VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

Powered By
安博士V3
AntiVir
安天
Arcabit
AVAST!
AVG
baidu
BitDefender
ClamAV
Comodo
CP Secure
Cyren
Dr.Web
Defenx
a-squared
ESTsecurity
F-Prot
F-Secure
费尔
飞塔
GData
ViRobot
Ikarus
江民杀毒
卡巴斯基
金山毒霸
K7
Microsoft
NOD32
Norman
Nano
熊猫卫士
趋势科技
Quick Heal
瑞星
Sophos
Sunbelt
赛门铁克
深信服
Systweak
nProtect
The Hacker
The Hunter
VBA32
VirusBuster
qqphone
360
xvirus
habo
threatbook
hybrid
 
File information
File Name :index.apk (File not down)
File Size :220444 byte
File Type :application/jar
MD5:09332c2874fb2b76ba6243ff77a6b135
SHA1:7e1572f2ab5935d50502e970ec47066057ebd62b
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-08-19 15:55:07 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.7937 25.7937 2016-08-18 Android.Trojan.AutoSMS.PG 9
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 41
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 17
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 5
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.RECEIVE_WAP_PUSH接收wap push信息
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.RECEIVE_USER_PRESENT
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.VIBRATE允许设备震动
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_SMS写短信
    android.permission.SEND_SMS发送短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
  • 文件信息
    安全评分 :
    基本信息
    MD5:09332c2874fb2b76ba6243ff77a6b135
    包名:xcbrsdc.gjfgjrg.sgddsgs
    最低运行环境:Android 2.2.x
    版权:Android
    关键行为
    行为描述:检测自身是否被调试
    详情信息:N/A
    行为描述:获取TickCount值
    详情信息:TickCount = 5412625, SleepMilliseconds = 60000.
    TickCount = 5412875, SleepMilliseconds = 60000.
    TickCount = 5413109, SleepMilliseconds = 60000.
    TickCount = 5413250, SleepMilliseconds = 60000.
    TickCount = 5413265, SleepMilliseconds = 60000.
    TickCount = 5413421, SleepMilliseconds = 60000.
    TickCount = 5413437, SleepMilliseconds = 60000.
    TickCount = 5420062, SleepMilliseconds = 60000.
    TickCount = 5420093, SleepMilliseconds = 60000.
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 1252, ThreadID = 1400, StartAddress = 79F0237F, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 1252, ThreadID = 896, StartAddress = 79F91FCF, Parameter = 001A57B0
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 1252, ThreadID = 792, StartAddress = 4AEA7456, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 1252, ThreadID = 1996, StartAddress = 77E56C7D, Parameter = 001E6C10
    TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 1252, ThreadID = 444, StartAddress = 769AE43B, Parameter = 001E9470
    文件行为
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ---> Offset = 0
    行为描述:查找文件
    详情信息:FileName = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
    FileName = C:\WINDOWS\Microsoft.NET\Framework\\*
    FileName = C:\WINDOWS
    FileName = C:\WINDOWS\WinSxS
    FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
    FileName = C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
    FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
    FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.INI
    FileName = C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.INI
    FileName = C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.INI
    其他行为
    行为描述:检测自身是否被调试
    详情信息:N/A
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.IHG
    行为描述:创建事件对象
    详情信息:EventName = Global\CorDBIPCSetupSyncEvent_1252
    EventName = MSCTF.SendReceive.Event.IHG.IC
    EventName = MSCTF.SendReceiveConection.Event.IHG.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:打开事件
    详情信息:Global\CLR_PerfMon_StartEnumEvent
    \KernelObjects\LowMemoryCondition
    HookSwitchHookEnabledEvent
    MSFT.VSA.COM.DISABLE.1252
    MSFT.VSA.IEC.STATUS.6c736db0
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    行为描述:获取TickCount值
    详情信息:TickCount = 5412625, SleepMilliseconds = 60000.
    TickCount = 5412875, SleepMilliseconds = 60000.
    TickCount = 5413109, SleepMilliseconds = 60000.
    TickCount = 5413250, SleepMilliseconds = 60000.
    TickCount = 5413265, SleepMilliseconds = 60000.
    TickCount = 5413421, SleepMilliseconds = 60000.
    TickCount = 5413437, SleepMilliseconds = 60000.
    TickCount = 5420062, SleepMilliseconds = 60000.
    TickCount = 5420093, SleepMilliseconds = 60000.
    行为描述:获取光标位置
    详情信息:CursorPos = (71,18468), SleepMilliseconds = 60000.
    CursorPos = (6364,26501), SleepMilliseconds = 60000.
    CursorPos = (19199,15725), SleepMilliseconds = 60000.
    CursorPos = (11508,29359), SleepMilliseconds = 60000.
    CursorPos = (26992,24465), SleepMilliseconds = 60000.
    行为描述:窗口信息
    详情信息:Pid = 1252, Hwnd=0x110342, Text = Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt t, ClassName = WindowsForms10.STATIC.app.0.378734a.
    Pid = 1252, Hwnd=0x1203be, Text = &Details, ClassName = WindowsForms10.BUTTON.app.0.378734a.
    Pid = 1252, Hwnd=0x503b8, Text = &Continue, ClassName = WindowsForms10.BUTTON.app.0.378734a.
    Pid = 1252, Hwnd=0xc03c8, Text = &Quit, ClassName = WindowsForms10.BUTTON.app.0.378734a.
    Pid = 1252, Hwnd=0x120340, Text = See the end of this message for details on invoking just-in-time (JIT) debugging instead of this dialog box. ************** , ClassName = WindowsForms10.EDIT.app.0.378734a.
    Pid = 1252, Hwnd=0x7038e, Text = Microsoft .NET Framework, ClassName = WindowsForms10.Window.8.app.0.378734a.
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 60000.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [Microsoft .NET Framework,WindowsForms10.Window.8.app.0.378734a]
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Global\CLR_CASOFF_MUTEX
    行为描述:样本控制台输出内容
    详情信息:N/A
    Activities
    活动名类型
    com.phone2.stop.activity.MainActivityandroid.intent.action.MAIN
    com.phone2.stop.activity.MainActivityandroid.intent.category.LAUNCHER
    com.phone2.stop.activity.DeleteActivityandroid.intent.action.DELETE
    com.phone2.stop.activity.DeleteActivityandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    ContentResolver;->delete删除短信、联系人
    ContentResolver;->query读取联系人、短信等数据库
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/URL;->openConnection连接URL
    启动方式
    名称信息
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver网络连接改变时启动服务
    com.phone.stop.receiver.BootReceiver应用安装时启动服务
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver
    com.phone.stop.receiver.BootReceiver开机启动服务
    com.phone.stop.receiver.SMSReceiver监控短信(收到短信)启动服务
    com.phone.stop.receiver.MyDeviceAdminReceiver
    权限列表
    许可名称信息
    android.permission.RECEIVE_WAP_PUSH接收wap push信息
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.RECEIVE_USER_PRESENT
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.VIBRATE允许设备震动
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_SMS写短信
    android.permission.SEND_SMS发送短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    服务列表
    名称
    com.phone.stop6.service.SecondService
    com.phone.stop6.service.BootService
    com.phone.stop6.service.SmsService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x615691be
    META-INF/CERT.SF 0xc8aa47f8
    META-INF/CERT.RSA 0x39547105
    javamail.smtp.provider 0x990c469d
    javamail.default.address.map 0xf20496b
    mailcap 0xd7759e43
    javamail.imap.provider 0x8934555a
    mimetypes.default 0x97dd5cdb
    res/drawable-hdpi/app_logo.png 0x129388d9
    resources.arsc 0x953928f7
    res/xml/devicepolicymanager_permission.xml 0xeab2c16b
    classes.dex 0xc2f61f6c
    javamail.default.providers 0x45ea1b21
    mailcap.default 0x6f616b6
    javamail.charset.map 0xad0dfcee
    AndroidManifest.xml 0x360111b9
    res/layout/activity_aa.xml 0x60332653
    javamail.smtp.address.map 0xf20496b
    res/layout/activity_main.xml 0x19203b2e
    res/drawable-hdpi/icon.png 0xac8b5a00
    javamail.pop3.provider 0xa23c9bc
    dsn.mf 0x1e4e9355
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号