VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :tv1024.apk (File not down)
File Size :1167366 byte
File Type :application/jar
MD5:ffd2b50d2f145224b728181d45312de4
SHA1:33a9188045595fd9cdb5f6a6d96b56d50c6ce8e5
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-10-25 02:00:14 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4025 25.4025 2015-10-23 Found nothing 10
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Backdoor/AndroidOS.apik 43
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 10
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 9
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.STORAGE
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.google.android.c2dm.permission.RECEIVE
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.VIBRATE允许设备震动
  • 文件信息
    安全评分 :
    基本信息
    MD5:ffd2b50d2f145224b728181d45312de4
    包名:com.tv1024
    最低运行环境:Android 4.1, 4.1.1
    版权:Android
    关键行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.AEF..MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.B.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.C.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.D.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.E.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.F.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.G.MHFHH
    MSCTF.Shared.SFM.AEF
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,CoreForms20.Label]
    [Window,Class] = [,CoreForms20.Control]
    [Window,Class] = [Settings,CoreForms20.Button]
    [Window,Class] = [Save Log,CoreForms20.Label]
    行为描述:设置线程上下文
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.067360.exe
    C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.074382.exe
    行为描述:按名称获取主机地址
    详情信息:wpad.
    219.133.40.1
    files.surfright.nl
    进程行为
    行为描述:设置线程上下文
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.067360.exe
    C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.074382.exe
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:写权限映射文件
    详情信息:CiceroSharedMemDefaultS-*
    MSCTF.MarshalInterface.FileMap.AEF..MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.B.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.C.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.D.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.E.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.F.MHFHH
    MSCTF.MarshalInterface.FileMap.AEF.G.MHFHH
    MSCTF.Shared.SFM.AEF
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings\All Users\Application Data\HitmanPro\Customize.bin
    FileName = C:\Documents and Settings\All Users\Application Data\HitmanPro\Quarantine\quarantine.xml
    FileName = C:\Documents and Settings\All Users\Application Data\HitmanPro\HitmanPro.lic
    网络行为
    行为描述:发送一个已连接的套接字数据
    详情信息:SOCKET = 0x00000614, TotalSize = 83, Offset = 0, ReadSize = 83.
    SOCKET = 0x000005ec, TotalSize = 1, Offset = 0, ReadSize = 1.
    行为描述:建立到一个指定的套接字连接
    详情信息:110.110.110.110:80
    127.0.0.1:1032
    127.0.0.1:1033
    127.0.0.1:1034
    127.0.0.1:1035
    127.0.0.1:1036
    127.0.0.1:1038
    行为描述:按名称获取主机地址
    详情信息:wpad.
    219.133.40.1
    files.surfright.nl
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\MACHINE\SOFTWARE\HitmanPro\UID
    \REGISTRY\MACHINE\SOFTWARE\HitmanPro\EULA36
    行为描述:删除注册表键值
    详情信息:\REGISTRY\MACHINE\SOFTWARE\HitmanPro\BannerID
    \REGISTRY\MACHINE\SOFTWARE\HitmanPro\BannerURL
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    RasPbFile
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.AEF
    行为描述:内联HOOK
    详情信息:C:\WINDOWS\system32\WS2_32.dll--->GetAddrInfoW Offset = 0x0
    C:\WINDOWS\system32\kernel32.dll--->LoadLibraryW Offset = 0x0
    行为描述:样本控制台输出内容
    详情信息:N/A
    行为描述:窗口信息
    详情信息:Pid = 1476, Hwnd=0x202a6, Text = Next , ClassName = CoreForms20.Button.
    Pid = 1476, Hwnd=0x202a8, Text = Close, ClassName = CoreForms20.Button.
    Pid = 1476, Hwnd=0x202cc, Text = Buy Now, ClassName = CoreForms20.Button.
    Pid = 1476, Hwnd=0x202b4, Text = Settings, ClassName = CoreForms20.Button.
    Pid = 1476, Hwnd=0x302bc, Text = Save Log, ClassName = CoreForms20.Label.
    Pid = 1476, Hwnd=0x202c8, Text = Automatic update, ClassName = CoreForms20.Label.
    Pid = 1476, Hwnd=0x202c6, Text = Failed to see whether a new version is available., ClassName = CoreForms20.Label.
    Pid = 1476, Hwnd=0x202a2, Text = HitmanPro 3.7.7 - Build 205, ClassName = CoreForms20.Control.
    Pid = 1476, Hwnd=0x202a6, Text = Next, ClassName = CoreForms20.Button.
    Pid = 1476, Hwnd=0x702c0, Text = End user license agreement, ClassName = CoreForms20.Label.
    Pid = 1476, Hwnd=0x502ce, Text = You must accept the end user license agreement in order to run this program., ClassName = CoreForms20.Label.
    Pid = 1476, Hwnd=0x302b6, Text = I accept the terms of the license agreement, ClassName = CoreForms20.Button.
    Pid = 1476, Hwnd=0x202d0, Text = SURFRIGHT SOFTWARE LICENSE TERMS 1.1 HitmanPro These license terms are an agreement between SurfRight B.V. (or based on where y, ClassName = CoreForms20.RichTextBox.
    Pid = 1476, Hwnd=0x160142, Text = Setup, ClassName = CoreForms20.Label.
    Pid = 1476, Hwnd=0x3015a, Text = Would you like to store a copy of the HitmanPro program file on this computer?, ClassName = CoreForms20.Label.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,CoreForms20.Label]
    [Window,Class] = [,CoreForms20.Control]
    [Window,Class] = [Settings,CoreForms20.Button]
    [Window,Class] = [Save Log,CoreForms20.Label]
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    动态列表行为
    行为描述:窗口信息
    详情信息:{"text": "系统", "class": "android.widget.TextView"}
    {"text": "网路未连接", "class": "android.widget.TextView"}
    {"text": "确认", "class": "android.widget.Button"}
    行为描述:添加View
    详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41551d08', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#1820002 pfl=0x8 fmt=-2 wanim=0x1030290}', u'android.view.CompatibilityInfoHolder@414af8a0']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414ee028', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x103028f}', u'android.view.CompatibilityInfoHolder@414af8a0']
    [u'com.android.internal.policy.impl.PhoneWindow$DecorView@41c52a98', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#1820002 pfl=0x8 fmt=-2 wanim=0x1030290}', u'android.view.CompatibilityInfoHolder@414af8a0']
    行为描述:获取网络状态信息[*]
    详情信息:NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
    行为描述:写入文件
    详情信息:path:/data/data/com.tv1024/shared_prefs/firm.xml length:135
    Activities
    活动名类型
    com.uicity.activity.MainActivityandroid.intent.action.MAIN
    com.uicity.activity.MainActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    android/app/NotificationManager;->notify信息通知栏
    ContentResolver;->query读取联系人、短信等数据库
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    HttpClient;->execute请求远程服务器
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.STORAGE
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.google.android.c2dm.permission.RECEIVE
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.VIBRATE允许设备震动
    文件列表
    文件名 校验码
    res/layout/activity_main.xml 0xf860f6a3
    AndroidManifest.xml 0x2f65d731
    resources.arsc 0xe330890b
    res/drawable-hdpi/android_12bg.png 0x3515a0ff
    res/drawable-hdpi/android_13bg.png 0x540e5d12
    res/drawable-hdpi/android_bar.png 0xa0f5534a
    res/drawable-hdpi/android_bg01.jpg 0xa5f3f0b9
    res/drawable-hdpi/android_bg02.jpg 0xa5f3f0b9
    res/drawable-hdpi/android_bg02_1.jpg 0xedd1764d
    res/drawable-hdpi/android_bg02_15.jpg 0xb9d07bf2
    res/drawable-hdpi/android_bg02_18.jpg 0xbeb56710
    res/drawable-hdpi/android_bg03_s.png 0x9b0cd5f8
    res/drawable-hdpi/android_bg04.png 0xe7c44eec
    res/drawable-hdpi/android_bg05.png 0x47604703
    res/drawable-hdpi/android_bg06.png 0x7600aa97
    res/drawable-hdpi/android_bg07.png 0x260a20a2
    res/drawable-hdpi/android_bg08_s.png 0x5546bd8b
    res/drawable-hdpi/android_bg09_s.png 0x8939ede8
    res/drawable-hdpi/android_bg10.png 0xcd33a740
    res/drawable-hdpi/android_bg11.png 0x7d927dd9
    res/drawable-hdpi/android_bg11_s.png 0xafc49666
    res/drawable-hdpi/android_bg12.png 0x38849fc0
    res/drawable-hdpi/android_bg12_s.png 0x1d904056
    res/drawable-hdpi/android_button01.png 0x4bf3b75d
    res/drawable-hdpi/android_button01_press.png 0x982fe53d
    res/drawable-hdpi/android_button02.png 0x8653b9aa
    res/drawable-hdpi/android_button02_press.png 0x3987510c
    res/drawable-hdpi/android_button03.png 0x87b32633
    res/drawable-hdpi/android_button03_prerss.png 0x7a56e064
    res/drawable-hdpi/android_button04.png 0x69d1021f
    res/drawable-hdpi/android_button04_prerss.png 0xcadcada1
    res/drawable-hdpi/android_button05.png 0x8346d186
    res/drawable-hdpi/android_button05_prerss.png 0x7f6cf8f
    res/drawable-hdpi/android_button06.png 0x243a767
    res/drawable-hdpi/android_button06_prerss.png 0x15a76266
    res/drawable-hdpi/android_button07.png 0x4e9f7c34
    res/drawable-hdpi/android_button07_press.png 0xf2d4715e
    res/drawable-hdpi/android_button08.png 0x95e5de13
    res/drawable-hdpi/android_button08_press.png 0x915ca6c6
    res/drawable-hdpi/android_button09.png 0x200cc5a3
    res/drawable-hdpi/android_button09_press.png 0xcc38bb19
    res/drawable-hdpi/android_button10.png 0x9139b02d
    res/drawable-hdpi/android_button10_off.png 0x4bb8d408
    res/drawable-hdpi/android_button10_on.png 0x7ee82b03
    res/drawable-hdpi/android_button10_press.png 0x7e59da5f
    res/drawable-hdpi/android_button15.png 0x6623a32f
    res/drawable-hdpi/android_button16.png 0xd4b7bcd0
    res/drawable-hdpi/android_button16_press.png 0x50975050
    res/drawable-hdpi/android_button17.png 0xa27d2b25
    res/drawable-hdpi/android_button17_press.png 0x182392fb
    res/drawable-hdpi/android_button18.png 0xe795e6dd
    res/drawable-hdpi/android_button18_press.png 0xf1f4b91d
    res/drawable-hdpi/android_button_home.jpg 0xa855e396
    res/drawable-hdpi/android_button_home_press.jpg 0x22acd84c
    res/drawable-hdpi/android_cell01.png 0x84ffed57
    res/drawable-hdpi/android_cell02.png 0x16d91f8c
    res/drawable-hdpi/android_cell03.png 0x84ffed57
    res/drawable-hdpi/android_cell04.png 0x84ffed57
    res/drawable-hdpi/android_cell05.png 0x84ffed57
    res/drawable-hdpi/android_cell06.png 0x8ae358f6
    res/drawable-hdpi/android_cell08_1.png 0x7fc65dfa
    res/drawable-hdpi/android_cell08_2.png 0x7fc65dfa
    res/drawable-hdpi/android_cell08_3.png 0x7fc65dfa
    res/drawable-hdpi/android_cell09_1.png 0xd62fe901
    res/drawable-hdpi/android_cell09_2.png 0xd62fe901
    res/drawable-hdpi/android_cell09_3.png 0xd62fe901
    res/drawable-hdpi/android_channel.jpg 0x9c842cf3
    res/drawable-hdpi/android_channel_press.jpg 0xe68a1473
    res/drawable-hdpi/android_check_box.png 0xc2d5e7bd
    res/drawable-hdpi/android_check_box2.png 0x69c68920
    res/drawable-hdpi/android_check_box2_ok.png 0x9e607022
    res/drawable-hdpi/android_check_box_ok.png 0xfc6341c
    res/drawable-hdpi/android_favorite.png 0xc3bd3ebe
    res/drawable-hdpi/android_favorite_press.png 0x53c44cea
    res/drawable-hdpi/android_icon01.png 0xb7ce7c0a
    res/drawable-hdpi/android_icon02.png 0xa422eee
    res/drawable-hdpi/android_icon02_press.png 0xa422eee
    res/drawable-hdpi/android_icon03.png 0x9e7ce36c
    res/drawable-hdpi/android_icon03_press.png 0x2f849ec4
    res/drawable-hdpi/android_icon04.png 0x80d5919a
    res/drawable-hdpi/android_icon04_press.png 0x10a907b9
    res/drawable-hdpi/android_icon05.png 0xc9467b7a
    res/drawable-hdpi/android_icon05_press.png 0x5f11229
    res/drawable-hdpi/android_icon06.png 0xbb4fc65a
    res/drawable-hdpi/android_icon06_press.png 0x6eedcf7c
    res/drawable-hdpi/android_icon07.png 0x7ebf3de9
    res/drawable-hdpi/android_icon07_press.png 0xf07c9989
    res/drawable-hdpi/android_icon08.png 0xc405e83b
    res/drawable-hdpi/android_icon08_press.png 0x92d60bb7
    res/drawable-hdpi/android_icon09.png 0xd7561465
    res/drawable-hdpi/android_icon10.png 0xa37ce01f
    res/drawable-hdpi/android_icon11.png 0x32f68a6a
    res/drawable-hdpi/android_icon_press.png 0xbdb094d4
    res/drawable-hdpi/android_logo.png 0x8b1a8419
    res/drawable-hdpi/android_menubutton.png 0xc58598fe
    res/drawable-hdpi/android_menubutton_press.png 0x1f88e63a
    res/drawable-hdpi/android_menuicon13.png 0x46b4aac5
    res/drawable-hdpi/android_play_button.png 0x1953a66a
    res/drawable-hdpi/android_searchbar.jpg 0x4697ce57
    res/drawable-hdpi/android_vedio_bg.jpg 0x5333d9b9
    res/drawable-hdpi/bg_5341_andriod_tabbar.jpg 0x1c3d6459
    res/drawable-hdpi/bg_5341_angriod_navigationbar.jpg 0xad093734
    res/drawable-hdpi/game_05.png 0x4634f81f
    res/drawable-hdpi/game_icon.png 0xda3899b1
    res/drawable-hdpi/ic_launcher.png 0xf248df62
    res/drawable-hdpi/icon_512x512r.png 0xe1aef3db
    res/drawable-hdpi/playicon.png 0x88084c44
    res/drawable-hdpi/search_bg_input.png 0xefed8f4f
    res/drawable-mdpi/ic_launcher.png 0x6a84dfd9
    res/drawable-xhdpi/ic_launcher.png 0xa227fc8a
    res/drawable-xxhdpi/ic_launcher.png 0x2a4a99d1
    classes.dex 0xc908074
    META-INF/MANIFEST.MF 0x5174afe
    META-INF/CERT.SF 0x43d89229
    META-INF/CERT.RSA 0xcfbc9eb6
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号