读取文件
    详情信息:path:/proc/mounts length:69
    path:/proc/mounts length:5
    path:unknown length:24
    path:/data/data/com.homeysoft.nexususb.importer/shared_prefs/com.homeysoft.nexususb.importer_preferences.xml length:105
    行为描述:获取加密实例
    详情信息:[u'DES/ECB/PKCS5Padding']
    [u'AES/CBC/PKCS5Padding']
    行为描述:解析通用资源标识符
    详情信息:market://details?id=com.homeysoft.nexususb.importer
    行为描述:读取系统设置
    详情信息:[u'android.app.ContextImpl$ApplicationContentResolver@414f2620', u'sound_effects_enabled']
    行为描述:窗口信息
    详情信息:{"text": "License Check Failed", "class": "android.widget.TextView"}
    {"text": "Please make sure your date and time are correct. Connected to either WiFi or mobile broadband, then try again.", "class": "android.widget.TextView"}
    {"text": "OK", "class": "android.widget.Button"}
    行为描述:缓冲区读取一行数据
    详情信息:rootfs / rootfs rw 0 0
    tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
    devpts /dev/pts devpts rw,mode=600 0 0
    proc /proc proc rw 0 0
    sysfs /sys sysfs rw 0 0
    none /acct cgroup rw,cpuacct 0 0
    tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
    tmpfs /mnt/obb tmpfs rw,mode=755,gid=1000 0 0
    none /dev/cpuctl cgroup rw,cpu 0 0
    /dev/block/mtdblock0 /system yaffs2 rw 0 0
    /dev/block/mtdblock1 /data yaffs2 rw,nosuid,nodev 0 0
    /dev/block/mtdblock2 /cache yaffs2 rw,nosuid,nodev 0 0
    null
    rootfs / rootfs rw 0 0
    tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
    devpts /dev/pts devpts rw,mode=600 0 0
    proc /proc proc rw 0 0
    sysfs /sys sysfs rw 0 0
    none /acct cgroup rw,cpuacct 0 0
    tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
    tmpfs /mnt/obb tmpfs rw,mode=755,gid=1000 0 0
    none /dev/cpuctl cgroup rw,cpu 0 0
    /dev/block/mtdblock0 /system yaffs2 rw 0 0
    /dev/block/mtdblock1 /data yaffs2 rw,nosuid,nodev 0 0
    /dev/block/mtdblock2 /cache yaffs2 rw,nosuid,nodev 0 0
    null
    rootfs / rootfs rw 0 0
    tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
    devpts /dev/pts devpts rw,mode=600 0 0
    proc /proc proc rw 0 0
    sysfs /sys sysfs rw 0 0
    none /acct cgroup rw,cpuacct 0 0
    tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
    tmpfs /mnt/obb tmpfs rw,mode=755,gid=1000 0 0
    none /dev/cpuctl cgroup rw,cpu 0 0
    /dev/block/mtdblock0 /system yaffs2 rw 0 0
    /dev/block/mtdblock1 /data yaffs2 rw,nosuid,nodev 0 0
    /dev/block/mtdblock2 /cache yaffs2 rw,nosuid,nodev 0 0
    null
    rootfs / rootfs rw 0 0
    tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
    devpts /dev/pts devpts rw,mode=600 0 0
    proc /proc proc rw 0 0
    sysfs /sys sysfs rw 0 0
    none /acct cgroup rw,cpuacct 0 0
    tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
    tmpfs /mnt/obb tmpfs rw,mode=755,gid=1000 0 0
    none /dev/cpuctl cgroup rw,cpu 0 0
    /dev/block/mtdblock0 /system yaffs2 rw 0 0
    /dev/block/mtdblock1 /data yaffs2 rw,nosuid,nodev 0 0
    /dev/block/mtdblock2 /cache yaffs2 rw,nosuid,nodev 0 0
    null
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414d2250', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#1820002 pfl=0x8 fmt=-2 wanim=0x1030290}', u'android.view.CompatibilityInfoHolder@414afce0']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414a8628', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x10302e0}', u'android.view.CompatibilityInfoHolder@414afce0']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414f62c0', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#1820002 pfl=0x8 fmt=-2 wanim=0x1030290}', u'android.view.CompatibilityInfoHolder@414afce0']
    行为描述:写入文件
    详情信息:path:/data/data/com.homeysoft.nexususb.importer/shared_prefs/com.homeysoft.nexususb.importer_preferences.xml length:105
    path:/data/data/com.homeysoft.nexususb.importer/shared_prefs/com.android.vending.licensing.ServerManagedPolicy.xml length:261
    行为描述:激活Activity
    详情信息:{"SCHEME":"market","ACTION":"android.intent.action.VIEW","DATA":"market:\/\/details?id=com.homeysoft.nexususb.importer","FLAG":0}
    行为描述:初始化Intent
    详情信息:[u'com.android.vending.licensing.ILicensingService']
    [u'android.intent.action.VIEW', u'market://details?id=com.homeysoft.nexususb.importer']
    Activities
    活动名类型
    .NexusUsbImporterActivityandroid.intent.action.MAIN
    .NexusUsbImporterActivityandroid.hardware.usb.action.USB_DEVICE_ATTACHED
    .NexusUsbImporterActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    ContentResolver;->query读取联系人、短信等数据库
    ContentResolver;->delete删除短信、联系人
    android/app/NotificationManager;->notify信息通知栏
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    com.android.vending.CHECK_LICENSE
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    服务列表
    名称
    com.homeysoft.nexususb.importer.NioSocketServerService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xa126d587
    META-INF/INFINITE.SF 0xf9d16a0f
    META-INF/INFINITE.RSA 0xe319be40
    AndroidManifest.xml 0x1b4cba17
    classes.dex 0x48ec76bc
    res/drawable-hdpi/ic_action_expand.png 0xb431f37a
    res/drawable-hdpi/ic_action_goleft.png 0x6853ccfc
    res/drawable-hdpi/ic_action_list_2.png 0x2fe75f2d
    res/drawable-hdpi/ic_action_playback_next.png 0x4159124c
    res/drawable-hdpi/ic_action_playback_pause.png 0x6bc3a0c6
    res/drawable-hdpi/ic_action_playback_play.png 0x9be5b3f4
    res/drawable-hdpi/ic_action_playback_prev.png 0x933e5f81
    res/drawable-hdpi/ic_action_playback_repeat.png 0xd17da73c
    res/drawable-hdpi/ic_action_playback_repeat_1.png 0x23bf2617
    res/drawable-hdpi/ic_action_playback_schuffle.png 0x6c0eea6b
    res/drawable-hdpi/ic_lock_ringer_on.png 0x6214a29a
    res/drawable-hdpi/ic_media_video_poster.png 0xd2da86da
    res/drawable-hdpi/ic_menu_archive.png 0x187bf79a
    res/drawable-hdpi/ic_menu_attachment.png 0x4f04600d
    res/drawable-hdpi/ic_menu_refresh.png 0xe59f711
    res/drawable-hdpi/launch.png 0x99f2983b
    res/drawable-mdpi/ic_action_expand.png 0xcb1e5ed2
    res/drawable-mdpi/ic_action_goleft.png 0xf795a996
    res/drawable-mdpi/ic_action_list_2.png 0xf6ee1660
    res/drawable-mdpi/ic_action_playback_next.png 0xa8cde247
    res/drawable-mdpi/ic_action_playback_pause.png 0x3224b334
    res/drawable-mdpi/ic_action_playback_play.png 0xfda8d700
    res/drawable-mdpi/ic_action_playback_prev.png 0x6fa0a7db
    res/drawable-mdpi/ic_action_playback_repeat.png 0xfa1b849
    res/drawable-mdpi/ic_action_playback_repeat_1.png 0x2efa6fd2
    res/drawable-mdpi/ic_action_playback_schuffle.png 0xa16ab924
    res/drawable-mdpi/ic_lock_ringer_on.png 0xcb891f5d
    res/drawable-mdpi/ic_menu_archive.png 0xc2c5a68e
    res/drawable-mdpi/ic_menu_attachment.png 0x6baf0e91
    res/drawable-mdpi/ic_menu_refresh.png 0x5b3150dc
    res/drawable-nodpi/note.png 0xacfaa317
    res/drawable-xhdpi/ic_action_copy.png 0xcc51f38d
    res/drawable-xhdpi/ic_action_expand.png 0x5969f10e
    res/drawable-xhdpi/ic_action_export.png 0x20901ffe
    res/drawable-xhdpi/ic_action_goleft.png 0xce51d966
    res/drawable-xhdpi/ic_action_list_2.png 0x641ef713
    res/drawable-xhdpi/ic_lock_ringer_on.png 0x13307718
    res/drawable-xhdpi/ic_media_video_poster.png 0xb766d14c
    res/drawable-xhdpi/ic_menu_archive.png 0xc3d7d352
    res/drawable-xhdpi/ic_menu_attachment.png 0x50840330
    res/drawable-xhdpi/ic_menu_refresh.png 0xfd8b5611
    res/drawable-xhdpi/launch.png 0x2df3ab34
    res/drawable/button_highlight.xml 0x9280ff0a
    res/drawable/color_highlight.xml 0xe4a2273e
    res/layout/audio_detail.xml 0xb4ede1dd
    res/layout/audio_notification.xml 0x93c70062
    res/layout/checkable_textview.xml 0xf31bc6e0
    res/layout/common.xml 0x6899928e
    res/layout/connect.xml 0x5be2668d
    res/layout/detail_image.xml 0xea55dd56
    res/layout/dialog_remember.xml 0x9ba02a4b
    res/layout/download_notification.xml 0x9da61cdc
    res/layout/file_properties_foot.xml 0x9caaf724
    res/layout/file_properties_head.xml 0x3f82121
    res/layout/file_properties_multi.xml 0x39f1d444
    res/layout/file_properties_multi_child.xml 0xa128e8b5
    res/layout/file_properties_single.xml 0xcfe36973
    res/layout/file_properties_single_child.xml 0x4f1d516b
    res/layout/file_viewer.xml 0xde0971b2
    res/layout/folder_viewer.xml 0xdd994a90
    res/layout/image_text_item.xml 0x1cb841e2
    res/layout/main.xml 0x23589269
    res/layout/storage_devices.xml 0xbbbf8a01
    res/menu/activity_nexus_usb_import.xml 0x8b8a6b10
    res/menu/dir_select_menu.xml 0xd225299e
    res/menu/file_popup.xml 0xbc58a61d
    res/xml/device_filter.xml 0x76a19ea7
    res/xml/preferences.xml 0x61dc03c
    resources.arsc 0xc59bccd4
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号