VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:28%Antivirus software(9/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-09-05 09:40:10 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Trojan.HTML.Ramnit.A 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 15
baidusd 1.0 1.0 2014-04-02 Trojan-Dropper.VBS.Agent.bp 2
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
clamav 19861 0.97.5 2014-12-31 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
gdata 25.8133 25.8133 2016-09-03 Trojan.HTML.Ramnit.A 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2015-07-25 Trojan/Script.Gen 42
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2013-09-22 Android.Troj.tk_infecthtml.vk.(kcloud) 5
mcafee 7638 5400.1158 2014-11-30 Found nothing 60
nod32 0920 3.0.21 2014-12-23 Found nothing 60
panda 9.05.01 9.05.01 2015-07-26 W32/Cosmu.A 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
quickheal 14.00 14.00 2015-07-25 VBS/Ramnit.BG 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Dropper.Script.VBS.Fednu.a 2
sophos 5.08 3.55.0 2014-12-01 Found nothing 60
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Trojan.HTML.Ramnit.A- archive 4
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:d1b330f7fd616bc8c256932a664b66d3
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.tsvip
最低运行环境:Android 2.2.x
版权:QQ帝国
关键行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
行为描述: 获取TickCount值
详情信息: TickCount = 5350119, SleepMilliseconds = 10.
TickCount = 5350135, SleepMilliseconds = 10.
TickCount = 5350150, SleepMilliseconds = 10.
TickCount = 5350166, SleepMilliseconds = 10.
TickCount = 5350181, SleepMilliseconds = 10.
TickCount = 5350197, SleepMilliseconds = 10.
TickCount = 5350213, SleepMilliseconds = 10.
TickCount = 5350228, SleepMilliseconds = 10.
TickCount = 5350244, SleepMilliseconds = 10.
TickCount = 5350260, SleepMilliseconds = 10.
TickCount = 5350275, SleepMilliseconds = 10.
TickCount = 5350291, SleepMilliseconds = 10.
TickCount = 5350306, SleepMilliseconds = 10.
TickCount = 5350322, SleepMilliseconds = 10.
TickCount = 5350338, SleepMilliseconds = 10.
进程行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
行为描述: 获取TickCount值
详情信息: TickCount = 5350119, SleepMilliseconds = 10.
TickCount = 5350135, SleepMilliseconds = 10.
TickCount = 5350150, SleepMilliseconds = 10.
TickCount = 5350166, SleepMilliseconds = 10.
TickCount = 5350181, SleepMilliseconds = 10.
TickCount = 5350197, SleepMilliseconds = 10.
TickCount = 5350213, SleepMilliseconds = 10.
TickCount = 5350228, SleepMilliseconds = 10.
TickCount = 5350244, SleepMilliseconds = 10.
TickCount = 5350260, SleepMilliseconds = 10.
TickCount = 5350275, SleepMilliseconds = 10.
TickCount = 5350291, SleepMilliseconds = 10.
TickCount = 5350306, SleepMilliseconds = 10.
TickCount = 5350322, SleepMilliseconds = 10.
TickCount = 5350338, SleepMilliseconds = 10.
其他行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.IGD
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = MSCTF.SendReceive.Event.IGD.IC
EventName = MSCTF.SendReceiveConection.Event.IGD.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
行为描述: 获取TickCount值
详情信息: TickCount = 5350119, SleepMilliseconds = 10.
TickCount = 5350135, SleepMilliseconds = 10.
TickCount = 5350150, SleepMilliseconds = 10.
TickCount = 5350166, SleepMilliseconds = 10.
TickCount = 5350181, SleepMilliseconds = 10.
TickCount = 5350197, SleepMilliseconds = 10.
TickCount = 5350213, SleepMilliseconds = 10.
TickCount = 5350228, SleepMilliseconds = 10.
TickCount = 5350244, SleepMilliseconds = 10.
TickCount = 5350260, SleepMilliseconds = 10.
TickCount = 5350275, SleepMilliseconds = 10.
TickCount = 5350291, SleepMilliseconds = 10.
TickCount = 5350306, SleepMilliseconds = 10.
TickCount = 5350322, SleepMilliseconds = 10.
TickCount = 5350338, SleepMilliseconds = 10.
行为描述: 调整进程token权限
详情信息: SE_MANAGE_VOLUME_PRIVILEGE
行为描述: 窗口信息
详情信息: Pid = 2016, Hwnd=0x603a4, Text = Scanning drives ..., ClassName = Static.
Pid = 2016, Hwnd=0x4038c, Text = Please wait, ClassName = #32770.
Pid = 2016, Hwnd=0x1102c8, Text = graph, ClassName = Button.
Pid = 2016, Hwnd=0x1802fe, Text = Current, ClassName = Static.
Pid = 2016, Hwnd=0xb032a, Text = 0.0 B, ClassName = Edit.
Pid = 2016, Hwnd=0x503b0, Text = Average, ClassName = Static.
Pid = 2016, Hwnd=0x703ba, Text = 0.0 B, ClassName = Edit.
Pid = 2016, Hwnd=0x40392, Text = Errors, ClassName = Static.
Pid = 2016, Hwnd=0x1902ce, Text = Drive, ClassName = Static.
Pid = 2016, Hwnd=0x1702d8, Text = Position %, ClassName = Static.
Pid = 2016, Hwnd=0x1d02bc, Text = Block Size, ClassName = Static.
Pid = 2016, Hwnd=0x603ac, Text = Auto, ClassName = ComboBox.
Pid = 2016, Hwnd=0x1302c4, Text = Mode, ClassName = Static.
Pid = 2016, Hwnd=0xe039e, Text = Duration (MM:SS), ClassName = Static.
Pid = 2016, Hwnd=0x110342, Text = Test burst rate, ClassName = Button(CheckBox).
行为描述: 直接操作物理设备
详情信息: \??\PHYSICALDRIVE0
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [,Button]
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Activities
VirSCANVirSCAN
活动名 类型
com.e4a.runtime.android.StartActivity android.intent.action.MAIN
com.e4a.runtime.android.StartActivity android.intent.category.DEFAULT
com.e4a.runtime.android.StartActivity android.intent.category.LAUNCHER
com.e4a.runtime.android.mainActivity android.intent.action.MAIN
com.e4a.runtime.android.mainActivity android.intent.category.DEFAULT
启动方式
VirSCANVirSCAN
名称 信息
net.youmi.android.AdReceiver 应用安装时启动服务
广告信息
VirSCANVirSCAN
名称 信息
net.youmi 有米广告
权限列表
VirSCANVirSCAN
许可名称 信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
服务列表
VirSCANVirSCAN
名称
net.youmi.android.AdService
net.youmi.android.ExpService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xc9f2c80c
META-INF/TSVIP.SF 0x9ba086d1
META-INF/TSVIP.RSA 0x8d7b895e
assets/00.jpg 0x81cad566
assets/1.jpg 0xdea1baa0
assets/111.png 0xeac9456b
assets/2.jpg 0x13009125
assets/222.png 0xc25b0983
assets/33.jpg 0xcff59153
assets/333.jpg 0x3dff2f16
assets/333.png 0x4e5f3b42
assets/99.png 0xb9e5e651
assets/index.html 0x281d8246
res/drawable/e4alistview_new_message.png 0x1cdc5409
res/drawable/icon.png 0xc4fd46f4
AndroidManifest.xml 0x63ba9f4
resources.arsc 0xbfe51af0
classes.dex 0x49e26d9c
运行截图
VirSCANVirSCAN
VirSCAN