VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-27 15:13:01 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.4073 25.4073 2015-10-26 Found nothing 8
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 44
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Found nothing 8
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 5
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 12
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:7a3d5377be3846384bb8cd1060bbe225
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.example.linestyle
最低运行环境:Android 2.2.x
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,Shell Embedding]
[Window,Class] = [,tooltips_class32]
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202cc, Text = 冰点下载器3.0.9, ClassName = #32770.
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x01010055, DC = 0x01010055.
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
\WINDOWS\system32\zh-cn\ieframe.dll.mui
MSCTF.MarshalInterface.FileMap.MEI..KJAHH
MSCTF.MarshalInterface.FileMap.MEI.B.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.C.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.D.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.E.JKAHH
MSCTF.MarshalInterface.FileMap.MEI.F.JKAHH
MSCTF.MarshalInterface.FileMap.MEI.G.JLAHH
MSCTF.Shared.SFM.MEI
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 按名称获取主机地址
详情信息: bingdian.dorapp.com
进程行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,Shell Embedding]
[Window,Class] = [,tooltips_class32]
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202cc, Text = 冰点下载器3.0.9, ClassName = #32770.
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x01010055, DC = 0x01010055.
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
\WINDOWS\system32\zh-cn\ieframe.dll.mui
MSCTF.MarshalInterface.FileMap.MEI..KJAHH
MSCTF.MarshalInterface.FileMap.MEI.B.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.C.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.D.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.E.JKAHH
MSCTF.MarshalInterface.FileMap.MEI.F.JKAHH
MSCTF.MarshalInterface.FileMap.MEI.G.JLAHH
MSCTF.Shared.SFM.MEI
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 按名称获取主机地址
详情信息: bingdian.dorapp.com
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
\WINDOWS\system32\zh-cn\ieframe.dll.mui
MSCTF.MarshalInterface.FileMap.MEI..KJAHH
MSCTF.MarshalInterface.FileMap.MEI.B.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.C.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.D.KJAHH
MSCTF.MarshalInterface.FileMap.MEI.E.JKAHH
MSCTF.MarshalInterface.FileMap.MEI.F.JKAHH
MSCTF.MarshalInterface.FileMap.MEI.G.JLAHH
MSCTF.Shared.SFM.MEI
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\Adbrier.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\HttpRq.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\SWFToImage.DLL
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\iDocDown.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\pdflib.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\tinyxml.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kini\SWFToImage.DLL
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kini\tkdel.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kini\tkfin.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kini\tkrun.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kini\tkcfg.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kini\tkcfg.ini---> Offset = 56
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 查找文件
详情信息: FileName = C:\DOCUME~1
FileName = C:\Documents and Settings\ADMINI~1
FileName = C:\Documents and Settings\Administrator\LOCALS~1
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\1445930612.750707.exe_7zdump
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\iDocDown.exe
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kdocin
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kdocin\jpg
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kdocin\jpg\*
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iDocDown\kdocin\swf
网络行为
VirSCANVirSCAN
行为描述: 发送一个已连接的套接字数据
详情信息: SOCKET = 0x0000023c, TotalSize = 86, Offset = 0, ReadSize = 86.
行为描述: 建立到一个指定的套接字连接
详情信息: 110.110.110.110:80
行为描述: 联网打开网址
详情信息: InternetOpenUrlA: http://www.bingdian001.com/ver/version.htm?v=3.0.9 hInternet = 0x00000248
行为描述: 按名称获取主机地址
详情信息: bingdian.dorapp.com
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F52B2898-3CD9-4530-8F1E-2762A2783C33}\1.0\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F52B2898-3CD9-4530-8F1E-2762A2783C33}\1.0\FLAGS\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F52B2898-3CD9-4530-8F1E-2762A2783C33}\1.0\0\win32\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F52B2898-3CD9-4530-8F1E-2762A2783C33}\1.0\HELPDIR\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7445F31D-8956-43AF-88B7-1C5FF7AAE1F5}\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7445F31D-8956-43AF-88B7-1C5FF7AAE1F5}\ProxyStubClsid\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7445F31D-8956-43AF-88B7-1C5FF7AAE1F5}\ProxyStubClsid32\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7445F31D-8956-43AF-88B7-1C5FF7AAE1F5}\TypeLib\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7445F31D-8956-43AF-88B7-1C5FF7AAE1F5}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{479A1AAC-C148-40BB-9868-A9773DA66AF9}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{479A1AAC-C148-40BB-9868-A9773DA66AF9}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{479A1AAC-C148-40BB-9868-A9773DA66AF9}\InprocServer32\ThreadingModel
\REGISTRY\MACHINE\SOFTWARE\Classes\SWFToImage.SWFToImageObject\
\REGISTRY\MACHINE\SOFTWARE\Classes\SWFToImage.SWFToImageObject\Clsid\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{479A1AAC-C148-40BB-9868-A9773DA66AF9}\ProgID\
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
{C15730E2-145C-4c5e-B005-3BC753F42475}-once-flagIEJLGAABIEIAAAAA
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.MEI
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,Shell Embedding]
[Window,Class] = [,tooltips_class32]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202cc, Text = 冰点下载器3.0.9, ClassName = #32770.
行为描述: 窗口信息
详情信息: Pid = 2120, Hwnd=0x202b2, Text = List2, ClassName = SysListView32.
Pid = 2120, Hwnd=0x302dc, Text = 下载, ClassName = Static.
Pid = 2120, Hwnd=0x202d8, Text = 关于, ClassName = Static.
Pid = 2120, Hwnd=0x202c2, Text = 菜单, ClassName = Static.
Pid = 2120, Hwnd=0x202c4, Text = Tree1, ClassName = SysTreeView32.
Pid = 2120, Hwnd=0x202ca, Text = title, ClassName = Static.
Pid = 2120, Hwnd=0x202cc, Text = 冰点下载器3.0.9, ClassName = #32770.
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x01010055, DC = 0x01010055.
动态列表行为
VirSCANVirSCAN
行为描述: Toast->makeText弹出提示
详情信息: text:本软件已经破解为免积分,大家放心使用。如果奇虎软件提示危险软件,請无视。Darker乀疯狂提供破解。 duration:1
text:本软件已经破解为免积分,大家放心使用。如果奇虎软件提示危险软件,請无视。Darker乀疯狂提供破解。 duration:1
text:本软件已经破解为免积分,大家放心使用。如果奇虎软件提示危险软件,請无视。Darker乀疯狂提供破解。 duration:1
text:本软件已经破解为免积分,大家放心使用。如果奇虎软件提示危险软件,請无视。Darker乀疯狂提供破解。 duration:1
text:本软件已经破解为免积分,大家放心使用。如果奇虎软件提示危险软件,請无视。Darker乀疯狂提供破解。 duration:1
行为描述: 读取文件
详情信息: path:/mnt/sdcard/Android/data/.class/android length:38
path:/mnt/sdcard/Android/data/.class/android length:5
path:/mnt/sdcard/Android/data/cache/AppPackage.dat length:5
行为描述: 获取加密实例
详情信息: [u'DES/CBC/PKCS5Padding']
行为描述: 访问URL
详情信息: http://app.wapx.cn/action/connect/active?app_id=c37d7e201a92514253acf9108368bb72&udid=357143040944263&imsi=460000043140572&net=wifi&base=wapx.cn&app_version=1.3&sdk_version=2.1.1&device_name=sdk&device_brand=Lenovo&y=39053df3b1dafe3166258434b7950b10&device_type=android&os_version=4.1.2&country_code=US&language=en&act=com.example.linestyle&root=true&channel=QQ&device_width=768&device_height=1184&rec=h9fFLgXL%2BJ3C9bjehErUIxN6wKZIfLn3lAkMFR2ZmZeG4%2F2Cr8lFS3xQG13%2BOSMXwcdnnEgVpzax%0AGmBSo9dIpnDzaqneTHWpZyzbh4CnG7RTbdnFqj8SN%2FXY7wF46qeP6JggAsCDe2eX0bXcPhSfc0g%2B%0AgGVGMzoWLFMJLXFSj8QVj8enZPWgHkMT3E5Pz5tO%0A&at=1439264629214
http://app.waps.cn/action/account/getinfo?app_id=c37d7e201a92514253acf9108368bb72&udid=357143040944263&imsi=460000043140572&net=wifi&base=wapx.cn&app_version=1.3&sdk_version=2.1.1&device_name=sdk&device_brand=Lenovo&y=39053df3b1dafe3166258434b7950b10&device_type=android&os_version=4.1.2&country_code=US&language=en&act=com.example.linestyle&root=true&channel=QQ&device_width=768&device_height=1184&rec=h9fFLgXL%2BJ3C9bjehErUIxN6wKZIfLn3lAkMFR2ZmZeG4%2F2Cr8lFS3xQG13%2BOSMXwcdnnEgVpzax%0AGmBSo9dIpnDzaqneTHWpZyzbh4CnG7RTbdnFqj8SN%2FXY7wF46qeP6JggAsCDe2eX0bXcPhSfc0g%2B%0AgGVGMzoWLFMJLXFSj8QVj8enZPWgHkMT3E5Pz5tO%0A&at=1439264635095
http://app.waps.cn/action/user_info
行为描述: 获取当前连接的Wifi热点信息
详情信息: []
[]
[]
行为描述: 初始化URL
详情信息: [u'http://app.wapx.cn/action/connect/active?app_id=c37d7e201a92514253acf9108368bb72&udid=357143040944263&imsi=460000043140572&net=wifi&base=wapx.cn&app_version=1.3&sdk_version=2.1.1&device_name=sdk&device_brand=Lenovo&y=39053df3b1dafe3166258434b7950b10&device_type=android&os_version=4.1.2&country_code=US&language=en&act=com.example.linestyle&root=true&channel=QQ&device_width=768&device_height=1184&rec=h9fFLgXL%2BJ3C9bjehErUIxN6wKZIfLn3lAkMFR2ZmZeG4%2F2Cr8lFS3xQG13%2BOSMXwcdnnEgVpzax%0AGmBSo9dIpnDzaqneTHWpZyzbh4CnG7RTbdnFqj8SN%2FXY7wF46qeP6JggAsCDe2eX0bXcPhSfc0g%2B%0AgGVGMzoWLFMJLXFSj8QVj8enZPWgHkMT3E5Pz5tO%0A&at=1439264629214']
[u'http://app.waps.cn/action/account/getinfo?app_id=c37d7e201a92514253acf9108368bb72&udid=357143040944263&imsi=460000043140572&net=wifi&base=wapx.cn&app_version=1.3&sdk_version=2.1.1&device_name=sdk&device_brand=Lenovo&y=39053df3b1dafe3166258434b7950b10&device_type=android&os_version=4.1.2&country_code=US&language=en&act=com.example.linestyle&root=true&channel=QQ&device_width=768&device_height=1184&rec=h9fFLgXL%2BJ3C9bjehErUIxN6wKZIfLn3lAkMFR2ZmZeG4%2F2Cr8lFS3xQG13%2BOSMXwcdnnEgVpzax%0AGmBSo9dIpnDzaqneTHWpZyzbh4CnG7RTbdnFqj8SN%2FXY7wF46qeP6JggAsCDe2eX0bXcPhSfc0g%2B%0AgGVGMzoWLFMJLXFSj8QVj8enZPWgHkMT3E5Pz5tO%0A&at=1439264635095']
[u'http://app.waps.cn/action/user_info']
行为描述: 获取用户ID
详情信息: 460000043140572
460000043140572
行为描述: 缓冲区读取一行数据
详情信息: RSZbbUsEdX%2Fd49IujgZPfA%3D%3D%0A
null
null
行为描述: 读取sdcard
详情信息: path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/cache/AppPackage.dat
行为描述: 窗口信息
详情信息: {"text": "超级短信炸弹", "class": "android.widget.TextView"}
{"text": "当您提交手机号码后, 本程序将对该号码进行不间断的短信、电话轰炸,直到对方手机电量耗尽!或者关机!电话轰炸效果更佳!对方挂断电话之后程序马上自动重拨,绝对能让对方抓狂!绝对是复仇整蛊利器!
本软件完全免费,不消耗您一分钱话费,只需消耗少量流量就能进行轰炸!不相信可以输入自己手机号测试~", "class": "android.widget.TextView"}
{"text": "威力强大的电话短信轰炸机", "class": "android.widget.TextView"}
{"text": "如果喜欢本软件 请分享给更多朋友哦", "class": "android.widget.TextView"}
{"text": "短信轰炸", "class": "android.widget.Button"}
{"text": "电话轰炸", "class": "android.widget.Button"}
{"text": "炸友交流论坛 http://dalong999.com", "class": "android.widget.TextView"}
{"text": "超级短信炸弹 V1.5 For 2014", "class": "android.widget.TextView"}
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414eee10', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414af9e0']
[u'android.widget.LinearLayout@41532138', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
[u'android.widget.LinearLayout@414c32b0', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
[u'android.widget.LinearLayout@414e55a0', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
[u'android.widget.LinearLayout@414e6d68', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
[u'android.widget.LinearLayout@414ef2b8', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
行为描述: 写入sdcard
详情信息: path:/mnt/sdcard/Android/data/cache/CacheTime.dat
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/cache/AppPackage.dat
path:/mnt/sdcard/Android/data/cache/UnPackage.dat
行为描述: 获取安装应用列表
详情信息: [u'0']
[u'0']
行为描述: root权限检测
详情信息: /system/bin/su
/system/xbin/su
行为描述: 获取设备ID
详情信息: 357143040944263
行为描述: 获取网络状态信息[*]
详情信息: NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
行为描述: 写入文件
详情信息: path:/mnt/sdcard/Android/data/cache/CacheTime.dat length:18
path:/data/data/com.example.linestyle/files/CacheTime.dat length:18
path:/mnt/sdcard/Android/data/.class/android length:38
path:/data/data/com.example.linestyle/shared_prefs/AppSettings.xml length:139
path:/mnt/sdcard/Android/data/cache/AppPackage.dat length:69
path:/mnt/sdcard/Android/data/cache/UnPackage.dat length:69
Activities
VirSCANVirSCAN
活动名 类型
com.example.linestyle.MainActivity android.intent.action.MAIN
com.example.linestyle.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
java/net/HttpURLConnection;->connect 连接URL
android/app/NotificationManager;->notify 信息通知栏
java/net/URL;->openConnection 连接URL
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
文件列表
VirSCANVirSCAN
文件名 校验码
classes.dex 0xb42e3300
resources.arsc 0x53952103
res/drawable/background_view_rounded_bottom.xml 0x786ca655
res/drawable/background_view_rounded_middle.xml 0xce56388d
res/drawable/background_view_rounded_single.xml 0xaa32a73c
res/drawable/background_view_rounded_top.xml 0x871e42cb
res/drawable/bg.png 0x1315626b
res/drawable/bg2.jpg 0xc0f0284c
res/drawable/dotted_line.xml 0xf3eef1db
res/drawable/dotted_line_2.xml 0x89a6201f
res/drawable/rect_gray.xml 0x2fcc452a
res/drawable/rect_gray_2.xml 0x7e73c607
res/drawable/rect_gray_3.xml 0x9e02150a
res/layout/activity_main.xml 0xdbe8a41
res/layout/dianhua.xml 0xa2ebf9d5
res/layout/web.xml 0xc73f880b
res/menu/main.xml 0x7482ce7f
AndroidManifest.xml 0x5c25f0f8
res/drawable-hdpi/bg.png 0x1315626b
res/drawable-hdpi/ic_launcher.png 0x4fe9bbc4
res/drawable-hdpi/title_back.9.png 0x232db130
res/drawable-mdpi/ic_launcher.png 0x7fff029b
res/drawable-xhdpi/ic_launcher.png 0x49166783
res/drawable-xxhdpi/ic_launcher.png 0xe647039c
META-INF/MANIFEST.MF 0x38f21240
META-INF/CERT.SF 0x34c94f4e
META-INF/CERT.RSA 0xe376af9c
运行截图
VirSCANVirSCAN
VirSCAN