VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : 钛备份+8.1.0+直装增强版.apk (File not down)
File Size :8057103 byte
File Type :application/jar
MD5:a9d533391b8a600d54cd32e10a834dbf
SHA1:d286bfe99a7b974f7aea36231ea81f972ed888f3
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!        Behavior
    Time: 2018-02-27 20:54:47 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 2
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14933 10.0.1405 2018-02-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 24347 0.97.5 2018-02-25 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2018-02-21 Found nothing 60
    fortinet 1.000, 55.440, 55.353, 55.360 5.4.247 2018-02-27 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.16149 25.16149 2018-02-27 Found nothing 15
    ikarus 4.00.06 V1.32.31.0 2018-02-26 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-12-22 Trojan.AndroidOS.cuaa 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2018-02-26 Found nothing 60
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 6963 3.0.21 2018-02-25 Found nothing 60
    panda 9.05.01 9.05.01 2018-02-26 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-11-18 Found nothing 7
    rising 3273 3273 2017-12-26 Found nothing 4
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2018-02-25 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2018-02-26 Found nothing 15
    vba 3.12.29.5 beta 3.12.29.5 beta 2018-02-26 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_MEDIA_STORAGE
    android.permission.WRITE_MEDIA_STORAGE
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.VIBRATE允许设备震动
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.USE_CREDENTIALS获取认证令牌
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.WRITE_CALL_LOG写入通话记录
    com.android.voicemail.permission.ADD_VOICEMAIL允许添加声音邮件
    com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.ACCESS_SUPERUSER
    android.permission.BROADCAST_SMS收到短信时广播
    android.permission.BROADCAST_WAP_PUSHWAP PUSH广播
  • 文件信息
    安全评分 :
    基本信息
    MD5:a9d533391b8a600d54cd32e10a834dbf
    包名:com.keramidas.TitaniumBackup
    最低运行环境:Android 1.5
    版权:
    关键行为
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x464a78ac, EDX = 0x000000b6
    EAX = 0x464a78f8, EDX = 0x000000b6
    EAX = 0x464a7944, EDX = 0x000000b6
    EAX = 0x48d248cd, EDX = 0x000000b6
    EAX = 0x48d24919, EDX = 0x000000b6
    EAX = 0x48d24965, EDX = 0x000000b6
    EAX = 0x48d249b1, EDX = 0x000000b6
    EAX = 0x48d249fd, EDX = 0x000000b6
    EAX = 0x48d24a49, EDX = 0x000000b6
    EAX = 0x48d24a95, EDX = 0x000000b6
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00010362, DC = 0x0c0101e7.
    Foreground window Info: HWND = 0x0001035c, DC = 0x01010057.
    Foreground window Info: HWND = 0x0001035a, DC = 0x0c0101e7.
    Foreground window Info: HWND = 0x00010350, DC = 0x01010057.
    Foreground window Info: HWND = 0x0001034e, DC = 0x0c0101e7.
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: 城通网盘下载器.exe, InheritedFromPID = 2000, ProcessID = 2716, ThreadID = 2752, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: 城通网盘下载器.exe, InheritedFromPID = 2000, ProcessID = 2716, ThreadID = 2856, StartAddress = 4AEA7456, Parameter = 00000000
    TargetProcess: 城通网盘下载器.exe, InheritedFromPID = 2000, ProcessID = 2716, ThreadID = 2860, StartAddress = 719CD33A, Parameter = 001A7318
    网络行为
    行为描述:建立到一个指定的套接字连接
    详情信息:IP: **.44.145.**:22712, SOCKET = 0x00000140
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x32(BGR 0)
    其他行为
    行为描述:创建互斥体
    详情信息:RasPbFile
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    行为描述:打开互斥体
    详情信息:RasPbFile
    ShimCacheMutex
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceive.Event.IOH.IC
    MSCTF.SendReceiveConection.Event.IOH.IC
    行为描述:窗口信息
    详情信息:Pid = 2716, Hwnd=0x10362, Text = 文件地址:, ClassName = Afx:400000:b:10011:1900015:0.
    Pid = 2716, Hwnd=0x1035e, Text = 获取下载, ClassName = Button.
    Pid = 2716, Hwnd=0x1035c, Text = 例如:https://evalol.ctfile.com/fs/oiR156690553 (下载具体文件的地址,只支持单个文件下载), ClassName = Afx:400000:b:10011:1900015:0.
    Pid = 2716, Hwnd=0x1035a, Text = 电信VIP通道:, ClassName = Afx:400000:b:10011:1900015:0.
    Pid = 2716, Hwnd=0x10356, Text = 下载, ClassName = Button.
    Pid = 2716, Hwnd=0x10354, Text = 下载, ClassName = Button.
    Pid = 2716, Hwnd=0x10350, Text = 联通VIP通道:, ClassName = Afx:400000:b:10011:1900015:0.
    Pid = 2716, Hwnd=0x1034e, Text = 移动VIP通道:, ClassName = Afx:400000:b:10011:1900015:0.
    Pid = 2716, Hwnd=0x1034c, Text = 因网络传输问题,最多只能传两个, ClassName = Edit.
    Pid = 2716, Hwnd=0x1034a, Text = 下载, ClassName = Button.
    Pid = 2716, Hwnd=0x4033e, Text = 城通网盘VIP下载器 v1.0 BY:空丶城 www.52pojie.com, ClassName = WTWindow.
    Pid = 2716, Hwnd=0x10360, Text = 123456, ClassName = Edit.
    Pid = 2716, Hwnd=0x1035e, Text = 27秒后可以使用, ClassName = Button.
    Pid = 2716, Hwnd=0x10358, Text = 123456, ClassName = Edit.
    Pid = 2716, Hwnd=0x10352, Text = 123456, ClassName = Edit.
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00010362, DC = 0x0c0101e7.
    Foreground window Info: HWND = 0x0001035c, DC = 0x01010057.
    Foreground window Info: HWND = 0x0001035a, DC = 0x0c0101e7.
    Foreground window Info: HWND = 0x00010350, DC = 0x01010057.
    Foreground window Info: HWND = 0x0001034e, DC = 0x0c0101e7.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,_EL_ClientSock]
    [Window,Class] = [,_EL_Timer]
    [Window,Class] = [,Comet.Shadow]
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x464a78ac, EDX = 0x000000b6
    EAX = 0x464a78f8, EDX = 0x000000b6
    EAX = 0x464a7944, EDX = 0x000000b6
    EAX = 0x48d248cd, EDX = 0x000000b6
    EAX = 0x48d24919, EDX = 0x000000b6
    EAX = 0x48d24965, EDX = 0x000000b6
    EAX = 0x48d249b1, EDX = 0x000000b6
    EAX = 0x48d249fd, EDX = 0x000000b6
    EAX = 0x48d24a49, EDX = 0x000000b6
    EAX = 0x48d24a95, EDX = 0x000000b6
    Activities
    活动名类型
    .MainActivityandroid.intent.action.MAIN
    .MainActivityandroid.intent.category.LAUNCHER
    .MainActivityandroid.intent.category.MULTIWINDOW_LAUNCHER
    .MyWidgetConfigureandroid.appwidget.action.APPWIDGET_CONFIGURE
    .MyDataProfileWidgetConfigureandroid.appwidget.action.APPWIDGET_CONFIGURE
    .ImportBackupActivityandroid.intent.action.VIEW
    .ImportBackupActivityandroid.intent.category.DEFAULT
    .ImportBackupActivityandroid.intent.category.BROWSABLE
    .cloud.OAuth2ResponseHandlerandroid.intent.action.VIEW
    .cloud.OAuth2ResponseHandlerandroid.intent.category.BROWSABLE
    .cloud.OAuth2ResponseHandlerandroid.intent.category.DEFAULT
    com.dropbox.core.android.AuthActivityandroid.intent.action.VIEW
    com.dropbox.core.android.AuthActivityandroid.intent.category.BROWSABLE
    com.dropbox.core.android.AuthActivityandroid.intent.category.DEFAULT
    .apiBackupRestore.DummyActivityandroid.intent.action.SEND
    .apiBackupRestore.DummyActivityandroid.intent.action.SENDTO
    .apiBackupRestore.DummyActivityandroid.intent.category.DEFAULT
    .apiBackupRestore.DummyActivityandroid.intent.category.BROWSABLE
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    启动方式
    名称信息
    com.keramidas.TitaniumBackup.MyWidget更新应用小部件时启动服务
    com.keramidas.TitaniumBackup.MyDataProfileWidget更新应用小部件时启动服务
    com.keramidas.TitaniumBackup.schedules.BootReceiver开机启动服务
    com.keramidas.TitaniumBackup.schedules.BootReceiver
    com.keramidas.TitaniumBackup.schedules.BootReceiver
    com.keramidas.TitaniumBackup.schedules.BootReceiver
    com.keramidas.TitaniumBackup.PackageEventsReceiver应用安装时启动服务
    com.keramidas.TitaniumBackup.PackageEventsReceiver应用卸载时启动服务
    com.keramidas.TitaniumBackup.PackageEventsReceiver
    o.dj
    com.keramidas.TitaniumBackup.apiBackupRestore.DummyReceiver
    com.keramidas.TitaniumBackup.apiBackupRestore.DummyReceiver
    权限列表
    许可名称信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_MEDIA_STORAGE
    android.permission.WRITE_MEDIA_STORAGE
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.VIBRATE允许设备震动
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.USE_CREDENTIALS获取认证令牌
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.WRITE_CALL_LOG写入通话记录
    com.android.voicemail.permission.ADD_VOICEMAIL允许添加声音邮件
    com.android.voicemail.permission.READ_WRITE_ALL_VOICEMAIL
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.ACCESS_SUPERUSER
    android.permission.BROADCAST_SMS收到短信时广播
    android.permission.BROADCAST_WAP_PUSHWAP PUSH广播
    服务列表
    名称
    o.dv
    o.dg
    o.bT
    com.keramidas.TitaniumBackup.apiBackupRestore.DummyService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xf0f7756f
    META-INF/CERT.SF 0x5e6b0c5e
    META-INF/CERT.RSA 0x4bf25dbd
    A 0xc243e93f
    AndroidManifest.xml 0x80547d8f
    B 0x94591a84
    C 0xc2f5c854
    D 0xbbf4c55f
    E 0x9b90e605
    F 0x2ad8c087
    G 0x9a4a7976
    H 0x10341501
    I 0x3792020f
    J 0xf25e45a3
    K 0xa791556b
    L 0xe90681c7
    M 0x35466d0f
    N 0x27213ea8
    O 0x34d15d91
    P 0x97ca1d3d
    Q 0x5023ed55
    R 0x7f08ce65
    S 0xc51520d0
    T 0xbf819522
    U 0xc34bf350
    V 0x27e8b677
    W 0x5521d266
    X 0xf4c151da
    Y 0x99e4f19
    Z 0xb528f4a1
    a 0x2c09e7a6
    a.xml 0x1876b504
    aA 0x6c6fb0e5
    aB 0x93ee66b8
    aC 0x7ba48f45
    aD 0x79cb1cec
    aE 0x4b26c6bf
    aF 0xf38531df
    aG 0x5e894d48
    aH 0xe7ea70a2
    aI 0x5ae87ffe
    aJ 0xbd7d8bd
    aK 0xeaa91012
    aL 0x2e62619b
    aM 0xa1334c63
    aN 0xb7f4e6e3
    aO 0xbf3ac077
    aP 0x1953b3dc
    aQ 0xd68d2b89
    aR 0x9ad0f781
    aS 0x3cc62dfc
    aT 0xda23dbbd
    aU 0xa769ef80
    aV 0x8030c8bc
    aW 0xd3f12f2
    aX 0xf373fe17
    aY 0xb9446299
    aZ 0x10b7c992
    aa 0x23afdd2d
    ab 0x8854b6aa
    ac 0x6ea8134e
    ad 0x48d00a52
    ae 0x6582161d
    af 0x9b1358b
    ag 0x15f1d27a
    ah 0x18cc8c64
    ai 0xe01a463d
    aj 0xbffa8bc7
    ak 0xf76697a
    al 0x168de6f0
    am 0xa52be2f1
    an 0xc4ecb4
    ao 0xd8cecbcc
    ap 0xa60b82fb
    aq 0x9694bc1
    ar 0x6ce308c1
    as 0x9bdafd3e
    assets/MarketUpdateHelper.apk 0x731b3f2d
    assets/busybox.armeabi 0x326fc899
    assets/busybox.armeabi.pie 0x3b0cab12
    assets/busybox.mips 0xf6f06461
    assets/busybox.mips.pie 0xe9937d3a
    assets/busybox.x86 0x95e1b7d8
    assets/busybox.x86.pie 0xa82bc289
    assets/dexopt-wrapper.armeabi 0x10c55eba
    assets/dexopt-wrapper.armeabi.pie 0x34c0e9e0
    assets/dexopt-wrapper.mips 0x4ba8e2f
    assets/dexopt-wrapper.mips.pie 0x972fab58
    assets/dexopt-wrapper.x86 0xb8d50d77
    assets/dexopt-wrapper.x86.pie 0x572f1b9f
    assets/reboot.armeabi 0xbc3a6539
    assets/reboot.armeabi.pie 0xf6c7f4a5
    assets/reboot.mips 0x42fd8d0e
    assets/reboot.mips.pie 0x69c631c0
    assets/reboot.x86 0x629e83ee
    assets/reboot.x86.pie 0xcc397aeb
    assets/sqlite3.armeabi 0x3bedc65f
    assets/sqlite3.armeabi.pie 0xa5795655
    assets/sqlite3.mips 0xcf764e5b
    assets/sqlite3.mips.pie 0x412de539
    assets/sqlite3.x86 0x2af55b2d
    assets/sqlite3.x86.pie 0xf7f72df3
    assets/update-binary.armeabi 0xdbc73334
    at 0x78f9ff8a
    au 0xa80cbe30
    av 0xce94185
    aw 0x9faef805
    ax 0x3caa2850
    ay 0xaf1c252f
    az 0xb664ba94
    b 0xfe4b4fee
    b.xml 0xe5dd67f3
    bA 0x3df42d9f
    bB 0xaf531790
    bC 0x86d11de6
    bD 0xc4da9745
    bE 0xa9bec63f
    bF 0x2104e9b9
    bG 0xc13dcb62
    bH 0x1c5b88be
    bI 0xf5937ecf
    bJ 0xbe15c3d0
    bK 0xe046a774
    bL 0x4fa55be6
    bM 0xabc5af66
    bN 0x4f6774af
    bO 0x6bf25816
    bP 0xed19f642
    bQ 0x127b8d74
    bR 0xa054b590
    bS 0xbccdc269
    bT 0xa473dcd6
    bU 0x80f58931
    bV 0x6c455a50
    bW 0xb3560fe3
    bX 0xab5d57a3
    bY 0xd2f50cf5
    bZ 0xd8a52762
    ba 0x4a309d18
    bb 0x7c804ba5
    bc 0x8f29c05f
    bd 0xf540c3db
    be.png 0xe6c933d6
    bf 0x72b1d94f
    bg 0x2f734cc7
    bh 0x86ff183f
    bi 0x32f911f9
    bj 0x97e479a7
    bk 0xdf4f5573
    bl 0xfd4624d6
    bm 0xda83958d
    bn 0xc24e7162
    bo 0x95aaca0
    bp 0x4bc6fb1b
    bq 0x48e6a233
    br 0xe64a9a19
    bs 0x2f0b4d8a
    bt 0x5d1cd3d9
    bu 0x72654fc2
    bv 0x275089d8
    bw 0xc0900204
    bx 0xa6e9651c
    by 0xc7bf7050
    bz 0x5bfbb8ef
    c 0x7b76a7db
    c.xml 0xccb1950e
    ca 0x8bc66b40
    cb 0x71372168
    cc 0xbb205dad
    cd 0x97356fad
    ce 0xff599c8
    cf 0xb36ffdb8
    cg 0x4220c909
    ch 0x59b27685
    ci 0x1c3b68df
    classes.dex 0x60bc1aaf
    com/google/api/client/googleapis/google.jks 0xbfb6615b
    d 0xd13c8c66
    d.xml 0x693617ab
    e 0x419cdf2c
    e.xml 0xef0ee749
    f 0xe10793e
    f.xml 0xe886d300
    g 0x9e61299e
    g.xml 0xddf6ee42
    h 0x6aa4c1b1
    h.xml 0xc7825dce
    i 0x4050d28f
    i.xml 0x1b71cab7
    j 0xb12bdbdf
    j.xml 0xd4d216fd
    k 0xaf71df1
    k.xml 0x7d4ca047
    l 0xa1d6bdad
    l.xml 0xdf96b3ff
    lib/arm64-v8a/libtitanium.so 0x48e088b
    lib/armeabi/libtitanium.so 0x8e02cf3d
    lib/mips/libtitanium.so 0x421f6b8c
    lib/x86/libtitanium.so 0x3ebdf321
    m 0xa38c5ca0
    n 0xbc4cad3
    o 0xde2b8fbc
    org/apache/http/entity/mime/version.properties 0x6ef9dd91
    p 0xc8b731bb
    q 0xb9d3bb84
    r 0xf665a11f
    resources.arsc 0x3c3b0410
    s 0xb7bd6bc8
    sdk-version.txt 0x9b9b5aa0
    t 0xf28f04ac
    trusted-certs.raw 0x1e64d4da
    u 0x957495f5
    v 0x304a2c7a
    w 0xe48dde67
    x 0x99508c28
    y 0xd50c6eb1
    z 0xed66bb29
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号