VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :aisk.apk (File not down)
File Size :215702 byte
File Type :application/zip
MD5:37b9577acfd86e6e9f3e170e3819fbf7
SHA1:494c8ee7498495691a196938271c17dc896eb7c5
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2015-11-01 21:02:20 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 3.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
    avast 150725-1 4.7.4 2015-07-25 Found nothing 0
    avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2014-04-02 Found nothing 1
    bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
    clamav 19861 0.97.5 2014-12-31 Found nothing 0
    drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
    fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
    fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
    fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
    gdata 25.4154 25.4154 2015-10-31 Android.Trojan.FakeBank.BK 8
    ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
    jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 44
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
    kingsoft 2.1 2.1 2013-09-22 Found nothing 9
    mcafee 7638 5400.1158 2014-11-30 Found nothing 0
    nod32 0920 3.0.21 2014-12-23 Found nothing 0
    panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
    pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
    qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
    quickheal 14.00 14.00 2015-07-25 Found nothing 2
    rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
    sophos 5.08 3.55.0 2014-12-01 Found nothing 0
    symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 12
    vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.VIBRATE允许设备震动
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.CALL_PHONE拨打电话
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.WRITE_CALL_LOG写入通话记录
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.UPDATE_APP_OPS_STATS
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
  • 文件信息
    安全评分 :
    基本信息
    MD5:37b9577acfd86e6e9f3e170e3819fbf7
    包名:a.b256
    最低运行环境:Android 2.2.x
    版权:
    危险行为
    行为描述:发送短信
    详情信息:number:17070275287 data:message:6&13661158120IMEI357143040944263
    number:17070275287 data:message:客户端首次启动13661158120IMEI357143040944263
    number:17070275287 data:message:6& 型号:sdk 手机:Lenovo 系统版本:4.1.2 用户选择了激活
    动态列表行为
    行为描述:启动服务
    详情信息:{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{a.b256\/com.q.service.AutoBank}"}
    行为描述:读取URL数据
    详情信息:[]
    []
    行为描述:获取邮件Session
    详情信息:[u'{mail.smtp.quitwait=false, mail.host=smtp.vip.sina.com, mail.smtp.socketFactory.port=465, mail.smtp.port=465, mail.transport.protocol=smtp, mail.smtp.socketFactory.fallback=false, mail.smtp.auth=true, mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory}', u'com.q.a.d@41523020']
    [u'{mail.smtp.quitwait=false, mail.host=smtp.vip.sina.com, mail.smtp.socketFactory.port=465, mail.smtp.port=465, mail.transport.protocol=smtp, mail.smtp.socketFactory.fallback=false, mail.smtp.auth=true, mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory}', u'com.q.a.d@4155c9a0']
    行为描述:获取本机电话号码
    详情信息:13661158120
    13661158120
    13661158120
    行为描述:读取文件
    详情信息:path:/data/app/a.b256-1.apk length:9
    path:/data/app/a.b256-1.apk length:23
    path:/data/app/a.b256-1.apk length:69
    path:/data/app/a.b256-1.apk length:7
    行为描述:Android运行时错误
    详情信息:E/AndroidRuntime( 1541): FATAL EXCEPTION: main
    E/AndroidRuntime( 1541): java.lang.RuntimeException: Unable to instantiate service com.q.service.AutBankI: java.lang.ClassNotFoundException: com.q.service.AutBankI
    E/AndroidRuntime( 1541): at android.app.ActivityThread.handleCreateService(ActivityThread.java:2347)
    E/AndroidRuntime( 1541): at android.app.ActivityThread.access$1600(ActivityThread.java:130)
    E/AndroidRuntime( 1541): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1277)
    E/AndroidRuntime( 1541): at android.os.Handler.dispatchMessage(Handler.java:99)
    E/AndroidRuntime( 1541): at android.os.Looper.loop(Looper.java:137)
    E/AndroidRuntime( 1541): at android.app.ActivityThread.main(ActivityThread.java:4745)
    E/AndroidRuntime( 1541): at java.lang.reflect.Method.invokeNative(Native Method)
    E/AndroidRuntime( 1541): at java.lang.reflect.Method.invoke(Method.java:511)
    E/AndroidRuntime( 1541): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786)
    E/AndroidRuntime( 1541): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553)
    E/AndroidRuntime( 1541): at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:135)
    E/AndroidRuntime( 1541): at dalvik.system.NativeStart.main(Native Method)
    E/AndroidRuntime( 1541): Caused by: java.lang.ClassNotFoundException: com.q.service.AutBankI
    E/AndroidRuntime( 1541): at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:61)
    E/AndroidRuntime( 1541): at java.lang.ClassLoader.loadClass(ClassLoader.java:501)
    E/AndroidRuntime( 1541): at java.lang.ClassLoader.loadClass(ClassLoader.java:461)
    E/AndroidRuntime( 1541): at android.app.ActivityThread.handleCreateService(ActivityThread.java:2344)
    E/AndroidRuntime( 1541): ... 11 more
    行为描述:激活ActivityForResult
    详情信息:{"ACTION":"android.app.action.ADD_DEVICE_ADMIN","FLAG":0,"EXTRAS":{"android.app.extra.DEVICE_ADMIN":"ComponentInfo{a.b256\/com.a.MyAdminReceiver}"}}
    行为描述:登录邮箱
    详情信息:name:qq888168@vip.sina.com,password:qq168168
    name:qq888168@vip.sina.com,password:qq168168
    行为描述:初始化Intent
    详情信息:[u'com.q.MainActivi@4154fff0', u'class com.q.service.AutoBank']
    [u'android.os.Parcel@414ad148']
    [u'android.app.action.ADD_DEVICE_ADMIN']
    [u'android.os.Parcel@414ad148']
    [u'android.os.Parcel@414ad108']
    [u'android.os.Parcel@414ad108']
    [u'android.os.Parcel@414ad108']
    [u'android.os.Parcel@414ad148']
    [u'android.os.Parcel@414ad108']
    行为描述:传递附加信息
    详情信息:android.app.extra.DEVICE_ADMIN:ComponentInfo{a.b256/com.a.MyAdminReceiver}
    行为描述:调用哈希算法
    详情信息:SHA1
    行为描述:解析通用资源标识符
    详情信息:content://sms
    content://com.android.contacts
    content://sms
    行为描述:注册ContentObserver
    详情信息:URI=content://sms
    行为描述:初始化URL
    详情信息:[u'file', u'', u'-1', u'/data/app/a.b256-1.apk', u'null']
    [u'jar:file:/data/app/a.b256-1.apk!/mailcap']
    [u'file', u'', u'-1', u'/data/app/a.b256-1.apk', u'null']
    [u'jar:file:/data/app/a.b256-1.apk!/mailcap']
    行为描述:发送短信
    详情信息:number:17070275287 data:message:6&13661158120IMEI357143040944263
    number:17070275287 data:message:客户端首次启动13661158120IMEI357143040944263
    number:17070275287 data:message:6& 型号:sdk 手机:Lenovo 系统版本:4.1.2 用户选择了激活
    行为描述:写入文件
    详情信息:path:/data/data/a.b256/shared_prefs/mail.xml length:122
    path:/data/data/a.b256/shared_prefs/mail.xml length:153
    行为描述:发送邮件
    详情信息:[u'{"content":"13661158120IMEI357143040944263<br>mei gan ma!<br>\xe5\x8f\x91\xe9\x80\x81 \xe3\x80\x9013811731321\xe3\x80\x91==2015-08-11 11:48:47<br>============================================<br>13811731321<br>gan ma le\xef\xbc\x9f<br>\xe6\x8e\xa5\xe6\x94\xb6 \xe3\x80\x9013661158120IMEI357143040944263\xe3\x80\x91==2015-08-11 11:46:47<br>============================================<br>10086<br>haha<br>\xe6\x8e\xa5\xe6\x94\xb6 \xe3\x80\x9013661158120IMEI357143040944263\xe3\x80\x91==2015-08-11 11:44:53<br>============================================<br>13661158120IMEI357143040944263<br>QXTCMX<br>\xe5\x8f\x91\xe9\x80\x81 \xe3\x80\x9010086\xe3\x80\x91==2015-08-11 11:42:53<br>============================================<br>13661158120IMEI357143040944263<br>I\'ll call you later.<br>\xe5\x8f\x91\xe9\x80\x81 \xe3\x80\x90+8613800138001\xe3\x80\x91==2015-08-11 11:40:54<br>============================================<br>","to":"[qq888168@vip.sina.com]","from":"[qq888168@vip.sina.com]"}']
    [u'{"content":"\xe7\xa7\xbb\xe5\x8a\xa8:10086<br>\xe4\xbc\x9f\xe5\x93\xa5:1-381-173-1123<br>\xe5\xb4\x94\xe8\x80\x81\xe5\xb8\x88:1-381-173-1321<br>blank:+8613800138001<br>","to":"[qq888168@vip.sina.com]","from":"[qq888168@vip.sina.com]"}']
    行为描述:获取设备ID
    详情信息:357143040944263
    357143040944263
    357143040944263
    行为描述:读取手机短信
    详情信息:[u'content://sms', u'[_id, address, person, body, date, type]', u'null', u'null', u'date desc']
    行为描述:隐藏桌面快捷图标
    详情信息:[u'ComponentInfo{a.b256/com.q.MainActivi}', u'2', u'1']
    行为描述:设置组件属性
    详情信息:[u'ComponentInfo{a.b256/com.q.MainActivi}', u'2', u'1']
    行为描述:缓冲区读取一行数据
    详情信息:#
    # @(#)mailcap 1.8 05/04/20
    #
    # Default mailcap file for the JavaMail System.
    #
    # JavaMail content-handlers:
    #
    text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
    text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
    text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
    multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
    #
    # @(#)mailcap 1.8 05/04/20
    #
    # Default mailcap file for the JavaMail System.
    #
    # JavaMail content-handlers:
    #
    text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
    message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
    text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
    #
    # can't support image types because myjava.awt.Toolkit doesn't work on servers
    #
    #image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
    text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
    #image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
    null
    multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
    message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
    #
    # can't support image types because myjava.awt.Toolkit doesn't work on servers
    #
    #image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
    #image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
    null
    行为描述:查询App共享数据
    详情信息:[u'content://sms', u'[_id, address, person, body, date, type]', u'null', u'null', u'date desc']
    [u'content://com.android.contacts/contacts', u'null', u'null', u'null', u'null']
    [u'content://com.android.contacts/data/phones', u'null', u'contact_id = 1', u'null', u'null']
    [u'content://com.android.contacts/data/phones', u'null', u'contact_id = 2', u'null', u'null']
    [u'content://com.android.contacts/data/phones', u'null', u'contact_id = 3', u'null', u'null']
    [u'content://com.android.contacts/data/phones', u'null', u'contact_id = 4', u'null', u'null']
    行为描述:唤醒锁屏
    详情信息:[u'1', u'AutBankInter']
    Activities
    活动名类型
    com.q.MainActiviandroid.intent.action.MAIN
    com.q.MainActiviandroid.intent.category.LAUNCHER
    com.q.Middleandroid.intent.action.MAIN
    com.q.SplashActivityandroid.intent.action.MAIN
    com.q.ComposeSmsActivityandroid.intent.action.SEND
    com.q.ComposeSmsActivityandroid.intent.action.SENDTO
    com.q.ComposeSmsActivityandroid.intent.category.DEFAULT
    com.q.ComposeSmsActivityandroid.intent.category.BROWSABLE
    危险函数
    函数名称信息
    ContentResolver;->query读取联系人、短信等数据库
    SmsManager;->sendTextMessage发送普通短信
    TelephonyManager;->getLine1Number获取手机号
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    SmsManager;->sendMultipartTextMessage发送彩信
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    java/net/URL;->openConnection连接URL
    启动方式
    名称信息
    com.a.BootR开机启动服务
    com.a.BootR屏幕解锁启动服务
    com.a.BootR网络连接改变时启动服务
    com.a.BootR监控短信(收到短信)启动服务
    com.a.XRe监控短信(收到短信)启动服务
    权限列表
    许可名称信息
    android.permission.VIBRATE允许设备震动
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.READ_CONTACTS读取联系人信息
    android.permission.WRITE_CONTACTS写入联系人信息
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.CALL_PHONE拨打电话
    android.permission.READ_CALL_LOG读取通话记录
    android.permission.WRITE_CALL_LOG写入通话记录
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.UPDATE_APP_OPS_STATS
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
    服务列表
    名称
    com.q.service.AutBankI
    com.q.service.AutoBank
    com.q.service.UploadServic
    com.q.HeadlessSmsSendService
    文件列表
    文件名 校验码
    AndroidManifest.xml 0x9c3d531a
    classes.dex 0xc5352450
    dsn.mf 0x1e4e9355
    javamail.charset.map 0xad0dfcee
    javamail.default.address.map 0xf20496b
    javamail.default.providers 0x45ea1b21
    javamail.imap.provider 0x8934555a
    javamail.pop3.provider 0xa23c9bc
    javamail.smtp.address.map 0xf20496b
    javamail.smtp.provider 0x990c469d
    mailcap 0xd7759e43
    mailcap.default 0x6f616b6
    mimetypes.default 0x97dd5cdb
    resources.arsc 0xe53d7823
    com/sun/mail/dsn/mailcap 0x7605dc17
    org/apache/harmony/awt/internal/nls/messages.properties 0x5f88eb12
    res/drawable-hdpi/action_bar_background.xml 0xc6aa00c6
    res/drawable-hdpi/icon1.png 0x3dfcf2e9
    res/drawable-hdpi/un_icon.png 0x53d08ae
    res/layout/app_details.xml 0xbb6f1708
    res/layout/uninstall_confirm.xml 0x5e7ad9
    res/layout/uninstall_progress.xml 0xc73ebfee
    res/xml/good.xml 0xca34e736
    META-INF/MANIFEST.MF 0x71beb355
    META-INF/CERT.SF 0x8918dfa9
    META-INF/CERT.RSA 0xf1b7d3cd
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号