VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : Ting音乐1.1.apk (File not down)
File Size :2285465 byte
File Type :application/zip
MD5:9f71ae5cd4db84120c966bab63167105
SHA1:37c850def135e73ccb884ab5082bd1ac1c52ad32
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!        Behavior
    Time: 2018-02-25 09:19:56 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 2
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14925 10.0.1405 2018-02-23 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 24344 0.97.5 2018-02-24 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2018-02-21 Found nothing 60
    fortinet 1.000, 55.401, 55.353, 55.360 5.4.247 2018-02-25 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.16132 25.16132 2018-02-25 Found nothing 14
    ikarus 4.00.06 V1.32.31.0 2018-02-24 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-12-22 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2018-02-24 Found nothing 11
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 6954 3.0.21 2018-02-23 Found nothing 60
    panda 9.05.01 9.05.01 2018-02-24 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-11-18 Android.Styricka.GEN6254 3
    rising 3265 3265 2017-12-26 Found nothing 2
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2018-02-19 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2018-02-24 Found nothing 14
    vba 3.12.29.5 beta 3.12.29.5 beta 2018-02-23 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    ACCESS_WIFI_STATE
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.INTERNET连接网络(2G或3G)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
  • 文件信息
    安全评分 :
    基本信息
    MD5:9f71ae5cd4db84120c966bab63167105
    包名:com.yilongmusic
    最低运行环境:Android 2.2.x
    版权:zilong
    关键行为
    行为描述:跨进程写入数据
    详情信息:TargetProcess = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe, WriteAddress = 0x00150000, Size = 0x00000020 TargetPID = 0x00000830
    TargetProcess = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe, WriteAddress = 0x00150020, Size = 0x00000034 TargetPID = 0x00000830
    TargetProcess = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe, WriteAddress = 0x7ffdf238, Size = 0x00000004 TargetPID = 0x00000830
    行为描述:设置特殊文件夹属性
    详情信息:C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
    C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies
    C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x0701095d.
    进程行为
    行为描述:跨进程写入数据
    详情信息:TargetProcess = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe, WriteAddress = 0x00150000, Size = 0x00000020 TargetPID = 0x00000830
    TargetProcess = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe, WriteAddress = 0x00150020, Size = 0x00000034 TargetPID = 0x00000830
    TargetProcess = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe, WriteAddress = 0x7ffdf238, Size = 0x00000004 TargetPID = 0x00000830
    行为描述:创建新文件进程
    详情信息:[0x00000830]ImagePath = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe, CmdLine = "C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe"
    文件行为
    行为描述:创建文件
    详情信息:C:\Users\Administrator\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_163296
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\select.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\sqlite3.dll
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\unicodedata.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\user-7304092.exe
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\w9xpopen.exe
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32crypt.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32pipe.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32wnet.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_ctypes.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_hashlib.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_socket.pyd
    行为描述:创建可执行文件
    详情信息:C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\select.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\sqlite3.dll
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\unicodedata.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\user-7304092.exe
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\w9xpopen.exe
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32crypt.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32pipe.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32wnet.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_ctypes.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_hashlib.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_socket.pyd
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_sqlite3.pyd
    行为描述:查找文件
    详情信息:FileName = C:\Users\Administrator\AppData\Local\%temp%\b70c.exe
    FileName = C:\Users
    FileName = C:\Users\ADMINI~1
    FileName = C:\Users\ADMINI~1\AppData
    FileName = C:\Users\ADMINI~1\AppData\Local
    FileName = C:\Users\ADMINI~1\AppData\Local\Temp
    FileName = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0
    FileName = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe
    FileName = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\*.*
    FileName = C:\Windows
    FileName = C:\Windows\WinSxS
    FileName = C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\MSVCR90.dll
    FileName = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\library.zip
    FileName = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\library.zip\sqlite3
    FileName = C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\library.zip\requests
    行为描述:删除文件
    详情信息:C:\Users\Administrator\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_163296
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\bz2.pyd
    行为描述:设置特殊文件夹属性
    详情信息:C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
    C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies
    C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5
    行为描述:修改文件内容
    详情信息:C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd ---> Offset = 0
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd ---> Offset = 65536
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd ---> Offset = 136704
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd ---> Offset = 143872
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll ---> Offset = 0
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll ---> Offset = 65536
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll ---> Offset = 131072
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll ---> Offset = 196608
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll ---> Offset = 262144
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll ---> Offset = 0
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll ---> Offset = 48640
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll ---> Offset = 49664
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll ---> Offset = 72960
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll ---> Offset = 73728
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\select.pyd ---> Offset = 0
    网络行为
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: ap****et, IP: **.133.40.**:128, SOCKET = 0x00000258
    行为描述:发送HTTP包
    详情信息:GET / HTTP/1.1 Host: ap****et Connection: keep-alive Accept-Encoding: gzip, deflate Accept: */* User-Agent: python-requests/2.18.4
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: ::1
    GetAddrInfoW: ap****et
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Nqzvavfgengbe\NccQngn\Ybpny\Grzc\EneFSK0\znva.rkr
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\zbavgbe\DD.rkr
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42\CheckSetting
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
    其他行为
    行为描述:检测自身是否被调试
    详情信息:IsDebuggerPresent
    行为描述:创建互斥体
    详情信息:Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [&Обзор...,Button]
    [Window,Class] = [C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0,ComboBox]
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [EDIT,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    行为描述:启动系统服务
    详情信息:[服务启动成功]: LocalSystem, Program Compatibility Assistant Service, C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    [服务启动失败]: LocalSystem, Program Compatibility Assistant Service, C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    行为描述:窗口信息
    详情信息:Pid = 2096, Hwnd=0x101e2, Text = 确定, ClassName = Button.
    Pid = 2096, Hwnd=0x101e4, Text = See the logfile "C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe.log" for details, ClassName = Static.
    Pid = 2096, Hwnd=0x301e0, Text = Errors occurred, ClassName = #32770.
    行为描述:调整进程token权限
    详情信息:SE_SHUTDOWN_PRIVILEGE
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    \KernelObjects\MaximumCommitCondition
    Local\MSCTF.CtfActivated.Default1
    Local\MSCTF.AsmCacheReady.Default1
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    Global\SC_AutoStartComplete
    Global\SvcctrlStartEvent_A3752DX
    {A1965210-3A9D-4bca-822B-433645B3F5A2}
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00000000, DC = 0x0701095d.
    行为描述:可执行文件签名信息
    详情信息:C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\select.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\sqlite3.dll(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\unicodedata.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\user-7304092.exe(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32crypt.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\w9xpopen.exe(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32pipe.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32wnet.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_ctypes.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_hashlib.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_socket.pyd(签名验证: 未通过)
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_sqlite3.pyd(签名验证: 未通过)
    行为描述:可执行文件MD5
    详情信息:C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pyexpat.pyd ---> 6ab0907cb39324f03769092dd45caa80
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\python27.dll ---> 88f983654fdf6f6dba068b5fc95dfc28
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\unicodedata.pyd ---> cfa3517e25c37e808af38fbeaf7f456e
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\sqlite3.dll ---> 09c376407c4874290d9a927c111468b0
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\select.pyd ---> bdc7b944b9319f9708af1949b42bae4b
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\pywintypes27.dll ---> eb9a35afb94a2620e8de79f79235da54
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\user-7304092.exe ---> 文件过大!
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\w9xpopen.exe ---> 9747c92912cb0c4c36dadb74351195b7
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32crypt.pyd ---> a528921f528a2d20e6e0fd944a212b0d
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32pipe.pyd ---> d30ff89ba69f6d6a9180dc9381c21dc8
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\win32wnet.pyd ---> 8d67066ea6fd7e15a0e98add306bdf12
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_ctypes.pyd ---> f1134b690b2dc0e6aa0f31be1ed9b05f
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_hashlib.pyd ---> 24c2f70ff5c6eaddb995f2cbb4bc4890
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_socket.pyd ---> a9cc2ff4f9cb6f6f297c598e9f541564
    C:\Users\Administrator\AppData\Local\Temp\RarSFX0\_sqlite3.pyd ---> cf6e48afbad2a930775723387080d2c3
    行为描述:打开互斥体
    详情信息:DefaultTabtip-MainUI
    Local\MSCTF.Asm.MutexDefault1
    Local\_!MSFTHISTORY!_
    Local\c:!users!administrator!appdata!local!microsoft!windows!temporary internet files!content.ie5!
    Local\c:!users!administrator!appdata!roaming!microsoft!windows!cookies!
    Local\c:!users!administrator!appdata!local!microsoft!windows!history!history.ie5!
    行为描述:加载新释放的文件
    详情信息:Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\main.exe.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\python27.dll.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\_sqlite3.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\sqlite3.dll.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\win32crypt.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\pywintypes27.dll.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\_socket.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\_ssl.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\_hashlib.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\select.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\_ctypes.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\unicodedata.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\bz2.pyd.
    Image: C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\PIL._imaging.pyd.
    Activities
    活动名类型
    com.e4a.runtime.android.StartActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.StartActivityandroid.intent.category.DEFAULT
    com.e4a.runtime.android.StartActivityandroid.intent.category.LAUNCHER
    com.e4a.runtime.android.mainActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.mainActivityandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    android/app/NotificationManager;->notify信息通知栏
    ContentResolver;->query读取联系人、短信等数据库
    启动方式
    名称信息
    com.e4a.runtime.android.BootBroadcastReceiver开机启动服务
    权限列表
    许可名称信息
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    ACCESS_WIFI_STATE
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.INTERNET连接网络(2G或3G)
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x566074c1
    META-INF/XXZS.SF 0x9f9eaad0
    META-INF/XXZS.RSA 0x3e2f58d9
    assets/1490767346783.png 0x224d04b9
    assets/IMG_20171023_094917.jpg 0xcf4bbe84
    assets/close_white.png 0x9f26a912
    assets/gd.png 0xeb5b1fdc
    assets/ic_arrow_left.png 0x60d0c0f
    assets/ic_arrow_right.png 0x2597eb72
    assets/ic_delete.png 0xb8d17495
    assets/ic_dns.png 0xb24272a5
    assets/ic_menu_white_24dp.png 0xc6d08cba
    assets/ic_music_circle1.png 0xe8cf6f99
    assets/ic_pause.png 0xeeb4db46
    assets/ic_skip_next.png 0x6c420110
    assets/ic_skip_previous.png 0x75cad87c
    assets/ic_stop.png 0xd4ed4c55
    assets/img_iapp.png 0x1139a57f
    assets/shang.png 0x11c1c212
    assets/sz.png 0xdd7dbd34
    assets/xl.png 0x378f54d
    assets/xz.png 0x624dfcf2
    res/anim/dialog_scale_in.xml 0xd1205a18
    res/anim/dialog_scale_out.xml 0xe4110112
    res/anim/error_frame_in.xml 0x6dfac1ce
    res/anim/error_x_in.xml 0x75ae2b72
    res/anim/success_bow_roate.xml 0x868ab202
    res/anim/success_mask_layout.xml 0x803af484
    res/drawable/b.png 0x17b8a94e
    res/drawable/blue_button_background.xml 0x667588f4
    res/drawable/detail_bg.9.png 0x5c0da98a
    res/drawable/dialog_background.xml 0x4fd129b
    res/drawable/down_ico.png 0xff0f1830
    res/drawable/e4alistview_new_message.png 0x1cdc5409
    res/drawable/error_center_x.xml 0x1381f6c6
    res/drawable/error_circle.xml 0x4f7dd542
    res/drawable/gray_button_background.xml 0x49ead617
    res/drawable/icon.png 0xfdee7e2f
    res/drawable/item_bg.9.png 0x4167de71
    res/drawable/item_text_bg.9.png 0x5c0da98a
    res/drawable/red_button_background.xml 0x8b2a8fda
    res/drawable/success_bow.xml 0x6cb0041
    res/drawable/success_circle.xml 0x8889b17f
    res/drawable/warning_circle.xml 0x95a6aa47
    res/drawable/warning_sigh.xml 0xd0915a0
    res/layout/alert_dialog.xml 0x29b3cef1
    res/layout/detail.xml 0x2bbd9846
    resources.arsc 0xd0d49d2f
    res/drawable-hdpi/custom_img.jpg 0x5180fa2a
    AndroidManifest.xml 0xa9ebd424
    assets/icon/image_have_icon_x_id_file_png.png 0x3f5168dc
    assets/icon/image_icon_constructor_encrypted.png 0x453dd15b
    assets/ijiami.ajm 0xd358ae7f
    assets/ijm_lib/armeabi/libexec.so 0xb8967c15
    assets/ijm_lib/armeabi/libexecmain.so 0xfb0cafea
    assets/ijm_lib/x86/libexec.so 0xa357d30c
    assets/ijm_lib/x86/libexecmain.so 0xae91a5d1
    assets/images/icon_titl_last_encrypted.png 0x495d7529
    classes.dex 0xd500ae95
    lib/armeabi/libexecmain.so 0x5a1d3fa0
    assets/signed.bin 0x847dd01c
    assets/af.bin 0xc01ec21e
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号