1, Podés SUBIR cualquier archivo de hasta 20MB.
2, VirSCAN soporta descompresión Rar/Zip de hasta 20 archivos.
3, VirSCAN puede escanear archivos comprimidos con la contraseña 'infected' o 'virus'.
4, Si su navegador no puede cargar el archivo, por favor descargue el archivo virscan.
Nombre Archivo :qqq.apk (File not down)
 |
| Tamaño Archivo :33703 byte |
| Tipo Archivo : Zip archive data |
| MD5:77b0105632e309b48e66f7cdb4678e02 |
| SHA1:4de0d8997949265a4b5647bb9f9d42926bd88191 |
| SHA256:1944d8ee5bdda3a1bd06555fdb10d3267ab0cc4511d1e40611baf3ce1b81e5e8 |
| SSDEEP:768:FNUTaaDYLxDDK4PK1Fs0m3NrfYz2CflomSn6vnNY3icisEda:8evxQmdYv9onGnS3pEc |
| Resultados:34%Software antivirus(11/32)encontró infección |
| Informe de análisis de comportamiento: Análisis de archivos Habo |
| Tiempo: 2016-04-06 17:46:07 (CST) |
| Escaner | Versión Motor | Versión Firma | Fecha Firma | Resultados | Tiempo |
|---|---|---|---|---|---|
| antiy | AVL SDK 3.0 | 1970-01-01 | No se ha encontrado nada | 5 | |
| asquared | 9.0.0.4324 | 9.0.0.4324 | 2014-07-03 | Android.Trojan.Adrd.A | 1 |
| avast | 150725-1 | 4.7.4 | 2015-07-25 | No se ha encontrado nada | 23 |
| avg | 2109/8133 | 10.0.1405 | 2014-11-26 | No se ha encontrado nada | 7 |
| baidu | 2.0.1.0 | 4.1.3.52192 | 2.0.1.0 | No se ha encontrado nada | 16 |
| baidusd | 1.0 | 1.0 | 2014-04-02 | No se ha encontrado nada | 1 |
| bitdefender | 7.58469 | 7.90123 | 2014-12-25 | No se ha encontrado nada | 1 |
| clamav | 19861 | 0.97.5 | 2014-12-31 | No se ha encontrado nada | 1 |
| drweb | 5.0.2.3300 | 5.0.1.1 | 2014-12-31 | No se ha encontrado nada | 46 |
| fortinet | 23.345, 23.345 | 5.1.158 | 2014-12-08 | No se ha encontrado nada | 1 |
| fprot | 4.6.2.117 | 6.5.1.5418 | 2014-12-31 | No se ha encontrado nada | 3 |
| fsecure | 2014-04-02-01 | 9.13 | 2014-04-02 | Trojan:Android/Adrd.A | 10 |
| gdata | 25.6066 | 25.6066 | 2016-04-06 | Android.Trojan.Adrd.A | 9 |
| ikarus | 1.06.01 | V1.32.31.0 | 2014-12-08 | No se ha encontrado nada | 10 |
| jiangmin | 16.0.100 | 1.0.0.0 | 2015-07-25 | TrojanSpy.AndroidOS.fj | 44 |
| kaspersky | 5.5.33 | 5.5.33 | 2014-04-01 | Trojan-Spy.AndroidOS.Adrd.ao | 39 |
| kingsoft | 2.1 | 2.1 | 2013-09-22 | Troj.Adrd.a.(kcloud) | 6 |
| mcafee | 7638 | 5400.1158 | 2014-11-30 | No se ha encontrado nada | 35 |
| nod32 | 0920 | 3.0.21 | 2014-12-23 | No se ha encontrado nada | 1 |
| panda | 9.05.01 | 9.05.01 | 2015-07-26 | No se ha encontrado nada | 4 |
| pcc | 11.380.07 | 9.500-1005 | 2014-12-31 | AndroidOS_ADRD.X | 2 |
| qh360 | 1.0.1 | 1.0.1 | 1.0.1 | Win32/Trojan.376 | 2 |
| qqphone | 1.0.0.0 | 1.0.0.0 | 2014-12-09 | No se ha encontrado nada | 1 |
| quickheal | 14.00 | 14.00 | 2015-07-25 | Android.Adrd.A | 2 |
| rising | 25.76.04.01 | 25.76.04.01 | 2015-07-24 | No se ha encontrado nada | 1 |
| sophos | 5.08 | 3.55.0 | 2014-12-01 | No se ha encontrado nada | 5 |
| symantec | 20141230.001 | 1.3.0.24 | 2014-12-30 | No se ha encontrado nada | 1 |
| tachyon | 9.9.9 | 9.9.9 | 2013-12-27 | No se ha encontrado nada | 3 |
| thehacker | 6.8.0.5 | 6.8.0.5 | 2015-07-23 | No se ha encontrado nada | 1 |
| tws | 17.47.17308 | 1.0.2.2108 | 2014-12-08 | Android.M.ilto | 14 |
| vba | 3.12.26.3 | 3.12.26.3 | 2014-12-31 | Trojan-Spy.AndroidOS.Adrd.ao | 21 |
| virusbuster | 15.0.985.0 | 5.5.2.13 | 2014-12-05 | No se ha encontrado nada | 34 |
| 许可名称 | 信息 |
| android.permission.RECEIVE_BOOT_COMPLETED | 接收开机启动广播 |
| android.permission.INTERNET | 连接网络(2G或3G) |
| android.permission.ACCESS_NETWORK_STATE | 读取网络状态(2G或3G) |
| android.permission.READ_PHONE_STATE | 读取电话状态 |
| android.permission.SEND_SMS | 发送短信 |
| android.permission.RECEIVE_SMS | 监控接收短信 |
| android.permission.READ_SMS | 读取短信 |
| android.permission.WRITE_SMS | 写短信 |
| 安全评分 : |
| MD5:77b0105632e309b48e66f7cdb4678e02 |
| 文件大小:5.58MB |
| 上传时间: 2014-09-22 10:36:30 (CST) |
| 包名:com.tt.yy |
| 最低运行环境:Android 1.5 |
| 版权:kdsjfkl |
| 行为描述: | 创建文件 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\CLS\cls-test.lib |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\CLS\readme.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\InnoSetup\readme.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\scripts\readme.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\whatsnew-rus.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\whatsnew.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\License\Contributors.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\License\gpl-2.0.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\License\License.txt | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\FreeArc036-eng.htm | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\FreeArc040-rus.htm | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\whatsnew.htm | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\Benchmarking\avg.rb | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\Benchmarking\maketest.rb | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\scripts\arc.custom-log.lua | |
| 行为描述: | 创建可执行文件 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\FAR MultiArc plugin\FreeArc.fmt |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\Arc.exe | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\unarc.exe | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc-mini.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc-tiny.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-installer-nodelete.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-installer.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-mini.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-tiny.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc.sfx | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\CLS\cls-test.dll | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\InnoSetup\unarc.dll | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\facompress.dll | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\facompress_mt.dll | |
| 行为描述: | 修改文件内容 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\CLS\cls-test.lib ---> Offset = 0 |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\CLS\readme.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\InnoSetup\readme.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\scripts\readme.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\whatsnew-rus.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\whatsnew.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\License\Contributors.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\License\gpl-2.0.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\License\License.txt ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\FreeArc036-eng.htm ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\FreeArc040-rus.htm ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Documentation\whatsnew.htm ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\Benchmarking\avg.rb ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\Benchmarking\maketest.rb ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\scripts\arc.custom-log.lua ---> Offset = 0 |
| 行为描述: | 创建互斥体 |
| 详情信息: | CTF.LBES.MutexDefaultS-* |
| CTF.Compart.MutexDefaultS-* | |
| CTF.Asm.MutexDefaultS-* | |
| CTF.Layouts.MutexDefaultS-* | |
| CTF.TMD.MutexDefaultS-* | |
| CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-* | |
| MSCTF.Shared.MUTEX.ELH | |
| 行为描述: | 查找指定窗口 |
| 详情信息: | NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,] |
| 行为描述: | 窗口信息 |
| 详情信息: | Pid = 648, Hwnd=0x202a6, Text = Destination folder:, ClassName = Static. |
| Pid = 648, Hwnd=0x202a8, Text = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E, ClassName = Edit. | |
| Pid = 648, Hwnd=0x202cc, Text = Browse, ClassName = Button. | |
| Pid = 648, Hwnd=0x202b4, Text = OK, ClassName = Button. | |
| Pid = 648, Hwnd=0x202b2, Text = Cancel, ClassName = Button. | |
| Pid = 648, Hwnd=0x302ba, Text = Welcome to FreeArc 0.666 alpha. FreeArc is an archiver featuring: * best speed and compression ratio among all practical arch, ClassName = RichEdit20W. | |
| Pid = 648, Hwnd=0x202d4, Text = http://freearc.org, ClassName = Static. | |
| Pid = 648, Hwnd=0x202a2, Text = %temp%\1459881098.224001.exe - FreeArc self-extracting archive, ClassName = #32770. | |
| 行为描述: | 可执行文件签名信息 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\FAR MultiArc plugin\FreeArc.fmt(签名验证: 未通过) |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\Arc.exe(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\unarc.exe(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc-mini.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc-tiny.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-installer-nodelete.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-installer.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-mini.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-tiny.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc.sfx(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\CLS\cls-test.dll(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\InnoSetup\unarc.dll(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\facompress.dll(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\facompress_mt.dll(签名验证: 未通过) | |
| 行为描述: | 可执行文件MD5 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\FAR MultiArc plugin\FreeArc.fmt ---> 817f96021be6d05cb758540f0ea9c261 |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\Arc.exe ---> 7fbda96d3a9d3eb0442d1e1a4ca334a5 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\unarc.exe ---> 99a7a301a29441db95bf25f2d6e7037d | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc-mini.sfx ---> 6973659897f30fb6350a0502a77f5f18 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc-tiny.sfx ---> 34d594fbac4a71614beebc9939943f76 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\arc.sfx ---> 4c2250580688aea532f28279937f3bca | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-installer-nodelete.sfx ---> 4500d67f590b25206aa89364b0faef12 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-installer.sfx ---> 8185e464dd2a4748abff383b75ae90e8 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-mini.sfx ---> 1b1a4f6596d89d9fe894f5bcca7c9f80 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc-tiny.sfx ---> 3563fbef365eacc38484d0c1310fc8b0 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\freearc.sfx ---> bf8b9ad7d82b2553cdec97fa4fd34e94 | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\CLS\cls-test.dll ---> 2e623331902fc9676cba93fc8d7819dd | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\Addons\InnoSetup\unarc.dll ---> 0b21c6017129d22eddda38d445091dcc | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\facompress.dll ---> 512d1d3b063031e1f8d13bf4fd2b640b | |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\996E\bin\facompress_mt.dll ---> 1e2ffc79a73817f882eaaee0a7b76c1d | |
| 行为描述: | 样本控制台输出内容 |
| 详情信息: | N/A |
| 活动名 | 类型 |
| .loginActivity | android.intent.action.MAIN |
| .loginActivity | android.intent.category.LAUNCHER |
| 函数名称 | 信息 |
| HttpClient;->execute | 请求远程服务器 |
| DefaultHttpClient;->execute | 发送HTTP请求 |
| TelephonyManager;->getDeviceId | 搜集用户手机IMEI码、电话号码、系统版本号等信息 |
| ContentResolver;->delete | 删除短信、联系人 |
| ContentResolver;->query | 读取联系人、短信等数据库 |
| SmsManager;->sendTextMessage | 发送普通短信 |
| 名称 | 信息 |
| com.xxx.yyy.MyBoolService | 开机启动服务 |
| com.xxx.yyy.MyAlarmReceiver |
| 许可名称 | 信息 |
| android.permission.RECEIVE_BOOT_COMPLETED | 接收开机启动广播 |
| android.permission.INTERNET | 连接网络(2G或3G) |
| android.permission.ACCESS_NETWORK_STATE | 读取网络状态(2G或3G) |
| android.permission.READ_PHONE_STATE | 读取电话状态 |
| android.permission.SEND_SMS | 发送短信 |
| android.permission.RECEIVE_SMS | 监控接收短信 |
| android.permission.READ_SMS | 读取短信 |
| android.permission.WRITE_SMS | 写短信 |
| 名称 | |
| com.xxx.yyy.MyService |
| 文件名 | 校验码 |
| res/drawable/icon.png | 0xa68bd0c5 |
| res/layout/l_login.xml | 0xdf35d954 |
| res/layout/l_webview.xml | 0x2a4db95f |
| res/layout/list_13.xml | 0xc4253acb |
| res/layout/list_items.xml | 0xb8f5d6e |
| res/layout/main.xml | 0x8ae7db9b |
| AndroidManifest.xml | 0x7eaaff2a |
| resources.arsc | 0x7fc54f93 |
| classes.dex | 0x5cf1e333 |
| META-INF/MANIFEST.MF | 0x7faea73a |
| META-INF/CERT.SF | 0x240722cb |
| META-INF/CERT.RSA | 0xa758d449 |
|
INICIO
