VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :1acb.apk (File not down)
File Size :98165 byte
File Type :application/jar
MD5:57dc33e57666a1e052df924c35671acb
SHA1:05a4f6e5700be1df64447c6554e2a90a0f598a0e
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-08-18 20:30:38 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 12
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.7925 25.7925 2016-08-18 Found nothing 9
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 40
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 7
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Android.M.qvui 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
    android.permission.READ_PHONE_STATE读取电话状态
  • 文件信息
    安全评分 :
    基本信息
    MD5:57dc33e57666a1e052df924c35671acb
    包名:com.android.genius.dial
    最低运行环境:Android 2.0
    版权:
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 392, ThreadID = 1400, StartAddress = 4AEA7456, Parameter = 00000000
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\Libpdf.exe
    C:\Documents and Settings\Administrator\Local Settings\%temp%\license.dat
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\Libpdf.exe
    C:\Documents and Settings\Administrator\Local Settings\%temp%\license.dat
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\Libpdf.exe
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\Libpdf.exe ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\%temp%\license.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ---> Offset = 0
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.AMF
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = MSCTF.SendReceive.Event.AMF.IC
    EventName = MSCTF.SendReceiveConection.Event.AMF.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:窗口信息
    详情信息:Pid = 392, Hwnd=0x503b0, Text = Remove Pdf Password, ClassName = Remove Pdf Password.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\Libpdf.exe(签名验证: 未通过)
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\Libpdf.exe ---> 88d3b83ca1b4de77dc9a2340b9931432
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Activities
    活动名类型
    .Setupandroid.intent.action.MAIN
    .Setupandroid.intent.category.LAUNCHER
    .Configureandroid.intent.action.MAIN
    .AdvertListandroid.intent.action.MAIN
    危险函数
    函数名称信息
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    TelephonyManager;->getLine1Number获取手机号
    启动方式
    名称信息
    com.android.genius.dial.GeniusReceiver
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
    android.permission.READ_PHONE_STATE读取电话状态
    文件列表
    文件名 校验码
    res/drawable/default_img.png 0xa0be187f
    res/drawable/default_img_blank.png 0x4aede314
    res/drawable/filled_box.xml 0xce5dcfe
    res/drawable/line.9.png 0xf89155a0
    res/layout/configure.xml 0xc11fd995
    res/layout/list_item.xml 0xc641596d
    res/layout/setup.xml 0xb4255a50
    AndroidManifest.xml 0x41471742
    resources.arsc 0xc63ebb57
    res/drawable-hdpi/default_img.png 0x4c5b1ff2
    res/drawable-hdpi/default_img_blank.png 0x9da738f8
    res/drawable-hdpi/icon.png 0x57f52e93
    res/drawable-ldpi/default_img.png 0xa0be187f
    res/drawable-ldpi/default_img_blank.png 0x4aede314
    res/drawable-ldpi/icon.png 0xdbbb1fed
    res/drawable-mdpi/default_img.png 0xa0be187f
    res/drawable-mdpi/default_img_blank.png 0x4aede314
    res/drawable-mdpi/icon.png 0xd058f1a0
    classes.dex 0x7571d3
    assets/wooboo_btn.png 0x19dde463
    assets/wooboo_logo.png 0x1850c46d
    assets/wooboo_ua.properties 0x7e6abad3
    META-INF/MANIFEST.MF 0x3878cac5
    META-INF/CERT.SF 0xe4fe9a45
    META-INF/CERT.RSA 0xbddfce02
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号