VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:9%Antivirus software(3/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-03 09:27:11 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.3708 25.3708 2015-10-02 Android.Riskware.Agent.gVJI 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 43
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Android.RISKWARE.Ninedown.a.(kcloud) 5
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Android.Agent.KU 3
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
权限列表
许可名称 信息
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:54f96812eef00e2c179a45bb7d7d8e28
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:team.manlatita.info
最低运行环境:Android 2.2.x
版权:xsdk
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
行为描述: 按名称获取主机地址
详情信息: 14.29.116.131
进程行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
行为描述: 按名称获取主机地址
详情信息: 14.29.116.131
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
网络行为
VirSCANVirSCAN
行为描述: 发送一个已连接的套接字数据
详情信息: SOCKET = 0x000006e0, TotalSize = 103, Offset = 0, ReadSize = 103.
行为描述: 建立到一个指定的套接字连接
详情信息: 219.133.40.1:1010
行为描述: 按名称获取主机地址
详情信息: 14.29.116.131
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
14.29.116.131127.0.0.1127.0.0.1
异常崩溃
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
14.29.116.131127.0.0.1127.0.0.1
动态列表行为
VirSCANVirSCAN
行为描述: 传递附加信息
详情信息: android.intent.extra.shortcut.NAME:Q荐系列
duplicate:false
android.intent.extra.shortcut.INTENT:{"FLAG":0,"CATEGORIES":"[android.intent.category.LAUNCHER]","COMPONENT_NAME":"ComponentInfo{team.manlatita.info\/org.apache.a.showviews.Recommend}"}
android.intent.extra.shortcut.ICON_RESOURCE:android:drawable/stat_sys_download_done
行为描述: 创建数据库
详情信息: /mnt/sdcard/SignalInfo/Data/Cells.db
行为描述: 初始化URL
详情信息: [u'http://hmma.baidu.com/app.gif']
[u'http://hmma.baidu.com/app.gif']
行为描述: 获取加密实例
详情信息: [u'DES/CBC/PKCS5Padding']
行为描述: 访问URL
详情信息: http://hmma.baidu.com/app.gif
http://hmma.baidu.com/app.gif
行为描述: 监听手机SIM卡或者移动网络信息
详情信息: [u'team.manlatita.info.at@41510e68', u'256']
[u'team.manlatita.info.as@41545458', u'16']
行为描述: Android运行时错误
详情信息: E/AndroidRuntime( 1540): FATAL EXCEPTION: main
E/AndroidRuntime( 1540): java.lang.RuntimeException: Unable to start service org.apache.a.showviews.InstallService@41589cf8 with Intent { cmp=team.manlatita.info/org.apache.a.showviews.InstallService }: java.lang.NullPointerException
E/AndroidRuntime( 1540): at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:2507)
E/AndroidRuntime( 1540): at android.app.ActivityThread.access$1900(ActivityThread.java:130)
E/AndroidRuntime( 1540): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1292)
E/AndroidRuntime( 1540): at android.os.Handler.dispatchMessage(Handler.java:99)
E/AndroidRuntime( 1540): at android.os.Looper.loop(Looper.java:137)
E/AndroidRuntime( 1540): at android.app.ActivityThread.main(ActivityThread.java:4745)
E/AndroidRuntime( 1540): at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime( 1540): at java.lang.reflect.Method.invoke(Method.java:511)
E/AndroidRuntime( 1540): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786)
E/AndroidRuntime( 1540): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553)
E/AndroidRuntime( 1540): at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:135)
E/AndroidRuntime( 1540): at dalvik.system.NativeStart.main(Native Method)
E/AndroidRuntime( 1540): Caused by: java.lang.NullPointerException
E/AndroidRuntime( 1540): at java.io.File.fixSlashes(File.java:185)
E/AndroidRuntime( 1540): at java.io.File.<init>(File.java:134)
E/AndroidRuntime( 1540): at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
E/AndroidRuntime( 1540): at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:678)
E/AndroidRuntime( 1540): at java.io.File.<init>(Native Method)
E/AndroidRuntime( 1540): at android.content.pm.PackageManager.getPackageArchiveInfo(PackageManager.java:2160)
E/AndroidRuntime( 1540): at org.apache.a.activity.d.a(Unknown Source)
E/AndroidRuntime( 1540): at org.apache.a.showviews.InstallService.onStartCommand(Unknown Source)
E/AndroidRuntime( 1540): at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:2490)
E/AndroidRuntime( 1540): ... 11 more
行为描述: 执行SQL查询
详情信息: [u'select distinct Lac,Cid,State from [Waring] where State=1;', u'null']
[u'select CidName,CidAddr from Cids where Lac=12 and Cid=12 and MNC=46000;', u'null']
行为描述: 查询上次位置信息
详情信息: [u'gps']
行为描述: 定位移动终端
详情信息: null
行为描述: 窗口信息
详情信息: {"text": "基站信号检测器", "class": "android.widget.TextView"}
{"text": "营运商:", "class": "android.widget.TextView"}
{"text": "46000", "class": "android.widget.TextView"}
{"text": "中国移动 4G", "class": "android.widget.TextView"}
{"text": "地区码:", "class": "android.widget.TextView"}
{"text": "-1", "class": "android.widget.TextView"}
{"text": "ffffffff(Hex)", "class": "android.widget.TextView"}
{"text": "小区码:", "class": "android.widget.TextView"}
{"text": "-1", "class": "android.widget.TextView"}
{"text": "ffffffff(Hex)", "class": "android.widget.TextView"}
{"text": "基站名:", "class": "android.widget.TextView"}
{"text": "暂无数据...", "class": "android.widget.TextView"}
{"text": "基站记录", "class": "android.widget.TextView"}
{"text": "相邻基站", "class": "android.widget.TextView"}
{"text": "-1", "class": "android.widget.TextView"}
{"text": "-1", "class": "android.widget.TextView"}
{"text": "2015-08-11 11:43:52", "class": "android.widget.TextView"}
{"text": "基站名:", "class": "android.widget.TextView"}
{"text": "暂无数据...", "class": "android.widget.TextView"}
{"text": "保存日志", "class": "android.widget.Button"}
{"text": "定位", "class": "android.widget.Button"}
{"text": "清空日志", "class": "android.widget.Button"}
{"text": "警报控制", "class": "android.widget.Button"}
行为描述: 缓冲区读取一行数据
详情信息: 50017
50017
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@41567808', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010500 pfl=0x8 wanim=0x1030000}', u'android.view.CompatibilityInfoHolder@414af920']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41551278', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010180 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414af920']
行为描述: 写入文件
详情信息: path:/data/data/team.manlatita.info/shared_prefs/fg_prefs.xml length:116
path:/data/data/team.manlatita.info/shared_prefs/fg_prefs.xml length:161
path:/data/data/team.manlatita.info/shared_prefs/fg_prefs.xml length:202
path:/data/data/team.manlatita.info/shared_prefs/__Baidu_Stat_SDK_SendRem.xml length:70
path:/data/data/team.manlatita.info/shared_prefs/fg_prefs.xml length:248
path:/data/data/team.manlatita.info/files/__local_stat_cache.json length:83
path:/data/data/team.manlatita.info/files/__local_last_session.json length:128
行为描述: 调用Intent的setAction
详情信息: [u'team.manlatita.info.com.fgdirect.to']
行为描述: 查询Wifi是否开启
详情信息: false
行为描述: 激活Activity
详情信息: {"ACTION":"team.manlatita.info.com.fgdirect.to","FLAG":0}
行为描述: 获取设备ID
详情信息: 357143040944263
行为描述: 获取网络状态信息[*]
详情信息: NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
行为描述: 初始化Intent
详情信息: [u'com.android.launcher.action.INSTALL_SHORTCUT']
[]
[]
[u'android.os.Parcel@414ad1a8']
[u'android.os.Parcel@414ad1a8']
[u'android.os.Parcel@414ad1a8']
[u'android.os.Parcel@414ad1a8']
[u'android.os.Parcel@414ad1a8']
Activities
VirSCANVirSCAN
活动名 类型
.SignalInfoActivity team.manlatita.info.com.fgdirect.to
.SignalInfoActivity android.intent.category.DEFAULT
org.apache.a.activity.SplashSdkActivity android.intent.action.MAIN
org.apache.a.activity.SplashSdkActivity android.intent.category.LAUNCHER
org.apache.a.showviews.Recommend com.fgdirect.to
org.apache.a.showviews.Recommend android.intent.action.MAIN
org.apache.a.showviews.ShowActivity android.intent.action.MAIN
org.apache.a.showviews.ShowActivity android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
LocationManager;->getLastKnownLocation 获取地址位置
HttpClient;->execute 请求远程服务器
java/net/HttpURLConnection;->connect 连接URL
java/net/URL;->openConnection 连接URL
TelephonyManager;->getLine1Number 获取手机号
TelephonyManager;->getSimSerialNumber 获取SIM序列号
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
DefaultHttpClient;->execute 发送HTTP请求
启动方式
VirSCANVirSCAN
名称 信息
org.apache.a.receiver.NotifyReceiver 屏幕解锁启动服务
org.apache.a.receiver.NotifyReceiver 网络连接改变时启动服务
org.apache.a.receiver.InstallReceiver 应用安装时启动服务
org.apache.a.atw.XReceiver 网络连接改变时启动服务
org.apache.a.atw.XReceiver 屏幕解锁启动服务
org.apache.a.atw.XReceiver 应用卸载时启动服务
org.apache.a.atw.XReceiver 应用安装时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
服务列表
VirSCANVirSCAN
名称
org.apache.a.showviews.PackService
org.apache.a.moveview.WindowService
org.apache.a.showviews.InstallService
org.apache.a.atw.XService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x4975cb69
META-INF/XSDK.SF 0xb0fd7a22
META-INF/XSDK.RSA 0x38b5553b
assets/bt.dat 0x94ed07ba
assets/config.t 0x5437f67
assets/fg.dat 0x823cdb85
assets/help.htm 0x16a34d21
assets/htf.dat 0xcd7d4d42
assets/htfstudio_apps.png 0x10efaae
assets/htfstudio_below_bg.9.png 0xe7dab2cd
assets/htfstudio_bg.9.png 0xdd8066c7
assets/htfstudio_corner_0.png 0x79003ce0
assets/htfstudio_corner_1.png 0x4009a2e2
assets/htfstudio_default.jpg 0x1336dc79
assets/htfstudio_default.png 0xf86a4075
assets/htfstudio_delete.png 0x6d529b88
assets/htfstudio_detail_default.jpg 0xd85361f6
assets/htfstudio_download.png 0x12e13285
assets/htfstudio_error.png 0xfc1aa6a4
assets/htfstudio_floatwindow.png 0x40f07016
assets/htfstudio_floatwindow_left.png 0x4535ab93
assets/htfstudio_floatwindow_right.png 0x104a1c12
assets/htfstudio_green.png 0x218d084a
assets/htfstudio_hline.9.png 0xe3cd110e
assets/htfstudio_hot.png 0x67fe0c3a
assets/htfstudio_indicator_indicator.png 0x670b3c5c
assets/htfstudio_indicator_selected.png 0x92a0b7b
assets/htfstudio_information.png 0x18ec6467
assets/htfstudio_loading.png 0xfbc27653
assets/htfstudio_orange.png 0xc31f22a5
assets/htfstudio_push_cancel_hl.9.png 0x313440eb
assets/htfstudio_push_cancel_nor.9.png 0x68dff882
assets/htfstudio_push_confirm_hl.9.png 0xbca31538
assets/htfstudio_push_confirm_nor.9.png 0x200679e5
assets/htfstudio_push_top_bg.9.png 0x4a47a53d
assets/htfstudio_select.9.png 0xfcf942b8
assets/htfstudio_start.png 0x866acab6
assets/htfstudio_start_hl.png 0x8809e1b3
assets/htfstudio_start_nor.png 0xda446341
assets/htfstudio_topbg.9.png 0x6bd220d9
assets/htfstudio_vline.9.png 0x6767c037
assets/x_close.png 0x4c235e5e
assets/x_down.png 0xc3be5588
assets/x_pic320.jpg 0xbb751117
assets/x_pic480.jpg 0x36100350
res/color/colors.xml 0x2f1b87ba
res/drawable-hdpi/icon.png 0xad0f5df1
res/drawable-ldpi/icon.png 0xad0f5df1
res/drawable-mdpi/icon.png 0xad0f5df1
res/layout/about.xml 0xadff4a74
res/layout/addcid.xml 0xd06eea19
res/layout/basedatalist.xml 0x313e47fc
res/layout/entering.xml 0x8925899b
res/layout/enterwin.xml 0xbb39b59a
res/layout/folderview.xml 0x272e1546
res/layout/helpview.xml 0xbece4c2a
res/layout/inputhelper.xml 0xc2199cb6
res/layout/inputone.xml 0xdda7eb83
res/layout/listview.xml 0x51cab2e3
res/layout/logview.xml 0x8e32810
res/layout/logwin.xml 0x76448a48
res/layout/main.xml 0xb35931a3
res/layout/neghlistview.xml 0xd868775d
res/layout/openfile.xml 0xfc3db8b0
res/layout/searchview.xml 0x1da86fea
res/layout/waringlayout.xml 0x32bf6ad5
res/layout/webmap.xml 0x5121c76e
res/menu/actmenu.xml 0x3785dfdf
res/raw/doc.ico 0x4abd5f6
res/raw/folder.ico 0x21a41db7
res/raw/mhl.jpg 0x5193751e
res/raw/next.png 0xe5835468
res/raw/point.png 0xddbdc9d6
res/raw/pre.png 0xec684133
res/raw/qq.mp3 0x29ae8083
AndroidManifest.xml 0x8879f505
classes.dex 0xcd6c9a92
resources.arsc 0xfd4d8c0
assets/ 0x0
运行截图
VirSCANVirSCAN
VirSCAN