VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:3%Scanner(s) (1/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-08-25 11:30:23 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 6
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 2
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14366 10.0.1405 2017-08-23 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23696 0.97.5 2017-08-22 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 1.000, 51.150, 51.106, 51.128 5.4.247 2017-08-24 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13965 25.13965 2017-08-25 Found nothing 14
ikarus 1.06.01 V1.32.31.0 2017-08-24 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-08-24 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-08-24 Found nothing 5
mcafee 8620 5400.1158 2017-08-12 Found nothing 60
nod32 5964 3.0.21 2017-08-23 Found nothing 60
panda 9.05.01 9.05.01 2017-08-24 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-08-24 Android.Ewind.AL (AdWare) 4
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 3
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2017-08-20 Found nothing 2
tws 17.47.17308 1.0.2.2108 2017-08-24 Found nothing 15
vba 3.12.29.5 beta 3.12.29.5 beta 2017-08-24 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.READ_CONTACTS 读取联系人信息
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.VIBRATE 允许设备震动
android.permission.READ_LOGS 读取系统日志
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_CONTACTS 写入联系人信息
android.permission.CAMERA 访问照相机设备
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.MODIFY_AUDIO_SETTINGS 修改声音设置
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
android.permission.SEND_SMS 发送短信
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CALL_PHONE 拨打电话
android.permission.FLASHLIGHT 访问闪光灯
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.WRITE_SMS 写短信
android.permission.READ_SMS 读取短信
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:c12b23e83d2da18984170b56d52c8ae3
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:io.dcloud.H5A176AFB
最低运行环境:Android 2.2.x
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 直接调用系统关键API
详情信息: Index = 0x0000009A, Name: NtQueryInformationProcess, Instruction Address = 0x023BF3B9
Index = 0x000000E5, Name: NtSetInformationThread, Instruction Address = 0x023BF3B9
Index = 0x000000B2, Name: NtQueryVirtualMemory, Instruction Address = 0x0048CC3E
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 直接获取CPU时钟
详情信息: EAX = 0xd2e147db, EDX = 0x000000be
EAX = 0xd2e14827, EDX = 0x000000be
EAX = 0xd2e14873, EDX = 0x000000be
EAX = 0xd2e148bf, EDX = 0x000000be
EAX = 0xd5691848, EDX = 0x000000be
EAX = 0xd5691894, EDX = 0x000000be
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x0001034c, DC = 0x01010057.
Foreground window Info: HWND = 0x00010352, DC = 0x01010057.
Foreground window Info: HWND = 0x00010354, DC = 0x0a010375.
Foreground window Info: HWND = 0x0001035a, DC = 0x01010057.
Foreground window Info: HWND = 0x0001035c, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010360, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010362, DC = 0x01010057.
Foreground window Info: HWND = 0x00010366, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010368, DC = 0x01010057.
Foreground window Info: HWND = 0x00010372, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010374, DC = 0x01010057.
进程行为
VirSCANVirSCAN
行为描述: 直接调用系统关键API
详情信息: Index = 0x0000009A, Name: NtQueryInformationProcess, Instruction Address = 0x023BF3B9
Index = 0x000000E5, Name: NtSetInformationThread, Instruction Address = 0x023BF3B9
Index = 0x000000B2, Name: NtQueryVirtualMemory, Instruction Address = 0x0048CC3E
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 直接获取CPU时钟
详情信息: EAX = 0xd2e147db, EDX = 0x000000be
EAX = 0xd2e14827, EDX = 0x000000be
EAX = 0xd2e14873, EDX = 0x000000be
EAX = 0xd2e148bf, EDX = 0x000000be
EAX = 0xd5691848, EDX = 0x000000be
EAX = 0xd5691894, EDX = 0x000000be
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x0001034c, DC = 0x01010057.
Foreground window Info: HWND = 0x00010352, DC = 0x01010057.
Foreground window Info: HWND = 0x00010354, DC = 0x0a010375.
Foreground window Info: HWND = 0x0001035a, DC = 0x01010057.
Foreground window Info: HWND = 0x0001035c, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010360, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010362, DC = 0x01010057.
Foreground window Info: HWND = 0x00010366, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010368, DC = 0x01010057.
Foreground window Info: HWND = 0x00010372, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010374, DC = 0x01010057.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\stat[1].htm
C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\38a5f.tmp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\38b0c.tmp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\38b8a.tmp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\情歌破解禁止贩卖_peid.exe
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp
行为描述: 复制文件
详情信息: C:\WINDOWS\system32\ntdll.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\38a5f.tmp
C:\WINDOWS\system32\user32.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\38b0c.tmp
C:\WINDOWS\system32\gdi32.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\38b8a.tmp
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp ---> Offset = 131072
C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp ---> Offset = 196608
C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp ---> Offset = 262144
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp ---> Offset = 131072
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp ---> Offset = 196608
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp ---> Offset = 262144
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp ---> Offset = 131072
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp ---> Offset = 196608
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp ---> Offset = 262144
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = z1****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
行为描述: 建立到一个指定的套接字连接
详情信息: URL: z1****om, IP: **.133.40.**:80, SOCKET = 0x00000274
行为描述: 读取网络文件
详情信息: hFile = 0x00cc000c, BytesToRead =255, BytesRead = 255.
行为描述: 发送HTTP包
详情信息: GET /stat.htm?id=1259869022&r=&lg=zh-cn&ntime=none&cnzz_eid=none&showp=1920x973&t=&h=1&rnd=1000041 HTTP/1.1 Referer: http://v1.yokka.cc/0709?mach=487F86AE Accept: image/webp,image/*,*/*;q=0.8 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: z1****om Cache-Control: no-cache
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: z1****om:80/stat.htm?id=1259869022&r=&lg=zh-cn&ntime=none&cnzz_eid=none&showp=1920x973&t=&h=1&rnd=1000041, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x80004000
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: z1****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x32(BGR 0)
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\
其他行为
VirSCANVirSCAN
行为描述: 直接调用系统关键API
详情信息: Index = 0x0000009A, Name: NtQueryInformationProcess, Instruction Address = 0x023BF3B9
Index = 0x000000E5, Name: NtSetInformationThread, Instruction Address = 0x023BF3B9
Index = 0x000000B2, Name: NtQueryVirtualMemory, Instruction Address = 0x0048CC3E
行为描述: 检测自身是否被调试
详情信息: IsDebuggerPresent
行为描述: 创建互斥体
详情信息: RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
行为描述: 打开互斥体
详情信息: RasPbFile
ShimCacheMutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
Local\!IETld!Mutex
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x0001034c, DC = 0x01010057.
Foreground window Info: HWND = 0x00010352, DC = 0x01010057.
Foreground window Info: HWND = 0x00010354, DC = 0x0a010375.
Foreground window Info: HWND = 0x0001035a, DC = 0x01010057.
Foreground window Info: HWND = 0x0001035c, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010360, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010362, DC = 0x01010057.
Foreground window Info: HWND = 0x00010366, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010368, DC = 0x01010057.
Foreground window Info: HWND = 0x00010372, DC = 0x0a010375.
Foreground window Info: HWND = 0x00010374, DC = 0x01010057.
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp(签名验证: 通过)
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [勾选上表示自动,Button]
[Window,Class] = [,ComboBox]
[Window,Class] = [,Button]
[Window,Class] = [,_EL_Timer]
[Window,Class] = [加载,Button]
[Window,Class] = [编释,Button]
[Window,Class] = [运行,Button]
[Window,Class] = [,Edit]
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\38a5f.tmp ---> 9e762b21dd4d10695799a9a6e9570b79
C:\Documents and Settings\Administrator\Local Settings\Temp\38b0c.tmp ---> f697644d5f59050fbe6af896c19cca93
C:\Documents and Settings\Administrator\Local Settings\Temp\38b8a.tmp ---> 2ccdf9fc160e3af611510decc1359516
行为描述: 直接获取CPU时钟
详情信息: EAX = 0xd2e147db, EDX = 0x000000be
EAX = 0xd2e14827, EDX = 0x000000be
EAX = 0xd2e14873, EDX = 0x000000be
EAX = 0xd2e148bf, EDX = 0x000000be
EAX = 0xd5691848, EDX = 0x000000be
EAX = 0xd5691894, EDX = 0x000000be
Activities
VirSCANVirSCAN
活动名 类型
io.dcloud.PandoraEntry android.intent.action.MAIN
io.dcloud.PandoraEntry android.intent.category.LAUNCHER
io.dcloud.PandoraEntryActivity android.intent.action.VIEW
io.dcloud.PandoraEntryActivity android.intent.category.DEFAULT
io.dcloud.PandoraEntryActivity android.intent.category.BROWSABLE
pkf.tadj.mch.ea android.intent.action.CREATE_SHORTCUT
pkf.tadj.mch.ea android.intent.action.DEFAULT
pkf.tadj.mch.ea android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
java/net/URL;->openConnection 连接URL
SmsManager;->sendTextMessage 发送普通短信
启动方式
VirSCANVirSCAN
名称 信息
pkf.tadj.mch.ext 应用安装时启动服务
pkf.tadj.mch.ext 网络连接改变时启动服务
sfh.pqjd.cbnzs.i 应用安装时启动服务
sfh.pqjd.cbnzs.i 网络连接改变时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.READ_CONTACTS 读取联系人信息
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.VIBRATE 允许设备震动
android.permission.READ_LOGS 读取系统日志
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_CONTACTS 写入联系人信息
android.permission.CAMERA 访问照相机设备
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.MODIFY_AUDIO_SETTINGS 修改声音设置
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
android.permission.SEND_SMS 发送短信
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CALL_PHONE 拨打电话
android.permission.FLASHLIGHT 访问闪光灯
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.WRITE_SMS 写短信
android.permission.READ_SMS 读取短信
服务列表
VirSCANVirSCAN
名称
io.dcloud.adapter.io.MiniServerService
com.oooo.z
sfh.pqjd.cbnzs.zt
com.perfume.xw
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x41c43ea6
META-INF/CERT.SF 0xb40ffafb
META-INF/CERT.RSA 0x36121b99
assets/apps/H5A176AFB/www/www/js/bluebird_window.js 0xa453c494
assets/apps/H5A176AFB/www/www/js/bluebird_ajax.js 0x3fe2de2a
res/drawable-xxxhdpi-v4/icon.png 0x424e4112
io/dcloud/all.js 0xc7e905c1
res/layout/dcloud_dialog.xml 0x4f5c1284
assets/ufcd.png 0x5e6ee72c
res/drawable/dcloud_slt_as_ios7_other_bt_bottom.xml 0xecf78805
res/drawable-xhdpi-v4/dcloud_actionsheet_bottom_normal.9.png 0xe0679a36
lib/armeabi-v7a/libmsc.so 0x3835990c
assets/ali/libdemolishdata.so 0x6d573e29
res/drawable/dcloud_longding_bg.xml 0xdb8ef876
res/drawable-hdpi-v4/dcloud_snow_black.png 0x87f358a3
res/drawable-hdpi-v4/icon.png 0xa0e45365
assets/res/HBuilder.png 0x177feb1c
assets/apps/H5A176AFB/www/www/css/icons-extra.css 0x96caf62e
assets/apps/H5A176AFB/www/www/js/mui.min.js 0xfce87cd5
assets/iflytek/voice_bg.9.png 0xcadae20
res/drawable-hdpi-v4/dcloud_snow_white_progress.xml 0xb96cebb1
lib/armeabi/libpl_droidsonroids_gif.so 0xee0d6d81
assets/iflytek/voice_empty.png 0xd1d92ae2
lib/x86/libdemolish.so 0xc756ac59
assets/apps/H5A176AFB/www/www/js/bluebird_checkbox.js 0xc7109c0d
lib/armeabi/libdemolish.so 0x4725be0a
assets/ehuc.png 0xe90f3ab
res/drawable/dcloud_slt_as_ios7_other_bt_top.xml 0x3056879b
assets/apps/H5A176AFB/www/www/js/zai_tool.js 0x713bf629
assets/data/dcloud_control.xml 0x94d8895f
assets/mog 0x601ef089
res/drawable-xhdpi-v4/dcloud_actionsheet_top_pressed.9.png 0xfd8ba72f
assets/apps/H5A176AFB/www/www/js/bluebird_editBox.js 0x1678df8b
resources.arsc 0xfd665d3c
assets/xh.png 0x80d11a53
res/layout/dcloud_image_pick_gallery_item.xml 0xd56b34e0
assets/apps/H5A176AFB/www/www/js/bluebird_imageBox.js 0xb9915f76
assets/iflytek/warning.png 0x3ab21395
AndroidManifest.xml 0x53e60f0b
assets/apps/H5A176AFB/www/www/js/bluebird_dialogBox.js 0xd31f9735
res/drawable-xhdpi-v4/dcloud_image_pick_mask.9.png 0xf40d6a62
assets/iflytek/recognize.xml 0x821224ee
assets/apps/H5A176AFB/www/www/js/bluebird_button.js 0x6d38d7f7
assets/fonts/dcloud_iconfont.ttf 0x3285f37a
assets/apps/H5A176AFB/www/www/css/mui.min.css 0x3f299982
res/drawable/dcloud_slt_as_ios7_cancel_bt.xml 0xcd197f2e
assets/apps/H5A176AFB/www/www/fonts/mui.ttf 0xed6ac8f3
res/layout/dcloud_activity_main_market.xml 0xf94c3f29
assets/apps/H5A176AFB/www/www/index.html 0x758b4085
assets/res/point.png 0x5cead6e8
assets/shuiz 0x67b711d6
assets/iflytek/voice_full.png 0xac0c6930
res/drawable/dcloud_dialog_shape_bg.xml 0x92790547
classes.dex 0x301de518
lib/x86/libpl_droidsonroids_gif.so 0x7327b496
assets/data/dcloud_error.html 0x1062838b
assets/apps/H5A176AFB/www/www/js/bluebird_timer.js 0x9c2034cb
res/drawable-ldpi-v4/icon.png 0xb57c2052
assets/apps/H5A176AFB/www/manifest.json 0xaedd8535
res/drawable-xhdpi-v4/dcloud_as_bg_ios6.9.png 0xb4df7168
res/drawable/dcloud_dialog_shape.xml 0xce27fb48
res/drawable/dcloud_slt_as_ios7_other_bt_middle.xml 0x11b870b0
res/drawable/dcloud_slt_as_ios7_other_bt_single.xml 0xcd197f2e
assets/res/dcloud_beep.ogg 0x3c547518
res/layout/dcloud_snow_black_progress.xml 0x45ee5449
res/drawable-hdpi-v4/dcloud_shadow_left.png 0x383218a6
assets/apps/H5A176AFB/www/www/fonts/mui-icons-extra.ttf 0xbb82f33a
assets/apps/H5A176AFB/www/www/images/56.png 0xf1225f86
res/drawable-xxhdpi-v4/splash.png 0x1a9ac407
res/layout/dcloud_main_test_activity.xml 0x463e0f63
assets/apps/H5A176AFB/www/www/js/bluebird_lable.js 0xf95f2b76
lib/armeabi-v7a/libdemolish.so 0x6802b6df
res/layout/dcloud_loadingview.xml 0x2792831f
res/drawable-xhdpi-v4/dcloud_actionsheet_single_normal.9.png 0xa6684b3e
res/drawable/dcloud_image_pick_title_sel.xml 0x8494f548
assets/iflytek/waiting.png 0xaf422d7f
res/drawable-xhdpi-v4/icon.png 0x821ca39d
assets/apps/H5A176AFB/www/www/js/bluebird_string.js 0x8746f9d5
res/anim/dcloud_slide_out_to_top.xml 0x24ba81e9
res/layout/dcloud_market_fragment_base.xml 0xe99bd896
res/layout/dcloud_snow_white_progress.xml 0x2092498c
assets/res/dcloud_prograss_snow1.png 0xc9d0e643
res/layout/dcloud_image_pick_gallery.xml 0x49f7d97
res/drawable-xhdpi-v4/dcloud_actionsheet_bottom_pressed.9.png 0xc110c339
res/drawable-hdpi-v4/dcloud_snow_white.png 0xdfe2ddb6
res/drawable-xhdpi-v4/dcloud_image_pick_no_media.png 0xbe6db098
res/drawable/dcloud_slt_as_ios7_other_bt_title.xml 0x2d0b49df
res/drawable-xhdpi-v4/dcloud_actionsheet_single_pressed.9.png 0xc99f551d
assets/apps/H5A176AFB/www/www/js/zai_daskjh.js 0xe4f1eb60
assets/data/dcloud_properties.xml 0x931b8bc9
res/drawable-mdpi-v4/icon.png 0xb57c2052
res/drawable-xhdpi-v4/dcloud_as_other_bt_bg.9.png 0xbd149fa
res/anim/dcloud_slide_in_from_top.xml 0xa48c3a13
assets/ali/libpreverify1.so 0x326ddd6f
assets/apps/H5A176AFB/www/www/css/zai_tool.css 0xd58c586
lib/armeabi-v7a/libpl_droidsonroids_gif.so 0x9bb806e6
res/drawable-xhdpi-v4/dcloud_as_cancel_bt_bg.9.png 0x82a7b833
res/drawable-xhdpi-v4/splash.png 0x690abc33
res/layout/dcloud_custom_notification.xml 0xe0051ec8
res/drawable-xhdpi-v4/dcloud_actionsheet_middle_normal.9.png 0xeb696339
res/drawable-xhdpi-v4/dcloud_actionsheet_top_normal.9.png 0xfece38ef
res/drawable-hdpi-v4/dcloud_snow_black_progress.xml 0x9958add3
assets/apps/H5A176AFB/www/www/js/bluebird_convert.js 0x63e6edcf
res/drawable-hdpi-v4/splash.png 0xad2d873a
lib/armeabi/libmsc.so 0x3835990c
res/drawable-xhdpi-v4/dcloud_actionsheet_middle_pressed.9.png 0x23835a06
res/drawable-xxhdpi-v4/icon.png 0x41f2af45
运行截图
VirSCANVirSCAN
VirSCAN