VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:7%Scanner(s) (3/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-04 15:41:45 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 4
antivir 1.9.2.0 1.9.159.0 7.11.182.228 Found nothing 16
antiy 104619 AVL141102 2014-11-03 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 9
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141103-1 4.7.4 2014-11-03 Found nothing 2
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57535 7.90123 2014-11-03 Found nothing 6
clamav 19574 0.97.5 2014-11-02 Found nothing 1
comodo 15023 5.1 2014-11-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 32
fortinet 23.108, 23.108 5.1.158 2014-11-03 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-03 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 6
gdata 24.4760 24.4760 2014-11-03 Found nothing 8
hauri 2.73 2.73 2014-11-03 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-03 AdWare.AndroidOS.AdDisplay 14
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 33
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 3
mcafee 7520 5400.1158 2014-08-04 Found nothing 8
nod32 0436 3.0.21 2014-09-18 a variant of Android/AdDisplay.Dowgin.AC application 1
panda 9.05.01 9.05.01 2014-11-03 Found nothing 4
pcc 11.254.05 9.500-1005 2014-11-03 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 13
qqphone 1.0.0.0 1.0.0.0 2014-11-04 安智广告联盟(a.spot.anzhi) 1
quickheal 14.00 14.00 2014-11-03 Found nothing 2
rising 25.38.01.01 25.38.01.01 2014-10-28 Found nothing 1
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-11-01 Found nothing 2
symantec 20141028.001 1.3.0.24 2014-10-28 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-10-31 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-11-03 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-11-03 Found nothing 4
virusbuster 15.0.957.1 5.5.2.13 2014-11-03 Found nothing 15
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
文件信息
VirSCANVirSCAN
安全评分 :72
基本信息
VirSCANVirSCAN
MD5:6b05ba7116e00a3400f25a4b3be95ab3
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.example.afeiwodemo
最低运行环境:Android 2.2.x
版权:Android
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.imaadpcm\MaxRTEncodeSetting
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.imaadpcm\MaxRTDecodeSetting
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.msgsm610\MaxRTEncodeSetting
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.msgsm610\MaxRTDecodeSetting
其他行为
VirSCANVirSCAN
行为描述: 窗口信息
详情信息: Pid = 1760, Hwnd=0xa018c, Text = 定位, ClassName = TButton.
Pid = 1760, Hwnd=0xb0184, Text = ToolBar1, ClassName = TToolBar.
Pid = 1760, Hwnd=0xc01d6, Text = 控制, ClassName = TControlForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:2/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:5/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:8/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:11/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:14/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:17/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:20/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:23/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:26/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:29/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:32/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:35/3:55 Player, ClassName = TPlayForm.
动态列表行为
VirSCANVirSCAN
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/852/cmdline length:105
path:/proc/876/cmdline length:105
path:/proc/878/cmdline length:105
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 数据加密
详情信息: {u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'54, 97, 102, 55, 103, 107, 114, 97'}
{u'operation': u'decryption', u'data': u'setting', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'action', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'log', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'global', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'logic', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'error', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'global_log-', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'down', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cache', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'request', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cachelist', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'retry_request', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'DownloadManager is not yet initialize', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u51c6\u5907\u4e0b\u8f7d\u4e2d\uff0c\u8bf7\u5230\u901a\u77e5\u680f\u67e5\u770b...', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u4e0b\u8f7d\u5931\u8d25', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6b63\u5728\u4e0b\u8f7d ', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u53ef\u4ee5\u5b89\u88c5', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'yyyy-MM-dd', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'yyyy-MM-dd HH:mm:ss', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'credits_app', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'credits_game', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'credits_other', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'lastAdId', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'isEnd', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6b63\u5728\u52a0\u8f7d\u2026', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u62b1\u6b49\uff01\u7f51\u7edc', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u597d\u50cf\u6709\u70b9\u4e0d\u7ed9\u529b\u5462~', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u518d\u7ed9\u6211\u4e00\u6b21\u673a\u4f1a\u5427', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6ca1\u6709\u53ef\u7b7e\u5230\u7684\u5e94\u7528,', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5feb\u53bb\u5b89\u88c5\u5427\uff01', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u4f60\u592a\u5389\u5bb3\u4e86', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6240\u6709\u7684\u4efb\u52a1\u90fd\u5b8c\u6210\u4e86', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u83b7\u53d6\u65b9\u6cd5\uff1a', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u672a\u5b8c\u6210\u4efb\u52a1\u524d\u5378\u8f7d\u5c06\u524d\u529f\u5c3d\u5f03', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8be5\u5e94\u7528\u60a8\u5df2\u7ecf\u88c5\u8fc7\u5566~\u65e0\u6cd5\u83b7\u53d6\u5956\u52b1\u2026', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8be6\u7ec6\u4ecb\u7ecd\uff1a', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u65f6\u4e0b\u6b63\u706b\u7206\u6d41\u884c', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5c0f\u65f6\u540e\u53ef\u4ee5\u7b7e\u5230', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u79d2\u540e\u53ef\u4ee5\u7b7e\u5230', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5206\u949f\u540e\u53ef\u4ee5\u7b7e\u5230', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5e76\u83b7\u5f97', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u53ef\u4ee5\u7b7e\u5230', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5df2\u5230\u7b7e\u5230\u4e0a\u9650\uff0c\u4e0d\u518d\u83b7\u53d6\u79ef\u5206', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u60a8\u8fd8\u672a\u5230\u53ef\u7b7e\u5230\u65f6\u95f4,\u6b64\u6b21\u7b7e\u5230\u4e0d\u83b7\u5f97\u79ef\u5206', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5b89\u88c5\u6ce8\u518c', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u7b7e\u5230\uff08\u4f7f\u7528\u4e24\u5206\u949f\u4ee5\u4e0a\uff09', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u83b7 \u53d6', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u4e0b\u8f7d\u6210\u529f', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6b63\u5728\u52aa\u529b\u4e0b\u8f7d\u4e2d', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u586b\u6587\u5b57', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u514d\u8d39\u83b7\u53d6\u79ef\u5206', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u70ed\u95e8\u5e94\u7528', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u70ed\u95e8\u6e38\u620f', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u7b7e\u5230\u4efb\u52a1', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5df2\u5b8c\u6210', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u9700\u8bd5\u7528', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'isNoShowBoot', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'number', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u7248\u672c: ', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5927\u5c0f: ', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'Mb', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'adInfo', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'resourcesAddr', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'adType', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_la_title_back.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_credits_icon.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_la_da_horizontal_line.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_la_horizontal_line.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_la_vertical_line.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_la_tv_bg.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_safety_certification.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_da_new_notifi.9.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_transaction_btn_bg.9.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_da_new_notifi_push.9.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_la_horizontal_line_push.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_la_title_back_push.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_notifi_btn_push.9.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_notifi_pressed_btn_push.9.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_safety_certification_push.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_notifi_btn.9.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_notifi_pressed_btn.9.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_load_more_bg.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_loading.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6bcf\u65e5', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6b21\u83b7\u53d6\u79ef\u5206\u7684\u673a\u4f1a\u5df2\u7528\u5b8c\u2026', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u4eca\u65e5\u5b89\u88c5\u4e0d\u518d\u83b7\u53d6\u79ef\u5206', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8d5e\uff01\u5b89\u88c5\u6210\u529f\u5566~\u6ce8\u518c\u65b0\u8d26\u53f7~', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5c31\u80fd\u83b7\u53d6\u79ef\u5206\u54af~', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u597d\u5427', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u79ef\u5206\u4e0d\u591f\u4e86\u5427\uff1f', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u627e\u6211\u83b7\u53d6\u79ef\u5206!', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_cancle_icon.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8be5\u670d\u52a1\u6682\u65f6\u5173\u95ed', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8bf7\u7a0d\u5019\u5237\u65b0', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u60a8\u7533\u8bf7\u7684appKey\u6682\u672a\u901a\u8fc7\u5ba1\u6838', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8bf7\u67e5\u770bappKey\u7684\u5ba1\u6838\u72b6\u6001', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5c55\u5f00 \u2228', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6536\u8d77 \u2227', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u79ef\u5206', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u66f4\u591a', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5f85\u7b7e\u5230', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u53ef\u7b7e\u5230', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6253 \u5f00', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5df2\u5168\u90e8\u5230\u624b\uff0c\u53bb\u5bfb\u627e\u65b0\u4efb\u52a1\u5427~', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5df2\u5378\u8f7d\uff0c\u65e0APK\uff1a\u8bf7\u91cd\u65b0\u4e0b\u8f7d\u8be5\u5e94\u7528\uff0c\u7b7e\u5230\u6709\u79ef\u5206~', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5df2\u5378\u8f7d\uff0c\u6709APK\uff1a\u8bf7\u91cd\u65b0\u5b89\u88c5\u8be5\u5e94\u7528\uff0c\u7b7e\u5230\u6709\u79ef\u5206~', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u7f51\u7edc\u4e2d\u65ad\uff0c\u8bf7\u8054\u7f51\u91cd\u65b0\u767b\u5f55', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u652f\u4ed8\u6210\u529f\u83b7\u5f97', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'packageName', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_interstitial_dl_normal.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_interstitial_dl_pressed.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_interstitial_close.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'push', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'Service onCreate...', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u6b21\u63a8\u9001\u6210\u529f\uff0c\u6b63\u5728\u4e0b\u8f7d...', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u6b21\u51c6\u5907\u4e2d\uff0c\u4e0a\u6b21\u63a8\u9001\u65f6\u95f4:', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u6b21\u63a8\u9001\u5931\u8d25\uff0c\u6ca1\u6709\u7f51\u7edc', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u6b21\u63a8\u9001\u5931\u8d25\uff0c\u6ca1\u6709\u53ef\u63a8\u9001\u6570\u636e', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u6b21\u63a8\u9001\u5931\u8d25\uff0c\u8d85\u8fc7\u6700\u5927\u63a8\u9001\u6b21\u6570\uff1a', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u4e00\u5929\u5185\u6709\u8fc7wifi\u5e76\u4e14\u5f53\u524d\u4e0d\u662fwifi\uff0c\u4e0d\u63a8\u9001', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u63a8\u9001\u5931\u8d25\uff0c\u4e24\u6b21\u63a8\u9001\u65f6\u95f4\u5c0f\u4e8e:', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u63a8\u9001\u5931\u8d25\uff0c\u4e0d\u5728\u63a8\u9001\u65f6\u95f4\u6bb5\u5185', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u53ef\u4ee5\u63a8\u9001\uff0c\u6700\u5927\u63a8\u9001\u6b21\u6570\u4e3a\uff1a', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u6b21\u4e0b\u8f7d\u5b8c\u6210\uff0c\u53d1\u51fa\u63a8\u9001', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u6b21push\u63a8\u9001\u5931\u8d25\uff0c\u4e0b\u8f7d\u9519\u8bef\uff0c\u76f4\u63a5\u63a8\u9001...', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u52a0\u8f7d\u5931\u8d25', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'appDir', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'webUrl', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'baseUrl', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'data', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'install_apk', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'open_web', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'download_apk', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'download_apk_progress', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'init', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'destroy', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'onAdClicked', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u4e3a\u7f13\u5b58\u6dfb\u52a0\u5df2\u5b89\u88c5\u7a0b\u5e8f\u5931\u8d25\uff0c\u6ca1\u6709\u627e\u5230\u5df2\u5b89\u88c5\u7a0b\u5e8f\u7684\u7f13\u5b58\u5217\u8868\uff0c\u4e0d\u505a\u5e7f\u544a\u6392\u9664\u5904\u7406', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6dfb\u52a0\u5b89\u88c5\u8f6f\u4ef6\u5230\u8f6f\u4ef6\u5217\u8868:', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6392\u9664\u5df2\u5b89\u88c5\u7684packageName\uff1a', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5e7f\u544a\u5df2\u7ecf\u5168\u90e8\u5c55\u793a\u5b8c\u6bd5\uff0c\u5199\u5165\u53d8\u91cf', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u5185\u5b58\u88ab\u9500\u6bc1\uff08\u5f02\u5e38\uff09\uff0c\u91cd\u65b0init...', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5220\u9664cachelist\u6570\u636e\u6210\u529f: ', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u4e0b\u8f7d\u6210\u529f (packagename, id, size)(\u53ef\u80fd\u6253\u5370\u4e24\u6b21log) :', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u88ab\u5b89\u88c5\uff0c\u5f00\u5173:', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u6587\u4ef6\u6821\u9a8c\u5931\u8d25', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u' \u8bf7\u91cd\u8bd5', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u7f51\u7edc\u5f02\u5e38', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8f6f\u4ef6\u88ab\u5b89\u88c5\uff0c\u4e0d\u662f\u5408\u683c\u7684\u8f6f\u4ef6\uff0cgetBusinssBuilder \u4e3a\u7a7a:', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8f6f\u4ef6\u88ab\u5b89\u88c5\uff0c\u4e0d\u662f\u5408\u683c\u7684\u8f6f\u4ef6\uff0c\u4ece\u5185\u5b58\u4e2d\u83b7\u53d6\u83b7\u53d6appInfo\u4e3a\u7a7a:', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8f6f\u4ef6\u88ab\u5b89\u88c5\uff0c\u4e0d\u662f\u5408\u683c\u7684\u8f6f\u4ef6\uff0c\u8d85\u8fc7\u89c4\u5b9a\u7684\u65f6\u95f4\u4e86:', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'BusinssDirector', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'DownloadManager', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'CacheFilter', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'CiphererFilter', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_da_details_line.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_rloding_1.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_rloding_2.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_rloding_3.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_rloding_4.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_right_arrow.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_loadfaild_icon.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u52a0\u8f7d\u5931\u8d25!', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u8bf7\u68c0\u67e5\u60a8\u7684\u7f51\u7edc\u914d\u7f6e', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'r_cache_recommend', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'r_cache_ad_list_re', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'r_cache_list', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'r_cache_lastadid', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'r_hasbound_key', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_check_false.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_check_true.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u5e94\u7528\u5217\u8868', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u53d1\u73b0\u66f4\u591a\u597d\u5e94\u7528', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'\u7acb\u5373\u8fdb\u5165 >', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'by_found_bg.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_recommend_surprise.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwo_dir', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'1.2', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'android', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'bayilaoye#66#88', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'http://', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'Mozilla/5.0(Linux;U;Android 2.2.1;en-us;Nexus One Build.FRG83) AppleWebKit/553.1(KHTML,like Gecko) Version/4.0 Mobile Safari/533.1', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'ad_gzip', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'appkey', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'sdkVersion', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'Connection', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'close', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u"[`~!@#$%^&*()+=|{}':;',\\[\\].<>/?~\uff01@#\uffe5%\u2026\u2026&*\uff08\uff09\u2014\u2014+|{}\u3010\u3011\u2018\uff1b\uff1a\u201d\u201c\u2019\u3002\uff0c\u3001\uff1f]", u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'client.adfeiwo.com:9110/terminal/ad/', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'42.62.4.165:9110/terminal/ad/', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'int.dpool.sina.com.cn/iplookup/iplookup.php', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'ok', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'no', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'd_action', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'feiwomob', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'/cache_', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'/global_cache', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cache_adlist', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cache_userinfo', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cache_actions', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'push_setting', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cache_append', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cache_global', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'getAdList.do?t=', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'getAdInfo.do?t=', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'listener.do?t=', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'deviceInfo.do?t=', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'type', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'/cache/images', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'com.screen.main.coverscreen.close', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'com.screen.main.package.install', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'com.intent.add.cre.dits.broadcast', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'dm_close.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'dm_download.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'dm_open.png', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'tiantian', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'_setting_cache', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'cache_filename', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'adcache_time', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'adshow_the_number', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'ad_validity_time', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'clickDown', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'autoDown', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'showstallBar', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'uninstallBar', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'autoOpen', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'fullscreenDown', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'config_filename', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'creditsCacheFilenames', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'creditsKey', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'credits_install_time', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'credits_signed_number', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'credits_check_in_time', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'credits_ad_list_cache_key', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'creditsWallUnit', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'android.intent.action.PACKAGE_ADDED', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'android.intent.action.PACKAGE_REMOVED', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'android.intent.action.PACKAGE_ALREADY_INSTALL', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'com.apk.down.action_', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_adId', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_size', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_startting', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_progress', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_complete', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_success', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_path', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_packageName', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'do_adinfo', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'apkCachePath', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'CreditsWall', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'pay', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'pay.package.name', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'install', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'signIn', u'algorithm': u'DES'}
{u'operation': u'decryption', u'data': u'developer', u'algorithm': u'DES'}
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.example.afeiwodemo-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
com.example.afeiwodemo.FeiwoActivity android.intent.action.MAIN
com.example.afeiwodemo.FeiwoActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
TelephonyManager;->getLine1Number 获取手机号
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
android/app/NotificationManager;->notify 信息通知栏
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getSimSerialNumber 获取SIM序列号
ContentResolver;->query 读取联系人、短信等数据库
启动方式
VirSCANVirSCAN
名称 信息
com.feiwo.receiver.InReceiver 应用安装时启动服务
com.feiwo.receiver.InReceiver 应用卸载时启动服务
com.feiwo.receiver.ConnectReceiver 网络连接改变时启动服务
com.feiwo.receiver.ConnectReceiver 屏幕解锁启动服务
com.feiwo.receiver.ConnectReceiver 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
文件列表
VirSCANVirSCAN
文件名 校验码
res/layout/activity_main.xml 0x81ba0503
res/layout/bottombanner.xml 0x6acb0eea
res/layout/feiwo.xml 0xf044a968
res/layout/headbanner.xml 0x156d8ddf
res/menu/main.xml 0xd0f19280
AndroidManifest.xml 0x7c353795
resources.arsc 0xaca5084b
res/drawable-hdpi/ic_launcher.png 0xf248df62
res/drawable-mdpi/ic_launcher.png 0x6a84dfd9
res/drawable-xhdpi/ic_launcher.png 0xa227fc8a
res/drawable-xxhdpi/ic_launcher.png 0x2a4a99d1
classes.dex 0x1440875b
assets/feiwo_interstitial_close.png 0xdf07e88f
assets/feiwo_interstitial_dl_normal.png 0x78fc4bb8
assets/feiwo_interstitial_dl_pressed.png 0x40262ef4
assets/feiwo_la_da_horizontal_line.png 0x53359994
assets/feiwo_la_title_back.png 0x3b9cc739
assets/feiwo_recommend_check_false.png 0xf0f4baeb
assets/feiwo_recommend_check_true.png 0x16d0f970
assets/feiwo_recommend_da_details_line.png 0x58d61164
assets/feiwo_recommend_loadfaild_icon.png 0x1ef0ef7c
assets/feiwo_recommend_right_arrow.png 0xc5e88c19
assets/feiwo_recommend_rloding_1.png 0x65ab2d1b
assets/feiwo_recommend_rloding_2.png 0xc7b200b
assets/feiwo_recommend_rloding_3.png 0xdd079eca
assets/feiwo_recommend_rloding_4.png 0xd874b81f
assets/feiwo_recommend_safety_certification.png 0x1766599d
assets/feiwo_recommend_surprise.png 0x231ef625
META-INF/MANIFEST.MF 0x599633d0
META-INF/CERT.SF 0xf10acbef
META-INF/CERT.RSA 0xf5f4617a
运行截图
VirSCANVirSCAN
VirSCAN