VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :WechatUnrecalled——微信防撤回插件.apk (File not down)
File Size :972619 byte
File Type :Zip archive data
MD5:b7348b2f64267e1f4edbcbe31235b6aa
SHA1:cfea668679fdadf1af9621742c04e0a26fcfce35
SHA256:dff4dcddac203080e8c146a355d89f726f5885411ac723aa15562324afeaf861
SSDEEP:24576:wpJYNXjU9jEYy0DyNQmFAOMEfQkT4f+uL/tVJ:wDYljUpEYy0Dnm+OYkT42kJ
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-09-02 23:48:22 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 2
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.8109 25.8109 2016-09-01 Found nothing 10
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 44
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 4
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 5
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 7
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 3
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 16
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 没有相关的权限信息

  • 文件信息
    安全评分 :
    基本信息
    MD5:b7348b2f64267e1f4edbcbe31235b6aa
    包名:com.fkzhang.wechatunrecalled
    最低运行环境:Android 4.0, 4.0.1, 4.0.2
    版权:
    关键行为
    行为描述:检测自身是否被调试
    详情信息:N/A
    行为描述:在桌面创建快捷方式
    详情信息:C:\Documents and Settings\Administrator\桌面\至尊种子搜索神器.lnk
    行为描述:直接获取CPU时钟
    详情信息:N/A
    行为描述:获取TickCount值
    详情信息:TickCount = 5360213, SleepMilliseconds = 10.
    TickCount = 5361713, SleepMilliseconds = 10.
    TickCount = 5361728, SleepMilliseconds = 10.
    TickCount = 5361791, SleepMilliseconds = 10.
    TickCount = 5364885, SleepMilliseconds = 10.
    TickCount = 5364947, SleepMilliseconds = 10.
    TickCount = 5364978, SleepMilliseconds = 10.
    TickCount = 5366681, SleepMilliseconds = 10.
    TickCount = 5368166, SleepMilliseconds = 10.
    TickCount = 5368181, SleepMilliseconds = 10.
    TickCount = 5368197, SleepMilliseconds = 10.
    TickCount = 5368213, SleepMilliseconds = 10.
    TickCount = 5372431, SleepMilliseconds = 10.
    TickCount = 5372447, SleepMilliseconds = 10.
    TickCount = 5379025, SleepMilliseconds = 10.
    进程行为
    行为描述:创建新文件进程
    详情信息:ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ir_sf_temp_0\irsetup.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1790722 "__IRAFN:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\至尊搜索神器.exe" "__IRCT:0" "__IRTSS:0" "__IRSID:S-1-5-21-1482476501-1645522239-1417001333-5
    ImagePath = C:\Program Files\zzss\zzss.exe, CmdLine = "C:\Program Files\zzss\zzss.exe"
    行为描述:枚举进程
    详情信息:N/A
    行为描述:创建本地线程
    详情信息:TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2560, StartAddress = 005BC44A, Parameter = 00FC7F98
    TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2564, StartAddress = 005BC44A, Parameter = 00FC81F8
    TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2568, StartAddress = 005BC44A, Parameter = 00FC8458
    TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2572, StartAddress = 005BC44A, Parameter = 00FC86C0
    TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2576, StartAddress = 005BC44A, Parameter = 00FC8928
    TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2580, StartAddress = 005BC44A, Parameter = 00FC8B98
    TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2584, StartAddress = 005BC44A, Parameter = 00FC8DE8
    TargetProcess: irsetup.exe, InheritedFromPID = 2436, ProcessID = 2540, ThreadID = 2588, StartAddress = 005BC44A, Parameter = 00FC9068
    TargetProcess: zzss.exe, InheritedFromPID = 2540, ProcessID = 3084, ThreadID = 3092, StartAddress = 792A741C, Parameter = 00000000
    TargetProcess: zzss.exe, InheritedFromPID = 2540, ProcessID = 3084, ThreadID = 3096, StartAddress = 791F59C0, Parameter = 001B0088
    TargetProcess: zzss.exe, InheritedFromPID = 2540, ProcessID = 3084, ThreadID = 3128, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: zzss.exe, InheritedFromPID = 2540, ProcessID = 3084, ThreadID = 3132, StartAddress = 4AEA7456, Parameter = 00000000
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.exe
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\lua5.1.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\IRIMG1.JPG
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\IRIMG2.JPG
    C:\Program Files\zzss\Uninstall\uni4D.tmp
    C:\Program Files\zzss\Uninstall\uninstall.dat
    C:\Program Files\zzss\uninstall.exe
    C:\Program Files\zzss\lua5.1.dll
    C:\Program Files\zzss\Uninstall\uninstall.xml
    C:\Program Files\zzss\default.mdb
    C:\Program Files\zzss\Emerald.ssk
    C:\Program Files\zzss\IrisSkin2.dll
    C:\Program Files\zzss\System.Data.SQLite.dll
    C:\Program Files\zzss\without.dll
    行为描述:在系统敏感位置(如开始菜单等)释放链接或快捷方式
    详情信息:C:\Documents and Settings\Administrator\「开始」菜单\程序\Oracle VM VirtualBox Guest Additions\至尊种子搜索神器.lnk
    C:\Documents and Settings\Administrator\「开始」菜单\程序\Oracle VM VirtualBox Guest Additions\卸载 至尊种子搜索神器.lnk
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.exe
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\lua5.1.dll
    C:\Program Files\zzss\uninstall.exe
    C:\Program Files\zzss\lua5.1.dll
    C:\Program Files\zzss\IrisSkin2.dll
    C:\Program Files\zzss\System.Data.SQLite.dll
    C:\Program Files\zzss\without.dll
    C:\Program Files\zzss\zzss.exe
    行为描述:覆盖已有文件
    详情信息:C:\Program Files\zzss\Uninstall\uninstall.dat
    C:\Program Files\zzss\Uninstall\uninstall.xml
    C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    行为描述:复制文件
    详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ir_sf_temp_0\IRIMG1.JPG ---> C:\Program Files\zzss\Uninstall\IRIMG1.JPG
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ir_sf_temp_0\IRIMG2.JPG ---> C:\Program Files\zzss\Uninstall\IRIMG2.JPG
    C:\Program Files\zzss\default.mdb ---> C:\Program Files\zzss\dt.mdb
    行为描述:在桌面创建快捷方式
    详情信息:C:\Documents and Settings\Administrator\桌面\至尊种子搜索神器.lnk
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.dat
    C:\Program Files\zzss\Uninstall\uni4D.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\IRIMG1.JPG
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\IRIMG2.JPG
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\lua5.1.dll
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\My Documents
    FileName = C:\Documents and Settings\All Users
    FileName = C:\Documents and Settings\All Users\Documents
    FileName = C:\Documents and Settings\Administrator\桌面
    FileName = C:\Documents and Settings\All Users\桌面
    FileName = C:\DOCUME~1
    FileName = C:\DOCUME~1\ADMINI~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ir_sf_temp_0\irsetup.exe
    FileName = C:\Documents and Settings\Administrator\Application Data
    FileName = C:\Documents and Settings\All Users\Application Data
    FileName = C:\WINDOWS
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.exe ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\lua5.1.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.dat ---> Offset = 65536
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.dat ---> Offset = 131072
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\IRIMG1.JPG ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\IRIMG2.JPG ---> Offset = 0
    C:\Program Files\zzss\Uninstall\uni4D.tmp ---> Offset = 0
    C:\Program Files\zzss\Uninstall\uni4D.tmp ---> Offset = 4096
    C:\Program Files\zzss\Uninstall\uni4D.tmp ---> Offset = 20480
    C:\Program Files\zzss\Uninstall\uni4D.tmp ---> Offset = 24576
    C:\Program Files\zzss\Uninstall\uni4D.tmp ---> Offset = 40960
    C:\Program Files\zzss\Uninstall\uninstall.dat ---> Offset = 0
    C:\Program Files\zzss\Uninstall\uninstall.dat ---> Offset = 32768
    C:\Program Files\zzss\Uninstall\uninstall.dat ---> Offset = 65536
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ir_sf_temp_0\irsetup.exe
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\DisplayName
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\NoModify
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\NoRepair
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\UninstallString
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\Publisher
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\URLInfoAbout
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\HelpLink
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\Contact
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\DisplayVersion
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\InstallLocation
    \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\至尊种子搜索神器V6.61\DisplayIcon
    其他行为
    行为描述:检测自身是否被调试
    详情信息:N/A
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    oleacc-msaa-loaded
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.APJ
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = Global\userenv: User Profile setup event
    EventName = MSCTF.SendReceive.Event.APJ.IC
    EventName = MSCTF.SendReceiveConection.Event.APJ.IC
    EventName = Global\CPFATE_3084_v4.0.30319
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    _fCanRegisterWithShellService
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000040
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000040
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
    CTF.ThreadMIConnectionEvent.000007B4.00000001.00000042
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000001.00000042
    CTF.ThreadMIConnectionEvent.000007B4.00000002.00000043
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000002.00000043
    Global\CLR_PerfMon_StartEnumEvent
    \KernelObjects\LowMemoryCondition
    行为描述:打开互斥体
    详情信息:Local\!IETld!Mutex
    ShimCacheMutex
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
    NtUserFindWindowEx: [Class,Window] = [MS_WINHELP,]
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:获取TickCount值
    详情信息:TickCount = 5360213, SleepMilliseconds = 10.
    TickCount = 5361713, SleepMilliseconds = 10.
    TickCount = 5361728, SleepMilliseconds = 10.
    TickCount = 5361791, SleepMilliseconds = 10.
    TickCount = 5364885, SleepMilliseconds = 10.
    TickCount = 5364947, SleepMilliseconds = 10.
    TickCount = 5364978, SleepMilliseconds = 10.
    TickCount = 5366681, SleepMilliseconds = 10.
    TickCount = 5368166, SleepMilliseconds = 10.
    TickCount = 5368181, SleepMilliseconds = 10.
    TickCount = 5368197, SleepMilliseconds = 10.
    TickCount = 5368213, SleepMilliseconds = 10.
    TickCount = 5372431, SleepMilliseconds = 10.
    TickCount = 5372447, SleepMilliseconds = 10.
    TickCount = 5379025, SleepMilliseconds = 10.
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    SE_DEBUG_PRIVILEGE
    行为描述:窗口信息
    详情信息:Pid = 2540, Hwnd=0x40392, Text = 帮助(&H), ClassName = Button.
    Pid = 2540, Hwnd=0x403a2, Text = < 返回(&B), ClassName = Button.
    Pid = 2540, Hwnd=0x1902ce, Text = 下一步(&N) >, ClassName = Button.
    Pid = 2540, Hwnd=0x7038a, Text = 取消(&C), ClassName = Button.
    Pid = 2540, Hwnd=0x703ba, Text = 至尊种子搜索神器 安装程序, ClassName = Afx:00400000:3:00010011:01900015:004D0331.
    Pid = 2540, Hwnd=0x8038a, Text = 下一步(&N) >, ClassName = Button.
    Pid = 2540, Hwnd=0x1a02ce, Text = 取消(&C), ClassName = Button.
    Pid = 2540, Hwnd=0x503a2, Text = C:\Program Files\zzss, ClassName = Edit.
    Pid = 2540, Hwnd=0x50392, Text = 更改(&H)..., ClassName = Button.
    Pid = 2540, Hwnd=0x8037c, Text = 帮助(&H), ClassName = Button.
    Pid = 2540, Hwnd=0x1702d8, Text = < 返回(&B), ClassName = Button.
    Pid = 2540, Hwnd=0x1802d8, Text = 下一步(&N) >, ClassName = Button.
    Pid = 2540, Hwnd=0x9037c, Text = 取消(&C), ClassName = Button.
    Pid = 2540, Hwnd=0x60392, Text = 至尊种子搜索神器, ClassName = ComboBox.
    Pid = 2540, Hwnd=0x1b02ce, Text = 至尊种子搜索神器, ClassName = Edit.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.exe(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\lua5.1.dll(签名验证: 通过)
    C:\Program Files\zzss\uninstall.exe(签名验证: 未通过)
    C:\Program Files\zzss\lua5.1.dll(签名验证: 通过)
    C:\Program Files\zzss\IrisSkin2.dll(签名验证: 未通过)
    C:\Program Files\zzss\System.Data.SQLite.dll(签名验证: 未通过)
    C:\Program Files\zzss\without.dll(签名验证: 未通过)
    C:\Program Files\zzss\zzss.exe(签名验证: 未通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 100.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [Initializing...,#32770]
    [Window,Class] = [Debug,#32770]
    [Window,Class] = [帮助(&H),Button]
    [Window,Class] = [< 返回(&B),Button]
    [Window,Class] = [下一步(&N) >,Button]
    [Window,Class] = [取消(&C),Button]
    [Window,Class] = [C:\Program Files\zzss,Edit]
    [Window,Class] = [更改(&H)...,Button]
    [Window,Class] = [,ComboLBox]
    [Window,Class] = [Oracle VM VirtualBox Guest Additions,ComboBox]
    [Window,Class] = [只对当前用户安装快捷方式,Button]
    [Window,Class] = [使快捷方式对所有用户都可用,Button]
    [Window,Class] = [至尊种子搜索神器 安装程序,Afx:00400000:3:00010011:01900015:004D0331]
    [Window,Class] = [,msctls_progress32]
    [Window,Class] = [,Button]
    行为描述:获取光标位置
    详情信息:CursorPos = (71,18468), SleepMilliseconds = 10.
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\irsetup.exe ---> 9bdcf813d65265255b820bc7a704da3c
    C:\Documents and Settings\Administrator\Local Settings\Temp\_ir_sf_temp_0\lua5.1.dll ---> c3f5f4a1fb69b5889f0bbb313cf6017f
    C:\Program Files\zzss\uninstall.exe ---> 9bdcf813d65265255b820bc7a704da3c
    C:\Program Files\zzss\lua5.1.dll ---> c3f5f4a1fb69b5889f0bbb313cf6017f
    C:\Program Files\zzss\IrisSkin2.dll ---> 7deaf4a6fa52e8d23f75cf998d6cfe2b
    C:\Program Files\zzss\System.Data.SQLite.dll ---> 5d8c745bffc141ff35f8caad8ef73a92
    C:\Program Files\zzss\without.dll ---> 8374312d55ec71ae131b2bd396fff814
    C:\Program Files\zzss\zzss.exe ---> 8bca97c4f40298bff171efad6a7805f2
    行为描述:直接获取CPU时钟
    详情信息:N/A
    行为描述:加载新释放的文件
    详情信息:Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_ir_sf_temp_0\lua5.1.dll.
    Activities
    活动名类型
    com.fkzhang.wechatunrecalled.MainActivityandroid.intent.action.MAIN
    com.fkzhang.wechatunrecalled.MainActivityde.robv.android.xposed.category.MODULE_SETTINGS
    com.fkzhang.wechatunrecalled.MainActivity-Aliasandroid.intent.action.MAIN
    com.fkzhang.wechatunrecalled.MainActivity-Aliasandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    LocationManager;->getLastKnownLocation获取地址位置
    ContentResolver;->query读取联系人、短信等数据库
    java/net/URL;->openConnection连接URL
    android/app/NotificationManager;->notify信息通知栏
    文件列表
    文件名 校验码
    AndroidManifest.xml 0x4891436c
    assets/xposed_init 0xd2b8642e
    res/anim-v21/design_bottom_sheet_slide_in.xml 0x85e086e6
    res/anim-v21/design_bottom_sheet_slide_out.xml 0x36107f4e
    res/anim/abc_fade_in.xml 0x2f94166b
    res/anim/abc_fade_out.xml 0x396f7a13
    res/anim/abc_grow_fade_in_from_bottom.xml 0x230b3ab8
    res/anim/abc_popup_enter.xml 0xdc76e900
    res/anim/abc_popup_exit.xml 0x37f97fb1
    res/anim/abc_shrink_fade_out_from_bottom.xml 0x86390ada
    res/anim/abc_slide_in_bottom.xml 0x73663fbe
    res/anim/abc_slide_in_top.xml 0x41f8f3af
    res/anim/abc_slide_out_bottom.xml 0x51b9c50a
    res/anim/abc_slide_out_top.xml 0x4f613364
    res/anim/design_bottom_sheet_slide_in.xml 0x4833b733
    res/anim/design_bottom_sheet_slide_out.xml 0xc9687166
    res/anim/design_fab_in.xml 0x4cc1d922
    res/anim/design_fab_out.xml 0x8d676b4b
    res/anim/design_snackbar_in.xml 0x89444de8
    res/anim/design_snackbar_out.xml 0x501bbe4c
    res/color-v11/abc_background_cache_hint_selector_material_dark.xml 0x63d4c797
    res/color-v11/abc_background_cache_hint_selector_material_light.xml 0x39cf77ca
    res/color-v23/abc_color_highlight_material.xml 0x6126bd12
    res/color/abc_primary_text_disable_only_material_dark.xml 0x7bb0f397
    res/color/abc_primary_text_disable_only_material_light.xml 0xe8af8ced
    res/color/abc_primary_text_material_dark.xml 0x287f455e
    res/color/abc_primary_text_material_light.xml 0x3358fb81
    res/color/abc_search_url_text.xml 0x2dc43020
    res/color/abc_secondary_text_material_dark.xml 0x4206aff7
    res/color/abc_secondary_text_material_light.xml 0xd87ccfb4
    res/color/switch_thumb_material_dark.xml 0x1ffa7ef5
    res/color/switch_thumb_material_light.xml 0x4ddc02a
    res/drawable-hdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x64228504
    res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd03742f2
    res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xd2d6badf
    res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xff76aca0
    res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x40073691
    res/drawable-hdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x8efc8de5
    res/drawable-hdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x8f25d6ab
    res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x11706987
    res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x1764993
    res/drawable-hdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x3df2f3
    res/drawable-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xcf221f74
    res/drawable-hdpi-v4/abc_ic_clear_mtrl_alpha.png 0x3f976daa
    res/drawable-hdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x4afe65be
    res/drawable-hdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x50e4f199
    res/drawable-hdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xc3e37254
    res/drawable-hdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x84e76f0
    res/drawable-hdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x6def6654
    res/drawable-hdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0x7b8d7a2b
    res/drawable-hdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x92a0a882
    res/drawable-hdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xe58316f4
    res/drawable-hdpi-v4/abc_ic_search_api_mtrl_alpha.png 0xfba9885f
    res/drawable-hdpi-v4/abc_ic_star_black_16dp.png 0x8b8a9485
    res/drawable-hdpi-v4/abc_ic_star_black_36dp.png 0xdd4584
    res/drawable-hdpi-v4/abc_ic_star_half_black_16dp.png 0xa97f155c
    res/drawable-hdpi-v4/abc_ic_star_half_black_36dp.png 0x7e9b424
    res/drawable-hdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x7c484f23
    res/drawable-hdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
    res/drawable-hdpi-v4/abc_list_focused_holo.9.png 0x8e4da209
    res/drawable-hdpi-v4/abc_list_longpressed_holo.9.png 0x81b12fde
    res/drawable-hdpi-v4/abc_list_pressed_holo_dark.9.png 0x62993bc8
    res/drawable-hdpi-v4/abc_list_pressed_holo_light.9.png 0x7c69f413
    res/drawable-hdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xe50f1648
    res/drawable-hdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x43f655e6
    res/drawable-hdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xbed682a
    res/drawable-hdpi-v4/abc_popup_background_mtrl_mult.9.png 0x84fecf87
    res/drawable-hdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6b6f6e10
    res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x7ebcc8c0
    res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xedd62a7e
    res/drawable-hdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x415336be
    res/drawable-hdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x65b9786e
    res/drawable-hdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x7ab89543
    res/drawable-hdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x18025bff
    res/drawable-hdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x6c11debe
    res/drawable-hdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x103aeb6a
    res/drawable-hdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0xaa35a06e
    res/drawable-hdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xafd79c5c
    res/drawable-hdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0xee0f1fea
    res/drawable-ldrtl-hdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x69137c0d
    res/drawable-ldrtl-hdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0xa0f62259
    res/drawable-ldrtl-hdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x68855ee1
    res/drawable-ldrtl-hdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0xa596c3d0
    res/drawable-ldrtl-mdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0xf9fb6fee
    res/drawable-ldrtl-mdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x8397446e
    res/drawable-ldrtl-mdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x60ba44b
    res/drawable-ldrtl-mdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0xb1c14ea7
    res/drawable-ldrtl-xhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x8e0918ec
    res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x9f9971be
    res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0xeeeff9f6
    res/drawable-ldrtl-xhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x64a842b9
    res/drawable-ldrtl-xxhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x49b8e510
    res/drawable-ldrtl-xxhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x1d5aea2b
    res/drawable-ldrtl-xxhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0xed023aa
    res/drawable-ldrtl-xxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x48f4c207
    res/drawable-ldrtl-xxxhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0xf5c17862
    res/drawable-ldrtl-xxxhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x9917cc6e
    res/drawable-ldrtl-xxxhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x175c7e0d
    res/drawable-ldrtl-xxxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x2ff6ecc
    res/drawable-mdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xa852580c
    res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd152fae1
    res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xa32a8346
    res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0x9394b434
    res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x1bcdcb4b
    res/drawable-mdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x16f933f2
    res/drawable-mdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xcd88666a
    res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xa7483509
    res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xd76b7b1e
    res/drawable-mdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xb6857dd0
    res/drawable-mdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xbef16ffd
    res/drawable-mdpi-v4/abc_ic_clear_mtrl_alpha.png 0x696fbaf9
    res/drawable-mdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xc890fc5c
    res/drawable-mdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0xef213bb9
    res/drawable-mdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xf441f369
    res/drawable-mdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x1d65dce6
    res/drawable-mdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x79c23ff8
    res/drawable-mdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xaa4c4259
    res/drawable-mdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0xae8da781
    res/drawable-mdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x9adee595
    res/drawable-mdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x99c01143
    res/drawable-mdpi-v4/abc_ic_star_black_16dp.png 0x1d21eeb3
    res/drawable-mdpi-v4/abc_ic_star_black_36dp.png 0x2a40c706
    res/drawable-mdpi-v4/abc_ic_star_half_black_16dp.png 0x166d14dd
    res/drawable-mdpi-v4/abc_ic_star_half_black_36dp.png 0x4a32950e
    res/drawable-mdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x3040db64
    res/drawable-mdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
    res/drawable-mdpi-v4/abc_list_focused_holo.9.png 0xb1ab9d03
    res/drawable-mdpi-v4/abc_list_longpressed_holo.9.png 0x78c37895
    res/drawable-mdpi-v4/abc_list_pressed_holo_dark.9.png 0x686b7a66
    res/drawable-mdpi-v4/abc_list_pressed_holo_light.9.png 0x32efca3
    res/drawable-mdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x551f7c98
    res/drawable-mdpi-v4/abc_list_selector_disabled_holo_light.9.png 0xd6426851
    res/drawable-mdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xe2078e4d
    res/drawable-mdpi-v4/abc_popup_background_mtrl_mult.9.png 0x3bdea6d1
    res/drawable-mdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xf4030717
    res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xefd6e141
    res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xb2b1b258
    res/drawable-mdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x3a0eb435
    res/drawable-mdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0xd393324b
    res/drawable-mdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x5ceac6c5
    res/drawable-mdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xd6b37a0c
    res/drawable-mdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xb58b040f
    res/drawable-mdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4f16ccfc
    res/drawable-mdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0xf8dbf6f6
    res/drawable-mdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xfb4249d4
    res/drawable-mdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x19a0052e
    res/drawable-v21/abc_action_bar_item_background_material.xml 0xb794af16
    res/drawable-v21/abc_btn_colored_material.xml 0x8146d9ed
    res/drawable-v21/abc_edit_text_material.xml 0x8a6a337f
    res/drawable-v21/abc_ratingbar_indicator_material.xml 0x5b57a222
    res/drawable-v21/abc_ratingbar_small_material.xml 0xbed7f6fc
    res/drawable-v23/abc_control_background_material.xml 0x18ee5707
    res/drawable-xhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xcf127e45
    res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xcfba78ba
    res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x726c24c9
    res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xe6c8339c
    res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x2c324db4
    res/drawable-xhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x5221e639
    res/drawable-xhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x4d98f972
    res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xcd563567
    res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x3e9a5317
    res/drawable-xhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xf70ddcc0
    res/drawable-xhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xd92f8b09
    res/drawable-xhdpi-v4/abc_ic_clear_mtrl_alpha.png 0xe3ade440
    res/drawable-xhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xa633729c
    res/drawable-xhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x93ca28c3
    res/drawable-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x77030319
    res/drawable-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xae52a132
    res/drawable-xhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x87505834
    res/drawable-xhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xe5098066
    res/drawable-xhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x9dd9218
    res/drawable-xhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xbc17f4b0
    res/drawable-xhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x5d3ec086
    res/drawable-xhdpi-v4/abc_ic_star_black_16dp.png 0x7da76864
    res/drawable-xhdpi-v4/abc_ic_star_black_36dp.png 0xa1fb74a1
    res/drawable-xhdpi-v4/abc_ic_star_half_black_16dp.png 0xf86c6c7a
    res/drawable-xhdpi-v4/abc_ic_star_half_black_36dp.png 0x6b73b52b
    res/drawable-xhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x86fc4299
    res/drawable-xhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
    res/drawable-xhdpi-v4/abc_list_focused_holo.9.png 0xbde23956
    res/drawable-xhdpi-v4/abc_list_longpressed_holo.9.png 0x84a788a6
    res/drawable-xhdpi-v4/abc_list_pressed_holo_dark.9.png 0x98f7c81a
    res/drawable-xhdpi-v4/abc_list_pressed_holo_light.9.png 0x5314692b
    res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x41748705
    res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1c2ff2be
    res/drawable-xhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0x63ee6937
    res/drawable-xhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x79067b02
    res/drawable-xhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6cd6529b
    res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x3d7b9fee
    res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xbeb523af
    res/drawable-xhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0xbf40ca92
    res/drawable-xhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x1a186496
    res/drawable-xhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xfbc5d182
    res/drawable-xhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x4ebe0617
    res/drawable-xhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x361544c6
    res/drawable-xhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4853c2d6
    res/drawable-xhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x7a6dbe65
    res/drawable-xhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xeaa0434b
    res/drawable-xhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x4cfa2def
    res/drawable-xxhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x7758fe71
    res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xa8af72f3
    res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x47977e9
    res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xcfc747f2
    res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0xdbaceef4
    res/drawable-xxhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0xb4580cf
    res/drawable-xxhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xbf3a37c9
    res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xe3ff53b2
    res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x7f666710
    res/drawable-xxhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x7cd87445
    res/drawable-xxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x99fcf98c
    res/drawable-xxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0xf7eea1df
    res/drawable-xxhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x75e2a0e0
    res/drawable-xxhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x978987bf
    res/drawable-xxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x49d49756
    res/drawable-xxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x185907e3
    res/drawable-xxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xadb065b2
    res/drawable-xxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xde8d92d0
    res/drawable-xxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x6a35729
    res/drawable-xxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x49556dc6
    res/drawable-xxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x79e1cda0
    res/drawable-xxhdpi-v4/abc_ic_star_black_16dp.png 0x15d856d
    res/drawable-xxhdpi-v4/abc_ic_star_black_36dp.png 0x3e52d827
    res/drawable-xxhdpi-v4/abc_ic_star_half_black_16dp.png 0xcd5c10f5
    res/drawable-xxhdpi-v4/abc_ic_star_half_black_36dp.png 0x65d095bf
    res/drawable-xxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0xfedf00ca
    res/drawable-xxhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x2d5a2100
    res/drawable-xxhdpi-v4/abc_list_focused_holo.9.png 0x19c09c27
    res/drawable-xxhdpi-v4/abc_list_longpressed_holo.9.png 0x236b6e98
    res/drawable-xxhdpi-v4/abc_list_pressed_holo_dark.9.png 0x823780d0
    res/drawable-xxhdpi-v4/abc_list_pressed_holo_light.9.png 0x813ae23c
    res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xdddaae2e
    res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1ff1856f
    res/drawable-xxhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xe97125d2
    res/drawable-xxhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x478db1d1
    res/drawable-xxhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xc57037f7
    res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x35329a
    res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0x9aaa658d
    res/drawable-xxhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x5902ed5c
    res/drawable-xxhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0xa028728e
    res/drawable-xxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xbba9274f
    res/drawable-xxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xf785991a
    res/drawable-xxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xd6692ce7
    res/drawable-xxhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x2fa093c4
    res/drawable-xxhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x4d07b4a9
    res/drawable-xxhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0x77c42d34
    res/drawable-xxhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x9e0d73d
    res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0x23bc6175
    res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x2ea066c3
    res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xed039207
    res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x590aeae3
    res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x4f6e087d
    res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xa817850a
    res/drawable-xxxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x23f1af9d
    res/drawable-xxxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0x84d065fb
    res/drawable-xxxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x39d6d931
    res/drawable-xxxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xc9f78467
    res/drawable-xxxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xb7cc364f
    res/drawable-xxxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xa9f4da32
    res/drawable-xxxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x8151ea77
    res/drawable-xxxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x2fc5a011
    res/drawable-xxxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0xf5710ade
    res/drawable-xxxhdpi-v4/abc_ic_star_black_16dp.png 0x8f0aa8f4
    res/drawable-xxxhdpi-v4/abc_ic_star_black_36dp.png 0xe3e4a114
    res/drawable-xxxhdpi-v4/abc_ic_star_half_black_16dp.png 0x83fb9cd5
    res/drawable-xxxhdpi-v4/abc_ic_star_half_black_36dp.png 0x957a7d58
    res/drawable-xxxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x1022e769
    res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xdbb5b067
    res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xd1165fc
    res/drawable-xxxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x3bd11453
    res/drawable-xxxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x1a7d6c07
    res/drawable-xxxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x74529d2e
    res/drawable/abc_btn_borderless_material.xml 0xf341af1c
    res/drawable/abc_btn_check_material.xml 0xe2f70d0a
    res/drawable/abc_btn_colored_material.xml 0x1522b03
    res/drawable/abc_btn_default_mtrl_shape.xml 0xad40d6c
    res/drawable/abc_btn_radio_material.xml 0x2960f785
    res/drawable/abc_cab_background_internal_bg.xml 0x9c5b1555
    res/drawable/abc_cab_background_top_material.xml 0x789cac73
    res/drawable/abc_dialog_material_background_dark.xml 0x9ee635fb
    res/drawable/abc_dialog_material_background_light.xml 0xeb79f366
    res/drawable/abc_edit_text_material.xml 0x499c42ad
    res/drawable/abc_item_background_holo_dark.xml 0xd1b21c63
    res/drawable/abc_item_background_holo_light.xml 0x5c0f0b25
    res/drawable/abc_list_selector_background_transition_holo_dark.xml 0xad127204
    res/drawable/abc_list_selector_background_transition_holo_light.xml 0xff8319d8
    res/drawable/abc_list_selector_holo_dark.xml 0xd3230273
    res/drawable/abc_list_selector_holo_light.xml 0x4ca62f47
    res/drawable/abc_ratingbar_full_material.xml 0xf00f836e
    res/drawable/abc_ratingbar_indicator_material.xml 0xdbcfdb9a
    res/drawable/abc_ratingbar_small_material.xml 0xecbbc468
    res/drawable/abc_seekbar_thumb_material.xml 0xf5569f09
    res/drawable/abc_seekbar_track_material.xml 0xd86c6936
    res/drawable/abc_spinner_textfield_background_material.xml 0x3f96a674
    res/drawable/abc_switch_thumb_material.xml 0x88e00ae
    res/drawable/abc_tab_indicator_material.xml 0x20683102
    res/drawable/abc_text_cursor_material.xml 0x9fd1fc63
    res/drawable/abc_textfield_search_material.xml 0x82e87b85
    res/drawable/design_fab_background.xml 0x516623a0
    res/drawable/design_snackbar_background.xml 0x920564ca
    res/layout-sw600dp-v13/design_layout_snackbar.xml 0x42afb3f2
    res/layout-v17/abc_alert_dialog_button_bar_material.xml 0x448e3f66
    res/layout-v17/abc_alert_dialog_material.xml 0x89602a25
    res/layout-v17/abc_dialog_title_material.xml 0xdb31d
    res/layout-v17/abc_search_view.xml 0x8fd7921a
    res/layout-v17/content_main.xml 0xeb727831
    res/layout-v17/design_layout_snackbar_include.xml 0x95b3acc
    res/layout-v17/dialog_customize_notification.xml 0xe9d3a688
    res/layout-v17/item_support.xml 0x17bd1422
    res/layout-v17/notification_template_big_media.xml 0xbbfc329d
    res/layout-v17/notification_template_big_media_narrow.xml 0xdef2b7ff
    res/layout-v17/notification_template_lines.xml 0xe2f05a82
    res/layout-v17/notification_template_media.xml 0xe351e292
    res/layout-v17/notification_template_part_chronometer.xml 0x433239ec
    res/layout-v17/notification_template_part_time.xml 0x708033da
    res/layout-v17/select_dialog_multichoice_material.xml 0x8e06c0c7
    res/layout-v17/select_dialog_singlechoice_material.xml 0x39872ba4
    res/layout-v21/abc_screen_toolbar.xml 0xd1f59ae
    res/layout/abc_action_bar_title_item.xml 0x2fd5c716
    res/layout/abc_action_bar_up_container.xml 0xbe3dc4bf
    res/layout/abc_action_bar_view_list_nav_layout.xml 0x6eecc1e9
    res/layout/abc_action_menu_item_layout.xml 0xdad7d2c6
    res/layout/abc_action_menu_layout.xml 0x57ab3069
    res/layout/abc_action_mode_bar.xml 0xe8a7bd74
    res/layout/abc_action_mode_close_item_material.xml 0x6d971b3c
    res/layout/abc_activity_chooser_view.xml 0x9d702c2c
    res/layout/abc_activity_chooser_view_list_item.xml 0x1a4abffb
    res/layout/abc_alert_dialog_button_bar_material.xml 0x1ea257a7
    res/layout/abc_alert_dialog_material.xml 0xc592db64
    res/layout/abc_dialog_title_material.xml 0x5fe773f8
    res/layout/abc_expanded_menu_layout.xml 0x8ee6cc27
    res/layout/abc_list_menu_item_checkbox.xml 0xe0deca6a
    res/layout/abc_list_menu_item_icon.xml 0x4cd3582b
    res/layout/abc_list_menu_item_layout.xml 0x406eaf3f
    res/layout/abc_list_menu_item_radio.xml 0xae04ba06
    res/layout/abc_popup_menu_item_layout.xml 0x43e66d64
    res/layout/abc_screen_content_include.xml 0xe005f52e
    res/layout/abc_screen_simple.xml 0xc4503ec8
    res/layout/abc_screen_simple_overlay_action_mode.xml 0xf874c6fc
    res/layout/abc_screen_toolbar.xml 0x1cfd9970
    res/layout/abc_search_dropdown_item_icons_2line.xml 0x1a54615c
    res/layout/abc_search_view.xml 0xbda0a6c6
    res/layout/abc_select_dialog_material.xml 0xb63a586f
    res/layout/activity_main.xml 0x32f4def6
    res/layout/activity_support.xml 0xc7538fdd
    res/layout/content_main.xml 0x6d243805
    res/layout/content_support.xml 0x92d53329
    res/layout/design_bottom_sheet_dialog.xml 0x8ab9d9cf
    res/layout/design_layout_snackbar.xml 0xe32f9dd
    res/layout/design_layout_snackbar_include.xml 0xdbd1497e
    res/layout/design_layout_tab_icon.xml 0x5385fa45
    res/layout/design_layout_tab_text.xml 0xb64e76d9
    res/layout/design_menu_item_action_area.xml 0x290eb1a5
    res/layout/design_navigation_item.xml 0x305ca738
    res/layout/design_navigation_item_header.xml 0xa3ae8c31
    res/layout/design_navigation_item_separator.xml 0x3ef5e21
    res/layout/design_navigation_item_subheader.xml 0x7e6399b3
    res/layout/design_navigation_menu.xml 0x1336b0cd
    res/layout/design_navigation_menu_item.xml 0xcfe49834
    res/layout/dialog_customize_notification.xml 0xa34f46a0
    res/layout/dialog_input.xml 0x3059f709
    res/layout/item_support.xml 0x14202667
    res/layout/notification_media_action.xml 0x1c879b06
    res/layout/notification_media_cancel_action.xml 0x352b248e
    res/layout/notification_template_big_media.xml 0x5ea70a96
    res/layout/notification_template_big_media_narrow.xml 0x747e4a0f
    res/layout/notification_template_lines.xml 0xe162e328
    res/layout/notification_template_media.xml 0xd55e37a3
    res/layout/notification_template_part_chronometer.xml 0x9432d964
    res/layout/notification_template_part_time.xml 0x20a8fb67
    res/layout/select_dialog_item_material.xml 0xe78ab474
    res/layout/select_dialog_multichoice_material.xml 0xda72feb5
    res/layout/select_dialog_singlechoice_material.xml 0x50099ff1
    res/layout/support_simple_spinner_dropdown_item.xml 0x64501c
    res/menu/menu_main.xml 0x6e79bb15
    res/mipmap-hdpi-v4/ic_launcher.png 0xa2837e35
    res/mipmap-mdpi-v4/ic_launcher.png 0x3ce32aa9
    res/mipmap-xhdpi-v4/ic_launcher.png 0xa9b28428
    res/mipmap-xxhdpi-v4/ic_launcher.png 0xc137cca8
    res/mipmap-xxxhdpi-v4/ic_launcher.png 0xd28c71b
    resources.arsc 0xdb47492f
    classes.dex 0x3d804e05
    META-INF/MANIFEST.MF 0x60c2fa4d
    META-INF/CERT.SF 0x1528fed5
    META-INF/CERT.RSA 0x6157ad4b
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号