VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name :大牛助手1.3.3 VIP破解版.apk (File not down)
File Size :10048166 byte
File Type :application/zip
MD5:294a9487e14167322fa5deb2dcf5a015
SHA1:7e0d951fc8896560d3107e200dadceb209fa8536
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2018-09-14 23:04:16 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 AVL SDK 2.0 2018-05-1 Found nothing 6
    avast 18.4.3895.0 18.4.3895.0 2018-09-14 Found nothing 21
    avg 10.0.1405 10.0.1405 2018-09-14 Found nothing 1
    baidu 2.0.1.0 4.1.3.52192 2018-06-20 Found nothing 3
    baidusd 1.0 1.0 2018-06-21 Found nothing 60
    bitdefender 7.141118 7.141118 2018-09-14 Found nothing 10
    clamav 24925 0.97.5 2018-09-12 Found nothing 4
    drweb 5.0.2.3300 5.0.1.1 2018-09-06 Found nothing 58
    emsisoft 9.0.0.4799 9.0.0.4799 2018-06-21 Found nothing 6
    fortinet 5.4.247 2018-09-14 Found nothing 14
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 2
    fsecure 2015-08-01-02 9.13 2018-09-14 Found nothing 16
    gdata 25.18492 25.18492 2018-09-14 Found nothing 5
    ikarus 4.00.09 V1.32.39.0 2018-09-13 Found nothing 1
    jiangmin 16.0.100 1.0.0.0 2018-07-11 Found nothing 3
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 19
    kingsoft 2.1 2.1 2018-06-20 Found nothing 60
    mcafee 8974 5400.1158 2018-08-03 Found nothing 14
    nod32 7844 3.0.21 2018-08-07 Found nothing 3
    panda 9.05.01 9.05.01 2018-07-15 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 4
    qh360 1.0.1 1.0.1 2018-06-20 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
    quickheal 14.00 14.00 2018-08-07 Found nothing 8
    rising 4067 4067 2018-09-13 Found nothing 14
    sophos 4.62 3.16.1 2016-09-20 Found nothing 21
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 1
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 9
    thehacker 6.8.0.5 6.8.0.5 2018-07-12 Found nothing 7
    tws 17.47.17308 1.0.2.2108 2018-09-13 Found nothing 20
    vba 3.12.29.3 beta 3.12.29.3 beta 2016-09-19 Found nothing 8
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 24
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 没有相关的权限信息

  • 文件信息
    安全评分 :50
    基本信息
    MD5:294a9487e14167322fa5deb2dcf5a015
    包名:
    最低运行环境:
    版权:
    关键行为
    行为描述:尝试打开调试器或监控软件的驱动设备对象
    详情信息:\??\SICE
    \??\NTICE
    进程行为
    行为描述:枚举进程
    详情信息:N/A
    其他行为
    行为描述:检测自身是否被调试
    详情信息:IsDebuggerPresent
    行为描述:创建互斥体
    详情信息:DDrawWindowListMutex
    DDrawDriverObjectListMutex
    __DDrawExclMode__
    __DDrawCheckExclMode__
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    MSCTF.Shared.MUTEX.MFK
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = MSCTF.SendReceive.Event.MFK.IC
    EventName = MSCTF.SendReceiveConection.Event.MFK.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:生成会话密钥
    详情信息:[CryptDeriveKey] Algorithm: CALG_RC4 (0x00006801) Flags: 0x00000000
    行为描述:尝试打开调试器或监控软件的驱动设备对象
    详情信息:\??\SICE
    \??\NTICE
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    SE_DEBUG_PRIVILEGE
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    行为描述:解密数据
    详情信息:[CryptDecrypt] Data: 0x0019F508, CipherTextLen: 1000, PlainTextLen: 1000, Flags: 0x00000000
    [CryptDecrypt] Data: 0x0019F508, CipherTextLen: 976, PlainTextLen: 976, Flags: 0x00000000
    [CryptDecrypt] Data: 0x0019F508, CipherTextLen: 288, PlainTextLen: 288, Flags: 0x00000000
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号