VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :app-debug_mini_3.apk (File not down)
File Size :1830918 byte
File Type :application/zip
MD5:3844335c910bce9f1e4d6d990ff5effd
SHA1:a56cfb70d1a3e371148e427c1ddf090d19ee5488
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-12-12 19:53:00 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
    avast 161211-0 4.7.4 2016-12-11 Found nothing 60
    avg 2109/13073 10.0.1405 2016-12-11 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 38
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 22691 0.97.5 2016-12-10 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2016-12-09 Found nothing 60
    fortinet 41.333, 41.333, 41.333 5.4.233 2016-12-12 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.8610 25.8610 2016-10-12 Found nothing 10
    ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2016-12-01 Backdoor/AndroidOS.apik 39
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 20
    mcafee 8254 5400.1158 2016-08-11 Found nothing 60
    nod32 1777 3.0.21 2015-06-12 Found nothing 60
    panda 9.05.01 9.05.01 2016-12-11 Found nothing 4
    pcc 12.954.06 9.500-1005 2016-12-11 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2016-12-10 Found nothing 2
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 1
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2016-11-29 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2016-12-12 Found nothing 14
    vba 3.12.29.3 beta 3.12.29.3 beta 2016-12-08 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
  • 文件信息
    安全评分 :
    基本信息
    MD5:3844335c910bce9f1e4d6d990ff5effd
    包名:com.example.myapp
    最低运行环境:Android 4.0, 4.0.1, 4.0.2
    版权:Android
    关键行为
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x51ad2044, EDX = 0x00001192
    EAX = 0x51ad2090, EDX = 0x00001192
    EAX = 0x51ad20dc, EDX = 0x00001192
    EAX = 0x51ad2128, EDX = 0x00001192
    EAX = 0x51ad2174, EDX = 0x00001192
    EAX = 0x51ad21c0, EDX = 0x00001192
    EAX = 0x51ad220c, EDX = 0x00001192
    EAX = 0x51ad2258, EDX = 0x00001192
    EAX = 0x51ad22a4, EDX = 0x00001192
    EAX = 0x51ad22f0, EDX = 0x00001192
    行为描述:尝试打开调试器或监控软件的驱动设备对象
    详情信息:\??\NTICE
    行为描述:查找反病毒常用工具窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Regmonclass,]
    NtUserFindWindowEx: [Class,Window] = [Filemonclass,]
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x350102a3.
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2176, StartAddress = 00712BB5, Parameter = 001A80F8
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2180, StartAddress = 00712BB5, Parameter = 001A80F8
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2184, StartAddress = 00712BB5, Parameter = 001A8108
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2188, StartAddress = 00712BB5, Parameter = 001A8118
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2192, StartAddress = 00712BB5, Parameter = 001A80F8
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2196, StartAddress = 00712BB5, Parameter = 001A8108
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2200, StartAddress = 00712BB5, Parameter = 001A8118
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2204, StartAddress = 00712BB5, Parameter = 001A80F8
    TargetProcess: 3306自动化提权工具7.0.EXE, InheritedFromPID = 1944, ProcessID = 1996, ThreadID = 2208, StartAddress = 00712BB5, Parameter = 001A80F8
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [4823-00000029,]
    NtUserFindWindowEx: [Class,Window] = [18467-41,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    行为描述:尝试打开调试器或监控软件的驱动设备对象
    详情信息:\??\NTICE
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000051
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000051
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:窗口信息
    详情信息:Pid = 1996, Hwnd=0x1603be, Text = 确定, ClassName = Button.
    Pid = 1996, Hwnd=0xa03b8, Text = 发生内部错误。, ClassName = Static.
    Pid = 1996, Hwnd=0x16034c, Text = www.401hk.com, ClassName = #32770.
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x350102a3.
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x51ad2044, EDX = 0x00001192
    EAX = 0x51ad2090, EDX = 0x00001192
    EAX = 0x51ad20dc, EDX = 0x00001192
    EAX = 0x51ad2128, EDX = 0x00001192
    EAX = 0x51ad2174, EDX = 0x00001192
    EAX = 0x51ad21c0, EDX = 0x00001192
    EAX = 0x51ad220c, EDX = 0x00001192
    EAX = 0x51ad2258, EDX = 0x00001192
    EAX = 0x51ad22a4, EDX = 0x00001192
    EAX = 0x51ad22f0, EDX = 0x00001192
    行为描述:查找反病毒常用工具窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Regmonclass,]
    NtUserFindWindowEx: [Class,Window] = [Filemonclass,]
    Activities
    活动名类型
    com.example.myapp.MyActivityandroid.intent.action.MAIN
    com.example.myapp.MyActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    文件列表
    文件名 校验码
    AndroidManifest.xml 0xeb2c7c4d
    META-INF/CERT.RSA 0x79a982e7
    META-INF/CERT.SF 0x1c1cb0d2
    META-INF/MANIFEST.MF 0x7b1d1dd8
    assets/test.apk 0xb2c595d5
    classes.dex 0x1271b6bd
    lib/armeabi-v7a/libexploits_jni.so 0xbf3a7086
    lib/armeabi/libexploits_jni.so 0x1b43c555
    res/drawable-hdpi-v4/drop_down_list_arrow.png 0xe2d3f1fb
    res/drawable-xhdpi-v4/ic_launcher.png 0xc9c090e8
    res/drawable/button_selector.xml 0xdc7e448b
    res/drawable/sel_button_disable.xml 0x8bc854c9
    res/drawable/sel_button_normal.xml 0x4bed9a66
    res/drawable/sel_button_press.xml 0x85deebad
    res/drawable/shape_rect_gary.xml 0xd09ac2a5
    res/layout/drop_down_list_footer.xml 0x6549b29c
    res/layout/drop_down_list_header.xml 0xe2fd6f94
    res/layout/main.xml 0xa1cd9584
    resources.arsc 0xe52fa024
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号