VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2018-05-26 17:43:11 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/15180 10.0.1405 2018-05-23 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 8
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 24602 0.97.5 2018-05-25 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2018-03-29 Found nothing 60
fortinet 1.000, 58.515, 58.446, 58.470 5.4.247 2018-05-26 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.17173 25.17173 2018-05-25 Android.Riskware.Agent.gXWXN 14
ikarus 4.00.06 V1.32.31.0 2018-05-25 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-12-22 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2018-05-25 Android.RISKWARE.luomao.cr.(kcloud) 3
mcafee 8620 5400.1158 2017-08-12 Found nothing 60
nod32 7240 3.0.21 2018-04-18 Found nothing 60
panda 9.05.01 9.05.01 2018-05-25 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-11-18 Found nothing 3
rising 3619 3619 2017-12-26 Found nothing 4
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2018-05-24 Found nothing 2
tws 17.47.17308 1.0.2.2108 2018-05-25 Found nothing 15
vba 3.12.29.5 beta 3.12.29.5 beta 2018-04-10 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_SUPERUSER
文件信息
VirSCANVirSCAN
安全评分 :85
基本信息
VirSCANVirSCAN
MD5:34df4d758b84a3ce26a502aaa42939b8
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:org.sbtools.gamehack
最低运行环境:Android 2.2.x
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
行为描述: 查找指定内核模块
详情信息: lstrcmpiA: ntice.sys <------> ntkrnlpa.exe (ntice.sys)
lstrcmpiA: ntice.sys <------> hal.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> KDCOM.DLL (ntice.sys)
lstrcmpiA: ntice.sys <------> BOOTVID.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> ACPI.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> WMILIB.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> pci.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> isapnp.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> compbatt.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> BATTC.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> intelide.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> PCIIDEX.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> MountMgr.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> ftdisk.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> dmload.sys (ntice.sys)
行为描述: 查找反病毒常用工具窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: www.sysinternals.com]
进程行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
行为描述: 查找指定内核模块
详情信息: lstrcmpiA: ntice.sys <------> ntkrnlpa.exe (ntice.sys)
lstrcmpiA: ntice.sys <------> hal.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> KDCOM.DLL (ntice.sys)
lstrcmpiA: ntice.sys <------> BOOTVID.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> ACPI.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> WMILIB.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> pci.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> isapnp.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> compbatt.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> BATTC.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> intelide.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> PCIIDEX.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> MountMgr.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> ftdisk.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> dmload.sys (ntice.sys)
行为描述: 查找反病毒常用工具窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: www.sysinternals.com]
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\GDIPlus\FontCachePath
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: rank
行为描述: 内联HOOK
详情信息: C:\WINDOWS\system32\shell32.dll--->SHLockShared Offset = 0x5635161
C:\WINDOWS\system32\ntdll.dll--->DbgBreakPoint Offset = 0x0
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [18467-41,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述: 尝试打开调试器或监控软件的驱动设备对象
详情信息: \??\SICE
\??\SIWVID
\??\NTICE
行为描述: 窗口信息
详情信息: Pid = 560, Hwnd=0xb0184, Text = toolBar1, ClassName = WindowsForms10.Window.8.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xa018c, Text = 查询条件, ClassName = WindowsForms10.Window.8.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xe016e, Text = 点击查看本软件的使用帮助, ClassName = WindowsForms10.STATIC.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xd01a4, Text = 单个关键词, ClassName = WindowsForms10.COMBOBOX.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb01be, Text = 清除ie垃圾, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xc01b4, Text = 查询页数, ClassName = WindowsForms10.STATIC.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb0170, Text = 5, ClassName = WindowsForms10.COMBOBOX.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xd01ac, Text = 5, ClassName = Edit.
Pid = 560, Hwnd=0xb0192, Text = 旺旺ID, ClassName = WindowsForms10.STATIC.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb0174, Text = 开始查询, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xd0190, Text = 直通车, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xc01b6, Text = 销量, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xe01b8, Text = 人气, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb01e0, Text = 默认, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xc01c2, Text = 逐鹿即时查询排名软件 - 请加逐鹿QQ:859357875为好友,空间持续分享干货!, ClassName = WindowsForms10.Window.8.app.0.2bf8098_r24_ad1.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
行为描述: 查找指定内核模块
详情信息: lstrcmpiA: ntice.sys <------> ntkrnlpa.exe (ntice.sys)
lstrcmpiA: ntice.sys <------> hal.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> KDCOM.DLL (ntice.sys)
lstrcmpiA: ntice.sys <------> BOOTVID.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> ACPI.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> WMILIB.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> pci.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> isapnp.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> compbatt.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> BATTC.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> intelide.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> PCIIDEX.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> MountMgr.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> ftdisk.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> dmload.sys (ntice.sys)
行为描述: 查找反病毒常用工具窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: www.sysinternals.com]
异常崩溃
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: rank
行为描述: 内联HOOK
详情信息: C:\WINDOWS\system32\shell32.dll--->SHLockShared Offset = 0x5635161
C:\WINDOWS\system32\ntdll.dll--->DbgBreakPoint Offset = 0x0
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [18467-41,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述: 尝试打开调试器或监控软件的驱动设备对象
详情信息: \??\SICE
\??\SIWVID
\??\NTICE
行为描述: 窗口信息
详情信息: Pid = 560, Hwnd=0xb0184, Text = toolBar1, ClassName = WindowsForms10.Window.8.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xa018c, Text = 查询条件, ClassName = WindowsForms10.Window.8.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xe016e, Text = 点击查看本软件的使用帮助, ClassName = WindowsForms10.STATIC.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xd01a4, Text = 单个关键词, ClassName = WindowsForms10.COMBOBOX.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb01be, Text = 清除ie垃圾, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xc01b4, Text = 查询页数, ClassName = WindowsForms10.STATIC.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb0170, Text = 5, ClassName = WindowsForms10.COMBOBOX.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xd01ac, Text = 5, ClassName = Edit.
Pid = 560, Hwnd=0xb0192, Text = 旺旺ID, ClassName = WindowsForms10.STATIC.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb0174, Text = 开始查询, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xd0190, Text = 直通车, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xc01b6, Text = 销量, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xe01b8, Text = 人气, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xb01e0, Text = 默认, ClassName = WindowsForms10.BUTTON.app.0.2bf8098_r24_ad1.
Pid = 560, Hwnd=0xc01c2, Text = 逐鹿即时查询排名软件 - 请加逐鹿QQ:859357875为好友,空间持续分享干货!, ClassName = WindowsForms10.Window.8.app.0.2bf8098_r24_ad1.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
行为描述: 查找指定内核模块
详情信息: lstrcmpiA: ntice.sys <------> ntkrnlpa.exe (ntice.sys)
lstrcmpiA: ntice.sys <------> hal.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> KDCOM.DLL (ntice.sys)
lstrcmpiA: ntice.sys <------> BOOTVID.dll (ntice.sys)
lstrcmpiA: ntice.sys <------> ACPI.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> WMILIB.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> pci.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> isapnp.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> compbatt.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> BATTC.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> intelide.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> PCIIDEX.SYS (ntice.sys)
lstrcmpiA: ntice.sys <------> MountMgr.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> ftdisk.sys (ntice.sys)
lstrcmpiA: ntice.sys <------> dmload.sys (ntice.sys)
行为描述: 查找反病毒常用工具窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: www.sysinternals.com]
危险行为
VirSCANVirSCAN
行为描述: 执行系统命令
详情信息: chmod 755 /data/data/org.sbtools.gamehack/files/cmdline
行为描述: 获取已安装应用列表
详情信息: android
com.android.backupconfirm
com.android.bluetooth
com.android.browser
com.android.calculator2
com.android.calendar
com.android.certinstaller
com.android.contacts
com.android.defcontainer
com.android.deskclock
com.android.development
com.android.email
com.android.exchange
com.android.galaxy4
com.android.gallery3d
com.android.gesture.builder
com.android.htmlviewer
com.android.inputdevices
com.android.inputmethod.latin
com.android.inputmethod.pinyin
com.android.keychain
com.android.launcher
com.android.magicsmoke
com.android.mms
com.android.music
com.android.musicfx
com.android.musicvis
com.android.noisefield
com.android.packageinstaller
com.android.phasebeam
com.android.phone
com.android.providers.applications
com.android.providers.calendar
com.android.providers.contacts
com.android.providers.downloads
com.android.providers.downloads.ui
com.android.providers.drm
com.android.providers.media
com.android.providers.settings
com.android.providers.telephony
com.android.providers.userdictionary
com.android.provision
com.android.quicksearchbox
com.android.settings
com.android.sharedstoragebackup
com.android.smoketest
com.android.smoketest.tests
com.android.smspush
com.android.soundrecorder
com.android.speechrecorder
com.android.systemui
com.android.videoeditor
com.android.voicedialer
com.android.vpndialogs
com.android.wallpaper
com.android.wallpaper.holospiral
com.android.wallpaper.livepicker
com.android.widgetpreview
com.example.android.apis
com.example.android.livecubes
com.example.android.softkeyboard
com.svox.pico
jp.co.omronsoft.openwnn
org.sbtools.gamehack
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/798/cmdline length:105
path:/proc/810/cmdline length:105
path:/proc/840/cmdline length:105
path:/proc/853/cmdline length:105
path:pipe:[3567] length:6
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/org.sbtools.gamehack-1.apk
行为描述: 执行系统命令
详情信息: chmod 755 /data/data/org.sbtools.gamehack/files/cmdline
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/org.sbtools.gamehack/files/gamehack length:62
path:/data/data/org.sbtools.gamehack/files/gamehack length:62
path:/data/data/org.sbtools.gamehack/files/gamehack length:53
path:/data/data/org.sbtools.gamehack/files/gamehack length:56
path:/data/data/org.sbtools.gamehack/files/gamehack length:49
path:/data/data/org.sbtools.gamehack/files/gamehack length:56
path:/data/data/org.sbtools.gamehack/files/gamehack length:57
path:/data/data/org.sbtools.gamehack/files/gamehack length:39
path:/data/data/org.sbtools.gamehack/files/gamehack length:44
path:/data/data/org.sbtools.gamehack/files/gamehack length:56
path:/data/data/org.sbtools.gamehack/files/gamehack length:55
path:/data/data/org.sbtools.gamehack/files/gamehack length:42
path:/data/data/org.sbtools.gamehack/files/gamehack length:49
path:/data/data/org.sbtools.gamehack/files/gamehack length:57
path:/data/data/org.sbtools.gamehack/files/gamehack length:49
path:/data/data/org.sbtools.gamehack/files/gamehack length:49
path:/data/data/org.sbtools.gamehack/files/gamehack length:50
path:/data/data/org.sbtools.gamehack/files/gamehack length:57
path:/data/data/org.sbtools.gamehack/files/gamehack length:63
path:/data/data/org.sbtools.gamehack/files/gamehack length:54
path:/data/data/org.sbtools.gamehack/files/gamehack length:54
path:/data/data/org.sbtools.gamehack/files/gamehack length:56
path:/data/data/org.sbtools.gamehack/files/gamehack length:58
path:/data/data/org.sbtools.gamehack/files/gamehack length:56
path:/data/data/org.sbtools.gamehack/files/gamehack length:49
path:/data/data/org.sbtools.gamehack/files/gamehack length:56
path:/data/data/org.sbtools.gamehack/files/gamehack length:57
path:/data/data/org.sbtools.gamehack/files/gamehack length:58
path:/data/data/org.sbtools.gamehack/files/gamehack length:65
path:/data/data/org.sbtools.gamehack/files/sbtime.so length:103
path:/data/data/org.sbtools.gamehack/files/sbtime.so length:24
path:/data/data/org.sbtools.gamehack/files/sbtime.so length:58
path:/data/data/org.sbtools.gamehack/files/sbtime.so length:61
path:/data/data/org.sbtools.gamehack/files/sbtime.so length:105
path:/data/data/org.sbtools.gamehack/files/cmdline length:100
path:/data/data/org.sbtools.gamehack/files/cmdline length:65
path:/data/data/org.sbtools.gamehack/files/cmdline length:105
path:pipe:[3566] length:51
path:/data/data/org.sbtools.gamehack/shared_prefs/3.0sb_hacker.xml length:105
行为描述: 获取已安装应用列表
详情信息: android
com.android.backupconfirm
com.android.bluetooth
com.android.browser
com.android.calculator2
com.android.calendar
com.android.certinstaller
com.android.contacts
com.android.defcontainer
com.android.deskclock
com.android.development
com.android.email
com.android.exchange
com.android.galaxy4
com.android.gallery3d
com.android.gesture.builder
com.android.htmlviewer
com.android.inputdevices
com.android.inputmethod.latin
com.android.inputmethod.pinyin
com.android.keychain
com.android.launcher
com.android.magicsmoke
com.android.mms
com.android.music
com.android.musicfx
com.android.musicvis
com.android.noisefield
com.android.packageinstaller
com.android.phasebeam
com.android.phone
com.android.providers.applications
com.android.providers.calendar
com.android.providers.contacts
com.android.providers.downloads
com.android.providers.downloads.ui
com.android.providers.drm
com.android.providers.media
com.android.providers.settings
com.android.providers.telephony
com.android.providers.userdictionary
com.android.provision
com.android.quicksearchbox
com.android.settings
com.android.sharedstoragebackup
com.android.smoketest
com.android.smoketest.tests
com.android.smspush
com.android.soundrecorder
com.android.speechrecorder
com.android.systemui
com.android.videoeditor
com.android.voicedialer
com.android.vpndialogs
com.android.wallpaper
com.android.wallpaper.holospiral
com.android.wallpaper.livepicker
com.android.widgetpreview
com.example.android.apis
com.example.android.livecubes
com.example.android.softkeyboard
com.svox.pico
jp.co.omronsoft.openwnn
org.sbtools.gamehack
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
org.sbtools.gamehack.MainActivity android.intent.action.MAIN
org.sbtools.gamehack.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
java/net/URL;->openConnection 连接URL
ContentResolver;->query 读取联系人、短信等数据库
ContentResolver;->delete 删除短信、联系人
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_SUPERUSER
服务列表
VirSCANVirSCAN
名称
org.sbtools.gamehack.service.FlowServ
Providers
VirSCANVirSCAN
名称 信息
org.sbtools.gamehack.service.FlowServ
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xd82f611d
META-INF/CERT.SF 0xcbec12f
META-INF/CERT.RSA 0xa31799bf
res/drawable/seek_bar.xml 0x9f089bad
res/anim/push_up_out.xml 0xd2e54b61
res/drawable-xhdpi/btn_main_line_normal.9.png 0x609a8e9
res/drawable-hdpi/ic_default.png 0xa7ec634b
res/drawable-hdpi/bg_continue_search.9.png 0xe3270f2c
res/drawable/btn_green_selector.xml 0xad050ce
res/drawable-hdpi/ic_result_edit.png 0x82290489
res/drawable-hdpi/checked.png 0xbdc16712
res/anim/activity_open_enter.xml 0xd5785e0d
res/drawable-hdpi/ic_text_modify.png 0x48e273b4
res/drawable-hdpi/message_course.png 0x42ebd605
res/drawable-hdpi/bg_setting_help_tip.9.png 0x5969f4a
res/drawable/bg_translucence_selector.xml 0xf8c62bd5
res/drawable-hdpi/ic_speed_pause.png 0xc9e1c7ee
res/layout/fuzzy_filter.xml 0xfee15285
res/layout/onekeymodif_view.xml 0x8bdf1254
res/drawable-hdpi/message_kit.png 0x3296b153
res/drawable-xhdpi/btn_setting_center_normal.9.png 0x99fe7282
res/drawable/bg_line_translucence_selector.xml 0xf809d1fd
res/layout/main_view.xml 0x26686e5d
res/drawable-hdpi/vips06.png 0xf205b8b5
res/layout/item_search.xml 0x3d80a7c4
res/drawable-hdpi/btn_bg.9.png 0xa939045e
res/drawable-xhdpi/ic_stock_lock.png 0x3c21d6e6
res/drawable-xhdpi/ic_search_tip_green.png 0xd4c8bde0
res/drawable-nodpi/ic_textfield_normal.9.png 0x3a7f6773
res/drawable-hdpi/ic_msg_popup.9.png 0x6492153b
res/drawable-hdpi/ic_window_minisize.png 0x13dd5bdc
res/drawable-hdpi/abs__list_focused_holo.9.png 0x4706c1df
res/layout/mainview_result_operation.xml 0x932e1c51
res/layout/activity_help_content.xml 0x95941b7
res/drawable-hdpi/ic_homepage.png 0x7778e28
res/drawable-hdpi/mofifed.png 0x1fca4a93
res/drawable-xhdpi/ic_text_modify.png 0x313f91dc
res/drawable-hdpi/textfield_disabled_focused.9.png 0x5d85e03b
assets/cmdline 0x32b27aff
res/layout/mainview_multiple_search.xml 0xa045b048
res/drawable-hdpi/ic_key_search.png 0xfabd989
res/drawable-hdpi/text_block_blue.png 0x70512f8
res/drawable-hdpi/helpmessage_icon.png 0xdd22ff89
res/drawable-hdpi/update_bg.9.png 0x6fd3f82b
res/drawable-hdpi/abs__list_divider_holo_dark.9.png 0xe4823600
res/drawable-xhdpi/bg_speed_dashboard.9.png 0x14132bdd
res/drawable-hdpi/update.png 0x1e2a6fd1
res/layout/item_more.xml 0x23664a9a
res/drawable-hdpi/ic_key_del.png 0x2db980c1
res/drawable-hdpi/bg_line_translucence.9.png 0x11c93903
res/layout/activity_help.xml 0xa7f291a6
res/drawable-hdpi/helpmessage_bg.9.png 0x28b9cbb0
res/drawable-hdpi/ic_key_hide.png 0x450ff870
res/drawable-xhdpi/ic_main_search_settings.png 0x7447ee7e
res/layout/mainview_search_list.xml 0xc8a1388
res/drawable-nodpi/_ic_qihoo.png 0xf4e97b20
res/drawable-xhdpi/ic_check_item_unchecked.png 0xa4e586ba
res/layout/dialog_offset.xml 0xe98a56f2
res/drawable-hdpi/ic_speed_resume.png 0x3e1998d5
res/drawable-hdpi/btn_green_normal.9.png 0x9552f471
res/drawable/btn_bg_selector.xml 0xd28624c1
res/layout/item_numberoroffset.xml 0x2b0ab52
res/layout/activity_main.xml 0x4d278bf9
res/layout/memorytools_title.xml 0x4f5c3a64
res/drawable-hdpi/sbjiasu.png 0xedd9bf29
res/layout/activity_support.xml 0xdfc374f9
res/drawable/edit_text_holo_light.xml 0x4ed5abad
res/drawable-hdpi/text_block_red.png 0x1e5dc10d
res/drawable-hdpi/dialog_window_bg.9.png 0xe303da90
res/drawable/memorytools_save_selector.xml 0x2b76a5d7
assets/guide.html 0x133b0856
res/drawable-xhdpi/ic_flowicon_speed.png 0xba5b8fc7
res/layout/search_list_item.xml 0xf6038e3b
res/drawable-hdpi/vips01.png 0xb2b45a23
res/drawable-hdpi/ic_back.png 0x41d0fc0f
res/layout/mainview_search_result.xml 0x29d783aa
res/layout/item_course.xml 0x86f5a7f9
lib/armeabi/libencode.so 0xa2503365
res/drawable-hdpi/text_block_gray.png 0x68ca8f8
res/drawable/keybtn_bg.xml 0xed03a501
res/drawable-hdpi/list_divider_holo_dark.9.png 0xe4823600
res/drawable-xhdpi/ic_text_fuzzy_decreased.png 0x58d7b1d0
res/drawable/list_selector_background_transition.xml 0xc7e0ec65
res/layout/select_dialog_multichoice.xml 0x1e1754a8
res/drawable-hdpi/bg_line_transparent.9.png 0x51ce11b1
res/drawable-hdpi/abs__list_divider_holo_light.9.png 0xb0dc2b05
res/layout/onekey_modif_item.xml 0xef81a885
res/drawable/list_selector_background.xml 0x7b42463c
res/drawable-xhdpi/ic_continue_search_light.png 0xda04a0f7
res/drawable-xhdpi/ic_msg_pack.png 0xc3a33b21
res/drawable-hdpi/ic_fuc_m_memtools.png 0x62d341b9
res/layout/memorytools_view.xml 0x99cdfb0b
res/layout/item_help.xml 0xebe63c6d
res/drawable/tab_breakline.xml 0xe7d0866b
res/drawable-hdpi/bg_onekey_step1.png 0x90d74ae3
res/drawable-ldpi/ic_launcher.png 0xedc3719f
res/drawable-xhdpi/ic_msgbox.png 0xee0974ec
res/layout/memorytools_address_view.xml 0xb7152f03
res/drawable-xhdpi/ic_speed_dashboard.png 0xddbdc79b
res/drawable-hdpi/ic_speed_acc.png 0xe3ec6972
res/drawable-xhdpi/ic_main_change_searchmode.png 0xcb073df9
res/layout/key_panel.xml 0xc4232043
res/layout/item_recommend.xml 0xef310439
res/drawable-xhdpi/ic_game_stop.png 0x934a6d73
res/layout/menu_view.xml 0xf4ec3db0
res/layout/update_progress.xml 0x5e05888a
res/drawable-hdpi/btn_orange_normal.9.png 0x5c55c100
res/drawable-hdpi/miui.jpg 0xb8a14f11
res/drawable-xhdpi/ic_msg_course.png 0xc94a0b87
res/drawable-hdpi/ic_speed_dashboard.png 0x414ce4db
res/drawable-hdpi/vips0.png 0x308b5b08
res/drawable-xhdpi/btn_setting_right_checked.9.png 0xfbf8e70
res/layout/select_dialog_item.xml 0x55e86579
assets/user.html 0xf78f1fd
res/drawable-xhdpi/ic_reset.png 0x289eec29
res/drawable-xhdpi/btn_setting_center_checked.9.png 0x181affe2
res/drawable-xhdpi/ic_search.png 0x359f9ba5
res/drawable/text_blockcheck_selector.xml 0xcf9dee76
res/drawable-xhdpi/ic_stock_lock_open.png 0x34ba19a5
res/drawable-hdpi/textfield_focused.9.png 0x152ab5de
res/drawable-nodpi/btn_main_c_normal.9.png 0x169f3dc5
res/drawable-hdpi/message_onekey.png 0xf61e01a5
res/layout/sb_alert_dialog.xml 0xe586d6df
res/layout/fuzzy_match.xml 0x1f0fc478
res/layout/speed_view.xml 0x129a5466
res/drawable-xhdpi/btn_setting_right_normal.9.png 0xbeee632c
res/layout/activity_miuinowindow.xml 0x8a41c337
res/drawable-hdpi/ic_fuc_m_pref.png 0x4c4049f
res/drawable-xhdpi/user_guide.png 0xd6e68302
res/drawable-xhdpi/btn_main_line_pressed.9.png 0x748a0deb
res/layout/activity_help_title.xml 0x7e7ff318
res/drawable-hdpi/ic_fuc_m_course.png 0x344e06c0
res/drawable-nodpi/ic_textfield_focused.9.png 0x87583d50
res/layout/add_address_edit.xml 0x25e0a3e5
res/drawable/memorytools_tab_selector.xml 0xe993667
res/drawable-xhdpi/ic_window_minisize.png 0x98545366
res/layout/select_dialog_singlechoice.xml 0xe24bb82a
res/drawable-hdpi/ic_speed_dec.png 0x868c70ab
res/drawable/edit_text.xml 0x2ea34807
res/drawable-hdpi/btn_check_off_holo_dark_s.png 0x2ee222c2
res/drawable-hdpi/exit.png 0x460b2618
res/layout/memorytools_calcaddress_view.xml 0xbff26cfa
res/layout/item_edit_layout2.xml 0x8d8234c3
res/layout/settingstyle_view.xml 0xf702d621
res/drawable/btn_orange_selector.xml 0xd0021cd
res/drawable-hdpi/ic_stock_lock.png 0xba02951e
res/drawable-xhdpi/ic_text_fuzzy_increased.png 0x49c6328a
res/drawable-hdpi/ic_text_fuzzy_changed.png 0x485d9320
res/drawable-hdpi/search.png 0xf345ea9c
res/drawable-hdpi/vips02.png 0x591a145c
resources.arsc 0x7ef760b2
res/anim/activity_close_exit.xml 0x1e8c1f0e
AndroidManifest.xml 0xdf937186
res/drawable/seekbarstyle.xml 0xe0abf6c2
res/drawable-hdpi/vips04.png 0xf8800acb
res/drawable-xhdpi/ic_speed_pause.png 0x184e1c34
res/drawable-xhdpi/ic_game_start.png 0x66f1e943
res/drawable-hdpi/ic_sb_fuzhu.png 0x57da4b8a
res/drawable/keybtn_fuhao_bg.xml 0xa4b57002
res/drawable-hdpi/vips03.png 0x285c4028
res/drawable-hdpi/ic_reset.png 0xa17d0449
res/drawable-hdpi/key_digit1_pressed.9.png 0xe40f4539
res/drawable/ic_check_item.xml 0x5399ed1c
res/drawable-hdpi/ic_text_fuzzy_decreased.png 0x6ff91a8d
res/drawable-hdpi/memory_num_edit.png 0xdbec129d
res/layout/onekeyrunning_view.xml 0xf20b9466
res/drawable/select_dialog_singlechoice.xml 0x8a0470d7
assets/hook 0x4b183e89
assets/gamehack 0x780696b9
res/drawable-xhdpi/ic_key_hide.png 0x48b255ee
res/layout/update_progress_view.xml 0xfa20b97f
res/drawable-hdpi/menu_fuzhu_logo.png 0x824f0f45
classes.dex 0xcb616f5c
res/drawable-hdpi/line_horizontal.png 0x59eab316
res/drawable-hdpi/ic_stock_lock_open.png 0xa6d9ebc6
res/layout/modify_option_value_layout.xml 0x2335331b
res/drawable-hdpi/vips07.png 0x80c61715
res/drawable-hdpi/textfield_disabled.9.png 0x82b12aa2
res/layout/saved_list_item.xml 0x44ae63ff
res/drawable-hdpi/sb_love.png 0xeeb903f8
res/layout/onekey_flow_layout.xml 0x58855ef
res/layout/support_listheader.xml 0x9f79a239
res/layout/memorytools_calcoffset_view.xml 0xcdfd87e3
res/drawable-hdpi/ic_flowicon.png 0xfc71102b
res/drawable-hdpi/ic_hep_tip.png 0x2c354c19
res/drawable-xhdpi/ic_launcher.png 0xab83d1b4
res/anim/activity_open_exit.xml 0x63984bef
res/layout/support_listfooter.xml 0x90b085d8
res/drawable-hdpi/ic_game_stop.png 0xe42a24ad
res/layout/select_dialog.xml 0x44f72b29
res/layout/simple_online_textview.xml 0xc2366c9c
res/drawable-hdpi/text_block_green.png 0xab7868f5
res/drawable-hdpi/textfield_default.9.png 0x696f7e39
res/drawable-hdpi/alldownload.png 0x5c62bc3b
res/layout/memorytools_saveload_view.xml 0x57ac13ec
res/drawable-hdpi/edittext_p.9.png 0x98b0e12d
res/drawable-xhdpi/ic_close.png 0x1f39590d
res/layout/activity_webview.xml 0xa417b390
res/drawable-xhdpi/ic_speed_resume.png 0x2873f2be
res/layout/activity_helplist.xml 0xdf4d5eec
res/interpolator/decelerate_quint.xml 0x5f732b62
res/drawable-xhdpi/ic_delete.png 0x505ac2ea
res/drawable-mdpi/ic_flowicon.png 0xec51d353
res/drawable-xhdpi/ic_back.png 0xaedf5f2a
res/drawable-hdpi/list_item_p.9.png 0x1fe96d2f
res/drawable-hdpi/ic_menu.png 0x43f69975
res/drawable-hdpi/edittext_n.9.png 0xa12815ba
res/anim/push_down_in.xml 0x34e8c1cd
res/drawable/btn_main_line.xml 0xe66a2cb
res/drawable-xhdpi/ic_search_tip_gray.png 0x916250
res/drawable-xhdpi/menu_fuzhu_logo.png 0x32e08e3a
res/drawable-xhdpi/ic_check_item_checked.png 0xe190eec9
res/drawable-hdpi/ic_text_fuzzy_equal.png 0xb4c9f65
res/drawable-xhdpi/btn_setting_left_normal.9.png 0x7fa67320
res/drawable-hdpi/back.png 0x41d0fc0f
res/drawable-xhdpi/btn_setting_left_checked.9.png 0x3bf29499
res/drawable/btn_check_holo_dark_s.xml 0x82ad7330
res/drawable/selector_item_search_model.xml 0xfed11f4f
res/drawable-hdpi/line_vertical.png 0x80889c0e
res/layout/dialog_webview.xml 0xf3b8251
res/layout/item_text.xml 0x3ca92284
res/drawable-hdpi/helpnumber_bg.9.png 0xfeb6aa91
res/drawable-hdpi/bg_help_entry.9.png 0x439b8197
res/layout/memory_search_list_item.xml 0xf00fb0b1
res/drawable-hdpi/vips05.png 0x60ddae5a
res/drawable-xhdpi/ic_continue_search.png 0x149f148e
res/drawable-hdpi/emptyview.png 0x6570d5d2
res/drawable-xhdpi/ic_msg_modify.png 0xcdc7f1c6
res/anim/activity_close_enter.xml 0xc189f039
res/drawable-hdpi/btn_orange_pressed.9.png 0xb9006f7
res/layout/text_spinner.xml 0x82338ce7
res/drawable-hdpi/btn_green_pressed.9.png 0xab91edfc
res/drawable/title_selector.xml 0xf9162946
res/drawable/btn_main_c.xml 0x862cb612
res/drawable/btn_setting_center.xml 0x51b85fcc
res/layout/item_settingstyle.xml 0x4b5e543
res/layout/item_support.xml 0x5781eee2
res/drawable/memory_edit_selector.xml 0x19db839c
res/layout/main_footer.xml 0x29f9141
res/drawable-hdpi/ic_msg_popup_closed.9.png 0x21a205d3
res/layout/item_clear.xml 0xf0f6beb8
res/drawable-hdpi/seekbar.png 0x7a2014f3
res/layout/dialog_web_view.xml 0x20783cfb
res/drawable-hdpi/ic_game_start.png 0xb5082311
res/layout/menu_tools_dialog.xml 0x7b9a0270
res/drawable-hdpi/arrow_down.png 0xc8588dba
res/drawable-xhdpi/ic_text_fuzzy_equal.png 0x85d2fa9
res/drawable-hdpi/ic_fuc_m_onekey.png 0xc3c7e83a
res/drawable-hdpi/ic_main_search_settings.png 0x51ce30b0
res/layout/course_view.xml 0xf746ff16
res/drawable-hdpi/memory_addressbtn_bg.9.png 0x93151b21
res/drawable-xhdpi/ic_menu.png 0x98ecaacf
res/interpolator/decelerate_cubic.xml 0xd7dca711
res/drawable-mdpi/ic_launcher.png 0x6bc3c68
res/drawable-nodpi/btn_main_c_pressed.9.png 0x598546a5
res/layout/item_dialog.xml 0x29c04001
res/drawable-hdpi/btn_check_on_holo_dark_s.png 0x12d86d8f
res/drawable-xhdpi/ic_confirm.png 0x76b31cc
res/drawable/textfield_bg.xml 0x3f9ef9c3
res/layout/main_header.xml 0xe853b10a
res/drawable-hdpi/ic_text_fuzzy_increased.png 0x8f243062
运行截图
VirSCANVirSCAN
VirSCAN