VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

  Main Menu
VirSCAN  HOME VirSCAN  go Virscan.org VirSCAN  Report VirSCAN  Virus report VirSCAN  Behavior report VirSCAN  Help VirSCAN VirSCAN  Submit Bugs VirSCAN  Contact us VirSCAN  URL detection VirSCAN  API VirSCAN  uploader for windows(test)
Powered By
安博士V3
AntiVir
安天
Arcabit
AVAST!
AVG
baidu
BitDefender
ClamAV
Comodo
CP Secure
Cyren
Dr.Web
Defenx
a-squared
ESTsecurity
F-Prot
F-Secure
费尔
飞塔
GData
ViRobot
Ikarus
江民杀毒
卡巴斯基
金山毒霸
K7
Microsoft
NOD32
Norman
Nano
熊猫卫士
趋势科技
Quick Heal
瑞星
Sophos
Sunbelt
赛门铁克
深信服
Systweak
nProtect
The Hacker
The Hunter
VBA32
VirusBuster
qqphone
360
xvirus
habo
threatbook
hybrid
 
File information
File Name :4143.apk (File not down)
File Size :179013 byte
File Type :Zip archive data
MD5:6356ec4b1ea14614836b88c77d4676b0
SHA1:80597874f7b9bf09e13dac1bda728197c12489eb
SHA256:6bb7e5e867db9ab63ead5f44625441cf2e82ebfc5e8925211fe0d3bb9f1625c7
SSDEEP:
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:46%Scanner(s) (15/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2019-06-05 08:55:05 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 AVL SDK 3.0 2019-06-04 RiskWare[Monitor]/Android.FoCobers 1
    avast 18.4.3895.0 18.4.3895.0 2019-06-05 Found nothing 46
    avg 10.0.1405 10.0.1405 2019-06-05 Found nothing 1
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 33
    baidusd 1.0 1.0 2019-06-04 Found nothing 1
    bitdefender 7.141118 7.141118 2019-06-04 Found nothing 1
    clamav 25469 0.100.2 2019-06-03 Found nothing 1
    drweb 11.0.10.1810231600 11.0.10.1810231600 2019-06-04 Found nothing 10
    emsisoft 9.0.0.4324 9.0.0.4324 2014-07-03 Android.Monitor.Cobbler.A 2
    fortinet 1.000, 68.991, 68.849, 68.873 5.4.247 2019-06-05 Android/Cobbler.A 1
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 1
    fsecure 2015-08-01-02 9.13 2019-06-05 Found nothing 56
    gdata 25.22249 25.22249 2019-06-05 Android.Monitor.Cobbler.A 15
    ikarus 5.01.05 V1.32.39.0 2019-06-04 PUA.AndroidOS.Cobblerone 4
    jiangmin 16.0.100 1.0.0.0 2019-06-04 Monitor.AndroidOS.agi 2
    kaspersky 5.5.33 5.5.33 2019-06-04 not-a-virus:Monitor.AndroidOS.FoCobers.b 19
    kingsoft 2.1 2.1 2013-09-22 Found nothing 8
    mcafee 9256 5400.1158 2019-05-13 Found nothing 12
    nod32 9446 4.5.15 2019-05-31 Android/Cobblerone.A potentially unsafe application 1
    panda 9.05.01 9.05.01 2019-05-29 Found nothing 7
    pcc 13.302.06 9.500-1005 2019-06-04 Android.049EDB4A 2
    qh360 1.0.1 1.0.1 2019-06-04 Tool.Android.Gen 3
    qqphone 2.0.0.0 2.0.0.0 2019-06-04 a.gray.fourcobblers 1
    quickheal 14.00 14.00 2019-02-10 Android.FoCobers.A (PUP) 3
    rising 5113 5113 2019-06-03 Found nothing 3
    sophos 4.62 3.16.1 2016-09-20 Andr/Cobbler-A 11
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 1
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2017-03-30 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2019-06-04 Android.M.xkqj 6
    vba 4.0.0 4.0.0 2019-06-04 Monitor.AndroidOS.FoCobers.b 4
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 4
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.UPDATE_DEVICE_STATS更新设备状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
  • 文件信息
    安全评分 :
    基本信息
    MD5:6356ec4b1ea14614836b88c77d4676b0
    包名:com.FourCobblers.Free.PhoneLock
    最低运行环境:Android 2.2.x
    版权:zhonglin
    关键行为
    行为描述:获取TickCount值
    详情信息:TickCount = 246000, SleepMilliseconds = 250.
    进程行为
    行为描述:创建新文件进程
    详情信息:[0x00000a94]ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-NLV0N.tmp\996E.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-NLV0N.tmp\996E.tmp" /SL5="$10338,2194912,415232,C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe"
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp ---> Offset = 65536
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp ---> Offset = 131072
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp ---> Offset = 196608
    C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp ---> Offset = 262144
    行为描述:查找文件
    详情信息:FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-NLV0N.tmp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-NLV0N.tmp\996E.tmp
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    MSCTF.Shared.MUTEX.IJK
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:窗口信息
    详情信息:Pid = 2708, Hwnd=0x10350, Text = 选择安装时使用语言:, ClassName = TNewStaticText.
    Pid = 2708, Hwnd=0x10348, Text = 简体中文, ClassName = TNewComboBox.
    Pid = 2708, Hwnd=0x1034e, Text = 确定, ClassName = TNewButton.
    Pid = 2708, Hwnd=0x1034c, Text = 取消, ClassName = TNewButton.
    Pid = 2708, Hwnd=0x20346, Text = 选择语言, ClassName = TSelectLanguageForm.
    行为描述:获取TickCount值
    详情信息:TickCount = 246000, SleepMilliseconds = 250.
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp(签名验证: 未通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 50.
    [2]: MilliSeconds = 250.
    [3]: MilliSeconds = 250.
    [4]: MilliSeconds = 250.
    [5]: MilliSeconds = 250.
    [6]: MilliSeconds = 250.
    [7]: MilliSeconds = 250.
    [8]: MilliSeconds = 250.
    [9]: MilliSeconds = 250.
    [10]: MilliSeconds = 250.
    行为描述:创建事件对象
    详情信息:EventName = MSCTF.SendReceive.Event.IJK.IC
    EventName = MSCTF.SendReceiveConection.Event.IJK.IC
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\is-NLV0N.tmp\996E.tmp ---> 365019902540f014c67106eb997f8270
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Activities
    活动名类型
    PhoneLockandroid.intent.action.MAIN
    PhoneLockandroid.intent.category.LAUNCHER
    NotesListandroid.intent.action.VIEW
    NotesListandroid.intent.action.EDIT
    NotesListandroid.intent.action.PICK
    NotesListandroid.intent.action.GET_CONTENT
    NotesListandroid.intent.category.DEFAULT
    NoteEditorandroid.intent.action.VIEW
    NoteEditorandroid.intent.action.EDIT
    NoteEditorcom.android.notepad.action.EDIT_NOTE
    NoteEditorandroid.intent.action.INSERT
    NoteEditorandroid.intent.category.DEFAULT
    TitleEditorcom.android.notepad.action.EDIT_TITLE
    TitleEditorandroid.intent.category.DEFAULT
    TitleEditorandroid.intent.category.ALTERNATIVE
    TitleEditorandroid.intent.category.SELECTED_ALTERNATIVE
    NotesLiveFolderandroid.intent.action.CREATE_LIVE_FOLDER
    NotesLiveFolderandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    android/app/NotificationManager;->notify信息通知栏
    ContentResolver;->delete删除短信、联系人
    HttpClient;->execute请求远程服务器
    SmsManager;->sendMultipartTextMessage发送彩信
    WifiManager;->setWifiEnabled变更WIFI状态
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getLine1Number获取手机号
    LocationManager;->getLastKnownLocation获取地址位置
    启动方式
    名称信息
    com.FourCobblers.Free.PhoneLock.DeviceAdminHandle
    com.FourCobblers.Free.PhoneLock.SMSCommandHandle监控短信(收到短信)启动服务
    广告信息
    名称信息
    com.google.adsAdMob
    权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.UPDATE_DEVICE_STATS更新设备状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    Providers
    名字信息
    com.FourCobblers.Free.PhoneLock.NotePadProvider
    文件列表
    文件名 校验码
    res/drawable/alert_dialog_icon.png 0x19977238
    res/drawable/arrow_w.png 0xc502864d
    res/drawable/button.png 0x99a4f90b
    res/drawable/file.png 0x14d1e425
    res/drawable/folder.png 0x71fbfa7e
    res/drawable/lock_phone.png 0xacb59746
    res/drawable/password.png 0x1b95b2a8
    res/drawable/setting.png 0x2e94ec3d
    res/drawable/up.png 0x95f50e62
    res/drawable/widget_bg_normal.png 0x99a4f90b
    res/layout/alert_dialog_buy_paid_version.xml 0x2c236d82
    res/layout/alert_dialog_set_failed_wording.xml 0xa6657843
    res/layout/detail_setting.xml 0xc6cbde81
    res/layout/device_admin_handle.xml 0x60c6d671
    res/layout/file_row.xml 0xee86df83
    res/layout/help.xml 0x80398512
    res/layout/main.xml 0xe4e41e2c
    res/layout/main_ui.xml 0xbd0af10a
    res/layout/note_editor.xml 0x3c6f0009
    res/layout/noteslist_item.xml 0xe1363e75
    res/layout/password.xml 0x83b9568a
    res/layout/protect_other_data.xml 0x57d3d8de
    res/layout/single_list.xml 0x6fd05dbb
    res/layout/sms_remote_command_setting.xml 0xec58b736
    res/layout/title_editor.xml 0x150612c
    res/xml/device_admin_sample.xml 0xe4b68c98
    res/xml/lock_widget_provider.xml 0x7677bd67
    AndroidManifest.xml 0x92c1424d
    resources.arsc 0x9aba0abe
    res/drawable-hdpi/app_notes.png 0x3900c36d
    res/drawable-hdpi-v6/app_notes.png 0xd21749a2
    res/drawable-hdpi-v6/live_folder_notes.png 0xa2fce829
    res/drawable-ldpi-v6/app_notes.png 0xb7ae40cd
    res/drawable-ldpi-v6/live_folder_notes.png 0x3494e641
    res/drawable-mdpi/app_notes.png 0xbab6324e
    res/drawable-mdpi/live_folder_notes.png 0x303c37e
    res/drawable-mdpi-v6/app_notes.png 0x8bd4178b
    res/drawable-mdpi-v6/live_folder_notes.png 0x47a1b402
    classes.dex 0xae87621d
    assembly-descriptor.xml 0xd2a3e682
    META-INF/MANIFEST.MF 0xd645c32f
    META-INF/CERT.SF 0xbf5e4da2
    META-INF/CERT.RSA 0xb393e309
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

 pol

京公网安备 11010802020746号