VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name : 爱看App.apk (File not down)
File Size :6174077 byte
File Type :application/zip
MD5:c6e79b86255932a04bca016f5c0c6665
SHA1:42823ac27ae903c5a7b4b352f0a01041e247881d
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!        Behavior
    Time: 2017-08-29 10:17:48 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 6
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14366 10.0.1405 2017-08-23 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 2
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 23723 0.97.5 2017-08-28 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
    fortinet 1.000, 51.241, 51.106, 51.128 5.4.247 2017-08-29 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.14007 25.14007 2017-08-28 Found nothing 13
    ikarus 1.06.01 V1.32.31.0 2017-08-27 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-08-28 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2017-08-28 Found nothing 60
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 5984 3.0.21 2017-08-27 Found nothing 60
    panda 9.05.01 9.05.01 2017-08-28 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Android mobile malware 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-08-28 Found nothing 3
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 5
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2017-08-25 Found nothing 3
    tws 17.47.17308 1.0.2.2108 2017-08-28 Found nothing 15
    vba 3.12.29.5 beta 3.12.29.5 beta 2017-08-25 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.READ_LOGS读取系统日志
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    ACCESS_WIFI_STATE
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
  • 文件信息
    安全评分 :
    基本信息
    MD5:c6e79b86255932a04bca016f5c0c6665
    包名:com.aikan.app.mf
    最低运行环境:Android 2.2.x
    版权:E4A
    关键行为
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    C:\Documents and Settings\Administrator\IECompatCache
    行为描述:获取TickCount值
    详情信息:TickCount = 220640, SleepMilliseconds = 250.
    进程行为
    行为描述:创建进程
    详情信息:[0x00000b00]ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
    [0x00000b70]ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:79873
    [0x00000c68]ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:3136 CREDAT:79873
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2700, ThreadID = 2712, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2824, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2900, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2904, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2908, StartAddress = 7C949B6F, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2912, StartAddress = 77E56C7D, Parameter = 00196838
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2916, StartAddress = 5DE05ABD, Parameter = 00198880
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2920, StartAddress = 5DE05BC0, Parameter = 001968C8
    TargetProcess: iexplore.exe, InheritedFromPID = 2700, ProcessID = 2816, ThreadID = 2924, StartAddress = 0122F74F, Parameter = 00000214
    TargetProcess: iexplore.exe, InheritedFromPID = 2816, ProcessID = 2928, ThreadID = 2936, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2816, ProcessID = 2928, ThreadID = 2944, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2816, ProcessID = 2928, ThreadID = 2948, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2816, ProcessID = 2928, ThreadID = 2952, StartAddress = 7C949B6F, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 2816, ProcessID = 2928, ThreadID = 2956, StartAddress = 77E56C7D, Parameter = 0018FE48
    TargetProcess: iexplore.exe, InheritedFromPID = 2816, ProcessID = 2928, ThreadID = 2960, StartAddress = 5DE05ABD, Parameter = 00191BC8
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E55EA5A-8C60-11E7-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEB20.tmp
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8E55EA5B-8C60-11E7-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5DB.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\maxcanner_blog_163_com[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\favicon[1].ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{9334D838-8C60-11E7-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF6ABC.tmp
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9334D839-8C60-11E7-91C0-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF8748.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\yixun_com[1]
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
    FileName = C:\Program Files\Internet Explorer\iexplore.exe
    FileName = C:\Program Files\Common Files\Adobe
    FileName = C:\Program Files\Common Files\Adobe\Acrobat
    FileName = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX
    FileName = C:\Program Files\Java
    FileName = C:\Program Files\Java\jre7
    FileName = C:\Program Files\Java\jre7\bin
    FileName = C:\Program Files\Java\jre7\bin\jp2ssv.dll
    FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    FileName = C:\WINDOWS\system32\Ras\*.pbk
    FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEB20.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5DB.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\maxcanner_blog_163_com[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\favicon[1].ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF6ABC.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF8748.tmp
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    C:\Documents and Settings\Administrator\IECompatCache
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E55EA5A-8C60-11E7-91C0-7B****28}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E55EA5A-8C60-11E7-91C0-7B****28}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEB20.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEB20.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E55EA5A-8C60-11E7-91C0-7B****28}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E55EA5A-8C60-11E7-91C0-7B****28}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8E55EA5B-8C60-11E7-91C0-7B****28}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8E55EA5B-8C60-11E7-91C0-7B****28}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5DB.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5DB.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8E55EA5B-8C60-11E7-91C0-7B****28}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8E55EA5B-8C60-11E7-91C0-7B****28}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{9334D838-8C60-11E7-91C0-7B****28}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{9334D838-8C60-11E7-91C0-7B****28}.dat ---> Offset = 0
    网络行为
    行为描述:下载文件
    详情信息:URLDownloadToFileW: http://ww****om/favicon.ico ---> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    行为描述:打开指定IE网页
    详情信息:http://ma****om/
    行为描述:连接指定站点
    详情信息:InternetConnectA: ServerName = ma****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = ur****om, PORT = 443, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000200
    行为描述:打开HTTP连接
    详情信息:InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
    InternetOpenA: UserAgent: VCSoapClient, hSession = 0x00cc0010
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: ma****om, IP: **.133.40.**:80, SOCKET = 0x000004dc
    URL: ma****om, IP: **.133.40.**:80, SOCKET = 0x00000514
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000578
    URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x000005a0
    URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x0000058c
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000444
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000584
    URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x00000594
    行为描述:读取网络文件
    详情信息:hFile = 0x00cc000c, BytesToRead =4096, BytesRead = 4096.
    hFile = 0x00cc000c, BytesToRead =2048, BytesRead = 2048.
    hFile = 0x00cc0018, BytesToRead =4095, BytesRead = 4095.
    行为描述:发送HTTP包
    详情信息:GET / HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Accept-Encoding: gzip, deflate Host: ma****om Connection: Keep-Alive
    GET / HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ma****om Connection: Keep-Alive
    GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
    GET / HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Accept-Encoding: gzip, deflate Host: ww****om Connection: Keep-Alive
    行为描述:打开HTTP请求
    详情信息:HttpOpenRequestA: ma****om:80/, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400000
    HttpOpenRequestA: ww****om:80/favicon.ico, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00600010
    HttpOpenRequestA: ma****om:80/, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
    HttpOpenRequestA: ur****om:443/urs.asmx?msurs-client-key=dazuhgngdb5gwrur7sk3ng%3d%3d&msurs-patented-lock=cnx2dhfttxg%3d, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: POST, Referer: , Flags = 0x04880300
    HttpOpenRequestA: ww****om:80/, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400200
    HttpOpenRequestA: ur****om:443/urs.asmx?msurs-client-key=11vwgfp72lhsqxmerth/aw%3d%3d&msurs-patented-lock=c167csxjqxu%3d, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: POST, Referer: , Flags = 0x04880300
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: ma****om
    GetAddrInfoW: ww****om
    GetAddrInfoW: ur****om
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{8E55EA5A-8C60-11E7-91C0-7B****28}
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\Enable
    \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32\
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTimeCount
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\ThreadingModel
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32\
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
    行为描述:删除注册表键
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\
    \REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\
    \REGISTRY\USER\S-*_CLASSES\JavaPlugin.1000\CLSID\
    其他行为
    行为描述:创建互斥体
    详情信息:MAC地址查询扫描器
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    Local\!BrowserEmulation!SharedMemory!Mutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    RasPbFile
    ConnHashTable<2816>_HashTable_Mutex
    oleacc-msaa-loaded
    Local\ZonesCounterMutex
    行为描述:创建事件对象
    详情信息:EventName = Isolation Signal Registry Event (8E55EA57-8C60-11E7-91C0-7B****28, 0)
    EventName = IE_EarlyTabStart_0xb04
    EventName = Isolation Signal Registry Event (8E55EA58-8C60-11E7-91C0-7B****28, 0)
    EventName = DINPUTWINMM
    EventName = Global\userenv: User Profile setup event
    EventName = Local\IEDDEExecuteEvent
    EventName = Local\RSS Eventing Event Event 00000b00
    EventName = IEFrame.EventCheckDefaultBrowser
    EventName = Local\b70_29
    EventName = Global\crypt32LogoffEvent
    EventName = Isolation Signal Registry Event (9334D835-8C60-11E7-91C0-7B****28, 0)
    EventName = IE_EarlyTabStart_0xc44
    EventName = Isolation Signal Registry Event (9334D836-8C60-11E7-91C0-7B****28, 0)
    EventName = MSCTF.SendReceive.Event.EAM.IC
    EventName = MSCTF.SendReceiveConection.Event.EAM.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [IEFrame,]
    NtUserFindWindowEx: [Class,Window] = [Static,]
    NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
    NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:获取TickCount值
    详情信息:TickCount = 220640, SleepMilliseconds = 250.
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    Isolation Signal Registry Event (8E55EA57-8C60-11E7-91C0-7B****28, 0)
    Global\SvcctrlStartEvent_A3752DX
    \INSTALLATION_SECURITY_HOLD
    Isolation Signal Registry Event (8E55EA58-8C60-11E7-91C0-7B****28, 0)
    IE_EarlyTabStart_0xb04
    _fCanRegisterWithShellService
    MSFT.VSA.COM.DISABLE.2816
    MSFT.VSA.IEC.STATUS.6c736db0
    MSFT.VSA.COM.DISABLE.2928
    Local\RSS Eventing Event Event 00000b00
    CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
    MSCTF.SendReceiveConection.Event.IOH.IC
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico(签名验证: 未通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 250.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,BrowserFrameGripperClass]
    [Window,Class] = [缩放级别,ToolbarWindow32]
    [Window,Class] = [,msctls_progress32]
    [Window,Class] = [,SysLink]
    [Window,Class] = [,Static]
    [Window,Class] = [文件大小未知,Static]
    [Window,Class] = [Windows Internet Explorer,IEFrame]
    [Window,Class] = [,UniversalSearchBand]
    [Window,Class] = [,TravelBand]
    [Window,Class] = [,CommandBarClass]
    [Window,Class] = [,ReBarWindow32]
    [Window,Class] = [,TabBandClass]
    [Window,Class] = [打开此类文件前总是询问(&W),Button]
    [Window,Class] = [发行者:,Static]
    [Window,Class] = [http://www.yixun.com/ - Windows Internet Explorer,IEFrame]
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> fe1d0ee5901dd167ee9b28eece31786c
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Local\!IETld!Mutex
    Local\_!MSFTHISTORY!_
    Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
    Local\c:!documents and settings!administrator!cookies!
    Local\c:!documents and settings!administrator!local settings!history!history.ie5!
    Local\WininetStartupMutex
    Local\WininetConnectionMutex
    Local\WininetProxyRegistryMutex
    Local\!BrowserEmulation!SharedMemory!Mutex
    RasPbFile
    CtfmonInstMutexDefaultS-*
    Local\RSS Eventing Connection Database Mutex 00000b00
    Local\c:!documents and settings!administrator!local settings!application data!microsoft!feeds cache!
    Local\!IECompat!Mutex
    Activities
    活动名类型
    com.e4a.runtime.android.StartActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.StartActivityandroid.intent.category.DEFAULT
    com.e4a.runtime.android.StartActivityandroid.intent.category.LAUNCHER
    com.e4a.runtime.android.mainActivityandroid.intent.action.MAIN
    com.e4a.runtime.android.mainActivityandroid.intent.category.DEFAULT
    com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity5android.intent.action.VIEW
    com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity5android.intent.category.DEFAULT
    com.e4a.runtime.components.impl.android.Ok百度视频类库.VideoViewPlayingActivity5android.intent.category.BROWSABLE
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    权限列表
    许可名称信息
    android.permission.READ_LOGS读取系统日志
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    ACCESS_WIFI_STATE
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0xa6a9d8cd
    META-INF/MYKEY.SF 0x2a57bb9f
    META-INF/MYKEY.RSA 0xbd9297ad
    assets/10001.png 0xda792c6c
    assets/1Happy.png 0x4314ae59
    assets/Azhan1.png 0x3b626a6a
    assets/Azhan2.png 0x7c061801
    assets/bjk.png 0xe80a9c47
    assets/bofanglishi.png 0x53b62579
    assets/cate_10.png 0x57ca7ae8
    assets/cate_16.png 0xf3ce57e7
    assets/cate_30.png 0xd4572977
    assets/fanhui.png 0x1566f01a
    assets/fenxiang.png 0xaaa87abf
    assets/fhz.png 0x1668880b
    assets/fhz1.png 0x46042ae7
    assets/jiancegengx.png 0xad87c327
    assets/jinru.png 0x6c1a7457
    assets/ll1a.png 0x4b28ed50
    assets/lla.png 0x4d99d852
    assets/pingdao1.png 0xf02db20d
    assets/pingdao2.png 0x64c060b6
    assets/shanchu1.png 0xdd15c8f8
    assets/shoucang.png 0x599bedc5
    assets/sousuo.png 0xec25a203
    assets/sousuo1.png 0x7ca86030
    assets/tuij.png 0xe64ca27a
    assets/tuij1.png 0xdb2f2bf9
    assets/wode1.png 0xfd6f3212
    assets/wode2.png 0x36eead34
    classes.dex 0x6bae6089
    lib/armeabi/libcyberplayer-core.so 0xb98484e0
    lib/armeabi/libcyberplayer.so 0x2350af82
    lib/armeabi/libndkbitmap.so 0xe731eb36
    lib/armeabi/libshella-2.10.5.7.so 0xdcf00ce
    lib/armeabi/libshellx-2.10.5.7.so 0x88fd97a0
    lib/armeabi/mix.dex 0xa3517ce0
    lib/armeabi/mixz.dex 0xa67045c7
    res/anim/dialog_scale_in.xml 0xd1205a18
    res/anim/dialog_scale_out.xml 0xe4110112
    res/anim/error_frame_in.xml 0xe8d65cae
    res/anim/error_x_in.xml 0x75ae2b72
    res/anim/push_bottom_in.xml 0x56b328b4
    res/anim/push_bottom_in2.xml 0x5008b24f
    res/anim/push_bottom_out.xml 0x47153c81
    res/anim/push_danru_in.xml 0x68e45b0e
    res/anim/push_danru_out.xml 0x836bcdbf
    res/anim/reverse_anim.xml 0xcda7dfa0
    res/anim/rotating.xml 0x5b60e81a
    res/anim/success_bow_roate.xml 0x868ab202
    res/anim/success_mask_layout.xml 0x803af484
    res/drawable-hdpi/custom_img.jpg 0x5180fa2a
    res/drawable-hdpi/cyberplayer_listbtn_normal.png 0xa2be03dc
    res/drawable-hdpi/cyberplayer_listbtn_pressed.png 0x21de95cb
    res/drawable-hdpi/cyberplayer_next_play.png 0x4dbc08ae
    res/drawable-hdpi/cyberplayer_next_play_disable.png 0xd9509e6a
    res/drawable-hdpi/cyberplayer_next_play_pressed.png 0xecd2fb3a
    res/drawable-hdpi/cyberplayer_play_media.png 0x7825fccf
    res/drawable-hdpi/cyberplayer_play_media_disable.png 0xd06ad4ea
    res/drawable-hdpi/cyberplayer_play_media_pressed.png 0x754abc4d
    res/drawable-hdpi/cyberplayer_retreat_media.png 0xc1863e71
    res/drawable-hdpi/cyberplayer_retreat_media_disable.png 0x105d69ea
    res/drawable-hdpi/cyberplayer_retreat_media_pressed.png 0x107d406d
    res/drawable-hdpi/cyberplayer_seekbar_background.png 0x470141ee
    res/drawable-hdpi/cyberplayer_seekbar_background_normal.9.png 0xb682f96c
    res/drawable-hdpi/cyberplayer_seekbar_background_process.9.png 0x525e50fe
    res/drawable-hdpi/cyberplayer_seekbar_background_sound_normal.9.png 0xf670f95b
    res/drawable-hdpi/cyberplayer_seekbar_background_sound_process.9.png 0x5e8b1ec9
    res/drawable-hdpi/cyberplayer_seekbar_cache.png 0x273eb0ec
    res/drawable-hdpi/cyberplayer_seekbar_normal.png 0x60b412f3
    res/drawable-hdpi/cyberplayer_seekbar_ratio.png 0x8ec16bd1
    res/drawable-hdpi/cyberplayer_seekbar_ratio_white.png 0xa7a8ded9
    res/drawable-hdpi/cyberplayer_stop_media.png 0x6395a790
    res/drawable-hdpi/cyberplayer_stop_media_disable.png 0xbaafc338
    res/drawable-hdpi/cyberplayer_stop_media_pressed.png 0x520b1252
    res/drawable-hdpi/cyberplayer_subtitle_setting.png 0xdd3621e6
    res/drawable-hdpi/cyberplayer_subtitle_setting_disable.png 0xcb77113f
    res/drawable-hdpi/cyberplayer_subtitle_setting_pressed.png 0x9a0a6625
    res/drawable-hdpi/cyberplayer_switch_subtitle.png 0xe91d219b
    res/drawable-hdpi/cyberplayer_switch_subtitle_disable.png 0x4f852d8c
    res/drawable-hdpi/cyberplayer_switch_subtitle_pressed.png 0xf6580cd6
    res/drawable-hdpi/cyberplayer_take_snapshot.png 0xab8e7fd5
    res/drawable-hdpi/cyberplayer_take_snapshot_disable.png 0x234d73be
    res/drawable-hdpi/cyberplayer_take_snapshot_pressed.png 0x241205e
    res/drawable-hdpi/cyberplayer_textbtn_background_blue.9.png 0x84105c73
    res/drawable-hdpi/cyberplayer_titlebar_return.png 0xaafad296
    res/drawable-hdpi/cyberplayer_volumebar_background.9.png 0xd4992489
    res/drawable-hdpi/ic_episode_titlebar_videoplayer.png 0xc4f1ae6b
    res/drawable-hdpi/ic_episode_titlebar_videoplayer_disable.png 0xaba89ad2
    res/drawable-hdpi/ic_episode_titlebar_videoplayer_pressed.png 0x4b8d08e3
    res/drawable-hdpi/ic_next_play.png 0x719162df
    res/drawable-hdpi/ic_next_play_pressed.png 0x1da89f5
    res/drawable-hdpi/ic_play_media.png 0xe1efa842
    res/drawable-hdpi/ic_play_media_disable.png 0xd06ad4ea
    res/drawable-hdpi/ic_play_media_pressed.png 0x369158f9
    res/drawable-hdpi/ic_retreat_media.png 0x62ad09c7
    res/drawable-hdpi/ic_retreat_media_disable.png 0x105d69ea
    res/drawable-hdpi/ic_retreat_media_pressed.png 0x9e62fb86
    res/drawable-hdpi/ic_stop_media.png 0x5e106da4
    res/drawable-hdpi/ic_stop_media_pressed.png 0x101fb9db
    res/drawable-hdpi/ic_zoom_in_btn_videoplayer.png 0x986da792
    res/drawable-hdpi/ic_zoom_in_btn_videoplayer_disable.png 0x590e0a34
    res/drawable-hdpi/ic_zoom_in_btn_videoplayer_pressed.png 0xea9b5ca1
    res/drawable-hdpi/ic_zoom_out_btn_videoplayer.png 0xa25660f0
    res/drawable-hdpi/ic_zoom_out_btn_videoplayer_disable.png 0x1489a84c
    res/drawable-hdpi/ic_zoom_out_btn_videoplayer_pressed.png 0x722558a6
    res/drawable-hdpi/mo_shang_1.png 0x4d41f2f4
    res/drawable-hdpi/mo_xia_1.png 0x2111cc9e
    res/drawable-hdpi/yuanxing_heise_bantou.xml 0xea0962c0
    res/drawable-ldpi/danmaku_color.png 0xcc2b12fe
    res/drawable-ldpi/danmaku_position.png 0xf1b41d25
    res/drawable-ldpi/danmaku_position_bottom.png 0xf0881bbc
    res/drawable-ldpi/danmaku_position_bottom_checked.png 0x5b19115
    res/drawable-ldpi/danmaku_position_scroll.png 0xc658560f
    res/drawable-ldpi/danmaku_position_scroll_checked.png 0xc1cf71c7
    res/drawable-ldpi/danmaku_position_top.png 0x70995ac3
    res/drawable-ldpi/danmaku_position_top_checked.png 0x990335d6
    res/drawable-ldpi/ok_mudan_jianpan.png 0x298b67a1
    res/drawable-ldpi/ok_mudan_quxiao.png 0xfd272ec
    res/drawable-ldpi/ok_mudan_shezhi.png 0xfd05a52e
    res/drawable-ldpi/ok_mudan_yuanjiao_bai.xml 0x27595f02
    res/drawable-ldpi/ok_mudan_yuanjiao_bai_zhong.xml 0x5744e987
    res/drawable-ldpi/ok_mudan_yuanjiao_cheng.xml 0x32815142
    res/drawable-ldpi/ok_mudan_yuanjiao_cheng_zhong.xml 0xa22954fc
    res/drawable-ldpi/ok_mudan_yuanjiao_hong.xml 0xdbf78c4
    res/drawable-ldpi/ok_mudan_yuanjiao_hong_zhong.xml 0x49cb5263
    res/drawable-ldpi/ok_mudan_yuanjiao_huang.xml 0xfe9927aa
    res/drawable-ldpi/ok_mudan_yuanjiao_huang_zhong.xml 0xfe1cd13c
    res/drawable-ldpi/ok_mudan_yuanjiao_hui.xml 0xba9b002a
    res/drawable-ldpi/ok_mudan_yuanjiao_hui_zhong.xml 0x5542f99a
    res/drawable-ldpi/ok_mudan_yuanjiao_lan.xml 0x98bfab02
    res/drawable-ldpi/ok_mudan_yuanjiao_lan_zhong.xml 0x566587d7
    res/drawable-ldpi/ok_mudan_yuanjiao_lv.xml 0x67a67f4f
    res/drawable-ldpi/ok_mudan_yuanjiao_lv_zhong.xml 0xf24dd726
    res/drawable-ldpi/ok_mudan_yuanjiao_qianlan.xml 0x44f05c4a
    res/drawable-ldpi/ok_mudan_yuanjiao_qianlan_zhong.xml 0x7924b0f3
    res/drawable-ldpi/ok_mudan_yuanjiao_shenlan.xml 0xb44d1d0c
    res/drawable-ldpi/ok_mudan_yuanjiao_shenlan_zhong.xml 0x60bd1cb4
    res/drawable-ldpi/ok_mudan_yuanjiao_zi.xml 0x4861e289
    res/drawable-ldpi/ok_mudan_yuanjiao_zi_zhong.xml 0xe3e4565c
    res/drawable-ldpi/pause_btn_mudan_apy_style.xml 0xf5b65979
    res/drawable-ldpi/player_landscape_spitslot_normal.png 0xe30f6831
    res/drawable-ldpi/player_landscape_spitslot_press.png 0x617a3fb3
    res/drawable-ldpi/player_module_spitslot_send_normal.png 0xf328e0f3
    res/drawable-ldpi/player_module_spitslot_send_pressed.png 0xea35c8af
    res/drawable-xhdpi/bookmark_expand_icon.png 0x6639221b
    res/drawable-xhdpi/bookmark_icon_folder.png 0xae8b5d6b
    res/drawable-xhdpi/bookmark_unexpand_icon.png 0xf6e40be6
    res/drawable-xhdpi/btn_style_alert_dialog_button_normal.9.png 0x19f80729
    res/drawable-xhdpi/btn_style_alert_dialog_button_pressed.9.png 0xca61388e
    res/drawable-xhdpi/btn_style_alert_dialog_cancel_normal.9.png 0x2baa5f01
    res/drawable-xhdpi/btn_style_alert_dialog_special_normal.9.png 0xfb7979e3
    res/drawable-xhdpi/btn_style_alert_dialog_special_pressed.9.png 0x4d13cbda
    res/drawable-xhdpi/download_bookmark_toolbar_delete.png 0x3a7249be
    res/drawable-xhdpi/download_toolbar_backward.png 0xa3e23cfd
    res/drawable-xhdpi/ic_action_search.png 0x3294aee3
    res/drawable-xhdpi/load_failed.png 0x4b0d1be2
    res/drawable-xhdpi/load_succeed.png 0x8ce75c33
    res/drawable-xhdpi/loading.png 0x853f6b0
    res/drawable-xhdpi/menu_exit.png 0x2983d8b8
    res/drawable-xhdpi/mo_shang.png 0x9c8a8e1d
    res/drawable-xhdpi/mo_xia.png 0x33a6a99b
    res/drawable-xhdpi/mo_zhong.png 0x5784734e
    res/drawable-xhdpi/ok_win101.xml 0x85aa7a51
    res/drawable-xhdpi/ok_win101_1.png 0xc18f6c93
    res/drawable-xhdpi/ok_win10_1.png 0x3f2da75e
    res/drawable-xhdpi/ok_win10_10.png 0xf1b2f71e
    res/drawable-xhdpi/ok_win10_11.png 0xbb91fe35
    res/drawable-xhdpi/ok_win10_12.png 0x8e59419e
    res/drawable-xhdpi/ok_win10_13.png 0x583476b6
    res/drawable-xhdpi/ok_win10_14.png 0x7e6d87da
    res/drawable-xhdpi/ok_win10_15.png 0x9c5fd291
    res/drawable-xhdpi/ok_win10_16.png 0xda091058
    res/drawable-xhdpi/ok_win10_17.png 0xabd11b0b
    res/drawable-xhdpi/ok_win10_18.png 0x7d50df6d
    res/drawable-xhdpi/ok_win10_19.png 0xedd4f106
    res/drawable-xhdpi/ok_win10_2.png 0x8c31996e
    res/drawable-xhdpi/ok_win10_20.png 0xc2062a6
    res/drawable-xhdpi/ok_win10_21.png 0x7b988fc4
    res/drawable-xhdpi/ok_win10_22.png 0xb429d99c
    res/drawable-xhdpi/ok_win10_23.png 0x8e25fefa
    res/drawable-xhdpi/ok_win10_24.png 0x8f107ff3
    res/drawable-xhdpi/ok_win10_25.png 0x23650567
    res/drawable-xhdpi/ok_win10_26.png 0x7c5fadae
    res/drawable-xhdpi/ok_win10_27.png 0xf9812dff
    res/drawable-xhdpi/ok_win10_28.png 0x353d2aef
    res/drawable-xhdpi/ok_win10_29.png 0xd6403544
    res/drawable-xhdpi/ok_win10_3.png 0x30d49bea
    res/drawable-xhdpi/ok_win10_30.png 0x4fd184fe
    res/drawable-xhdpi/ok_win10_31.png 0xae4fcca7
    res/drawable-xhdpi/ok_win10_32.png 0x1811001f
    res/drawable-xhdpi/ok_win10_33.png 0xf1647bbe
    res/drawable-xhdpi/ok_win10_34.png 0xee51f09b
    res/drawable-xhdpi/ok_win10_35.png 0xd4560822
    res/drawable-xhdpi/ok_win10_36.png 0xf2f61c5
    res/drawable-xhdpi/ok_win10_37.png 0x8c34a715
    res/drawable-xhdpi/ok_win10_38.png 0x54f98dd1
    res/drawable-xhdpi/ok_win10_39.png 0x5b69bac3
    res/drawable-xhdpi/ok_win10_4.png 0x9042ed2
    res/drawable-xhdpi/ok_win10_40.png 0x5204a48e
    res/drawable-xhdpi/ok_win10_41.png 0x562d4ca1
    res/drawable-xhdpi/ok_win10_42.png 0xfbb04908
    res/drawable-xhdpi/ok_win10_43.png 0x96e3309e
    res/drawable-xhdpi/ok_win10_44.png 0x583476b6
    res/drawable-xhdpi/ok_win10_45.png 0x5af76e72
    res/drawable-xhdpi/ok_win10_46.png 0xdf187d2f
    res/drawable-xhdpi/ok_win10_47.png 0x72bf0510
    res/drawable-xhdpi/ok_win10_48.png 0x8c77307a
    res/drawable-xhdpi/ok_win10_49.png 0x7d50df6d
    res/drawable-xhdpi/ok_win10_5.png 0x1e969f02
    res/drawable-xhdpi/ok_win10_50.png 0x93a5e64e
    res/drawable-xhdpi/ok_win10_51.png 0x84db4127
    res/drawable-xhdpi/ok_win10_52.png 0xf2b97805
    res/drawable-xhdpi/ok_win10_53.png 0x9816bea0
    res/drawable-xhdpi/ok_win10_54.png 0xa397d7dd
    res/drawable-xhdpi/ok_win10_55.png 0x8f107ff3
    res/drawable-xhdpi/ok_win10_56.png 0x5819d596
    res/drawable-xhdpi/ok_win10_57.png 0xb37a1fd1
    res/drawable-xhdpi/ok_win10_58.png 0xd02da4a6
    res/drawable-xhdpi/ok_win10_59.png 0x353d2aef
    res/drawable-xhdpi/ok_win10_6.png 0xf8a63f04
    res/drawable-xhdpi/ok_win10_60.png 0xf3901052
    res/drawable-xhdpi/ok_win10_61.png 0xb7a2ff0e
    res/drawable-xhdpi/ok_win10_62.png 0xdc899480
    res/drawable-xhdpi/ok_win10_63.png 0x1811001f
    res/drawable-xhdpi/ok_win10_64.png 0x89777e6b
    res/drawable-xhdpi/ok_win10_65.png 0x6ec37229
    res/drawable-xhdpi/ok_win10_66.png 0xd849beaa
    res/drawable-xhdpi/ok_win10_67.png 0x3bad2405
    res/drawable-xhdpi/ok_win10_68.png 0x726b7b15
    res/drawable-xhdpi/ok_win10_69.png 0xe59993a2
    res/drawable-xhdpi/ok_win10_7.png 0xb5d1e2f4
    res/drawable-xhdpi/ok_win10_70.png 0xd1b58aa5
    res/drawable-xhdpi/ok_win10_71.png 0xa97f2961
    res/drawable-xhdpi/ok_win10_72.png 0xb79aa5b7
    res/drawable-xhdpi/ok_win10_73.png 0xbec3199d
    res/drawable-xhdpi/ok_win10_74.png 0xf52b6e9b
    res/drawable-xhdpi/ok_win10_75.png 0xc4a38d7f
    res/drawable-xhdpi/ok_win10_8.png 0xb6af5baf
    res/drawable-xhdpi/ok_win10_9.png 0x90a86d8c
    res/drawable-xhdpi/p_phone_account_back_small.png 0x2c10b95a
    res/drawable-xhdpi/p_phone_account_back_small_caidan.png 0x6fd891c7
    res/drawable-xhdpi/p_phone_account_back_small_jietu.png 0x49f38474
    res/drawable-xhdpi/p_phone_account_back_small_selected.png 0x5ed996e6
    res/drawable-xhdpi/p_phone_account_back_small_selected_caidan.png 0xd1dec9c3
    res/drawable-xhdpi/p_phone_account_back_small_selected_jietu.png 0x97df35a6
    res/drawable-xhdpi/pause_btn_cai_apy_style.xml 0xbbf569ae
    res/drawable-xhdpi/pause_btn_caidan_apy_style.xml 0xfa94c1a0
    res/drawable-xhdpi/pause_btn_fanhui_apy_style.xml 0xbf7ff275
    res/drawable-xhdpi/pause_btn_fenx_apy_style.xml 0xe8ef9056
    res/drawable-xhdpi/pause_btn_hou_apy_style.xml 0xaa860be5
    res/drawable-xhdpi/pause_btn_jietu_apy_style.xml 0x6e80e168
    res/drawable-xhdpi/pause_btn_jin2_apy_style.xml 0x2b0b0aca
    res/drawable-xhdpi/pause_btn_jin_apy_style.xml 0xb0bde083
    res/drawable-xhdpi/pause_btn_qi_apy_style.xml 0xbbf569ae
    res/drawable-xhdpi/pause_btn_shoc_apy_style.xml 0x90ae579b
    res/drawable-xhdpi/pause_btn_shocz_apy_style.xml 0xcd82592a
    res/drawable-xhdpi/pause_btn_suo1_apy_style.xml 0xfd76b1b1
    res/drawable-xhdpi/pause_btn_suo_apy_style.xml 0x472eacd3
    res/drawable-xhdpi/pause_btn_ting_apy_style.xml 0x5f091b98
    res/drawable-xhdpi/pause_btn_xiazai_apy_style.xml 0x204383e7
    res/drawable-xhdpi/pause_btn_zan_apy_style.xml 0x6b7ecd54
    res/drawable-xhdpi/play_ctrl_battery.png 0x63856226
    res/drawable-xhdpi/play_ctrl_battery1.png 0x3aef9f86
    res/drawable-xhdpi/play_ctrl_battery2.png 0x2ca1eba9
    res/drawable-xhdpi/player_landscape_btn_paopao_normal.png 0xe9597c12
    res/drawable-xhdpi/player_landscape_btn_paopao_pressed.png 0xd822ef8d
    res/drawable-xhdpi/player_landscape_download_normal.png 0xee7aad7f
    res/drawable-xhdpi/player_landscape_download_pressed.png 0x455c2625
    res/drawable-xhdpi/player_landscape_more_normal.png 0x41dc98c1
    res/drawable-xhdpi/player_landscape_more_pressed.png 0x574b1438
    res/drawable-xhdpi/player_landscape_next_normal.png 0x19548549
    res/drawable-xhdpi/player_landscape_next_normal_1.png 0x8c07631c
    res/drawable-xhdpi/player_landscape_next_normals.png 0x15ae1191
    res/drawable-xhdpi/player_landscape_next_pressed.png 0xc3ca3c8a
    res/drawable-xhdpi/player_landscape_next_pressed_1.png 0xa127802
    res/drawable-xhdpi/player_landscape_next_presseds.png 0x6355b68f
    res/drawable-xhdpi/player_landscape_screen_off_normal.png 0x32c3e657
    res/drawable-xhdpi/player_landscape_screen_off_pressed.png 0x3ccab448
    res/drawable-xhdpi/player_landscape_screen_on_noraml.png 0x538eeed2
    res/drawable-xhdpi/player_landscape_screen_on_pressed.png 0xab926f23
    res/drawable-xhdpi/player_landscape_share_normal.png 0xfbc29256
    res/drawable-xhdpi/player_landscape_share_pressed.png 0x204245c6
    res/drawable-xhdpi/pull_icon_big.png 0xa3140f47
    res/drawable-xhdpi/pullup_icon_big.png 0xec64d7da
    res/drawable-xhdpi/qiyi_sdk_play_portrait_btn_pause_normal.png 0x6e7a4941
    res/drawable-xhdpi/qiyi_sdk_play_portrait_btn_pause_pressed.png 0x810ca554
    res/drawable-xhdpi/qiyi_sdk_play_portrait_btn_player_normal.png 0x2f948853
    res/drawable-xhdpi/qiyi_sdk_play_portrait_btn_player_pressed.png 0xe9eed674
    res/drawable-xhdpi/refresh_failed.png 0x4b0d1be2
    res/drawable-xhdpi/refresh_succeed.png 0x8ce75c33
    res/drawable-xhdpi/refreshing.png 0x853f6b0
    res/drawable-xhdpi/round_46px_1071539_easyicon.png 0x18cf53b0
    res/drawable-xhdpi/round_48px_1071539_easyicon.png 0xc24a6722
    res/drawable-xhdpi/toast_collect.png 0xed174b5d
    res/drawable-xhdpi/toast_collectz.png 0xa5fc1274
    res/drawable-xhdpi/toast_uncollect.png 0xad9b5b86
    res/drawable-xhdpi/toast_uncollectz.png 0x5a76eab6
    res/drawable-xhdpi/yanse_baise.png 0xc1df8226
    res/drawable-xhdpi/yanse_baisu.png 0x1da031d2
    res/drawable-xhdpi/yanse_huhuise.png 0xbf5ef6c1
    res/drawable-xhdpi/yanse_huise.png 0xd8256c99
    res/drawable/ad_indicator_selected.png 0x3c90412a
    res/drawable/blue_button_background.xml 0x63d2e065
    res/drawable/btn_style_alert_dialog_button.xml 0x3056879b
    res/drawable/btn_style_alert_dialog_cancel.xml 0x844a00d5
    res/drawable/btn_style_alert_dialog_special.xml 0x8eb64404
    res/drawable/caidan_btn_style.xml 0xe7d7fc0b
    res/drawable/caidian_lie_style.xml 0xa3e3b0d5
    res/drawable/caidian_lies_style.xml 0x3db6e9fa
    res/drawable/dialog_background.xml 0x863997ef
    res/drawable/e4alistview_new_message.png 0x1cdc5409
    res/drawable/emoticon_pager_select_normal.png 0xd4b3274c
    res/drawable/error_center_x.xml 0xd2f3555d
    res/drawable/error_circle.xml 0xb583089c
    res/drawable/fancircle_banner_cover.png 0x635e2d55
    res/drawable/gray_button_background.xml 0x1fc40ae
    res/drawable/hou.png 0x356ecd7c
    res/drawable/icon.png 0x3832150a
    res/drawable/jiazai.png 0xf84e90f2
    res/drawable/ll1a.png 0x1465f054
    res/drawable/lla.png 0x4d99d852
    res/drawable/moren.png 0x8a1f4b00
    res/drawable/next_btn_style.xml 0x9256b93
    res/drawable/ok_win10.xml 0x529682b8
    res/drawable/ound_easyicon.png 0x9d7c819f
    res/drawable/pause_btn_style.xml 0x5f41ec0f
    res/drawable/play_btn_style.xml 0x9598de68
    res/drawable/player_landscape_more_normal.png 0xcf66ec96
    res/drawable/player_landscape_more_press.png 0x38397897
    res/drawable/pre_btn_style.xml 0x6ec1b373
    res/drawable/qcloud_player_icon_audio_vol.png 0x73be6b62
    res/drawable/qcloud_player_icon_brightness.png 0x3e7ba87b
    res/drawable/qian.png 0xf69d578
    res/drawable/qian1.png 0x6f020979
    res/drawable/red_button_background.xml 0xdfc99bd7
    res/drawable/seekbar_define2_style.xml 0xbc7b6f96
    res/drawable/seekbar_define_style.xml 0xc6b0ddf3
    res/drawable/seekbar_thumb.xml 0xbdb6fc21
    res/drawable/success_bow.xml 0x3bc1b9a2
    res/drawable/success_circle.xml 0x72776ca1
    res/drawable/vive_yuanxing.xml 0xd8b9195c
    res/drawable/warning_circle.xml 0xfc35dd9f
    res/drawable/warning_sigh.xml 0x4458b52
    res/drawable/zidingyi_anniu_style.xml 0xf178a271
    res/drawable/zidingyi_anniu_style1.xml 0x6267dd0b
    res/drawable/zidingyi_anniu_style2.xml 0x2782cb6a
    res/layout/alert_dialog.xml 0x9cdda20a
    res/layout/canduanxiang.xml 0x8293c70
    res/layout/controllerplayinging.xml 0x2505ddb4
    res/layout/controllerplayingok.xml 0x8cbf79ef
    res/layout/controllerplayingok_apy.xml 0x1a70f36f
    res/layout/layout_tab.xml 0x402938a2
    res/layout/layout_tab_bj.xml 0x7acea3f7
    res/layout/layout_tab_bottom.xml 0x29a6f503
    res/layout/layout_tab_left.xml 0x13f41a49
    res/layout/layout_tab_right.xml 0x23642c07
    res/layout/layout_tab_segment.xml 0xeab70b75
    res/layout/layout_tab_top.xml 0x1936c34d
    res/layout/loading_dialog.xml 0xdc7ce7cc
    res/layout/ok_danmu_bujv.xml 0xdb414f6f
    res/raw/comments.xml 0x7df50c22
    resources.arsc 0x62821582
    tencent_stub 0xdce5f427
    AndroidManifest.xml 0xcbdb8f3f
    lib/armeabi/libBugly.so 0x1ddd8547
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号