VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:20%Scanner(s) (8/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-14 10:46:20 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.185.62 Found nothing 13
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Found nothing 1
avast 141113-0 4.7.4 2014-11-13 Android:SMSThief-AU [PUP] 29
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 HEUR:Trojan-Spy.AndroidOS.SmsThief.e 1
bitdefender 7.57701 7.90123 2014-11-13 Found nothing 6
clamav 19618 0.97.5 2014-11-12 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 33
fortinet 23.171, 23.171 5.1.158 2014-11-13 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-13 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Trojan:Android/Fakeinst.KD 1
gdata 24.3819 24.3819 2014-08-29 Found nothing 7
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-13 Trojan.AndroidOS.Agent 14
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 14
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Android.Troj.BqSpy.ya.(kcloud) 2
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 a variant of Android/Spy.Agent.CE trojan 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 3
pcc 11.274.04 9.500-1005 2014-11-13 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-11-14 a.privacy.articles 1
quickheal 14.00 14.00 2014-06-14 Found nothing 2
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Andr/SmsSend-EN 7
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 1
symantec 20141111.002 1.3.0.24 2014-11-11 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-11-13 Found nothing 3
virusbuster 15.0.967.0 5.5.2.13 2014-11-13 Found nothing 15
权限列表
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.RECEIVE_SMS 监控接收短信
android.permission.READ_SMS 读取短信
android.permission.SEND_SMS 发送短信
android.permission.CALL_PHONE 拨打电话
android.permission.READ_CALL_LOG 读取通话记录
android.permission.WRITE_CALL_LOG 写入通话记录
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_SMS 写短信
android.permission.READ_CONTACTS 读取联系人信息
文件信息
VirSCANVirSCAN
安全评分 :80
基本信息
VirSCANVirSCAN
MD5:c4ae2e335f32d709bd8cc241f06839ff
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:cn.cli
最低运行环境:
版权:Android
进程行为
VirSCANVirSCAN
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A1230201-1439-4E62-A414-190D0AC3D40E}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\ProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\VersionIndependentProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\InprocServer32\ThreadingModel
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\ToolboxBitmap32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\MiscStatus\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\MiscStatus\1\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\TypeLib\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\Version\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\ProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\VersionIndependentProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\InprocServer32\
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\Control
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\InprocServer32
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\MiscStatus\1
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\MiscStatus
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\ProgID
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\Programmable
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\ToolboxBitmap32
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\TypeLib
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}\VersionIndependentProgID
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a41a4187-5a86-4e26-b40a-856f9035d9cb}
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\Control
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\InprocServer32
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\MiscStatus\1
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7cacbd7b-0d99-468f-ac33-22e495c0afe5}\MiscStatus
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: SHIMLIB_LOG_MUTEX
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
SE_DEBUG_PRIVILEGE
危险行为
VirSCANVirSCAN
行为描述: 发送短信
详情信息: number:13246186719 data:message:6&
number:13246186719 data:message:2&12345678910&test&
动态列表行为
VirSCANVirSCAN
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/852/cmdline length:105
path:/proc/881/cmdline length:105
path:/proc/883/cmdline length:105
path:/proc/911/cmdline length:105
path:/proc/913/cmdline length:105
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
cn.client.MyService
行为描述: 发送短信
详情信息: number:13246186719 data:message:6&
number:13246186719 data:message:2&12345678910&test&
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/cn.cli-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
cn.client.UninActivity android.intent.action.DELETE
cn.client.UninActivity android.intent.action.VIEW
cn.client.UninActivity android.intent.category.DEFAULT
cn.client.UninstallerActivity android.intent.action.DELETE
cn.client.UninstallerActivity android.intent.action.VIEW
cn.client.UninstallerActivity android.intent.category.DEFAULT
cn.client.ClientActivity android.intent.action.MAIN
cn.client.ClientActivity android.intent.category.LAUNCHER
com.shit.ComposeSmsActivity android.intent.action.SEND
com.shit.ComposeSmsActivity android.intent.action.SENDTO
com.shit.ComposeSmsActivity android.intent.category.DEFAULT
com.shit.ComposeSmsActivity android.intent.category.BROWSABLE
危险函数
VirSCANVirSCAN
函数名称 信息
SmsManager;->sendTextMessage 发送普通短信
TelephonyManager;->getLine1Number 获取手机号
ContentResolver;->query 读取联系人、短信等数据库
ContentResolver;->delete 删除短信、联系人
java/net/URL;->openConnection 连接URL
启动方式
VirSCANVirSCAN
名称 信息
cn.client.XReceiver 监控短信(收到短信)启动服务
cn.client.BootReceiver 开机启动服务
cn.client.AlarmReceiver 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.RECEIVE_SMS 监控接收短信
android.permission.READ_SMS 读取短信
android.permission.SEND_SMS 发送短信
android.permission.CALL_PHONE 拨打电话
android.permission.READ_CALL_LOG 读取通话记录
android.permission.WRITE_CALL_LOG 写入通话记录
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_SMS 写短信
android.permission.READ_CONTACTS 读取联系人信息
服务列表
VirSCANVirSCAN
名称
cn.client.HeadlessSmsSendService
cn.client.MyService
文件列表
VirSCANVirSCAN
文件名 校验码
res/layout/activity_main.xml 0x88812392
res/layout/app_details.xml 0xd4aef190
res/layout/dialog.xml 0x187c3fe1
res/layout/float_window_big.xml 0x2aa1402a
res/layout/float_window_small.xml 0x50097ac3
res/layout/float_window_small2.xml 0x93150c30
res/layout/main.xml 0x95405460
res/layout/op_progress.xml 0xedf262e7
res/layout/uninstall_confirm.xml 0x1fc393a0
res/layout/uninstall_progress.xml 0xef7349d1
res/layout/x.xml 0x1846ef2a
res/xml/ds.xml 0xfb63bf32
AndroidManifest.xml 0x96c75e2f
resources.arsc 0x97f4434c
res/drawable-hdpi/bg_big.png 0xe82b0a
res/drawable-hdpi/common_dialog_btn_cancel.xml 0x34d237ea
res/drawable-hdpi/common_dialog_btn_confirm.xml 0xa5b86946
res/drawable-hdpi/popover_base.9.png 0xdbd7c376
res/drawable-hdpi/popover_button_gray_click.9.png 0x14a54551
res/drawable-hdpi/popover_button_gray_normal.9.png 0x6469491e
res/drawable-hdpi/popover_button_white_click.9.png 0x86bd9083
res/drawable-hdpi/popover_button_white_normal.9.png 0x3d61cdd4
res/drawable-ldpi/action_bar_background.xml 0xc6aa00c6
res/drawable-ldpi/iocn.png 0xdf476c6
res/drawable-mdpi/iocn.png 0xdf476c6
res/drawable-mdpi/un_icon.png 0x53796822
classes.dex 0xe5ad0438
javamail.default.address.map 0xf20496b
javamail.charset.map 0xad0dfcee
javamail.smtp.provider 0x990c469d
javamail.imap.provider 0x8934555a
javamail.default.providers 0x45ea1b21
mailcap 0xd7759e43
javamail.smtp.address.map 0xf20496b
dsn.mf 0x1e4e9355
com/sun/mail/dsn/mailcap 0x7605dc17
javamail.pop3.provider 0xa23c9bc
org/apache/harmony/awt/internal/nls/messages.properties 0x5f88eb12
mimetypes.default 0x97dd5cdb
mailcap.default 0x6f616b6
META-INF/MANIFEST.MF 0x308bf9be
META-INF/CERT.SF 0xf0411062
META-INF/CERT.RSA 0xc45697d8
运行截图
VirSCANVirSCAN
VirSCAN