VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :禁播x影院(smart)).apk (File not down)
File Size :2150455 byte
File Type :Zip archive data
MD5:21779fa1362bb103b941643db6d308d5
SHA1:05627aa48ff78b697b87bbf0a9a2878b825ddc5b
SHA256:1fb98a9f1d7bc17d7df435cbb031142d14a941bc23dc2f7b05e1bd13873725e8
SSDEEP:49152:hMpiq/4s3kgX2Oa6D9fQ4LH3IvhR1bIFgM25C3IapYu:hMpiq/F3DXHa6K4LShPIiYBYu
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:6%Scanner(s) (2/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-08-28 09:46:24 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Android.Adware.Dowgin.W 2
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 42
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.8059 25.8059 2016-08-27 Android.Adware.Dowgin.W 10
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 44
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 4
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 3
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 6
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 15
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.SEND_SMS发送短信
    android.permission.READ_SMS读取短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_LOGS读取系统日志
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.GET_PACKAGE_SIZE获取应用大小
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.ACCESS_MTK_MMHW
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.CAMERA访问照相机设备
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.VIBRATE允许设备震动
    android.permission.CALL_PHONE拨打电话
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.RECEIVE_WAP_PUSH接收wap push信息
    android.permission.BROADCAST_SMS收到短信时广播
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.INSTALL_PACKAGES安装应用
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.SYSTEM_OVERLAY_WINDOW
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
  • 文件信息
    安全评分 :
    基本信息
    MD5:21779fa1362bb103b941643db6d308d5
    包名:com.smart.cn
    最低运行环境:Android 4.0, 4.0.1, 4.0.2
    版权:
    关键行为
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000d035e, Text = FastStone Image Viewer 5.8 安装 , ClassName = #32770.
    行为描述:在桌面创建快捷方式
    详情信息:C:\Documents and Settings\All Users\桌面\FastStone Image Viewer.lnk
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: FSViewerSetup58.exe, InheritedFromPID = 1944, ProcessID = 1372, ThreadID = 2152, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: FSViewerSetup58.exe, InheritedFromPID = 1944, ProcessID = 1372, ThreadID = 2156, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: FSViewerSetup58.exe, InheritedFromPID = 1944, ProcessID = 1372, ThreadID = 2224, StartAddress = 00404FD6, Parameter = 000F02AA
    TargetProcess: FSViewerSetup58.exe, InheritedFromPID = 1944, ProcessID = 1372, ThreadID = 2532, StartAddress = 77DC845A, Parameter = 00000000
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nse4C.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\modern-wizard.bmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\InstallOptions.dll
    C:\Program Files\FastStone Image Viewer\LicenseAgreement.pdf
    C:\Program Files\FastStone Image Viewer\FSViewerHelp.chm
    C:\Program Files\FastStone Image Viewer\FSViewer.exe
    C:\Program Files\FastStone Image Viewer\FSIcons.db
    C:\Program Files\FastStone Image Viewer\FSMenuIcons0.db
    C:\Program Files\FastStone Image Viewer\FSMenuIcons1.db
    C:\Program Files\FastStone Image Viewer\FSMenuIcons2.db
    C:\Program Files\FastStone Image Viewer\FSMenuIcons3.db
    C:\Program Files\FastStone Image Viewer\FSMenuIcons4.db
    行为描述:在系统敏感位置(如开始菜单等)释放链接或快捷方式
    详情信息:C:\Documents and Settings\All Users\「开始」菜单\程序\FastStone Image Viewer\FastStone Image Viewer Help.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\FastStone Image Viewer\FastStone Image Viewer.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\FastStone Image Viewer\Visit www.FastStone.org.lnk
    C:\Documents and Settings\All Users\「开始」菜单\程序\FastStone Image Viewer\Uninstall FastStone Image Viewer.lnk
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\InstallOptions.dll
    C:\Program Files\FastStone Image Viewer\FSViewer.exe
    C:\Program Files\FastStone Image Viewer\FSIcons.db
    C:\Program Files\FastStone Image Viewer\fsplugin02.dll
    C:\Program Files\FastStone Image Viewer\fsplugin03.dll
    C:\Program Files\FastStone Image Viewer\fsplugin04.dll
    C:\Program Files\FastStone Image Viewer\fssl.db
    C:\Program Files\FastStone Image Viewer\EmailZipEXE.bin
    C:\Program Files\FastStone Image Viewer\uninst.exe
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\Local Settings
    FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
    FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump
    FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsz4E.tmp
    FileName = C:\Program Files\FastStone Image Viewer
    FileName = C:\Program Files
    FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序\FastStone Image Viewer\.
    FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序\FastStone Image Viewer
    FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序
    FileName = C:\Documents and Settings\Administrator\「开始」菜单
    FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序\FastStone Image Viewer\*.*
    FileName = C:\Documents and Settings\Administrator\桌面
    行为描述:在桌面创建快捷方式
    详情信息:C:\Documents and Settings\All Users\桌面\FastStone Image Viewer.lnk
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nse4C.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\InstallOptions.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\modern-wizard.bmp
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp ---> Offset = 32768
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp ---> Offset = 62184
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp ---> Offset = 94952
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsp4D.tmp ---> Offset = 102151
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 36
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\modern-wizard.bmp ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\modern-wizard.bmp ---> Offset = 16384
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 124
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 33
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 43
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 60
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 278
    C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\ioSpecial.ini ---> Offset = 331
    网络行为
    行为描述:打开指定IE网页
    详情信息:http://ww****rg/ThankYou.htm
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpg\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpg\DefaultIcon\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpg\shell\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpg\shell\open\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpg\shell\open\command\
    \REGISTRY\MACHINE\SOFTWARE\Classes\.jpg\OpenWithProgids\FastStone.jpg
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpe\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpe\DefaultIcon\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpe\shell\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpe\shell\open\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpe\shell\open\command\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpeg\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpeg\DefaultIcon\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpeg\shell\
    \REGISTRY\MACHINE\SOFTWARE\Classes\FastStone.jpeg\shell\open\
    行为描述:修改注册表_延迟重命名项
    详情信息:\REGISTRY\MACHINE\SYSTEM\ControlSet002\Control\Session Manager\PendingFileRenameOperations
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    MSCTF.Shared.MUTEX.EAI
    _SHuassist.mtx
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,Button]
    [Window,Class] = [www.FastStone.org,Static]
    [Window,Class] = [www.FastStone.org ,Static]
    [Window,Class] = [,Static]
    [Window,Class] = [,Auto-Suggest Dropdown]
    [Window,Class] = [显示细节(&D),Button]
    [Window,Class] = [安装完成,Static]
    [Window,Class] = [安装已成功完成。,Static]
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [FastStoneImageViewerMainForm,]
    NtUserFindWindowEx: [Class,Window] = [FastStoneImageViewerMainForm.UnicodeClass,]
    NtUserFindWindowEx: [Class,Window] = [FastStone2ImageViewerMainForm,]
    NtUserFindWindowEx: [Class,Window] = [FastStone2ImageViewerMainForm.UnicodeClass,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [#32770,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    _fCanRegisterWithShellService
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000040
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000040
    MSCTF.SendReceiveConection.Event.ELH.IC
    MSCTF.SendReceive.Event.ELH.IC
    CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
    CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
    Global\crypt32LogoffEvent
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x000d035e, Text = FastStone Image Viewer 5.8 安装 , ClassName = #32770.
    行为描述:窗口信息
    详情信息:Pid = 1372, Hwnd=0xb032a, Text = 下一步(&N) >, ClassName = Button.
    Pid = 1372, Hwnd=0x503b0, Text = 取消(&C), ClassName = Button.
    Pid = 1372, Hwnd=0x7037c, Text = www.FastStone.org , ClassName = Static.
    Pid = 1372, Hwnd=0x1702d8, Text = www.FastStone.org, ClassName = Static.
    Pid = 1372, Hwnd=0xe039e, Text = 欢迎使用“FastStone Image Viewer 5.8”安装向导, ClassName = Static.
    Pid = 1372, Hwnd=0xb0398, Text = 这个向导将指引你完成“FastStone Image Viewer 5.8”的安装进程。 在开始安装之前,建议先关闭其他所有应用程序。这将允许“安装程序”, ClassName = Static.
    Pid = 1372, Hwnd=0xd035e, Text = FastStone Image Viewer 5.8 安装, ClassName = #32770.
    Pid = 1372, Hwnd=0x1802fe, Text = < 上一步(&P), ClassName = Button.
    Pid = 1372, Hwnd=0xb032a, Text = 我接受(&I), ClassName = Button.
    Pid = 1372, Hwnd=0x1d02bc, Text = 许可证协议, ClassName = Static.
    Pid = 1372, Hwnd=0x603ac, Text = 在安装“FastStone Image Viewer 5.8”之前,请阅读授权协议。, ClassName = Static.
    Pid = 1372, Hwnd=0xc0398, Text = 按 [PgDn] 阅读“授权协议”的其余部分。, ClassName = Static.
    Pid = 1372, Hwnd=0xf039e, Text = License Agreement Please read the following terms and conditions carefully before using FastStone Image Viewer. Use of this so, ClassName = RichEdit20A.
    Pid = 1372, Hwnd=0x14033a, Text = 如果你接受协议中的条款,单击 [我接受(I)] 继续安装。如果你选定 [取消(C)] ,安装程序将会关闭。必须接受协议才能安装“FastStone Image , ClassName = Static.
    Pid = 1372, Hwnd=0xb032a, Text = 安装(&I), ClassName = Button.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\InstallOptions.dll(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\FSViewer.exe(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\FSIcons.db(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\fsplugin02.dll(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\fsplugin03.dll(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\fsplugin04.dll(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\fssl.db(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\EmailZipEXE.bin(签名验证: 未通过)
    C:\Program Files\FastStone Image Viewer\uninst.exe(签名验证: 未通过)
    行为描述:创建事件对象
    详情信息:EventName = MSCTF.SendReceive.Event.EAI.IC
    EventName = MSCTF.SendReceiveConection.Event.EAI.IC
    EventName = Global\userenv: User Profile setup event
    EventName = Global\crypt32LogoffEvent
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\nsz4E.tmp\InstallOptions.dll ---> 325b008aec81e5aaa57096f05d4212b5
    C:\Program Files\FastStone Image Viewer\FSViewer.exe ---> 文件过大!
    C:\Program Files\FastStone Image Viewer\FSIcons.db ---> 8a86d109d19c7910fa53cac0b7274f24
    C:\Program Files\FastStone Image Viewer\fsplugin02.dll ---> bbe81e4667beaef7e6204290e1798460
    C:\Program Files\FastStone Image Viewer\fsplugin03.dll ---> e0204c12fb26f062608e604534f7d7e4
    C:\Program Files\FastStone Image Viewer\fsplugin04.dll ---> 06ee164ef8e992bd2462e08fd3298d3b
    C:\Program Files\FastStone Image Viewer\fssl.db ---> 686690a06ba65a70aee368f30041fd46
    C:\Program Files\FastStone Image Viewer\EmailZipEXE.bin ---> 350d7f37a91f16d2ed63471edd4dd684
    C:\Program Files\FastStone Image Viewer\uninst.exe ---> 706b856faac646c0a6c9c0f277a7ae29
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Local\!IETld!Mutex
    行为描述:加载新释放的文件
    详情信息:Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsz4E.tmp\InstallOptions.dll.
    Activities
    活动名类型
    com.amsx.show.WelcomActivityandroid.intent.action.MAIN
    com.amsx.show.WelcomActivityandroid.intent.category.LAUNCHER
    com.amsx.show.MainActivitycom.gc.action.main_activity
    com.amsx.show.MainActivityandroid.intent.category.DEFAULT
    com.amsx.show.VideoDetailActivitycom.gc.action.video_detial_activity
    com.amsx.show.VideoDetailActivityandroid.intent.category.DEFAULT
    com.gc.google.controller.BootShortCutActivityandroid.intent.action.MAIN
    com.whnw.hioq.vqusvg.a.a.c.acom_whnw_hioq.activity
    com.whnw.hioq.vqusvg.a.a.c.aandroid.intent.category.DEFAULT
    危险函数
    函数名称信息
    HttpClient;->execute请求远程服务器
    java/net/URL;->openConnection连接URL
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    TelephonyManager;->getLine1Number获取手机号
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    DefaultHttpClient;->execute发送HTTP请求
    ContentResolver;->query读取联系人、短信等数据库
    ContentResolver;->delete删除短信、联系人
    SmsManager;->sendDataMessage发送二进制消息
    SmsManager;->sendTextMessage发送普通短信
    java/net/HttpURLConnection;->connect连接URL
    android/app/NotificationManager;->notify信息通知栏
    Camera;->open开启相机
    启动方式
    名称信息
    com.android.mtools.MyReceiver监控短信(收到短信)启动服务
    com.android.mtools.MyReceiver
    com.android.mtools.MyReceiver
    com.android.mtools.MyReceiver
    com.android.mtools.MyReceiver屏幕解锁启动服务
    com.mj.jar.pay.InSmsReceiver监控短信(收到短信)启动服务
    f.g.h.j.ma.MCast网络连接改变时启动服务
    f.g.h.j.ma.MCast
    f.g.h.j.ma.MCast
    f.g.h.j.ma.MCast监控短信(收到短信)启动服务
    f.g.h.j.ma.MCast
    o.n.o.n.EntReceiver网络连接改变时启动服务
    o.n.o.n.EntReceiver
    o.n.o.n.EntReceiver
    o.n.o.n.EntReceiver
    o.n.o.n.EntReceiver监控短信(收到短信)启动服务
    com.yuanlang.pay.receiver.BootBroadcastReceiver开机启动服务
    com.amsx.show.receiver.PackageInstallReceiver应用安装时启动服务
    com.amsx.show.receiver.DownloadCompleteReceiver
    com.gc.google.controller.BootBroadcastReceiver开机启动服务
    com.gc.google.controller.BootBroadcastReceiver网络连接改变时启动服务
    com.gc.google.controller.BootBroadcastReceiver屏幕解锁启动服务
    com.gc.google.controller.BootBroadcastReceiver
    com.gc.google.controller.BootServiec$Receiver应用安装时启动服务
    com.whnw.hioq.vqusvg.a.a.c.b开机启动服务
    com.whnw.hioq.vqusvg.a.a.c.b屏幕解锁启动服务
    com.whnw.hioq.vqusvg.a.a.c.b网络连接改变时启动服务
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.SEND_SMS发送短信
    android.permission.READ_SMS读取短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.READ_LOGS读取系统日志
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.RESTART_PACKAGES重启其他程序
    android.permission.GET_PACKAGE_SIZE获取应用大小
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.ACCESS_MTK_MMHW
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.CAMERA访问照相机设备
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.VIBRATE允许设备震动
    android.permission.CALL_PHONE拨打电话
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.RECEIVE_WAP_PUSH接收wap push信息
    android.permission.BROADCAST_SMS收到短信时广播
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    com.android.launcher.permission.READ_SETTINGS读取快捷方式信息
    android.permission.INSTALL_PACKAGES安装应用
    com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
    android.permission.SYSTEM_OVERLAY_WINDOW
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    com.android.launcher.permission.UNINSTALL_SHORTCUT删除快捷方式
    服务列表
    名称
    com.mandroid.service.DaemonService
    com.android.mtools.MPService
    com.mj.jar.pay.SmsServices
    f.g.h.j.ma.MService
    d.e.f.t.hr.IvService
    c.a.d.s.HService
    com.yuanlang.pay.TheService
    com.yuanlang.pay.JobScheduleService
    com.amsx.show.downloader.DownloadService
    com.gc.google.controller.BootServiec
    com.whnw.hioq.vqusvg.a.a.c.c
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x7b67121b
    META-INF/HZMY.SF 0x19223622
    META-INF/HZMY.RSA 0x816f5cf
    AndroidManifest.xml 0x9e5f9498
    assets/SDKversion1.0.0 0x28339595
    assets/abc/a.data 0x7eb6c9a3
    assets/config.info 0x13222d3e
    assets/daemon 0xb28bcfab
    assets/entrance 0x93ee8ab1
    assets/epay_pic/addSize 0x55d95eb1
    assets/epay_pic/background.png 0x98f80f52
    assets/epay_pic/button_normal.png 0x584feaeb
    assets/epay_pic/button_on.png 0x5695231c
    assets/epay_pic/close_normal.png 0x9c02c211
    assets/epay_pic/close_pressed.png 0xfb517d18
    assets/epay_pic/encrypt_key_selected_2.png 0x8afb198
    assets/epay_pic/loading-in-01.png 0x28db504b
    assets/epay_pic/loading-in-02.png 0x9560e26b
    assets/epay_pic/loading-in-circle_01.png 0x3547cd19
    assets/epay_pic/loading-in-circle_02.png 0xcd48c3a
    assets/epay_pic/loading-out-circle_01.png 0x3c9b16e7
    assets/epay_pic/loading-out-circle_02.png 0x868712f7
    assets/epay_pic/loading_bg.png 0xd859f72c
    assets/epay_pic/loading_egtag.png 0x8afb198
    assets/epay_pic/no.png 0xc61098ba
    assets/epay_pic/top_title.9.png 0xae014448
    assets/epay_pic/xx03.png 0x7f84fa1e
    assets/gd-3.0.23-20160706_lang.so 0xcc00c6ac
    assets/libyunsvc 0xb916aa37
    assets/llappcode.dat 0x4b3907c9
    assets/mapa 0x73948d86
    assets/protocol2.html 0x6a96e97c
    assets/uwuvug.ttf 0x709b76ba
    classes.dex 0x473dce6c
    lib/armeabi/libbsjni.so 0x2624a982
    lib/armeabi/libdizhi.so 0x4ec1437f
    lib/armeabi/libgcgg.so 0xb1b3d4b5
    lib/armeabi/libpl_droidsonroids_gif.so 0x9f60f924
    lib/armeabi/libpl_droidsonroids_gif_surface.so 0x17ad8c1f
    res/anim/anim_img_scale.xml 0xf679ba37
    res/anim/hold.xml 0x9171d02f
    res/anim/shake_rotate.xml 0x8f84ef2b
    res/anim/slide_in_from_bottom.xml 0x92b741d1
    res/anim/slide_in_from_top.xml 0x94a25f40
    res/anim/slide_left_in.xml 0xb1acba37
    res/anim/slide_left_out.xml 0x17fdf319
    res/anim/slide_out_to_bottom.xml 0x8c2f1dec
    res/anim/slide_out_to_top.xml 0x1494e4ba
    res/anim/slide_right_in.xml 0xfa195a10
    res/anim/slide_right_out.xml 0x144fc19e
    res/drawable-hdpi-v4/default_ptr_flip.png 0x8a5a300d
    res/drawable-hdpi-v4/default_ptr_rotate.png 0x81470e73
    res/drawable-hdpi-v4/ic_star_selected.png 0x535b3559
    res/drawable-hdpi-v4/ic_star_unselected.png 0x71b62208
    res/drawable-hdpi-v4/ic_vidcontrol_fullscreen_off.png 0xacd7e3f
    res/drawable-hdpi-v4/ic_vidcontrol_fullscreen_on.png 0x370bc259
    res/drawable-hdpi-v4/icon_pay_dialog_count_down.png 0x1043ffa9
    res/drawable-hdpi-v4/indicator_arrow.png 0x29dbfc2f
    res/drawable-hdpi-v4/laod.9.png 0x2bc21385
    res/drawable-hdpi-v4/mp_48x48.png 0x9720b63d
    res/drawable-hdpi-v4/mp_alipay.png 0xcf44e434
    res/drawable-hdpi-v4/mp_cancel.png 0xc2a6b725
    res/drawable-hdpi-v4/mp_cor_48x48.png 0x93f56092
    res/drawable-hdpi-v4/mp_icon.png 0x93f56092
    res/drawable-hdpi-v4/mp_line.png 0x1f5336f4
    res/drawable-hdpi-v4/mp_upay.png 0xd8e46df9
    res/drawable-hdpi-v4/mp_wx.png 0xad5dd04c
    res/drawable-hdpi-v4/mp_yl.png 0x798baefd
    res/drawable-hdpi-v4/pause.png 0xf21d3d52
    res/drawable-hdpi-v4/pic_one.webp 0x350fd260
    res/drawable-hdpi-v4/retry.png 0x80f4dc10
    res/drawable-hdpi-v4/seekbar_thumb_normal.png 0x7db0c28b
    res/drawable-hdpi-v4/seekbar_thumb_pressed.png 0x379ccd43
    res/drawable-hdpi-v4/select.png 0x93f56092
    res/drawable-hdpi-v4/select_no.png 0x93f56092
    res/drawable-hdpi-v4/sort.png 0x93f56092
    res/drawable-hdpi-v4/start.png 0x586ea1a8
    res/drawable-mdpi-v4/default_ptr_flip.png 0x51ef5a08
    res/drawable-mdpi-v4/default_ptr_rotate.png 0x1d0640bc
    res/drawable-mdpi-v4/indicator_arrow.png 0xa198ea8c
    res/drawable-xhdpi-v4/activity_default_bg.webp 0x9a984fca
    res/drawable-xhdpi-v4/back.png 0x5658d3c7
    res/drawable-xhdpi-v4/bottom_bar_bg.jpg 0x90f204bf
    res/drawable-xhdpi-v4/btn_enter_jin.png 0xd8c1679e
    res/drawable-xhdpi-v4/btn_pay_ok.png 0x9e8db7c1
    res/drawable-xhdpi-v4/btn_pay_super.png 0x9974cc6e
    res/drawable-xhdpi-v4/btn_pay_year.png 0x30cdee73
    res/drawable-xhdpi-v4/choose_n.png 0x70fc84ab
    res/drawable-xhdpi-v4/choose_s.png 0x4db2ab10
    res/drawable-xhdpi-v4/default_ptr_flip.png 0xa8c6c91d
    res/drawable-xhdpi-v4/default_ptr_rotate.png 0x4cc5b271
    res/drawable-xhdpi-v4/grzh.png 0xa5f6132e
    res/drawable-xhdpi-v4/icon.png 0x55ec9109
    res/drawable-xhdpi-v4/icon_2016.png 0x4d6ca321
    res/drawable-xhdpi-v4/icon_dlg_close.png 0x9f26e08e
    res/drawable-xhdpi-v4/icon_film.png 0x103888f4
    res/drawable-xhdpi-v4/icon_forbidden.png 0xe74fb101
    res/drawable-xhdpi-v4/icon_free.png 0x99f84291
    res/drawable-xhdpi-v4/icon_new.png 0x913043f3
    res/drawable-xhdpi-v4/icon_qq.png 0xb1d37975
    res/drawable-xhdpi-v4/icon_super.png 0x3284394b
    res/drawable-xhdpi-v4/icon_video.png 0x91c0ca65
    res/drawable-xhdpi-v4/icon_video_pic.png 0x8c862ebe
    res/drawable-xhdpi-v4/icon_year.png 0xa8598219
    res/drawable-xhdpi-v4/img_enter_jin.webp 0x73bdd2df
    res/drawable-xhdpi-v4/img_open_shake.webp 0x58245aa8
    res/drawable-xhdpi-v4/indicator_arrow.png 0x556de5c1
    res/drawable-xhdpi-v4/jin_n.png 0xd7b64b69
    res/drawable-xhdpi-v4/jin_s.png 0x2cee6fc6
    res/drawable-xhdpi-v4/jinp_n.png 0xb94ef40
    res/drawable-xhdpi-v4/jinp_s.png 0x501fb4b4
    res/drawable-xhdpi-v4/jp_item_bg.webp 0x1c54a861
    res/drawable-xhdpi-v4/lock.png 0x798eb04a
    res/drawable-xhdpi-v4/next.png 0x720ca974
    res/drawable-xhdpi-v4/pic.jpg 0xa379b96d
    res/drawable-xhdpi-v4/pic_for.webp 0x0
    res/drawable-xhdpi-v4/pic_pay_shake.webp 0x5d6ae22e
    res/drawable-xhdpi-v4/pic_thr.webp 0xa25dc93c
    res/drawable-xhdpi-v4/pic_two.webp 0x19ff256a
    res/drawable-xhdpi-v4/pindao_n.png 0xa1ea1328
    res/drawable-xhdpi-v4/pindao_s.png 0x262d924d
    res/drawable-xhdpi-v4/qchc.png 0xe12ebb9a
    res/drawable-xhdpi-v4/search.png 0x6fb50cb7
    res/drawable-xhdpi-v4/shake.png 0x8db60d59
    res/drawable-xhdpi-v4/shake2.png 0x78bc5d9d
    res/drawable-xhdpi-v4/shouc.png 0x53f6aef3
    res/drawable-xhdpi-v4/shut_down.png 0x9f28d520
    res/drawable-xhdpi-v4/souye_n.png 0xe175a72a
    res/drawable-xhdpi-v4/souye_s.png 0x2437b8fb
    res/drawable-xhdpi-v4/svip.png 0x54794416
    res/drawable-xhdpi-v4/tab_boutique_no.png 0x93f56092
    res/drawable-xhdpi-v4/tab_sort_no.png 0x93f56092
    res/drawable-xhdpi-v4/title_bar_bg.webp 0x21d32ca
    res/drawable-xhdpi-v4/video_tag_bg.png 0xcf01f036
    res/drawable-xhdpi-v4/weixin_n.png 0x81f1a549
    res/drawable-xhdpi-v4/wo_n.png 0xd7b18966
    res/drawable-xhdpi-v4/wo_s.png 0xd2f9c849
    res/drawable-xhdpi-v4/yhxy.png 0x8c863ceb
    res/drawable-xhdpi-v4/yjfk.png 0x9e87f6eb
    res/drawable-xhdpi-v4/zhibo_n.png 0x350ecf5a
    res/drawable-xhdpi-v4/zhifubao_n.png 0xf842277b
    res/drawable-xxhdpi/gc_close.png 0x8a81b95d
    res/drawable-xxhdpi/gc_logo.png 0x16997527
    res/drawable/btn_exit_bg.xml 0x79770df3
    res/drawable/btn_open_shake.xml 0x546fdcf5
    res/drawable/btn_upgrade_2_bg.xml 0x79770df3
    res/drawable/dialog_btn_bg.xml 0x79770df3
    res/drawable/exit_left_btn_bg.xml 0x77fcfed2
    res/drawable/exit_right_btn_bg.xml 0xf45fcedf
    res/drawable/indicator_bg_bottom.xml 0xa97e4cfc
    res/drawable/indicator_bg_top.xml 0x5eca2c23
    res/drawable/launch_pic.webp 0x6892b76f
    res/drawable/launch_pic_drawable.xml 0x79770df3
    res/drawable/main_background_scale.xml 0xa8a8bcbc
    res/drawable/mp_radio.xml 0xf44bfc95
    res/drawable/mp_shape2.xml 0x20f96dc6
    res/drawable/po_seekbar.xml 0xa183374b
    res/drawable/ratingbar.xml 0xf25e42d2
    res/drawable/search_corners.xml 0x72454f38
    res/drawable/seekbar_thumb.xml 0x15a84704
    res/drawable/tab_circle.xml 0xd373a0a6
    res/drawable/text_corners_1.xml 0x34a6412a
    res/drawable/text_corners_2.xml 0x8294b6c5
    res/drawable/text_corners_3.xml 0x30e99a68
    res/drawable/text_corners_4.xml 0x5efc702
    res/drawable/text_corners_5.xml 0x9f5e9708
    res/drawable/text_corners_6.xml 0xb72a29d8
    res/drawable/white_circle.xml 0x1119e091
    res/layout/activity_main.xml 0x57abf6b2
    res/layout/activity_my.xml 0xc35d749d
    res/layout/activity_search.xml 0x2e806306
    res/layout/activity_video_detail.xml 0xaf1141ff
    res/layout/activity_video_list.xml 0xb053c76f
    res/layout/activity_welcom.xml 0xbcd81b3c
    res/layout/activity_yao1yao.xml 0xfdf3f169
    res/layout/app_exit_dialog_layout.xml 0x86fad011
    res/layout/dialog_exit_sms.xml 0x447be6a6
    res/layout/dialogtip_layout.xml 0x2553802d
    res/layout/fragment_bg_yao.xml 0xe2b85ff1
    res/layout/fragment_feedback.xml 0x3bbb150a
    res/layout/fragment_imprison.xml 0x64c5561e
    res/layout/fragment_jing_pin.xml 0xfc642ee5
    res/layout/fragment_my.xml 0x41fb86a7
    res/layout/fragment_protocol.xml 0x9ae35ae0
    res/layout/fragment_recommend.xml 0xb5978f1d
    res/layout/fragment_sort2.xml 0xc34ab709
    res/layout/fragment_useraccount.xml 0x48d8a05a
    res/layout/gc_custom_view.xml 0x1d8c0cb7
    res/layout/gridview.xml 0x481cd294
    res/layout/gridview_item.xml 0xabc1e6b0
    res/layout/gridview_jingpin.xml 0x447be6a6
    res/layout/gridview_jingpin_item.xml 0xd350efdd
    res/layout/image.xml 0x38253dcc
    res/layout/image_imprison.xml 0x9f640a39
    res/layout/item_sortfragment.xml 0x787a0bd1
    res/layout/listview_item.xml 0x1c6d13cc
    res/layout/listview_new.xml 0x161942ab
    res/layout/main_item_view_layout.xml 0xc73fea16
    res/layout/mp_dialog.xml 0xea6c9c28
    res/layout/mp_uplayout.xml 0x447be6a6
    res/layout/pay_enter_jin_dialog_layout.xml 0x4a212086
    res/layout/pay_shake_dialog_layout.xml 0xd4502f90
    res/layout/pull_to_refresh_header_horizontal.xml 0x628278b9
    res/layout/pull_to_refresh_header_vertical.xml 0x51d257a2
    res/layout/video_grid_item_layout.xml 0xfc9f2b9f
    res/mipmap-xhdpi-v4/ic_launcher.png 0x55ec9109
    res/raw/shakeshake.mp3 0xdf92c28b
    resources.arsc 0xe8c6b05b
    com/tencent/mm/sdk/platformtools/rep5402863540997075488.tmp 0x0
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号