VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-04-27 02:55:54 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 10
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 4
avast 150725-1 4.7.4 2015-07-25 Found nothing 21
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 6
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 60
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
clamav 19861 0.97.5 2014-12-31 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 48
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 3
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 30
gdata 25.6363 25.6363 2016-04-27 Found nothing 22
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 11
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 54
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 37
kingsoft 2.1 2.1 2013-09-22 Found nothing 6
mcafee 7638 5400.1158 2014-11-30 Found nothing 32
nod32 0920 3.0.21 2014-12-23 Found nothing 1
panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 3
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
quickheal 14.00 14.00 2015-07-25 Found nothing 4
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 7
sophos 5.08 3.55.0 2014-12-01 Found nothing 6
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 19
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 4
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 19
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 8
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 5
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_DOWNLOAD_MANAGER
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:942c82374855e1f3a5380faec1c66c5e
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.microsoft.rdc.android.beta
最低运行环境:Android 4.1, 4.1.1
版权:Microsoft Corporation
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x00020000, Size = 0x00000758
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x7ffd9010, Size = 0x00000004
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x00030000, Size = 0x00000184
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x7ffd91e8, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.601003.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.601440.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x00020000, Size = 0x0000091c
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.601871.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x7ffdb010, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.602303.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x7ffdb1e8, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.602735.exe_7zdump\ADM\admget.exe, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.603163.exe_7zdump\ADM\admget.exe, WriteAddress = 0x00020000, Size = 0x00000a5c
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.603590.exe_7zdump\ADM\admget.exe, WriteAddress = 0x7ffde010, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.604018.exe_7zdump\ADM\admget.exe, WriteAddress = 0x7ffde1e8, Size = 0x00000004
TargetProcess = C:\Program Files\Internet Explorer\iexplore.exe, WriteAddress = 0x00010000, Size = 0x000007fa
TargetProcess = C:\Program Files\Internet Explorer\iexplore.exe, WriteAddress = 0x00020000, Size = 0x00000780
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x410104a4.
Foreground window Info: HWND = 0x00000000, DC = 0x060102eb.
Foreground window Info: HWND = 0x00000000, DC = 0x04010263.
Foreground window Info: HWND = 0x00000000, DC = 0x06010303.
Foreground window Info: HWND = 0x00000000, DC = 0x10010507.
行为描述: 设置消息钩子
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.608639.exe_7zdump\ADM\ADM.dll
行为描述: 获取TickCount值
详情信息: TickCount = 493896, SleepMilliseconds = 100.
TickCount = 494021, SleepMilliseconds = 100.
TickCount = 494037, SleepMilliseconds = 100.
TickCount = 494053, SleepMilliseconds = 100.
TickCount = 494084, SleepMilliseconds = 100.
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x00020000, Size = 0x00000758
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x7ffd9010, Size = 0x00000004
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x00030000, Size = 0x00000184
TargetProcess = C:\WINDOWS\NOTEPAD.EXE, WriteAddress = 0x7ffd91e8, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.601003.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.601440.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x00020000, Size = 0x0000091c
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.601871.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x7ffdb010, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.602303.exe_7zdump\ADM\AdmSetting.exe, WriteAddress = 0x7ffdb1e8, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.602735.exe_7zdump\ADM\admget.exe, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.603163.exe_7zdump\ADM\admget.exe, WriteAddress = 0x00020000, Size = 0x00000a5c
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.603590.exe_7zdump\ADM\admget.exe, WriteAddress = 0x7ffde010, Size = 0x00000004
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.604018.exe_7zdump\ADM\admget.exe, WriteAddress = 0x7ffde1e8, Size = 0x00000004
TargetProcess = C:\Program Files\Internet Explorer\iexplore.exe, WriteAddress = 0x00010000, Size = 0x000007fa
TargetProcess = C:\Program Files\Internet Explorer\iexplore.exe, WriteAddress = 0x00020000, Size = 0x00000780
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x410104a4.
Foreground window Info: HWND = 0x00000000, DC = 0x060102eb.
Foreground window Info: HWND = 0x00000000, DC = 0x04010263.
Foreground window Info: HWND = 0x00000000, DC = 0x06010303.
Foreground window Info: HWND = 0x00000000, DC = 0x10010507.
行为描述: 设置消息钩子
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.608639.exe_7zdump\ADM\ADM.dll
行为描述: 获取TickCount值
详情信息: TickCount = 493896, SleepMilliseconds = 100.
TickCount = 494021, SleepMilliseconds = 100.
TickCount = 494037, SleepMilliseconds = 100.
TickCount = 494053, SleepMilliseconds = 100.
TickCount = 494084, SleepMilliseconds = 100.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.316030.exe_7zdump\ADM\user.txt
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini
C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\clean.dat
C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\action.txt
C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\cleanfromweb.dat
C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\actionlocal.txt
C:\Documents and Settings\Administrator\Application Data\ADM\update.swf
C:\Documents and Settings\Administrator\Application Data\ADM\admhooks.ini
C:\Documents and Settings\Administrator\Application Data\ADM\doc\hidecss.js
C:\Documents and Settings\Administrator\Application Data\ADM\proxylist.txt
C:\Documents and Settings\Administrator\Application Data\ADM\ADMInstall
C:\Documents and Settings\Administrator\Application Data\ADM\2016-04-27.log
C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\adminfo.dat
C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\adminfo.dat.tmp1
C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\adminfo.dat.tmp
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Application Data
FileName = C:\Documents and Settings\Administrator\My Documents
FileName = C:\Documents and Settings\All Users
FileName = C:\Documents and Settings\All Users\Documents
FileName = C:\Documents and Settings\Administrator\桌面
FileName = C:\Documents and Settings\All Users\桌面
FileName = C:\WINDOWS
FileName = C:\WINDOWS\notepad.exe
FileName = C:\WINDOWS\NOTEPAD.EXE
FileName = C:\Documents and Settings\Administrator\Application Data\ADM\*.log
FileName = C:\WINDOWS\system32
FileName = C:\WINDOWS\system32\msctfime.ime
FileName = C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\*.*
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\adminfo.dat.tmp1
行为描述: 重命名文件
详情信息: C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\adminfo.dat.tmp ---> C:\Documents and Settings\Administrator\Application Data\ADM\subscribe\adminfo.dat
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.572924.exe_7zdump\ADM\libcommu.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.573271.exe_7zdump\ADM\user.txt ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\ADM\admhooks.ini ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\ADM\doc\hidecss.js ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\ADM\proxylist.txt ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\ADM\ADMInstall ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\ADM\ADMInstall ---> Offset = 104
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 584
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 367
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 1000
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 1021
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 621
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 636
C:\Documents and Settings\Administrator\Application Data\ADM\ADMConfig.ini ---> Offset = 1141
行为描述: 修改新生成的可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.716116.exe_7zdump\ADM\libcommu.dll
网络行为
VirSCANVirSCAN
行为描述: 建立到一个指定的套接字连接
详情信息: URL: ww*********om, IP: <FAKE_SERVER_IP>:80, SOCKET = 0x00000664
URL: up**************om, IP: <FAKE_SERVER_IP>:80, SOCKET = 0x0000017c
URL: up**************om, IP: <FAKE_SERVER_IP>:80, SOCKET = 0x00000190
URL: u2*********om, IP: <FAKE_SERVER_IP>:80, SOCKET = 0x00000190
行为描述: 发送HTTP包
详情信息: GET / HTTP/1.1 HOST:www.baidu.com
GET / HTTP/1.1 HOST:update2.admflt.com
GET / HTTP/1.1 HOST:u2.admflt.com
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: ::1
gethostbyname: ww*********om
gethostbyname: up**************om
GetAddrInfoW: computer
gethostbyname: u2*********om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\WINDOWS\notepad.exe
\REGISTRY\USER\S-*\SessionInformation\ProgramCount
\REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.259361.exe_7zdump\ADM\AdmSetting.exe
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{936FAC02-0BDC-11E6-91BE-000000000000}
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\
行为描述: 删除注册表键值
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: oleacc-msaa-loaded
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Global\{0B3F127D8-E274-42c1-6EAA-4BD351023EE8}
SHIMLIB_LOG_MUTEX
MSCTF.Shared.MUTEX.ELH
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
Local\!BrowserEmulation!SharedMemory!Mutex
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\crypt32LogoffEvent
EventName = Global\userenv: User Profile setup event
EventName = CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000011
EventName = CTF.ThreadMIConnectionEvent.000007B4.00000000.00000011
EventName = MSCTF.SendReceive.Event.ELH.IC
EventName = MSCTF.SendReceiveConection.Event.ELH.IC
EventName = version_download_event
EventName = Isolation Signal Registry Event (936FABFF-0BDC-11E6-91BE-000000000000, 0)
EventName = IE_EarlyTabStart_0xbc4
EventName = Isolation Signal Registry Event (936FAC00-0BDC-11E6-91BE-000000000000, 0)
行为描述: 修改后的可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.650907.exe_7zdump\ADM\libcommu.dll ---> d12ae99d3b77b38d2ffb071e7031399d
行为描述: 窗口信息
详情信息: Pid = 588, Hwnd=0x5028c, Text = 确定, ClassName = Button.
Pid = 588, Hwnd=0x50270, Text = 取消, ClassName = Button.
Pid = 588, Hwnd=0x5026a, Text = "0x0040e51f" 指令引用的 "0x00b7fd94" 内存。该内存不能为 "read"。 要终止程序,请单击“确定”。 要调试程序,请单击“取消”。, ClassName = Static.
Pid = 588, Hwnd=0x130146, Text = admget.exe - 应用程序错误, ClassName = #32770.
行为描述: 获取TickCount值
详情信息: TickCount = 493896, SleepMilliseconds = 100.
TickCount = 494021, SleepMilliseconds = 100.
TickCount = 494037, SleepMilliseconds = 100.
TickCount = 494053, SleepMilliseconds = 100.
TickCount = 494084, SleepMilliseconds = 100.
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
行为描述: 修改后的可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.620435.exe_7zdump\ADM\libcommu.dll(签名验证: 未通过)
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x410104a4.
Foreground window Info: HWND = 0x00000000, DC = 0x060102eb.
Foreground window Info: HWND = 0x00000000, DC = 0x04010263.
Foreground window Info: HWND = 0x00000000, DC = 0x06010303.
Foreground window Info: HWND = 0x00000000, DC = 0x10010507.
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 100.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [ADM日志 (注: 打开日志界面, 刷新网页 实时输出日志.. 关闭界面后,将不再输出日志!),ADMLogWindow]
[Window,Class] = [ADMTrayWindow,ADMTrayWindow]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [ADMLogWindow,]
行为描述: 加载新释放的文件
详情信息: Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.641623.exe_7zdump\ADM\libcool.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.641965.exe_7zdump\ADM\msvcp120.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.642305.exe_7zdump\ADM\msvcr120.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.642645.exe_7zdump\ADM\libcommu.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.642984.exe_7zdump\ADM\zlib.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.643320.exe_7zdump\ADM\libdump32.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.643660.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.643992.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.644326.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.644661.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.644998.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.645333.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.645666.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.646001.exe_7zdump\ADM\ADM.dll.
Image: C:\Documents and Settings\Administrator\Local Settings\%temp%\1461695320.646334.exe_7zdump\ADM\ADM.dll.
Activities
VirSCANVirSCAN
活动名 类型
com.microsoft.rdc.ui.activities.HomeActivity android.intent.action.MAIN
com.microsoft.rdc.ui.activities.HomeActivity android.intent.category.LAUNCHER
com.microsoft.a3rdc.ui.activities.ShortcutLauncherActivity android.intent.action.CREATE_SHORTCUT
com.microsoft.a3rdc.ui.activities.ShortcutLauncherActivity android.intent.category.DEFAULT
com.microsoft.a3rdc.ui.activities.RdpFileUriLaunchActivity android.intent.action.VIEW
com.microsoft.a3rdc.ui.activities.RdpFileUriLaunchActivity android.intent.category.DEFAULT
com.microsoft.a3rdc.ui.activities.RdpFileUriLaunchActivity android.intent.category.BROWSABLE
危险函数
VirSCANVirSCAN
函数名称 信息
android/app/NotificationManager;->notify 信息通知栏
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
java/net/URL;->openConnection 连接URL
ContentResolver;->query 读取联系人、短信等数据库
java/net/URLConnection;->connect 连接URL
java/net/HttpURLConnection;->connect 连接URL
启动方式
VirSCANVirSCAN
名称 信息
com.microsoft.intune.mam.client.service.MAMBackgroundReceiver
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_DOWNLOAD_MANAGER
服务列表
VirSCANVirSCAN
名称
com.microsoft.a3rdc.session.KeepAliveService
com.microsoft.intune.mam.client.notification.MAMNotificationReceiverService
com.microsoft.intune.mam.client.notification.CompanyPortalInstallHandler
com.microsoft.intune.mam.client.service.MAMBackgroundService
com.microsoft.a3rdc.test.sns.BugReportServiceManager$BugReportService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xf61d620e
META-INF/MSFTSIG.SF 0xbcc6843d
META-INF/MSFTSIG.RSA 0xd8eb0253
AndroidManifest.xml 0x1efe3609
assets/certificates/cloudapp.net.der 0xd13301a2
assets/changelog.css 0xc8d57744
assets/eula.html 0x3c07e176
assets/fonts/rdpmdl2.ttf 0xfe09bf96
assets/fonts/segoe.ttf 0x35d8a48c
assets/oss_licenses.txt 0x73c4af7c
assets/whatsnew.html 0x12535346
res/drawable-hdpi-v4/ab_solid_dark_holo.9.png 0x4f4f5fbb
res/drawable-hdpi-v4/about_logo.png 0xe8612812
res/drawable-hdpi-v4/btn_default_disabled_focused_holo_dark.9.png 0x20519bf1
res/drawable-hdpi-v4/btn_default_disabled_holo_dark.9.png 0x750e1da8
res/drawable-hdpi-v4/btn_default_focused_holo_dark.9.png 0xdece9f22
res/drawable-hdpi-v4/btn_default_normal_holo_dark.9.png 0xfc85d911
res/drawable-hdpi-v4/btn_default_pressed_holo_dark.9.png 0x175f3050
res/drawable-hdpi-v4/btn_toggle_off_disabled_focused_holo_dark.9.png 0x274fd531
res/drawable-hdpi-v4/btn_toggle_off_disabled_holo_dark.9.png 0x90e6b223
res/drawable-hdpi-v4/btn_toggle_off_focused_holo_dark.9.png 0xb9796a82
res/drawable-hdpi-v4/btn_toggle_off_normal_holo_dark.9.png 0xe0c6a084
res/drawable-hdpi-v4/btn_toggle_off_pressed_holo_dark.9.png 0x437fe7a
res/drawable-hdpi-v4/btn_toggle_on_disabled_focused_holo_dark.9.png 0x2314499d
res/drawable-hdpi-v4/btn_toggle_on_disabled_holo_dark.9.png 0xde5e131f
res/drawable-hdpi-v4/btn_toggle_on_focused_holo_dark.9.png 0x17dc2b9b
res/drawable-hdpi-v4/btn_toggle_on_normal_holo_dark.9.png 0x115904c
res/drawable-hdpi-v4/btn_toggle_on_pressed_holo_dark.9.png 0x95ee4e8
res/drawable-hdpi-v4/btn_toggle_sticky_overlay.9.png 0x5781c636
res/drawable-hdpi-v4/cb_home.png 0x7b56210d
res/drawable-hdpi-v4/cb_mouse_pointer.png 0xab8e57bd
res/drawable-hdpi-v4/cb_mouse_touch.png 0x8e5e8210
res/drawable-hdpi-v4/cursor.png 0x8cc44f95
res/drawable-hdpi-v4/desktop_placeholder.9.png 0x5c8e1fe7
res/drawable-hdpi-v4/devices.png 0xa6939dd3
res/drawable-hdpi-v4/drawer_shadow.9.png 0x1b4dd52f
res/drawable-hdpi-v4/ext_keyboard_backspace_pressed.png 0x21b2b1d2
res/drawable-hdpi-v4/ext_keyboard_down_arrow_pressed.png 0x3561a88c
res/drawable-hdpi-v4/ext_keyboard_lft_arrow_pressed.png 0x4cf1312f
res/drawable-hdpi-v4/ext_keyboard_printscreen_pressed.png 0x13f6b105
res/drawable-hdpi-v4/ext_keyboard_return_pressed.png 0x5e1a68b6
res/drawable-hdpi-v4/ext_keyboard_rt_arrow_pressed.png 0xbf1483e
res/drawable-hdpi-v4/ext_keyboard_rt_click_pressed.png 0x92a6a399
res/drawable-hdpi-v4/ext_keyboard_up_arrow_pressed.png 0xc249fb91
res/drawable-hdpi-v4/ic_action_accept_dark.png 0x7bbd7044
res/drawable-hdpi-v4/ic_action_cancel.png 0xf911ab1
res/drawable-hdpi-v4/ic_action_collapse.png 0xd90157cd
res/drawable-hdpi-v4/ic_action_discard.png 0x75791b72
res/drawable-hdpi-v4/ic_action_error.png 0x21cd1eb8
res/drawable-hdpi-v4/ic_action_expand.png 0x99457f64
res/drawable-hdpi-v4/ic_action_expand_dark.png 0xd8d4cd81
res/drawable-hdpi-v4/ic_action_new_dark.png 0x39d49d97
res/drawable-hdpi-v4/ic_action_next_item_dark.png 0x1a0ddced
res/drawable-hdpi-v4/ic_action_previous_item_dark.png 0xa6bc7187
res/drawable-hdpi-v4/ic_action_return_dark.png 0xebe1446e
res/drawable-hdpi-v4/ic_more_vert_grey_24dp.png 0xdf789951
res/drawable-hdpi-v4/ic_navigation_drawer_dark.png 0x88ab1e95
res/drawable-hdpi-v4/ic_textfield_clear.png 0x97b31c75
res/drawable-hdpi-v4/ic_warning_holo_light.png 0xe985aedc
res/drawable-hdpi-v4/icon.png 0x399fa8da
res/drawable-hdpi-v4/key_win.png 0x7ba04ce
res/drawable-hdpi-v4/notification_icon.png 0x2fb74c0b
res/drawable-hdpi-v4/pan_control_normal.png 0xe3fcdbcc
res/drawable-hdpi-v4/pan_control_pressed.png 0x65d73720
res/drawable-hdpi-v4/rd_chevron.png 0xe51b4718
res/drawable-hdpi-v4/rdp_icon.png 0x1f9abc5a
res/drawable-hdpi-v4/remote_app_icon_placeholder.png 0xa9924bd5
res/drawable-mdpi-v4/ab_solid_dark_holo.9.png 0xbd7e8428
res/drawable-mdpi-v4/about_logo.png 0x3c886882
res/drawable-mdpi-v4/btn_default_disabled_focused_holo_dark.9.png 0xab7b10dc
res/drawable-mdpi-v4/btn_default_disabled_holo_dark.9.png 0x9690e670
res/drawable-mdpi-v4/btn_default_focused_holo_dark.9.png 0xe450965b
res/drawable-mdpi-v4/btn_default_normal_holo_dark.9.png 0x593179ce
res/drawable-mdpi-v4/btn_default_pressed_holo_dark.9.png 0x6079eef4
res/drawable-mdpi-v4/btn_toggle_off_disabled_focused_holo_dark.9.png 0x73fbd606
res/drawable-mdpi-v4/btn_toggle_off_disabled_holo_dark.9.png 0xcf668018
res/drawable-mdpi-v4/btn_toggle_off_focused_holo_dark.9.png 0x7cecfd62
res/drawable-mdpi-v4/btn_toggle_off_normal_holo_dark.9.png 0xec890779
res/drawable-mdpi-v4/btn_toggle_off_pressed_holo_dark.9.png 0x47a9645d
res/drawable-mdpi-v4/btn_toggle_on_disabled_focused_holo_dark.9.png 0x92dcda9d
res/drawable-mdpi-v4/btn_toggle_on_disabled_holo_dark.9.png 0x6ba56708
res/drawable-mdpi-v4/btn_toggle_on_focused_holo_dark.9.png 0x439e10a7
res/drawable-mdpi-v4/btn_toggle_on_normal_holo_dark.9.png 0xb3db425b
res/drawable-mdpi-v4/btn_toggle_on_pressed_holo_dark.9.png 0x312e0401
res/drawable-mdpi-v4/btn_toggle_sticky_overlay.9.png 0x55585863
res/drawable-mdpi-v4/cb_home.png 0x777d29f8
res/drawable-mdpi-v4/cb_mouse_pointer.png 0x6a08a63f
res/drawable-mdpi-v4/cb_mouse_touch.png 0x53ca8c5c
res/drawable-mdpi-v4/cursor.png 0xee5c490e
res/drawable-mdpi-v4/desktop_placeholder.9.png 0x306a222a
res/drawable-mdpi-v4/devices.png 0xe8a51ab5
res/drawable-mdpi-v4/drawer_shadow.9.png 0x24412056
res/drawable-mdpi-v4/ext_keyboard_backspace_pressed.png 0xab63ba2b
res/drawable-mdpi-v4/ext_keyboard_down_arrow_pressed.png 0x42c46276
res/drawable-mdpi-v4/ext_keyboard_lft_arrow_pressed.png 0xce97d461
res/drawable-mdpi-v4/ext_keyboard_printscreen_pressed.png 0xfc81172b
res/drawable-mdpi-v4/ext_keyboard_return_pressed.png 0x5e1a68b6
res/drawable-mdpi-v4/ext_keyboard_rt_arrow_pressed.png 0xd324f3ef
res/drawable-mdpi-v4/ext_keyboard_rt_click_pressed.png 0xddd8e8ed
res/drawable-mdpi-v4/ext_keyboard_up_arrow_pressed.png 0x170a0799
res/drawable-mdpi-v4/ic_action_accept_dark.png 0xe4f8ed41
res/drawable-mdpi-v4/ic_action_cancel.png 0xbbd58774
res/drawable-mdpi-v4/ic_action_collapse.png 0xf2478572
res/drawable-mdpi-v4/ic_action_discard.png 0x1813df19
res/drawable-mdpi-v4/ic_action_error.png 0xe4dfb283
res/drawable-mdpi-v4/ic_action_expand.png 0x839a7d73
res/drawable-mdpi-v4/ic_action_expand_dark.png 0xb2319ae8
res/drawable-mdpi-v4/ic_action_new_dark.png 0xb4ec6e14
res/drawable-mdpi-v4/ic_action_next_item_dark.png 0x98175b83
res/drawable-mdpi-v4/ic_action_previous_item_dark.png 0x185485a8
res/drawable-mdpi-v4/ic_action_return_dark.png 0xd4f85fa5
res/drawable-mdpi-v4/ic_more_vert_grey_24dp.png 0x1e4569cc
res/drawable-mdpi-v4/ic_navigation_drawer_dark.png 0x3f4e1f0f
res/drawable-mdpi-v4/ic_textfield_clear.png 0x359ecfaa
res/drawable-mdpi-v4/ic_warning_holo_light.png 0xb363a3ac
res/drawable-mdpi-v4/icon.png 0x7c249fb8
res/drawable-mdpi-v4/key_win.png 0x20c3702c
res/drawable-mdpi-v4/notification_icon.png 0x4fc0f48e
res/drawable-mdpi-v4/pan_control_normal.png 0x5c7a50f9
res/drawable-mdpi-v4/pan_control_pressed.png 0x3f31da1d
res/drawable-mdpi-v4/rd_chevron.png 0xa7cdc573
res/drawable-mdpi-v4/rdp_icon.png 0x52888b43
res/drawable-mdpi-v4/remote_app_icon_placeholder.png 0x89781e06
res/drawable-mdpi-v4/session_close.png 0x5f19bf5
res/drawable-xhdpi-v4/ab_solid_dark_holo.9.png 0x6d371c6d
res/drawable-xhdpi-v4/about_logo.png 0xfd4a539a
res/drawable-xhdpi-v4/btn_default_disabled_focused_holo_dark.9.png 0xbc958d8c
res/drawable-xhdpi-v4/btn_default_disabled_holo_dark.9.png 0x91c3a620
res/drawable-xhdpi-v4/btn_default_focused_holo_dark.9.png 0x168c3661
res/drawable-xhdpi-v4/btn_default_normal_holo_dark.9.png 0x2f320aac
res/drawable-xhdpi-v4/btn_default_pressed_holo_dark.9.png 0xa92faa81
res/drawable-xhdpi-v4/btn_toggle_off_disabled_focused_holo_dark.9.png 0xf1a71eee
res/drawable-xhdpi-v4/btn_toggle_off_disabled_holo_dark.9.png 0xcfbb9d7f
res/drawable-xhdpi-v4/btn_toggle_off_focused_holo_dark.9.png 0x8b80fac1
res/drawable-xhdpi-v4/btn_toggle_off_normal_holo_dark.9.png 0x8467892
res/drawable-xhdpi-v4/btn_toggle_off_pressed_holo_dark.9.png 0xd1bafdfa
res/drawable-xhdpi-v4/btn_toggle_on_disabled_focused_holo_dark.9.png 0x146c672c
res/drawable-xhdpi-v4/btn_toggle_on_disabled_holo_dark.9.png 0xabab5f78
res/drawable-xhdpi-v4/btn_toggle_on_focused_holo_dark.9.png 0xfe2be5ec
res/drawable-xhdpi-v4/btn_toggle_on_normal_holo_dark.9.png 0xb8ff3077
res/drawable-xhdpi-v4/btn_toggle_on_pressed_holo_dark.9.png 0x43e9cf8b
res/drawable-xhdpi-v4/btn_toggle_sticky_overlay.9.png 0xba963753
res/drawable-xhdpi-v4/cb_home.png 0x9796109a
res/drawable-xhdpi-v4/cb_mouse_pointer.png 0x8771903b
res/drawable-xhdpi-v4/cb_mouse_touch.png 0x211974d2
res/drawable-xhdpi-v4/cursor.png 0x661b78f9
res/drawable-xhdpi-v4/desktop_placeholder.9.png 0x3a1470c3
res/drawable-xhdpi-v4/devices.png 0x67d0f0c1
res/drawable-xhdpi-v4/drawer_shadow.9.png 0x963a9f9f
res/drawable-xhdpi-v4/ext_keyboard_backspace_pressed.png 0xe8447e51
res/drawable-xhdpi-v4/ext_keyboard_down_arrow_pressed.png 0x4028c834
res/drawable-xhdpi-v4/ext_keyboard_lft_arrow_pressed.png 0xc4bec487
res/drawable-xhdpi-v4/ext_keyboard_printscreen_pressed.png 0x8d636ccf
res/drawable-xhdpi-v4/ext_keyboard_return_pressed.png 0xe65e1bd3
res/drawable-xhdpi-v4/ext_keyboard_rt_arrow_pressed.png 0x16375043
res/drawable-xhdpi-v4/ext_keyboard_rt_click_pressed.png 0xbe820e6c
res/drawable-xhdpi-v4/ext_keyboard_up_arrow_pressed.png 0xb8e8353e
res/drawable-xhdpi-v4/ic_action_accept_dark.png 0xff6343b5
res/drawable-xhdpi-v4/ic_action_cancel.png 0xa727153b
res/drawable-xhdpi-v4/ic_action_collapse.png 0x8b1d9b1
res/drawable-xhdpi-v4/ic_action_discard.png 0x92021ce9
res/drawable-xhdpi-v4/ic_action_error.png 0x3f7bf824
res/drawable-xhdpi-v4/ic_action_expand.png 0xbafe175b
res/drawable-xhdpi-v4/ic_action_expand_dark.png 0x3797519e
res/drawable-xhdpi-v4/ic_action_new_dark.png 0xcde55a
res/drawable-xhdpi-v4/ic_action_next_item_dark.png 0x207bc6cb
res/drawable-xhdpi-v4/ic_action_previous_item_dark.png 0x904869d1
res/drawable-xhdpi-v4/ic_action_return_dark.png 0x2b114731
res/drawable-xhdpi-v4/ic_more_vert_grey_24dp.png 0x1293d8c1
res/drawable-xhdpi-v4/ic_navigation_drawer_dark.png 0x68dc50b8
res/drawable-xhdpi-v4/ic_textfield_clear.png 0xada5f44a
res/drawable-xhdpi-v4/ic_warning_holo_light.png 0xaeeaecd
res/drawable-xhdpi-v4/icon.png 0xef841d42
res/drawable-xhdpi-v4/key_win.png 0xf1eba03f
res/drawable-xhdpi-v4/notification_icon.png 0xefeb1758
res/drawable-xhdpi-v4/pan_control_normal.png 0xb0fa86a3
res/drawable-xhdpi-v4/pan_control_pressed.png 0x2aa83355
res/drawable-xhdpi-v4/rd_chevron.png 0x6889c349
res/drawable-xhdpi-v4/rdp_icon.png 0xf9865b38
res/drawable-xhdpi-v4/remote_app_icon_placeholder.png 0x79d43edc
res/drawable-xhdpi-v4/session_close.png 0x35349f94
res/drawable-xhdpi-v4/session_selection_start_new.png 0xbeb79457
res/drawable-xxhdpi-v4/ab_solid_dark_holo.9.png 0x70bbe718
res/drawable-xxhdpi-v4/about_logo.png 0x9df2d0af
res/drawable-xxhdpi-v4/cb_home.png 0x418d34a2
res/drawable-xxhdpi-v4/cb_mouse_pointer.png 0x4f15c5e7
res/drawable-xxhdpi-v4/cb_mouse_touch.png 0xfb8dab82
res/drawable-xxhdpi-v4/cursor.png 0xd4a09d6e
res/drawable-xxhdpi-v4/desktop_placeholder.9.png 0xffeb27d4
res/drawable-xxhdpi-v4/devices.png 0xcbb0269b
res/drawable-xxhdpi-v4/drawer_shadow.9.png 0x5fd1f669
res/drawable-xxhdpi-v4/ext_keyboard_backspace_pressed.png 0x240d50a5
res/drawable-xxhdpi-v4/ext_keyboard_down_arrow_pressed.png 0x628e85d6
res/drawable-xxhdpi-v4/ext_keyboard_lft_arrow_pressed.png 0x4b82705a
res/drawable-xxhdpi-v4/ext_keyboard_printscreen_pressed.png 0xdaa6507b
res/drawable-xxhdpi-v4/ext_keyboard_return_pressed.png 0x8208a9d2
res/drawable-xxhdpi-v4/ext_keyboard_rt_arrow_pressed.png 0xbd78de6a
res/drawable-xxhdpi-v4/ext_keyboard_rt_click_pressed.png 0x33634cdd
res/drawable-xxhdpi-v4/ext_keyboard_up_arrow_pressed.png 0xb0e26f6c
res/drawable-xxhdpi-v4/ic_action_accept_dark.png 0x84eb227d
res/drawable-xxhdpi-v4/ic_action_cancel.png 0xbf9c84db
res/drawable-xxhdpi-v4/ic_action_collapse.png 0xb4e89fb7
res/drawable-xxhdpi-v4/ic_action_discard.png 0x46ad3465
res/drawable-xxhdpi-v4/ic_action_error.png 0x72af0b52
res/drawable-xxhdpi-v4/ic_action_expand.png 0x24971e9f
res/drawable-xxhdpi-v4/ic_action_expand_dark.png 0x4713206d
res/drawable-xxhdpi-v4/ic_action_new_dark.png 0x1f6ee166
res/drawable-xxhdpi-v4/ic_action_next_item_dark.png 0x8d765da6
res/drawable-xxhdpi-v4/ic_action_previous_item_dark.png 0xa3baa56c
res/drawable-xxhdpi-v4/ic_action_return_dark.png 0xbf72954b
res/drawable-xxhdpi-v4/ic_more_vert_grey_24dp.png 0x84834d19
res/drawable-xxhdpi-v4/ic_navigation_drawer_dark.png 0x937128d7
res/drawable-xxhdpi-v4/ic_textfield_clear.png 0x857e91a0
res/drawable-xxhdpi-v4/ic_warning_holo_light.png 0x84995e2f
res/drawable-xxhdpi-v4/icon.png 0x4c514572
res/drawable-xxhdpi-v4/key_win.png 0xef3053da
res/drawable-xxhdpi-v4/notification_icon.png 0x815b980b
res/drawable-xxhdpi-v4/pan_control_normal.png 0x8e1d0bd3
res/drawable-xxhdpi-v4/pan_control_pressed.png 0x48719103
res/drawable-xxhdpi-v4/rd_chevron.png 0xd0f6b4
res/drawable-xxhdpi-v4/session_close.png 0x28eb6496
res/drawable-xxxhdpi-v4/cb_home.png 0xac2f74de
res/drawable-xxxhdpi-v4/cb_mouse_pointer.png 0xd8a46cb0
res/drawable-xxxhdpi-v4/cb_mouse_touch.png 0x5230181d
res/drawable-xxxhdpi-v4/cursor.png 0xdcf438dd
res/drawable-xxxhdpi-v4/devices.png 0x3bf83974
res/drawable-xxxhdpi-v4/ext_keyboard_backspace_pressed.png 0xe753bada
res/drawable-xxxhdpi-v4/ext_keyboard_down_arrow_pressed.png 0xb62170ea
res/drawable-xxxhdpi-v4/ext_keyboard_lft_arrow_pressed.png 0xcd00beba
res/drawable-xxxhdpi-v4/ext_keyboard_printscreen_pressed.png 0xd76df605
res/drawable-xxxhdpi-v4/ext_keyboard_return_pressed.png 0xe31048b6
res/drawable-xxxhdpi-v4/ext_keyboard_rt_arrow_pressed.png 0x211777ba
res/drawable-xxxhdpi-v4/ext_keyboard_rt_click_pressed.png 0x52e161f5
res/drawable-xxxhdpi-v4/ext_keyboard_up_arrow_pressed.png 0xebae3841
res/drawable-xxxhdpi-v4/ic_textfield_clear.png 0xaa2f05d6
res/drawable-xxxhdpi-v4/key_win.png 0x1bc1773
res/drawable-xxxhdpi-v4/notification_icon.png 0xef240e57
res/drawable-xxxhdpi-v4/pan_control_normal.png 0xb6096af6
res/drawable-xxxhdpi-v4/pan_control_pressed.png 0x27ddad59
res/drawable-xxxhdpi-v4/rd_chevron.png 0x21e28db2
res/drawable-xxxhdpi-v4/session_close.png 0xc272758
res/drawable/action_bar_select_item.xml 0x4db9adf5
res/drawable/apps_expander_background.xml 0xf683e45e
res/drawable/apps_expander_checked.xml 0x795d63ad
res/drawable/apps_expander_default.xml 0x9262ee97
res/drawable/bbar_background.xml 0x7628431d
res/drawable/bbar_divider.xml 0x1bb37f98
res/drawable/btn_default_holo_dark.xml 0xc10095ee
res/drawable/btn_expand.xml 0x9f33cb74
res/drawable/btn_toggle_holo_dark.xml 0x83e8009f
res/drawable/btn_toggle_win.xml 0xf3eedb6b
res/drawable/card_background.xml 0x939c0c56
res/drawable/connection_center_desktops_horizontal_spacer.xml 0x5410725e
res/drawable/connection_center_desktops_vertical_spacer.xml 0xe2d33f92
res/drawable/drawer_level2_background.xml 0xd7e5ffa7
res/drawable/idle_view_background.xml 0x49f6637d
res/drawable/mohoro_consent_item_selector.xml 0xc215871f
res/drawable/mousemode_toggle.xml 0x3740a31d
res/drawable/offline_startup_app_icon_container.xml 0x7c1b9951
res/drawable/pan_control.xml 0x443310f7
res/drawable/sb_item_tablet_background.xml 0x27f249ae
res/drawable/session_active.xml 0xab9cb18d
res/drawable/session_inactive.xml 0x25de00b3
res/drawable/session_widget_selector.xml 0xe73ad4e9
res/drawable/sliding_tab_select_item.xml 0x9cef55d2
res/layout-v17/connection_griditem_layout.xml 0x62af1d42
res/layout-v17/li_mohoro_consent_item.xml 0xfe0b1f74
res/layout-v17/li_remote_resources_header.xml 0xd70bf408
res/layout-v17/listview_footer_mohoro_consent.xml 0xa492fe2c
res/layout-v17/login_dialog.xml 0x7cd170b
res/layout-v17/simple_spinner_item.xml 0x53b8190f
res/layout/ab_title_backport.xml 0xaa10978c
res/layout/act_connection_center.xml 0xd42e84f
res/layout/act_content_frame.xml 0x6ca62303
res/layout/act_credentials_list.xml 0xee613ef0
res/layout/act_fre.xml 0x374586ea
res/layout/act_fre_license_terms.xml 0xaad489ea
res/layout/act_gateway_list.xml 0x53a60208
res/layout/act_session.xml 0x549518a9
res/layout/activity_authentication.xml 0x71b58270
res/layout/aux_keyboard.xml 0xcfca0096
res/layout/bbar.xml 0x3e852668
res/layout/command_bar.xml 0x35c91ea4
res/layout/connection_griditem_layout.xml 0x298deaa4
res/layout/dialog_authentication.xml 0x58ae9421
res/layout/dialog_connect.xml 0xe77d6c9c
res/layout/ext_keyboard.xml 0xc93b5cf0
res/layout/frag_about.xml 0xb8c6f828
res/layout/frag_certificate_challenge.xml 0x5562ee4e
res/layout/frag_connection_center_remote_resources.xml 0x1d92c395
res/layout/frag_delete_remote_resources.xml 0x7dbe1ba7
res/layout/frag_desktops_list.xml 0x21c83794
res/layout/frag_edit_connection.xml 0x8cfbbd3a
res/layout/frag_edit_credentials.xml 0x871d45b8
res/layout/frag_edit_gateway.xml 0x225210d9
res/layout/frag_edit_remote_resources.xml 0x65acdea7
res/layout/frag_mohoro_consent.xml 0x39167866
res/layout/frag_mohoro_getting_started.xml 0x572e9092
res/layout/frag_notls_certificate_challenge.xml 0xeed39aaa
res/layout/frag_progress.xml 0xfc4a6b7d
res/layout/frag_rate_connection.xml 0x35d735b8
res/layout/frag_side_navigation.xml 0x7b085565
res/layout/frag_test_developer_tools_test_automation.xml 0xcc1d637f
res/layout/frag_test_developer_tools_tracing.xml 0x6486e64b
res/layout/http_auth_dialog.xml 0xba76de88
res/layout/in_session_error_message.xml 0xce4081d2
res/layout/item_test_tracing.xml 0x23304b02
res/layout/li_connection_center_item.xml 0x30532ae2
res/layout/li_desktop_list.xml 0xe7f0f4c9
res/layout/li_drawer_level1.xml 0x83b3fbe5
res/layout/li_drawer_level2.xml 0xbc485f19
res/layout/li_mohoro_consent_item.xml 0x6e68b292
res/layout/li_remote_resources_error.xml 0x21b23272
res/layout/li_remote_resources_folder_item.xml 0xeff8b93d
res/layout/li_remote_resources_header.xml 0xe7a2fb64
res/layout/li_remote_resources_item.xml 0xd9dc62b8
res/layout/li_remote_resources_item_in_grid.xml 0x7d709296
res/layout/li_remote_resources_items_grid.xml 0x8af906e3
res/layout/li_remote_resources_progress.xml 0xf84246b
res/layout/li_side_navigation.xml 0x3dba002
res/layout/li_ssb_menu.xml 0x32e858dd
res/layout/li_ssb_session.xml 0xef2da33e
res/layout/li_ssb_start_header.xml 0x639775c8
res/layout/li_ssb_start_item.xml 0x2f5ce30b
res/layout/li_ssb_start_remoteresources_header.xml 0x798f55fe
res/layout/listview_footer_mohoro_consent.xml 0xc6aed568
res/layout/listview_header_mohoro_consent.xml 0x7e6a1bb1
res/layout/login_dialog.xml 0xa91060e0
res/layout/popup_start_menu.xml 0x4790935c
res/layout/sb_container.xml 0x8204b9fb
res/layout/sb_item.xml 0xaa7f99d1
res/layout/shortcut_launcher.xml 0x73202c6d
res/layout/shortcut_launcher_item.xml 0x9f3685ca
res/layout/simple_spinner_item.xml 0xe974d928
res/layout/tab.xml 0xf2e52da5
res/layout/test_list_item_row.xml 0x3c471f1
res/layout/wg_offline_startup_blocked.xml 0xd3f1cdbb
res/menu/concenter_options.xml 0xdcacec17
res/menu/credentials_list_context.xml 0x11667d18
res/menu/desktop_context_menu.xml 0x9863c6a4
res/menu/gateway_list_context.xml 0x2b3e86b
res/menu/globalsettings_credential_menu.xml 0x51ab0924
res/menu/globalsettings_gateway_menu.xml 0xe979321b
res/menu/main.xml 0x384d97ec
res/menu/mohoro_resources_context_menu.xml 0xf579b594
res/menu/remote_resources_context_menu.xml 0xaa7c4974
res/menu/test_automation_menu.xml 0xec6a716
res/menu/test_tracing_menu.xml 0x6a2556ae
res/raw/intune_mam_manifest.xml 0x1df5309e
res/xml/settings_general.xml 0x91469149
resources.arsc 0xa719e89
classes.dex 0x5e55626e
com/microsoft/a3rdc/logging/LoggingAspect.aj 0x981ceb1
com/microsoft/a3rdc/test/sns/opensource/OSSREADME_0914.txt 0x112011a7
rx/internal/operators/README.md 0x55f4406a
rx/internal/util/README.md 0x3ddf37
rx/internal/util/unsafe/README.md 0x1a89a11a
ch/boye/httpclientandroidlib/impl/conn/tsccm/doc-files/tsccm-structure.png 0x497cbe0
org/xbill/DNS/windows/DNSServer.properties 0x2668f19a
org/xbill/DNS/windows/DNSServer_de.properties 0xbf146535
org/xbill/DNS/windows/DNSServer_fr.properties 0x6b2178eb
org/xbill/DNS/windows/DNSServer_ja.properties 0x23895f04
org/xbill/DNS/windows/DNSServer_pl.properties 0xd58a46a6
lib/armeabi/libRdpAndroidClientCore.so 0x4e49cfca
lib/armeabi-v7a/libRdpAndroidClientCore.so 0xc3ab95a2
运行截图
VirSCANVirSCAN
VirSCAN