VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :app-a001-release-unaligned.apk (File not down)
File Size :1169672 byte
File Type :application/jar
MD5:1a3d7300de7fb388156a2d23b5b42fc7
SHA1:1ef3673c9781a602eaac4ffec64f3201873572c1
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:0%Scanner(s) (0/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2016-05-17 20:13:42 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
    avast 150725-1 4.7.4 2015-07-25 Found nothing 60
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 8
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
    clamav 19861 0.97.5 2014-12-31 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
    gdata 25.6612 25.6612 2016-05-17 Found nothing 11
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 43
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2013-09-22 Found nothing 7
    mcafee 7638 5400.1158 2014-11-30 Found nothing 60
    nod32 0920 3.0.21 2014-12-23 Found nothing 60
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
    quickheal 14.00 14.00 2015-07-25 Found nothing 3
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 6
    sophos 5.08 3.55.0 2014-12-01 Found nothing 60
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 7
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 3
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 16
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
  • 文件信息
    安全评分 :
    基本信息
    MD5:1a3d7300de7fb388156a2d23b5b42fc7
    包名:com.eqwe.we32
    最低运行环境:Android 4.0, 4.0.1, 4.0.2
    版权:ewu
    关键行为
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    行为描述:查找文件方式探测虚拟机
    详情信息:FindFirstFileEx: FileName = C:\Documents and Settings\Administrator\Local Settings\Temp\VBoxGuestAdditions
    FindFirstFileEx: FileName = C:\Documents and Settings\Administrator\Local Settings\Temp\VMwareDnD
    进程行为
    行为描述:创建进程
    详情信息:ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" http://www.yixun.com/
    ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:788 CREDAT:79873
    行为描述:创建本地线程
    详情信息:TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 1412, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 648, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 580, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 540, StartAddress = 7C949B6F, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 528, StartAddress = 77E56C7D, Parameter = 00198128
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 1628, StartAddress = 5DE05ABD, Parameter = 00199E88
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 1952, StartAddress = 5DE05BC0, Parameter = 00195CA8
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 444, StartAddress = 0122F74F, Parameter = 00000218
    TargetProcess: iexplore.exe, InheritedFromPID = 788, ProcessID = 1676, ThreadID = 544, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 1640, StartAddress = 01214EEC, Parameter = 00000090
    TargetProcess: iexplore.exe, InheritedFromPID = 640, ProcessID = 788, ThreadID = 796, StartAddress = 6302B849, Parameter = 001B3318
    TargetProcess: iexplore.exe, InheritedFromPID = 788, ProcessID = 1676, ThreadID = 1208, StartAddress = 7C947EBB, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 788, ProcessID = 1676, ThreadID = 908, StartAddress = 7C930230, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 788, ProcessID = 1676, ThreadID = 1012, StartAddress = 7C949B6F, Parameter = 00000000
    TargetProcess: iexplore.exe, InheritedFromPID = 788, ProcessID = 1676, ThreadID = 792, StartAddress = 77E56C7D, Parameter = 00191C40
    行为描述:枚举进程
    详情信息:N/A
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{85C7E9C6-1C20-11E6-91BE-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB7D7.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\wpad[1].dat
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{85C7E9C7-1C20-11E6-91BE-7B****28}.dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFCA34.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\dnserrordiagoff[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\ErrorPageTemplate[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\noConnect[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\bullet[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\background_gradient[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\down[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\favcenter[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\tools[2]
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Temp\Kno4.tmp
    行为描述:覆盖已有文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\dnserrordiagoff[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\ErrorPageTemplate[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\noConnect[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\bullet[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\background_gradient[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\down[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\favcenter[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\tools[2]
    C:\Documents and Settings\Administrator\Local Settings\Temp\Kno4.tmp
    行为描述:查找文件
    详情信息:FileName = C:\Documents and Settings
    FileName = C:\Documents and Settings\Administrator
    FileName = C:\Documents and Settings\Administrator\桌面
    FileName = C:\*.*
    FileName = C:\222c25ed
    FileName = C:\AnalyzeControl
    FileName = C:\DiskD
    FileName = C:\DiskX
    FileName = C:\EasyWebSvr
    FileName = C:\monitor
    FileName = C:\Program Files
    FileName = C:\Python27
    FileName = C:\RECYCLER
    FileName = C:\StaticAnalyze
    FileName = C:\System Volume Information
    行为描述:删除文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB7D7.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\wpad[1].dat
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFCA34.tmp
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\dnserrordiagoff[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\ErrorPageTemplate[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\errorPageStrings[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\httpErrorPagesScripts[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\noConnect[3]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\bullet[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\background_gradient[2]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\down[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\favcenter[3]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\tools[1]
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\favicon[1].ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    行为描述:设置特殊文件夹属性
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
    C:\Documents and Settings\Administrator\Local Settings\History
    C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
    C:\Documents and Settings\Administrator\Cookies
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{85C7E9C6-1C20-11E6-91BE-7B****28}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{85C7E9C6-1C20-11E6-91BE-7B****28}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB7D7.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB7D7.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{85C7E9C6-1C20-11E6-91BE-7B****28}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{85C7E9C6-1C20-11E6-91BE-7B****28}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{85C7E9C7-1C20-11E6-91BE-7B****28}.dat ---> Offset = 512
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{85C7E9C7-1C20-11E6-91BE-7B****28}.dat ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFCA34.tmp ---> Offset = 16383
    C:\Documents and Settings\Administrator\Local Settings\Temp\~DFCA34.tmp ---> Offset = 12288
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{85C7E9C7-1C20-11E6-91BE-7B****28}.dat ---> Offset = 3072
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{85C7E9C7-1C20-11E6-91BE-7B****28}.dat ---> Offset = 1536
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\dnserrordiagoff[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\ErrorPageTemplate[1] ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1] ---> Offset = 0
    网络行为
    行为描述:联网打开网址
    详情信息:InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0004, Flags = 0x80000010
    行为描述:下载文件
    详情信息:URLDownloadToFileW: http://ww****om/favicon.ico ---> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    URLDownloadToFileW: https://go****om/fwlink/?LinkId=141260 ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Kno4.tmp
    行为描述:连接指定站点
    详情信息:InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x80000010
    InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
    InternetConnectA: ServerName = go****om, PORT = 443, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00800000
    行为描述:打开HTTP连接
    详情信息:InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0004
    InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000004b8
    URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x000004d8
    URL: go****om, IP: **.133.40.**:443, SOCKET = 0x00000688
    行为描述:读取网络文件
    详情信息:hFile = 0x00cc000c, BytesToRead =4010, BytesRead = 4010.
    行为描述:发送HTTP包
    详情信息:GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128 Cache-Control: no-cache
    GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
    行为描述:打开HTTP请求
    详情信息:HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x80000010
    HttpOpenRequestA: ww****om:80/favicon.ico, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00600010
    HttpOpenRequestA: go****om:443/fwlink/?linkid=141260, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00c00010
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: computer
    GetAddrInfoW: wpad
    GetAddrInfoW: ww****om
    GetAddrInfoW: go****om
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\@shell32.dll,-21765
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\@shell32.dll,-12693
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\@shell32.dll,-12691
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\@shell32.dll,-21786
    行为描述:删除注册表键
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\
    \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\
    行为描述:删除注册表键值
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
    \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
    \REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
    其他行为
    行为描述:创建互斥体
    详情信息:Kingsoft GameKnife
    CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.ELH
    Local\ZonesCounterMutex
    Local\ZoneAttributeCacheCounterMutex
    Local\ZonesCacheCounterMutex
    Local\ZonesLockedCacheCounterMutex
    Local\!BrowserEmulation!SharedMemory!Mutex
    RasPbFile
    ConnHashTable<788>_HashTable_Mutex
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000013
    EventName = CTF.ThreadMIConnectionEvent.000007B4.00000000.00000013
    EventName = MSCTF.SendReceive.Event.ELH.IC
    EventName = MSCTF.SendReceiveConection.Event.ELH.IC
    EventName = Isolation Signal Registry Event (85C7E9C3-1C20-11E6-91BE-7B****28, 0)
    EventName = IE_EarlyTabStart_0x368
    EventName = Isolation Signal Registry Event (85C7E9C4-1C20-11E6-91BE-7B****28, 0)
    EventName = Global\userenv: User Profile setup event
    EventName = Global\crypt32LogoffEvent
    EventName = MSCTF.SendReceive.Event.IH.IC
    EventName = MSCTF.SendReceiveConection.Event.IH.IC
    EventName = MSCTF.SendReceive.Event.MJH.IC
    EventName = MSCTF.SendReceiveConection.Event.MJH.IC
    EventName = Local\RSS Eventing Event Event 00000314
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
    NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
    NtUserFindWindowEx: [Class,Window] = [Static,]
    行为描述:枚举窗口
    详情信息:N/A
    行为描述:调整进程token权限
    详情信息:SE_LOAD_DRIVER_PRIVILEGE
    行为描述:窗口信息
    详情信息:Pid = 1128, Hwnd=0x202d6, Text = 游戏修改, ClassName = #32770.
    Pid = 1128, Hwnd=0x202d8, Text = 输入(&I):, ClassName = Static.
    Pid = 1128, Hwnd=0x202c4, Text = List1, ClassName = SysListView32.
    Pid = 1128, Hwnd=0x302b8, Text = Tab1, ClassName = SysTabControl32.
    Pid = 1128, Hwnd=0x402be, Text = 文件修改, ClassName = #32770.
    Pid = 1128, Hwnd=0x702c0, Text = 输入(&I):, ClassName = Static.
    Pid = 1128, Hwnd=0x302b6, Text = Tab1, ClassName = SysTabControl32.
    Pid = 1128, Hwnd=0x202d0, Text = List1, ClassName = SysListView32.
    Pid = 1128, Hwnd=0x102e0, Text = AddressList, ClassName = MFCGridCtrl.
    Pid = 1128, Hwnd=0x102ea, Text = 屏幕截图, ClassName = #32770.
    Pid = 1128, Hwnd=0x102ec, Text = Tree1, ClassName = SysTreeView32.
    Pid = 1128, Hwnd=0x102f0, Text = 截图模式(&M), ClassName = Static.
    Pid = 1128, Hwnd=0x102f2, Text = 全屏幕, ClassName = ComboBox.
    Pid = 1128, Hwnd=0x102fa, Text = List1, ClassName = SysListView32.
    Pid = 1128, Hwnd=0x10308, Text = 游戏百宝箱, ClassName = #32770.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\Kno4.tmp(签名验证: 未通过)
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [游戏修改,#32770]
    [Window,Class] = [文件修改,#32770]
    [Window,Class] = [,ComboLBox]
    [Window,Class] = [屏幕截图,#32770]
    [Window,Class] = [游戏百宝箱,#32770]
    [Window,Class] = [u,Button]
    [Window,Class] = [t,Button]
    [Window,Class] = [,BrowserFrameGripperClass]
    [Window,Class] = [缩放级别,ToolbarWindow32]
    [Window,Class] = [,msctls_progress32]
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> fe1d0ee5901dd167ee9b28eece31786c
    C:\Documents and Settings\Administrator\Local Settings\Temp\Kno4.tmp ---> fe1d0ee5901dd167ee9b28eece31786c
    行为描述:查找文件方式探测虚拟机
    详情信息:FindFirstFileEx: FileName = C:\Documents and Settings\Administrator\Local Settings\Temp\VBoxGuestAdditions
    FindFirstFileEx: FileName = C:\Documents and Settings\Administrator\Local Settings\Temp\VMwareDnD
    Activities
    活动名类型
    com.video1.zxc1.ui.activity.SplashActivityandroid.intent.action.MAIN
    com.video1.zxc1.ui.activity.SplashActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    java/net/URL;->openConnection连接URL
    LocationManager;->getLastKnownLocation获取地址位置
    ContentResolver;->query读取联系人、短信等数据库
    HttpClient;->execute请求远程服务器
    getRuntime获取命令行环境
    DefaultHttpClient;->execute发送HTTP请求
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    文件列表
    文件名 校验码
    AndroidManifest.xml 0x9a0790e0
    res/anim/abc_fade_in.xml 0x2f94166b
    res/anim/abc_fade_out.xml 0x396f7a13
    res/anim/abc_grow_fade_in_from_bottom.xml 0xb8fbd669
    res/anim/abc_popup_enter.xml 0xddee8fe8
    res/anim/abc_popup_exit.xml 0x36611959
    res/anim/abc_shrink_fade_out_from_bottom.xml 0x1dc9e60b
    res/anim/abc_slide_in_bottom.xml 0x73663fbe
    res/anim/abc_slide_in_top.xml 0x41f8f3af
    res/anim/abc_slide_out_bottom.xml 0x51b9c50a
    res/anim/abc_slide_out_top.xml 0x4f613364
    res/color-v11/abc_background_cache_hint_selector_material_dark.xml 0x63d4c797
    res/color-v11/abc_background_cache_hint_selector_material_light.xml 0x39cf77ca
    res/color-v23/abc_color_highlight_material.xml 0x46c6e598
    res/color/abc_background_cache_hint_selector_material_dark.xml 0xf1245e1f
    res/color/abc_background_cache_hint_selector_material_light.xml 0x7f66ef21
    res/color/abc_primary_text_disable_only_material_dark.xml 0x7bb0f397
    res/color/abc_primary_text_disable_only_material_light.xml 0xe8af8ced
    res/color/abc_primary_text_material_dark.xml 0xd9532359
    res/color/abc_primary_text_material_light.xml 0x4a4c5c23
    res/color/abc_search_url_text.xml 0x2dc43020
    res/color/abc_secondary_text_material_dark.xml 0x3358fb81
    res/color/abc_secondary_text_material_light.xml 0xa04784fb
    res/color/switch_thumb_material_dark.xml 0x6ea42a83
    res/color/switch_thumb_material_light.xml 0xfdbb55f9
    res/drawable-hdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x64228504
    res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd03742f2
    res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xd2d6badf
    res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xff76aca0
    res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x40073691
    res/drawable-hdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x8efc8de5
    res/drawable-hdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x8f25d6ab
    res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x11706987
    res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x1764993
    res/drawable-hdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x3df2f3
    res/drawable-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xcf221f74
    res/drawable-hdpi-v4/abc_ic_clear_mtrl_alpha.png 0x3f976daa
    res/drawable-hdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x4afe65be
    res/drawable-hdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x50e4f199
    res/drawable-hdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xc3e37254
    res/drawable-hdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x84e76f0
    res/drawable-hdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x6def6654
    res/drawable-hdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0x7b8d7a2b
    res/drawable-hdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x92a0a882
    res/drawable-hdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xe58316f4
    res/drawable-hdpi-v4/abc_ic_search_api_mtrl_alpha.png 0xfba9885f
    res/drawable-hdpi-v4/abc_ic_star_black_16dp.png 0x8b8a9485
    res/drawable-hdpi-v4/abc_ic_star_black_36dp.png 0xdd4584
    res/drawable-hdpi-v4/abc_ic_star_half_black_16dp.png 0xa97f155c
    res/drawable-hdpi-v4/abc_ic_star_half_black_36dp.png 0x7e9b424
    res/drawable-hdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x7c484f23
    res/drawable-hdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
    res/drawable-hdpi-v4/abc_list_focused_holo.9.png 0x8e4da209
    res/drawable-hdpi-v4/abc_list_longpressed_holo.9.png 0x81b12fde
    res/drawable-hdpi-v4/abc_list_pressed_holo_dark.9.png 0x62993bc8
    res/drawable-hdpi-v4/abc_list_pressed_holo_light.9.png 0x7c69f413
    res/drawable-hdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xe50f1648
    res/drawable-hdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x43f655e6
    res/drawable-hdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xbed682a
    res/drawable-hdpi-v4/abc_popup_background_mtrl_mult.9.png 0x84fecf87
    res/drawable-hdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6b6f6e10
    res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x7ebcc8c0
    res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xedd62a7e
    res/drawable-hdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x415336be
    res/drawable-hdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x65b9786e
    res/drawable-hdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x7ab89543
    res/drawable-hdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x18025bff
    res/drawable-hdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x6c11debe
    res/drawable-hdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x103aeb6a
    res/drawable-hdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0xaa35a06e
    res/drawable-hdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xafd79c5c
    res/drawable-hdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0xee0f1fea
    res/drawable-ldrtl-hdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x69137c0d
    res/drawable-ldrtl-hdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0xa0f62259
    res/drawable-ldrtl-hdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x68855ee1
    res/drawable-ldrtl-hdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0xa596c3d0
    res/drawable-ldrtl-mdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0xf9fb6fee
    res/drawable-ldrtl-mdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x8397446e
    res/drawable-ldrtl-mdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x60ba44b
    res/drawable-ldrtl-mdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0xb1c14ea7
    res/drawable-ldrtl-xhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x8e0918ec
    res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x9f9971be
    res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0xeeeff9f6
    res/drawable-ldrtl-xhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x64a842b9
    res/drawable-ldrtl-xxhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x49b8e510
    res/drawable-ldrtl-xxhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x1d5aea2b
    res/drawable-ldrtl-xxhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0xed023aa
    res/drawable-ldrtl-xxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x48f4c207
    res/drawable-ldrtl-xxxhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0xf5c17862
    res/drawable-ldrtl-xxxhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x9917cc6e
    res/drawable-ldrtl-xxxhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x175c7e0d
    res/drawable-ldrtl-xxxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x2ff6ecc
    res/drawable-mdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xa852580c
    res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd152fae1
    res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xa32a8346
    res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0x9394b434
    res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x1bcdcb4b
    res/drawable-mdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x16f933f2
    res/drawable-mdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xcd88666a
    res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xa7483509
    res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xd76b7b1e
    res/drawable-mdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xb6857dd0
    res/drawable-mdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xbef16ffd
    res/drawable-mdpi-v4/abc_ic_clear_mtrl_alpha.png 0x696fbaf9
    res/drawable-mdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xc890fc5c
    res/drawable-mdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0xef213bb9
    res/drawable-mdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xf441f369
    res/drawable-mdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x1d65dce6
    res/drawable-mdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x79c23ff8
    res/drawable-mdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xaa4c4259
    res/drawable-mdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0xae8da781
    res/drawable-mdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x9adee595
    res/drawable-mdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x99c01143
    res/drawable-mdpi-v4/abc_ic_star_black_16dp.png 0x1d21eeb3
    res/drawable-mdpi-v4/abc_ic_star_black_36dp.png 0x2a40c706
    res/drawable-mdpi-v4/abc_ic_star_half_black_16dp.png 0x166d14dd
    res/drawable-mdpi-v4/abc_ic_star_half_black_36dp.png 0x4a32950e
    res/drawable-mdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x3040db64
    res/drawable-mdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
    res/drawable-mdpi-v4/abc_list_focused_holo.9.png 0xb1ab9d03
    res/drawable-mdpi-v4/abc_list_longpressed_holo.9.png 0x78c37895
    res/drawable-mdpi-v4/abc_list_pressed_holo_dark.9.png 0x686b7a66
    res/drawable-mdpi-v4/abc_list_pressed_holo_light.9.png 0x32efca3
    res/drawable-mdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x551f7c98
    res/drawable-mdpi-v4/abc_list_selector_disabled_holo_light.9.png 0xd6426851
    res/drawable-mdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xe2078e4d
    res/drawable-mdpi-v4/abc_popup_background_mtrl_mult.9.png 0x3bdea6d1
    res/drawable-mdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xf4030717
    res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xefd6e141
    res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xb2b1b258
    res/drawable-mdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x3a0eb435
    res/drawable-mdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0xd393324b
    res/drawable-mdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x5ceac6c5
    res/drawable-mdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xd6b37a0c
    res/drawable-mdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xb58b040f
    res/drawable-mdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4f16ccfc
    res/drawable-mdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0xf8dbf6f6
    res/drawable-mdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xfb4249d4
    res/drawable-mdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x19a0052e
    res/drawable-v21/abc_action_bar_item_background_material.xml 0xb794af16
    res/drawable-v21/abc_btn_colored_material.xml 0xddce8b75
    res/drawable-v21/abc_edit_text_material.xml 0xab0346c1
    res/drawable-v21/abc_ratingbar_indicator_material.xml 0x5b57a222
    res/drawable-v21/abc_ratingbar_small_material.xml 0xbed7f6fc
    res/drawable-v23/abc_control_background_material.xml 0xb6e50493
    res/drawable-xhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xcf127e45
    res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xcfba78ba
    res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x726c24c9
    res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xe6c8339c
    res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x2c324db4
    res/drawable-xhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x5221e639
    res/drawable-xhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x4d98f972
    res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xcd563567
    res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x3e9a5317
    res/drawable-xhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xf70ddcc0
    res/drawable-xhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xd92f8b09
    res/drawable-xhdpi-v4/abc_ic_clear_mtrl_alpha.png 0xe3ade440
    res/drawable-xhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xa633729c
    res/drawable-xhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x93ca28c3
    res/drawable-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x77030319
    res/drawable-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xae52a132
    res/drawable-xhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x87505834
    res/drawable-xhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xe5098066
    res/drawable-xhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x9dd9218
    res/drawable-xhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xbc17f4b0
    res/drawable-xhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x5d3ec086
    res/drawable-xhdpi-v4/abc_ic_star_black_16dp.png 0x7da76864
    res/drawable-xhdpi-v4/abc_ic_star_black_36dp.png 0xa1fb74a1
    res/drawable-xhdpi-v4/abc_ic_star_half_black_16dp.png 0xf86c6c7a
    res/drawable-xhdpi-v4/abc_ic_star_half_black_36dp.png 0x6b73b52b
    res/drawable-xhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x86fc4299
    res/drawable-xhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
    res/drawable-xhdpi-v4/abc_list_focused_holo.9.png 0xbde23956
    res/drawable-xhdpi-v4/abc_list_longpressed_holo.9.png 0x84a788a6
    res/drawable-xhdpi-v4/abc_list_pressed_holo_dark.9.png 0x98f7c81a
    res/drawable-xhdpi-v4/abc_list_pressed_holo_light.9.png 0x5314692b
    res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x41748705
    res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1c2ff2be
    res/drawable-xhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0x63ee6937
    res/drawable-xhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x79067b02
    res/drawable-xhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6cd6529b
    res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x3d7b9fee
    res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xbeb523af
    res/drawable-xhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0xbf40ca92
    res/drawable-xhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x1a186496
    res/drawable-xhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xfbc5d182
    res/drawable-xhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x4ebe0617
    res/drawable-xhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x361544c6
    res/drawable-xhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4853c2d6
    res/drawable-xhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x7a6dbe65
    res/drawable-xhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xeaa0434b
    res/drawable-xhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x4cfa2def
    res/drawable-xxhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x7758fe71
    res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xa8af72f3
    res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x47977e9
    res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xcfc747f2
    res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0xdbaceef4
    res/drawable-xxhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0xb4580cf
    res/drawable-xxhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xbf3a37c9
    res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xe3ff53b2
    res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x7f666710
    res/drawable-xxhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x7cd87445
    res/drawable-xxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x99fcf98c
    res/drawable-xxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0xf7eea1df
    res/drawable-xxhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x75e2a0e0
    res/drawable-xxhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x978987bf
    res/drawable-xxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x49d49756
    res/drawable-xxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x185907e3
    res/drawable-xxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xadb065b2
    res/drawable-xxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xde8d92d0
    res/drawable-xxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x6a35729
    res/drawable-xxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x49556dc6
    res/drawable-xxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x79e1cda0
    res/drawable-xxhdpi-v4/abc_ic_star_black_16dp.png 0x15d856d
    res/drawable-xxhdpi-v4/abc_ic_star_black_36dp.png 0x3e52d827
    res/drawable-xxhdpi-v4/abc_ic_star_half_black_16dp.png 0xcd5c10f5
    res/drawable-xxhdpi-v4/abc_ic_star_half_black_36dp.png 0x65d095bf
    res/drawable-xxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0xfedf00ca
    res/drawable-xxhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x2d5a2100
    res/drawable-xxhdpi-v4/abc_list_focused_holo.9.png 0x19c09c27
    res/drawable-xxhdpi-v4/abc_list_longpressed_holo.9.png 0x236b6e98
    res/drawable-xxhdpi-v4/abc_list_pressed_holo_dark.9.png 0x823780d0
    res/drawable-xxhdpi-v4/abc_list_pressed_holo_light.9.png 0x813ae23c
    res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xdddaae2e
    res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1ff1856f
    res/drawable-xxhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xe97125d2
    res/drawable-xxhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x478db1d1
    res/drawable-xxhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xc57037f7
    res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x35329a
    res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0x9aaa658d
    res/drawable-xxhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x5902ed5c
    res/drawable-xxhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0xa028728e
    res/drawable-xxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xbba9274f
    res/drawable-xxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xf785991a
    res/drawable-xxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xd6692ce7
    res/drawable-xxhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x2fa093c4
    res/drawable-xxhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x4d07b4a9
    res/drawable-xxhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0x77c42d34
    res/drawable-xxhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x9e0d73d
    res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0x23bc6175
    res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x2ea066c3
    res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xed039207
    res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x590aeae3
    res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x4f6e087d
    res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xa817850a
    res/drawable-xxxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x23f1af9d
    res/drawable-xxxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0x84d065fb
    res/drawable-xxxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x39d6d931
    res/drawable-xxxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xc9f78467
    res/drawable-xxxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xb7cc364f
    res/drawable-xxxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xa9f4da32
    res/drawable-xxxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x8151ea77
    res/drawable-xxxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x2fc5a011
    res/drawable-xxxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0xf5710ade
    res/drawable-xxxhdpi-v4/abc_ic_star_black_16dp.png 0x8f0aa8f4
    res/drawable-xxxhdpi-v4/abc_ic_star_black_36dp.png 0xe3e4a114
    res/drawable-xxxhdpi-v4/abc_ic_star_half_black_16dp.png 0x83fb9cd5
    res/drawable-xxxhdpi-v4/abc_ic_star_half_black_36dp.png 0x957a7d58
    res/drawable-xxxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x1022e769
    res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xdbb5b067
    res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xd1165fc
    res/drawable-xxxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x3bd11453
    res/drawable-xxxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x1a7d6c07
    res/drawable-xxxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x74529d2e
    res/drawable/abc_btn_borderless_material.xml 0xf341af1c
    res/drawable/abc_btn_check_material.xml 0xe2f70d0a
    res/drawable/abc_btn_colored_material.xml 0x1522b03
    res/drawable/abc_btn_default_mtrl_shape.xml 0x1bfb1317
    res/drawable/abc_btn_radio_material.xml 0x2960f785
    res/drawable/abc_cab_background_internal_bg.xml 0x9c5b1555
    res/drawable/abc_cab_background_top_material.xml 0x789cac73
    res/drawable/abc_dialog_material_background_dark.xml 0x9ee635fb
    res/drawable/abc_dialog_material_background_light.xml 0xeb79f366
    res/drawable/abc_edit_text_material.xml 0x7cabfc07
    res/drawable/abc_item_background_holo_dark.xml 0xd1b21c63
    res/drawable/abc_item_background_holo_light.xml 0x5c0f0b25
    res/drawable/abc_list_selector_background_transition_holo_dark.xml 0xad127204
    res/drawable/abc_list_selector_background_transition_holo_light.xml 0xff8319d8
    res/drawable/abc_list_selector_holo_dark.xml 0xd3230273
    res/drawable/abc_list_selector_holo_light.xml 0x4ca62f47
    res/drawable/abc_ratingbar_full_material.xml 0xf00f836e
    res/drawable/abc_ratingbar_indicator_material.xml 0xdbcfdb9a
    res/drawable/abc_ratingbar_small_material.xml 0xecbbc468
    res/drawable/abc_seekbar_thumb_material.xml 0xf5569f09
    res/drawable/abc_seekbar_track_material.xml 0xd86c6936
    res/drawable/abc_spinner_textfield_background_material.xml 0x50f52bca
    res/drawable/abc_switch_thumb_material.xml 0x88e00ae
    res/drawable/abc_tab_indicator_material.xml 0x20683102
    res/drawable/abc_text_cursor_material.xml 0x9fd1fc63
    res/drawable/abc_textfield_search_material.xml 0x82e87b85
    res/drawable/dialog_pay_btn.xml 0x9d1caf02
    res/drawable/divider_trans.xml 0x558b97e5
    res/drawable/divider_white.xml 0xadfa8feb
    res/drawable/indicator_focused.xml 0xb49a623b
    res/drawable/indicator_normal.xml 0x3631878c
    res/drawable/item_bg.xml 0x6fd9296b
    res/drawable/pay_btn.xml 0x5601d5ff
    res/drawable/pay_type_selector.xml 0x9784402d
    res/drawable/set_bg.xml 0x136ec1f1
    res/layout-v17/abc_alert_dialog_button_bar_material.xml 0xc25c0179
    res/layout-v17/abc_alert_dialog_material.xml 0xcf112d85
    res/layout-v17/abc_dialog_title_material.xml 0x789a3747
    res/layout-v17/abc_search_view.xml 0x557b7792
    res/layout-v17/notification_template_big_media.xml 0xb55eec20
    res/layout-v17/notification_template_big_media_narrow.xml 0x21ac0b3f
    res/layout-v17/notification_template_lines.xml 0x26a117bc
    res/layout-v17/notification_template_media.xml 0x4e62d66b
    res/layout-v17/notification_template_part_chronometer.xml 0xb5cacd
    res/layout-v17/notification_template_part_time.xml 0xae9a22ad
    res/layout-v17/select_dialog_multichoice_material.xml 0xd190ed1b
    res/layout-v17/select_dialog_singlechoice_material.xml 0x66110678
    res/layout-v21/abc_screen_toolbar.xml 0x11dc28d9
    res/layout-v22/toolbar_base.xml 0xd8b26a9d
    res/layout/abc_action_bar_title_item.xml 0x92222eee
    res/layout/abc_action_bar_up_container.xml 0x8e13a1ec
    res/layout/abc_action_bar_view_list_nav_layout.xml 0x7b62cb91
    res/layout/abc_action_menu_item_layout.xml 0x6727d5be
    res/layout/abc_action_menu_layout.xml 0x1433d97a
    res/layout/abc_action_mode_bar.xml 0x5567cb3d
    res/layout/abc_action_mode_close_item_material.xml 0xb7d81dc2
    res/layout/abc_activity_chooser_view.xml 0x6fee23d8
    res/layout/abc_activity_chooser_view_list_item.xml 0xecd9004c
    res/layout/abc_alert_dialog_button_bar_material.xml 0x7c872b24
    res/layout/abc_alert_dialog_material.xml 0x2954b94c
    res/layout/abc_dialog_title_material.xml 0x7a69d614
    res/layout/abc_expanded_menu_layout.xml 0xc6fb778d
    res/layout/abc_list_menu_item_checkbox.xml 0xb4eb5eae
    res/layout/abc_list_menu_item_icon.xml 0x7c261708
    res/layout/abc_list_menu_item_layout.xml 0x2da1ce90
    res/layout/abc_list_menu_item_radio.xml 0xfa312ec2
    res/layout/abc_popup_menu_item_layout.xml 0x782c68e6
    res/layout/abc_screen_content_include.xml 0xe005f52e
    res/layout/abc_screen_simple.xml 0xd06e38f7
    res/layout/abc_screen_simple_overlay_action_mode.xml 0xce96341e
    res/layout/abc_screen_toolbar.xml 0x4d4bac1d
    res/layout/abc_search_dropdown_item_icons_2line.xml 0xf89012af
    res/layout/abc_search_view.xml 0xded262b9
    res/layout/abc_select_dialog_material.xml 0x4252ed03
    res/layout/activity_active.xml 0xf87b10b6
    res/layout/activity_list.xml 0xd9449bb7
    res/layout/activity_main.xml 0x819fc422
    res/layout/activity_pay.xml 0x96e6b4d2
    res/layout/activity_protocol.xml 0xa578d965
    res/layout/activity_splash.xml 0xed2abe8
    res/layout/activity_video.xml 0x9c416038
    res/layout/activity_video_play.xml 0x6fe459ce
    res/layout/dialog_pay.xml 0xee9c64f6
    res/layout/dialog_pay2.xml 0xa2536d7f
    res/layout/fragment_refreshandload.xml 0x34df0ebd
    res/layout/item_channel.xml 0x6c1cc07b
    res/layout/item_comment.xml 0xe3baea8b
    res/layout/item_live.xml 0x6c10055b
    res/layout/item_setting.xml 0xf10c9e8a
    res/layout/item_video.xml 0xfec13d2b
    res/layout/notification_media_action.xml 0x400c44fa
    res/layout/notification_media_cancel_action.xml 0xd5ebbfb2
    res/layout/notification_template_big_media.xml 0x48712a8b
    res/layout/notification_template_big_media_narrow.xml 0xf3c957e1
    res/layout/notification_template_lines.xml 0xb3366486
    res/layout/notification_template_media.xml 0xa6476a00
    res/layout/notification_template_part_chronometer.xml 0xb45aa7c4
    res/layout/notification_template_part_time.xml 0x77d861ce
    res/layout/select_dialog_item_material.xml 0xaa763be1
    res/layout/select_dialog_multichoice_material.xml 0xdacb80b7
    res/layout/select_dialog_singlechoice_material.xml 0x50b0e1f3
    res/layout/support_simple_spinner_dropdown_item.xml 0x65acb3f3
    res/layout/toolbar_base.xml 0x92be1dfb
    res/layout/video_header.xml 0x65ffd3d4
    res/mipmap-hdpi-v4/arrow_right.png 0x3a7d51f9
    res/mipmap-hdpi-v4/ic_avatar_default.png 0xd20f42f6
    res/mipmap-hdpi-v4/ic_op_comment.png 0xc3dc7a62
    res/mipmap-hdpi-v4/ic_op_like.png 0x99940977
    res/mipmap-hdpi-v4/ic_op_share.png 0xfb44baee
    res/mipmap-hdpi-v4/ic_play.png 0x852e2fbd
    res/mipmap-hdpi-v4/pay_3rd_select.png 0xb97dd60c
    res/mipmap-hdpi-v4/pay_3rd_select_p.png 0xda681c7d
    res/mipmap-hdpi-v4/pay_close.png 0x5daf0517
    res/mipmap-hdpi-v4/pay_logo.jpg 0x3429ff04
    res/mipmap-hdpi-v4/pay_type_qq.png 0x1f80155e
    res/mipmap-hdpi-v4/pay_type_wx.png 0x163dc581
    res/mipmap-hdpi-v4/splash.jpg 0x526b91f1
    res/mipmap-hdpi-v4/tab_channel_focus.png 0x79026269
    res/mipmap-hdpi-v4/tab_channel_normal.png 0xc2813b0e
    res/mipmap-hdpi-v4/tab_home_focus.png 0x9bae476b
    res/mipmap-hdpi-v4/tab_home_normal.png 0xea6a5764
    res/mipmap-hdpi-v4/tab_star_focus.png 0x5644a116
    res/mipmap-hdpi-v4/tab_star_normal.png 0x4bd44a37
    res/mipmap-hdpi-v4/tab_user_focus.png 0xf0ceab62
    res/mipmap-hdpi-v4/tab_user_normal.png 0x4b5692df
    res/mipmap-hdpi-v4/video_free.png 0x258f20ca
    res/mipmap-hdpi-v4/video_loading.png 0x83ae59d4
    res/mipmap-xxhdpi-v4/ic_launcher.png 0x5fbebaa5
    resources.arsc 0x65485fe5
    classes.dex 0x74f9d33c
    bin/AndroidManifest.xml 0xa577b8be
    META-INF/MANIFEST.MF 0xc351c2eb
    META-INF/CERT.SF 0xd4c4d39a
    META-INF/CERT.RSA 0x79230f6b
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号