VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-20 21:15:18 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23575 0.97.5 2017-07-19 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 5.4.247 2017-07-20 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13454 25.13454 2017-07-20 Android.Trojan.SLocker.FH 11
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-19 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-19 Found nothing 5
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-19 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-18 Android.Congur.A 3
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 1
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-07-16 Found nothing 1
tws 17.47.17308 1.0.2.2108 2017-07-19 Found nothing 14
vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-17 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.SEND_SMS 发送短信
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.VIBRATE 允许设备震动
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:72bd270f9ab01599bc9ed698f027f957
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.h
最低运行环境:Android 2.2.x
版权:Android
进程行为
VirSCANVirSCAN
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: WinHttpConnect: ServerName = ch****cn, PORT = 80, UserName = , Password = , hSession = 0x01003100, hConnect = 0x01003200, Flags = 0x00000000
WinHttpConnect: ServerName = ch****cn, PORT = 80, UserName = , Password = , hSession = 0x01002100, hConnect = 0x01002200, Flags = 0x00000000
WinHttpConnect: ServerName = ch****cn, PORT = 80, UserName = , Password = , hSession = 0x00e21100, hConnect = 0x00e21200, Flags = 0x00000000
WinHttpConnect: ServerName = ch****cn, PORT = 80, UserName = , Password = , hSession = 0x00e71100, hConnect = 0x00e71200, Flags = 0x00000000
WinHttpConnect: ServerName = ch****cn, PORT = 80, UserName = , Password = , hSession = 0x00e31100, hConnect = 0x00e31200, Flags = 0x00000000
WinHttpConnect: ServerName = ch****cn, PORT = 80, UserName = , Password = , hSession = 0x00e81100, hConnect = 0x00e81200, Flags = 0x00000000
行为描述: 打开HTTP连接
详情信息: WinHttpOpen: UserAgent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5), hSession = 0x01003100
WinHttpOpen: UserAgent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5), hSession = 0x01002100
WinHttpOpen: UserAgent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5), hSession = 0x00e21100
WinHttpOpen: UserAgent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5), hSession = 0x00e71100
WinHttpOpen: UserAgent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5), hSession = 0x00e31100
WinHttpOpen: UserAgent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5), hSession = 0x00e81100
行为描述: 建立到一个指定的套接字连接
详情信息: URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000170
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000174
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x0000011c
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000150
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x0000016c
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000134
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000164
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000168
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000184
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000180
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000160
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000130
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000188
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000128
URL: ch****cn, IP: **.133.40.**:80, SOCKET = 0x00000178
行为描述: 发送HTTP包
详情信息: GET /zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotId=265108&chartType=zhzs&r=0.009212904376909137#roll_632 HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) Host: ch****cn Connection: Keep-Alive
行为描述: 打开HTTP请求
详情信息: WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x01003200, hRequest = 0x01090000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x01002200, hRequest = 0x00db0000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x00e21200, hRequest = 0x00e60000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x00e71200, hRequest = 0x00e80000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x00e31200, hRequest = 0x00e80000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x01002200, hRequest = 0x00e30000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x00e81200, hRequest = 0x00e90000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x01002200, hRequest = 0x00e90000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x00e81200, hRequest = 0x00e30000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x00e21200, hRequest = 0x00e90000, Verb: GET, Referer: , Flags = 0x00000080
WinHttpOpenRequest: ch****cn:80/zst/getchartdata?sb_spm=9cefa284cbafa329f651e529d9d3049a&lotid=265108&charttype=zhzs&r=0.009212904376909137#roll_632, hConnect = 0x00e21200, hRequest = 0x00e30000, Verb: GET, Referer: , Flags = 0x00000080
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: ch****cn
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
MSCTF.Shared.MUTEX.MJK
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = MSCTF.SendReceive.Event.MJK.IC
EventName = MSCTF.SendReceiveConection.Event.MJK.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 窗口信息
详情信息: Pid = 2712, Hwnd=0x1034c, Text = 期数:, ClassName = msctls_statusbar32.
Pid = 2712, Hwnd=0x10346, Text = Pc28 去3余N 预测 by 28客栈, ClassName = ArrtryPC28.
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceive.Event.IOH.IC
MSCTF.SendReceiveConection.Event.IOH.IC
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,_EL_Timer]
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Activities
VirSCANVirSCAN
活动名 类型
.M android.intent.action.MAIN
.M android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
启动方式
VirSCANVirSCAN
名称 信息
com.h.bbb 开机启动服务
com.h.MyAdmin
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.SEND_SMS 发送短信
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.VIBRATE 允许设备震动
服务列表
VirSCANVirSCAN
名称
com.h.s
文件列表
VirSCANVirSCAN
文件名 校验码
resources.arsc 0x715e468d
AndroidManifest.xml 0x642b9077
classes.dex 0x245123b6
res/anim/show1.xml 0xd6a4ac2e
res/anim/show2.xml 0x7654fed3
res/anim/show3.xml 0x6f1f70bf
res/anim/show4.xml 0x58501145
res/anim/tvanim.xml 0xa070c56a
res/drawable/button.xml 0x4870c4e2
res/drawable/icon.png 0x50c4fdb
res/drawable/image_1.png 0xbba22b48
res/drawable/image_10.png 0x1d8d0321
res/drawable/image_2.png 0xcc536973
res/drawable/image_3.png 0x5bf10fa0
res/drawable/image_4.png 0x177dfa26
res/drawable/image_5.png 0x847fb2e6
res/drawable/image_6.png 0xd02b3ade
res/drawable/tv.xml 0xa0b7382
res/drawable/youc1.xml 0x6f3a33c8
res/drawable/youc2.xml 0x8d4a9028
res/drawable/youc3.xml 0x589dcc4a
res/layout/main.xml 0xf41e2f66
res/layout/newone.xml 0x73d4d016
res/raw/a.mp3 0x6f0e4bb6
res/xml/my_admin.xml 0x980762b3
META-INF/MANIFEST.MF 0xbc329660
META-INF/CERT.SF 0x3f87fbe3
META-INF/CERT.RSA 0x8dcedc4c
运行截图
VirSCANVirSCAN
VirSCAN