VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:2%Scanner(s) (1/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-14 10:46:22 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 5
antivir 1.9.2.0 1.9.159.0 7.11.185.62 Found nothing 13
antiy 112918 AVL141111 2014-11-13 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
avast 141113-0 4.7.4 2014-11-13 Found nothing 22
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 13
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57701 7.90123 2014-11-13 Found nothing 6
clamav 19618 0.97.5 2014-11-12 Found nothing 1
comodo 15023 5.1 2014-11-13 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 39
fortinet 23.171, 23.171 5.1.158 2014-11-13 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-13 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 2
gdata 24.4948 24.4948 2014-11-13 Found nothing 9
hauri 2.73 2.73 2014-11-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-13 Found nothing 15
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 37
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 3
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 a variant of Android/AdDisplay.Kuguo.K application 1
panda 9.05.01 9.05.01 2014-11-12 Found nothing 6
pcc 11.274.04 9.500-1005 2014-11-13 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2014-11-14 Found nothing 1
quickheal 14.00 14.00 2014-11-10 Found nothing 3
rising 25.40.00.04 25.40.00.04 2014-11-10 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Found nothing 6
sunbelt 3.9.2595.2 3.9.2595.2 2014-11-13 Found nothing 3
symantec 20141111.002 1.3.0.24 2014-11-11 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 7
thehacker 6.8.0.5 6.8.0.5 2014-11-10 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-11-13 Found nothing 7
vba 3.12.26.3 3.12.26.3 2014-11-13 Found nothing 4
virusbuster 15.0.967.0 5.5.2.13 2014-11-13 Found nothing 15
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.RESTART_PACKAGES 重启其他程序
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
文件信息
VirSCANVirSCAN
安全评分 :74
基本信息
VirSCANVirSCAN
MD5:b0ab4543c7c478cd6ea18375cd7d0a48
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.asdqwe.aa2048
最低运行环境:Android 2.2.x
版权:Unknown
关键行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
行为描述: 按名称获取主机地址
详情信息: up.125.la
网络行为
VirSCANVirSCAN
行为描述: 按名称获取主机地址
详情信息: up.125.la
注册表行为
VirSCANVirSCAN
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows Script\Settings\JITDebug
行为描述: 删除注册表键值
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
其他行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
异常崩溃
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
动态列表行为
VirSCANVirSCAN
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 读取文件
详情信息: path:/proc/801/cmdline length:105
path:/proc/817/cmdline length:105
path:/proc/829/cmdline length:105
path:/proc/859/cmdline length:105
path:/proc/870/cmdline length:105
path:/proc/906/cmdline length:105
path:/proc/968/cmdline length:105
path:/proc/970/cmdline length:105
path:/proc/1016/cmdline length:105
path:/proc/1018/cmdline length:105
path:/proc/1064/cmdline length:105
path:/proc/1066/cmdline length:105
path:/proc/1136/cmdline length:105
path:/proc/1138/cmdline length:105
行为描述: 对指定数据计算哈希
详情信息: 357242043237511
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.asdqwe.aa2048-1.apk
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
com.galaxy.bb2048.MainActivity android.intent.action.MAIN
com.galaxy.bb2048.MainActivity android.intent.category.LAUNCHER
com.galaxy.bb2048.q.Ygsv android.intent.action.CREATE_SHORTCUT
com.galaxy.bb2048.q.Ygsv android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
HttpClient;->execute 请求远程服务器
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
java/net/URLConnection;->connect 连接URL
android/app/NotificationManager;->notify 信息通知栏
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
DefaultHttpClient;->execute 发送HTTP请求
启动方式
VirSCANVirSCAN
名称 信息
com.lemi.pgk.HBlemi 屏幕解锁启动服务
com.lemi.pgk.HBlemi 应用安装时启动服务
cn.c.y.g 屏幕解锁启动服务
cn.c.y.g 应用安装时启动服务
cn.c.y.g 应用卸载时启动服务
net.p.y.b 应用安装时启动服务
net.p.y.b 网络连接改变时启动服务
net.p.y.b 屏幕解锁启动服务
com.b.y.r 应用安装时启动服务
com.b.y.r 应用卸载时启动服务
com.b.y.r 网络连接改变时启动服务
com.b.y.r 屏幕解锁启动服务
com.iad.kf.g 屏幕解锁启动服务
com.iad.kf.g 应用安装时启动服务
com.iad.kf.g 应用卸载时启动服务
com.galaxy.bb2048.g.Dtcr 应用安装时启动服务
com.galaxy.bb2048.g.Dtcr 网络连接改变时启动服务
com.galaxy.bb2048.g.Dtcr 屏幕解锁启动服务
com.galaxy.bb2048.h.Ti 应用安装时启动服务
com.galaxy.bb2048.h.Ti 网络连接改变时启动服务
com.galaxy.bb2048.h.Ti 屏幕解锁启动服务
com.galaxy.bb2048.q.Uyxi 应用安装时启动服务
com.galaxy.bb2048.q.Uyxi 屏幕解锁启动服务
com.galaxy.bb2048.q.Uyxi 网络连接改变时启动服务
com.galaxy.bb2048.c.Rvdc 网络连接改变时启动服务
com.galaxy.bb2048.c.Rvdc 屏幕解锁启动服务
com.galaxy.bb2048.c.Rvdc 应用安装时启动服务
com.galaxy.bb2048.c.Rvdc 应用卸载时启动服务
com.galaxy.bb2048.y.Esh 屏幕解锁启动服务
com.galaxy.bb2048.y.Esh 网络连接改变时启动服务
com.galaxy.bb2048.y.Esh 应用安装时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.RESTART_PACKAGES 重启其他程序
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
服务列表
VirSCANVirSCAN
名称
com.umeng.common.net.DownloadingService
com.lemi.pgk.HSlemi
cn.c.y.f
com.galaxy.bb2048.g.So
com.galaxy.bb2048.h.Qy
com.galaxy.bb2048.q.Lyux
com.galaxy.bb2048.c.Io
com.galaxy.bb2048.y.Va
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x13486cad
META-INF/CERT.SF 0x4c3da0c0
META-INF/CERT.RSA 0x7f1d2f07
assets/2048/js/animframe_polyfill.js 0x2d158643
assets/2048/js/application.js 0xcf45606f
assets/2048/js/bind_polyfill.js 0x9cffa15e
assets/2048/js/classlist_polyfill.js 0x91b9dea9
assets/2048/js/game_manager.js 0xdfbec072
assets/2048/js/grid.js 0x24a864bb
assets/2048/js/html_actuator.js 0x3516a42e
assets/2048/js/keyboard_input_manager.js 0xac296c63
assets/2048/js/local_storage_manager.js 0xca7d96dd
assets/2048/js/tile.js 0xda30bfd0
assets/2048/meta/apple-touch-icon.png 0x90696921
assets/2048/meta/apple-touch-startup-image-640x1096.png 0xeccbfb8e
assets/2048/meta/apple-touch-startup-image-640x920.png 0x4472f258
assets/2048/style/fonts/ClearSans-Bold-webfont.eot 0xf4474d0c
assets/2048/style/fonts/ClearSans-Bold-webfont.svg 0x12a69fce
assets/2048/style/fonts/ClearSans-Bold-webfont.woff 0x6c6258a0
assets/2048/style/fonts/ClearSans-Light-webfont.eot 0xd641a7f3
assets/2048/style/fonts/ClearSans-Light-webfont.svg 0x36568fc8
assets/2048/style/fonts/ClearSans-Light-webfont.woff 0xa96f82fc
assets/2048/style/fonts/ClearSans-Regular-webfont.eot 0x917a518c
assets/2048/style/fonts/ClearSans-Regular-webfont.svg 0xdf590af9
assets/2048/style/fonts/ClearSans-Regular-webfont.woff 0xcace1e46
assets/2048/style/fonts/clear-sans.css 0xee314c27
assets/2048/style/helpers.scss 0x15af9fcf
assets/2048/style/main.css 0x409c645f
assets/2048/style/main.scss 0x61d396f
assets/2048/CONTRIBUTING.md 0x19c9c2f7
assets/2048/LICENSE.txt 0x70e1482d
assets/2048/README.md 0x883c9390
assets/2048/Rakefile 0x6ec8a0c9
assets/2048/favicon.ico 0xef74051e
assets/2048/index.html 0x99b26e98
assets/ni 0xc2c7e3ae
assets/res_pro.png 0x48980d0d
lib/armeabi/libbspatch.so 0x6333ecec
res/anim/splash_anim.xml 0x58883bea
res/anim/umeng_fb_slide_in_from_left.xml 0xb0e4f2ac
res/anim/umeng_fb_slide_in_from_right.xml 0xa0d92fcf
res/anim/umeng_fb_slide_out_from_left.xml 0xf23ce3df
res/anim/umeng_fb_slide_out_from_right.xml 0xf63e94fb
res/drawable/sure_btn_bg_border_radius.xml 0x23c7e910
res/drawable/umeng_common_gradient_green.xml 0xf20a5f8e
res/drawable/umeng_common_gradient_orange.xml 0xb1318c6f
res/drawable/umeng_common_gradient_red.xml 0x771b3885
res/drawable/umeng_fb_arrow_right.png 0x7a1c5b28
res/drawable/umeng_fb_back_normal.png 0xf037944c
res/drawable/umeng_fb_back_selected.png 0x8c4fe8b
res/drawable/umeng_fb_back_selector.xml 0xbb7dd81f
res/drawable/umeng_fb_bar_bg.9.png 0x79eadd73
res/drawable/umeng_fb_btn_bg_selector.xml 0x2e28e8fe
res/drawable/umeng_fb_conversation_bg.png 0xdc739dc7
res/drawable/umeng_fb_gradient_green.xml 0xf20a5f8e
res/drawable/umeng_fb_gradient_orange.xml 0xb1318c6f
res/drawable/umeng_fb_gray_frame.xml 0x66be4391
res/drawable/umeng_fb_list_item.9.png 0x822ce2a6
res/drawable/umeng_fb_list_item_pressed.9.png 0xdae175a6
res/drawable/umeng_fb_list_item_selector.xml 0x5c1b1ed4
res/drawable/umeng_fb_point_new.xml 0xbe6555ba
res/drawable/umeng_fb_point_normal.xml 0xdb9cc3ec
res/drawable/umeng_fb_reply_left_bg.9.png 0xd9795285
res/drawable/umeng_fb_reply_right_bg.9.png 0xddc8c48c
res/drawable/umeng_fb_see_list_normal.png 0x6d9ee2f3
res/drawable/umeng_fb_see_list_pressed.png 0x3ff6d161
res/drawable/umeng_fb_see_list_selector.xml 0xa6613d9a
res/drawable/umeng_fb_statusbar_icon.png 0x6eefda9a
res/drawable/umeng_fb_submit_selector.xml 0xe7744ae4
res/drawable/umeng_fb_tick_normal.png 0xdea435dd
res/drawable/umeng_fb_tick_selected.png 0x33316df3
res/drawable/umeng_fb_tick_selector.xml 0x12a624db
res/drawable/umeng_fb_top_banner.xml 0xe6ffcfd6
res/drawable/umeng_fb_user_bubble.9.png 0xfa426f72
res/drawable/umeng_fb_write_normal.png 0xf3083af7
res/drawable/umeng_fb_write_pressed.png 0x10dae61
res/drawable/umeng_fb_write_selector.xml 0x457b06c3
res/drawable-hdpi/ic_launcher.png 0xcc921b20
res/drawable-mdpi/ic_launcher.png 0x9523a78c
res/drawable-xhdpi/ic_launcher.png 0xd45d5575
res/drawable-xhdpi/ic_launcher_show.png 0xb4484127
res/drawable-xxhdpi/ic_launcher.png 0x277a8b2
res/layout/activity_main.xml 0x9d5a8070
res/layout/spilling.xml 0xaa6ffe11
res/layout/umeng_common_download_notification.xml 0x6e7af11
res/layout/umeng_fb_activity_contact.xml 0xf580a9a3
res/layout/umeng_fb_activity_conversation.xml 0x28ad03d2
res/layout/umeng_fb_list_header.xml 0x53030eab
res/layout/umeng_fb_list_item.xml 0xe901d8b4
res/layout/umeng_fb_new_reply_alert_dialog.xml 0x14acb092
res/layout-v9/umeng_common_download_notification.xml 0xfedc844a
res/menu/main.xml 0x24af553
AndroidManifest.xml 0x93b66fa8
classes.dex 0x752de687
resources.arsc 0x34cdc319
运行截图
VirSCANVirSCAN
VirSCAN