VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :Speech.to.Text.Translator.TTS.FULL.v2.6.3.apk (File not down)
File Size :1955909 byte
File Type :application/jar
MD5:c7bb1fdc522917a7a8934a82ccbde707
SHA1:5fcb3c27306c53e8869187485ae6bd04a6cc6546
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-08-24 23:59:54 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 10
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.8000 25.8000 2016-08-23 Found nothing 11
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 47
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 8
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 6
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 15
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.GET_TOP_ACTIVITY_INFO获取顶层Activity信息
    android.permission.READ_HISTORY_BOOKMARKS
    android.permission.WRITE_HISTORY_BOOKMARKS
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    android.permission.INSTALL_SHORTCUT
    android.permission.UNINSTALL_SHORTCUT
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
  • 文件信息
    安全评分 :
    基本信息
    MD5:c7bb1fdc522917a7a8934a82ccbde707
    包名:com.fsm.speech2text
    最低运行环境:Android 2.3.3, 2.3.4
    版权:Jasi2169 Inc
    关键行为
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000d035e, Text = Npcap 0.08 r8 (beta) Setup , ClassName = #32770.
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsy4C.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\options.ini
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\final.ini
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\System.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\modern-header.bmp
    C:\WINDOWS\wininit.ini
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\System.dll
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nse4E.tmp
    FileName = C:\npcap_install_options.txt
    FileName = C:\Program Files\Npcap\NPFInstall.exe
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nse4E.tmp\*.*
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nse4E.tmp\System.dll.AmBackup1
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsy4C.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\final.ini
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\modern-header.bmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\options.ini
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\System.dll
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp ---> Offset = 32768
    C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp ---> Offset = 65536
    C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp ---> Offset = 72515
    C:\Documents and Settings\Administrator\Local Settings\Temp\nso4D.tmp ---> Offset = 105283
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\options.ini ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\options.ini ---> Offset = 25
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\final.ini ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\final.ini ---> Offset = 63
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\System.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\modern-header.bmp ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\modern-header.bmp ---> Offset = 16384
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\modern-header.bmp ---> Offset = 32768
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\modern-header.bmp ---> Offset = 49152
    C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\modern-header.bmp ---> Offset = 65536
    注册表行为
    行为描述:修改注册表_延迟重命名项
    详情信息:\REGISTRY\MACHINE\SYSTEM\ControlSet002\Control\Session Manager\PendingFileRenameOperations
    其他行为
    行为描述:创建互斥体
    详情信息:oleacc-msaa-loaded
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.MHO
    行为描述:创建事件对象
    详情信息:EventName = Global\userenv: User Profile setup event
    EventName = MSCTF.SendReceive.Event.MHO.IC
    EventName = MSCTF.SendReceiveConection.Event.MHO.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [#32770,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:窗口信息
    详情信息:Pid = 3704, Hwnd=0xb032a, Text = I &Agree, ClassName = Button.
    Pid = 3704, Hwnd=0x503b0, Text = Cancel, ClassName = Button.
    Pid = 3704, Hwnd=0x7037c, Text = Nullsoft Install System v2.51 , ClassName = Static.
    Pid = 3704, Hwnd=0x1702d8, Text = Nullsoft Install System v2.51, ClassName = Static.
    Pid = 3704, Hwnd=0x1d02bc, Text = License Agreement, ClassName = Static.
    Pid = 3704, Hwnd=0x603ac, Text = Please review the license terms before installing Npcap 0.08 r8 (beta)., ClassName = Static.
    Pid = 3704, Hwnd=0x13033a, Text = Press Page Down to see the rest of the agreement., ClassName = Static.
    Pid = 3704, Hwnd=0xe039e, Text = Copyright (c) 2013 - 2016 Insecure.Com LLC ("The Nmap Project"). All rights reserved. We"ve seen some interest from other pr, ClassName = RichEdit20A.
    Pid = 3704, Hwnd=0xb0398, Text = If you accept the terms of the agreement, click I Agree to continue. You must accept the agreement to install Npcap 0.08 r8 (beta, ClassName = Static.
    Pid = 3704, Hwnd=0xd035e, Text = Npcap 0.08 r8 (beta) Setup , ClassName = #32770.
    Pid = 3704, Hwnd=0x40414, Text = 是(&Y), ClassName = Button.
    Pid = 3704, Hwnd=0x20416, Text = 否(&N), ClassName = Button.
    Pid = 3704, Hwnd=0x1041a, Text = Are you sure you want to quit Npcap 0.08 r8 (beta) Setup?, ClassName = Static.
    Pid = 3704, Hwnd=0x403d2, Text = Npcap 0.08 r8 (beta) Setup, ClassName = #32770.
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000d035e, Text = Npcap 0.08 r8 (beta) Setup , ClassName = #32770.
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    _fCanRegisterWithShellService
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000040
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000040
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\System.dll(签名验证: 未通过)
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,Button]
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nse4E.tmp\System.dll ---> 56a321bd011112ec5d8a32b2f6fd3231
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    行为描述:加载新释放的文件
    详情信息:Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nse4E.tmp\System.dll.
    Activities
    活动名类型
    com.fsm.speech2text.MainActivityandroid.intent.action.MAIN
    com.fsm.speech2text.MainActivityandroid.intent.category.LAUNCHER
    io.presage.activities.PresageActivityio.presage.intent.action.LAUNCH_WEBVIEW
    io.presage.activities.PresageActivityandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/HttpURLConnection;->connect连接URL
    HttpClient;->execute请求远程服务器
    DefaultHttpClient;->execute发送HTTP请求
    android/app/NotificationManager;->notify信息通知栏
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    ContentResolver;->query读取联系人、短信等数据库
    启动方式
    名称信息
    io.presage.receivers.BootReceiver开机启动服务
    io.presage.receivers.BootReceiver
    io.presage.receivers.BootReceiver
    com.usage.mmsdk.BootUpReceiver开机启动服务
    com.usage.mmsdk.PackageInstallReceiver开机启动服务
    com.usage.mmsdk.PackageInstallReceiver应用安装时启动服务
    com.usage.mmsdk.PackageInstallReceiver应用卸载时启动服务
    com.usage.mmsdk.PackageInstallReceiver
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.GET_TOP_ACTIVITY_INFO获取顶层Activity信息
    android.permission.READ_HISTORY_BOOKMARKS
    android.permission.WRITE_HISTORY_BOOKMARKS
    com.android.browser.permission.READ_HISTORY_BOOKMARKS读取浏览器书签
    com.android.browser.permission.WRITE_HISTORY_BOOKMARKS写浏览器书签
    android.permission.INSTALL_SHORTCUT
    android.permission.UNINSTALL_SHORTCUT
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    服务列表
    名称
    com.ironsource.mobilcore.MobileCoreReport
    io.presage.services.PresageServiceImp
    com.usage.mmsdk.MonitoringAppsService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x8511c20e
    META-INF/CERT.SF 0xc5a02ef6
    META-INF/CERT.RSA 0x38222f82
    AndroidManifest.xml 0x8d23cd1f
    classes.dex 0xd13fd845
    com/ironsource/mobilcore/fallback/preloader.zip 0x41d29a52
    drawable-hdpi.zip 0xb9f0521a
    drawable-ldpi.zip 0xfccd5a10
    drawable-mdpi.zip 0x58336324
    drawable-xhdpi.zip 0xd1942c6d
    drawable-xxhdpi.zip 0xdd42bed7
    drawable.zip 0xd198b9a7
    res/drawable-hdpi-v4/add.png 0x901c7e08
    res/drawable-hdpi-v4/document.png 0x456fb49a
    res/drawable-hdpi-v4/document_gray.png 0xc8fc0794
    res/drawable-hdpi-v4/folder.png 0x1d0dec8
    res/drawable-hdpi-v4/ic_launcher.png 0x46a371c5
    res/drawable-hdpi-v4/no.png 0xd9bd7f34
    res/drawable-hdpi-v4/tick.png 0xba1b298d
    res/drawable-ldpi-v4/add.png 0x121825c5
    res/drawable-ldpi-v4/document.png 0x8ae50a16
    res/drawable-ldpi-v4/document_gray.png 0x634a4d80
    res/drawable-ldpi-v4/folder.png 0xbcac949d
    res/drawable-ldpi-v4/ic_launcher.png 0x8ef78580
    res/drawable-ldpi-v4/no.png 0x3a6ae20e
    res/drawable-ldpi-v4/tick.png 0x8a3b2173
    res/drawable-mdpi-v4/add.png 0x121825c5
    res/drawable-mdpi-v4/document.png 0x8ae50a16
    res/drawable-mdpi-v4/document_gray.png 0x634a4d80
    res/drawable-mdpi-v4/folder.png 0xbcac949d
    res/drawable-mdpi-v4/ic_launcher.png 0xda8094fa
    res/drawable-mdpi-v4/no.png 0x3a6ae20e
    res/drawable-mdpi-v4/tick.png 0x8a3b2173
    res/drawable-xhdpi-v4/ic_launcher.png 0xd0d96c72
    res/drawable-xxhdpi-v4/ic_launcher.png 0x902d1ecb
    res/drawable-xxhdpi-v4/tablet.xml 0xef1a3265
    res/drawable/background_active.xml 0x40d2f96a
    res/drawable/background_passive.xml 0x6efd6ab3
    res/drawable/button_drawable.xml 0x4104c1f5
    res/drawable/button_hover.xml 0xf27c4812
    res/drawable/button_selector.xml 0xe0a83aae
    res/drawable/button_shape.xml 0x8ffd2f4b
    res/drawable/clear_icon.png 0x9483f5c5
    res/drawable/copy_icon.png 0x8204c1b4
    res/drawable/drawable.rar 0xbdfff5c8
    res/drawable/edit_text_border.xml 0x4ad51c57
    res/drawable/gray_circle.xml 0x93c7c46d
    res/drawable/listen_icon.png 0xb415b46f
    res/drawable/paste_icon.png 0x45171d63
    res/drawable/portable_piano_design.png 0xfc9f3f86
    res/drawable/portable_piano_design_tr.png 0xaa41b645
    res/drawable/results_drawable.xml 0xfceedd27
    res/drawable/send_icon.png 0x1afaa7cd
    res/drawable/speak_icon.png 0xce57e3d8
    res/drawable/speak_icon1.png 0x5a0ebc90
    res/drawable/speech2text360.png 0x4a124777
    res/drawable/suggestion_list_drawable.xml 0x4104c1f5
    res/drawable/swap_icon.png 0x5201f520
    res/drawable/tablet.xml 0x3b7e9adc
    res/drawable/web_search_icon.png 0x6ed1c05c
    res/layout/activity_directory_chooser.xml 0xe4c6c12e
    res/layout/activity_license.xml 0xd8b7c72b
    res/layout/activity_main.xml 0xa90bef88
    res/layout/activity_main_full.xml 0x2435f2a9
    res/layout/activity_settings.xml 0xd540759c
    res/layout/daidalos_file_chooser.xml 0xc7f25979
    res/layout/daidalos_file_item.xml 0x14c1ff3d
    res/layout/example_layout.xml 0xb4be1ca0
    res/layout/filename_dialog.xml 0x8844d0a
    res/layout/list_item_mc_nativead_with_banner.xml 0x64419a29
    res/layout/list_item_mc_nativead_with_desc.xml 0x56083e18
    res/layout/list_item_type_a.xml 0x5302f466
    res/layout/list_item_type_b.xml 0x38dd940e
    res/layout/offerwall_list_item.xml 0x22def0cd
    res/layout/piano_ad.xml 0x75ed8236
    res/layout/results_layout.xml 0x1c0d603c
    res/layout/results_view.xml 0x14683624
    res/layout/spinner_item.xml 0xf190cc83
    res/layout/splash_screen.xml 0xd9009abe
    res/layout/word.xml 0x7ba624d2
    res/menu/main.xml 0xb8c9f502
    res/xml/pref_general.xml 0x624cc00d
    res/xml/pref_headers.xml 0x50ea007d
    res/xml/pref_license.xml 0xa898bfa4
    res/xml/pref_license_header.xml 0xd821836d
    resources.arsc 0x3496f4a5
    resources.zip 0xd200de2b
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号