VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load



File information
File Name :UUAPP_FID.apk (File not down)
File Size :16503568 byte
File Type :application/zip
MD5:258026f181c565fb8a0b5723d54d668b
SHA1:c3b1f64fe0a2a7e4f707dd7249fbd0799714e92a
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2018-02-21 15:43:05 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 10
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 3
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14887 10.0.1405 2018-02-10 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 24329 0.97.5 2018-02-19 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2018-02-21 Found nothing 60
    fortinet 1.000, 55.281, 55.162, 55.191 5.4.247 2018-02-20 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.16094 25.16094 2018-02-20 Found nothing 21
    ikarus 4.00.06 V1.32.31.0 2018-02-20 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-12-22 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2018-02-20 Found nothing 60
    mcafee 8620 5400.1158 2017-08-12 Found nothing 60
    nod32 6930 3.0.21 2018-02-19 Found nothing 60
    panda 9.05.01 9.05.01 2018-02-20 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 5
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-11-18 Found nothing 3
    rising 3245 3245 2017-12-26 Found nothing 4
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 6
    thehacker 6.8.0.5 6.8.0.5 2018-02-19 Found nothing 4
    tws 17.47.17308 1.0.2.2108 2018-02-20 Found nothing 17
    vba 3.12.29.5 beta 3.12.29.5 beta 2018-02-20 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
    Copy to clipboard
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CAMERA访问照相机设备
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
  • 文件信息
    安全评分 :
    基本信息
    MD5:258026f181c565fb8a0b5723d54d668b
    包名:air.com.chat.uuchat
    最低运行环境:Android 4.0, 4.0.1, 4.0.2
    版权:
    进程行为
    行为描述:创建进程
    详情信息:[0x00000a08]ImagePath = C:\WINDOWS\system32\ntvdm.exe, CmdLine = "C:\WINDOWS\system32\ntvdm.exe" -f -i1 -ws -a C:\WINDOWS\system32\krnl386.exe
    行为描述:创建本地线程
    详情信息:TargetProcess: InstallWatchPro25.exe, InheritedFromPID = 2000, ProcessID = 2492, ThreadID = 2536, StartAddress = 5D1903E1, Parameter = 00186680
    TargetProcess: ntvdm.exe, InheritedFromPID = 2492, ProcessID = 2568, ThreadID = 2576, StartAddress = 0F0121A5, Parameter = 00000000
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\pftw1.pkg
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\os.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_ISDEL.EXE
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\SETUP.EXE
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\lang.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_INST32I.EX_
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_SETUP.DLL
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_sys1.cab
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\setup.ins
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\setup.bmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_user1.cab
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\DATA.TAG
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\SETUP.INI
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\data1.cab
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\40comupd.exe
    行为描述:删除文件
    详情信息:C:\WINDOWS\Temp\scs6.tmp
    C:\WINDOWS\Temp\scs7.tmp
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\40comupd.exe
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\Psapi.dll
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\pftw1.pkg ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\pftw1.pkg ---> Offset = 262144
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\pftw1.pkg ---> Offset = 524288
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\pftw1.pkg ---> Offset = 786432
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\pftw1.pkg ---> Offset = 1048576
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\os.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_ISDEL.EXE ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\SETUP.EXE ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\SETUP.EXE ---> Offset = 24159
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\SETUP.EXE ---> Offset = 56927
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\lang.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_INST32I.EX_ ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_INST32I.EX_ ---> Offset = 25234
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_INST32I.EX_ ---> Offset = 58002
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\_INST32I.EX_ ---> Offset = 90770
    行为描述:查找文件
    详情信息:FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\pftw1.pkg
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\os.dat
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\_ISDEL.EXE
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\SETUP.EXE
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\lang.dat
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\_INST32I.EX_
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\_SETUP.DLL
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\_sys1.cab
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\setup.ins
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\setup.bmp
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\_user1.cab
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\DATA.TAG
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\SETUP.INI
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pft1~tmp\data1.cab
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    MSCTF.Shared.MUTEX.IMJ
    行为描述:创建事件对象
    详情信息:EventName = Global\userenv: User Profile setup event
    EventName = MSCTF.SendReceive.Event.IMJ.IC
    EventName = MSCTF.SendReceiveConection.Event.IMJ.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\40comupd.exe(签名验证: 通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\Psapi.dll(签名验证: 未通过)
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\40comupd.exe ---> 1f3185add3579d0534510b02aaa9ca7e
    C:\Documents and Settings\Administrator\Local Settings\Temp\pft1~tmp\Psapi.dll ---> 070191a7ab7326d59be5fa8304ae1eb7
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Activities
    活动名类型
    .AppEntryandroid.intent.action.MAIN
    .AppEntryandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    getRuntime获取命令行环境
    HttpClient;->execute请求远程服务器
    DefaultHttpClient;->execute发送HTTP请求
    Camera;->open开启相机
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    android/app/NotificationManager;->notify信息通知栏
    LocationManager;->getLastKnownLocation获取地址位置
    ContentResolver;->query读取联系人、短信等数据库
    ContentResolver;->delete删除短信、联系人
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CAMERA访问照相机设备
    android.permission.RECORD_AUDIO录音(使用AudioRecord)
    Providers
    名字信息
    com.adobe.air.CameraUIProvider
    文件列表
    文件名 校验码
    assets/META-INF/AIR/application.xml 0xc0bdc211
    res/mipmap-ldpi-v4/icon.png 0x9b717951
    res/mipmap-mdpi-v4/icon.png 0xcc15994
    res/mipmap-hdpi-v4/icon.png 0x2dbdf603
    res/mipmap-xhdpi-v4/ouya_icon.png 0xbbe91283
    res/mipmap-xhdpi-v4/icon.png 0xedbff63b
    res/mipmap-xxhdpi-v4/icon.png 0x6448a700
    res/mipmap-xxxhdpi-v4/icon.png 0xbbe91283
    classes.dex 0x142565cc
    AndroidManifest.xml 0x1f07e05f
    res/drawable-hdpi-v4/home.png 0xb4e52e75
    res/drawable-xhdpi-v4/icon.png 0xf7b928c9
    res/drawable-xhdpi-v4/ouya_icon.png 0xbf0cde6e
    res/drawable-xxxhdpi-v4/icon.png 0xeb939ee
    res/drawable/air_72px_mobile_eula.png 0xd09c7e7d
    res/drawable/mp_warning_32x32_n.png 0xe39ac7e5
    res/layout/activity_static_page.xml 0xa4aa7de4
    res/layout/expandable_chooser_row.xml 0xad19b5ca
    res/layout/expandable_multiple_chooser_row.xml 0xc7741f5f
    res/layout/main.xml 0xa96aa2db
    res/layout/multiple_file_selection_panel.xml 0x7b43854c
    res/layout/ssl_certificate_warning.xml 0xa6ea56fc
    res/raw/adobelogo.gif 0xb9ea8478
    res/raw/icon.jpg 0x3b993e04
    res/raw/startga.html 0xbaa2edf3
    res/xml/provider_paths.xml 0xb0f81f00
    resources.arsc 0x2f450701
    res/raw/debuginfo 0x0
    assets/adobeair.vch 0x8b2a9df9
    lib/armeabi-v7a/libCore.so 0x4c1b0431
    lib/armeabi-v7a/libstagefright_froyo.so 0x22d600b9
    lib/armeabi-v7a/libstagefright_honeycomb.so 0xb3548a56
    lib/armeabi-v7a/libstlport_shared.so 0xa2697e19
    lib/armeabi-v7a/libysshared.so 0xa6070050
    assets/assets/Alert.png 0x745b4d8c
    assets/assets/alert2.png 0xdd5f2431
    assets/assets/app_icon/cover_1200_1920.png 0xaf362c08
    assets/assets/app_icon/cover_1242_2208.png 0xded88026
    assets/assets/app_icon/cover_1536_2048.png 0x35c71ccd
    assets/assets/app_icon/cover_1600_2560.png 0xdb3ab10d
    assets/assets/app_icon/cover_320_480.png 0xfff5b227
    assets/assets/app_icon/cover_480_800.png 0x8d3681f2
    assets/assets/app_icon/cover_540_960.png 0x6819458f
    assets/assets/app_icon/cover_640_1136.png 0x8c5f5129
    assets/assets/app_icon/cover_640_960.png 0xe50b1e7c
    assets/assets/app_icon/cover_720_1080.png 0xa290589a
    assets/assets/app_icon/cover_750_1334.png 0xc0a464f5
    assets/assets/app_icon/cover_768_1024.png 0xc3e13948
    assets/assets/app_icon/cover_800_1280.png 0x1c05eb35
    assets/assets/arrow_right.png 0x6bb66126
    assets/assets/bar/home.svg 0x268fe36f
    assets/assets/bar/sort_channel.png 0x541942ca
    assets/assets/bar/sort_channel2.png 0xd234f18
    assets/assets/bar/sort_fav.png 0x72234f0f
    assets/assets/bar/sort_fav2.png 0x286b1c0f
    assets/assets/bar/sort_money.png 0xe8266b5
    assets/assets/bar/sort_money2.png 0xcf189710
    assets/assets/bar/sort_name.png 0x6ff0f706
    assets/assets/bar/sort_name2.png 0x84a5f155
    assets/assets/bar/sort_new.png 0xfa088cbb
    assets/assets/bar/sort_new2.png 0xc597bbc1
    assets/assets/bar/test.fxg 0xf5222f0b
    assets/assets/bg.png 0x7e77d7f2
    assets/assets/btn_click.mp3 0xe59259b
    assets/assets/btn_click2.mp3 0x3d9c7153
    assets/assets/Button.png 0x8d160f80
    assets/assets/checkbox/ICON_CHECKBOX_NO.png 0x8a6ba3d4
    assets/assets/checkbox/ICON_CHECKBOX_OK.png 0x9b6f1245
    assets/assets/disconnect.png 0x3588c9fa
    assets/assets/employees.xml 0x240f4831
    assets/assets/gift/ICON_GIFT_CHOCOLATE.png 0x9c92b8ac
    assets/assets/gift/ICON_GIFT_DIAMOND.png 0xac63b03e
    assets/assets/gift/ICON_GIFT_FLOWER.png 0x473f7e4c
    assets/assets/gift/ICON_GIFT_NECKLACE.png 0xebb77063
    assets/assets/gift/ICON_GIFT_OK.png 0xc04f0b95
    assets/assets/gift/ICON_GIFT_PERFUME.png 0x700cd1e3
    assets/assets/gift/ICON_GIFT_WATCH.png 0x1afd5cee
    assets/assets/icon/ic_114x114.png 0x53473b8b
    assets/assets/icon/ic_128x128.png 0xdebadc0e
    assets/assets/icon/ic_32x32.png 0x1a180ec5
    assets/assets/icon/ic_36x36.png 0x5d18f8ba
    assets/assets/icon/ic_48x48.png 0x61c3a789
    assets/assets/icon/ic_57x57.png 0x8b1397b6
    assets/assets/icon/ic_72x72.png 0xfe513071
    assets/assets/icon_32x32.png 0xea5cde47
    assets/assets/icon_32x322.png 0xaebfb80f
    assets/assets/icon_34x34.png 0x76d7bf6a
    assets/assets/icon_36x36.png 0x18819ac5
    assets/assets/icon_40x40.png 0x7d943582
    assets/assets/ICON_MIC.png 0xd356a5b5
    assets/assets/ICON_PAY_MONEY.png 0xfdc36945
    assets/assets/keypressstandard.mp3 0x63606543
    assets/assets/loading.gif 0xf5a9f6ac
    assets/assets/mail.png 0x8ad68eb5
    assets/assets/menu/icon_account.png 0xd780c1c3
    assets/assets/menu/icon_buy.png 0xec066d74
    assets/assets/menu/icon_exit.png 0xb6f761a
    assets/assets/menu/icon_fav.png 0xa6840848
    assets/assets/menu/icon_freecam.png 0xd79948cf
    assets/assets/menu/icon_freemore.png 0x3d2fc6dc
    assets/assets/menu/icon_info.png 0x666f4271
    assets/assets/menu/icon_login.png 0xc9412111
    assets/assets/menu/icon_logout.png 0x996e2e71
    assets/assets/menu/ICON_MAN.png 0xef5a702c
    assets/assets/menu/icon_member.png 0x64626db6
    assets/assets/menu/icon_member2.png 0x64626db6
    assets/assets/menu/icon_recbuy.png 0xc0d570af
    assets/assets/menu/icon_recgift.png 0x38f9b9cd
    assets/assets/menu/icon_rechost.png 0x675eebe1
    assets/assets/menu/icon_reg.png 0x10e58107
    assets/assets/menu/icon_service.png 0x5057439e
    assets/assets/menu/icon_setting.png 0x6ede401a
    assets/assets/menu/icon_web.png 0xf72f51ed
    assets/assets/menu/ICON_WOMAN.png 0xe4990baa
    assets/assets/phone.png 0xcf749ca7
    assets/assets/room/room_buy.png 0x18444c62
    assets/assets/room/room_buy2.png 0x4101bf3c
    assets/assets/room/room_gift.png 0x16cb7bd9
    assets/assets/room/room_gift2.png 0x2408cd3
    assets/assets/room/room_list.png 0xb378b63b
    assets/assets/room/room_list2.png 0x1e22020
    assets/assets/room/room_more.png 0x4684171f
    assets/assets/room/room_more2.png 0xdf59ba59
    assets/assets/room/room_one.png 0xf1f82b3e
    assets/assets/room/room_one2.png 0xfad0a5a
    assets/assets/search.png 0x7d8cf5e0
    assets/assets/sms.png 0x3b6e2b71
    assets/assets/test.fxg 0xf5222f0b
    assets/assets/Ticon_32.png 0xe206e0cc
    assets/UUAPP_FID_79.swf 0x3706e1b3
    META-INF/MANIFEST.MF 0xe6af860
    META-INF/CERT.SF 0xefbe45e1
    META-INF/CERT.RSA 0x63827a2a
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号