VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-06-22 19:43:27 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14054 10.0.1405 2017-06-14 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 8
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23482 0.97.5 2017-06-17 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 49.652, 49.652, 49.652 5.4.233 2017-06-22 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.12977 25.12977 2017-06-21 Android.Trojan.AndroRAT.E 11
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-06-20 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-06-21 Found nothing 7
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-06-20 Found nothing 3
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-06-21 Android.Sandr.A 2
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 1
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-06-18 Found nothing 1
tws 17.47.17308 1.0.2.2108 2017-06-21 Found nothing 13
vba 3.12.29.5 beta 3.12.29.5 beta 2017-06-21 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.READ_SMS 读取短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.INTERNET 连接网络(2G或3G)
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_SMS 写短信
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CAMERA 访问照相机设备
android.permission.WRITE_CONTACTS 写入联系人信息
android.permission.READ_CONTACTS 读取联系人信息
android.permission.SEND_SMS 发送短信
android.permission.READ_CALL_LOG 读取通话记录
android.permission.WRITE_CALL_LOG 写入通话记录
android.permission.GET_ACCOUNTS 访问账户列表
com.android.browser.permission.READ_HISTORY_BOOKMARKS 读取浏览器书签
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CALL_PHONE 拨打电话
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:66e36c8911308451e5bbc260cc8b19df
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:net.droidjack.server
最低运行环境:Android 2.2.x
版权:Londatiga
关键行为
VirSCANVirSCAN
行为描述: 获取TickCount值
详情信息: TickCount = 5432775, SleepMilliseconds = 10.
TickCount = 5432916, SleepMilliseconds = 10.
TickCount = 5432947, SleepMilliseconds = 10.
TickCount = 5432994, SleepMilliseconds = 10.
TickCount = 5433088, SleepMilliseconds = 10.
TickCount = 5433103, SleepMilliseconds = 10.
TickCount = 5433197, SleepMilliseconds = 10.
TickCount = 5433213, SleepMilliseconds = 10.
TickCount = 5433306, SleepMilliseconds = 10.
TickCount = 5433322, SleepMilliseconds = 10.
TickCount = 5433353, SleepMilliseconds = 10.
TickCount = 5433416, SleepMilliseconds = 10.
TickCount = 5433431, SleepMilliseconds = 10.
TickCount = 5433525, SleepMilliseconds = 10.
TickCount = 5433541, SleepMilliseconds = 10.
进程行为
VirSCANVirSCAN
行为描述: 获取TickCount值
详情信息: TickCount = 5432775, SleepMilliseconds = 10.
TickCount = 5432916, SleepMilliseconds = 10.
TickCount = 5432947, SleepMilliseconds = 10.
TickCount = 5432994, SleepMilliseconds = 10.
TickCount = 5433088, SleepMilliseconds = 10.
TickCount = 5433103, SleepMilliseconds = 10.
TickCount = 5433197, SleepMilliseconds = 10.
TickCount = 5433213, SleepMilliseconds = 10.
TickCount = 5433306, SleepMilliseconds = 10.
TickCount = 5433322, SleepMilliseconds = 10.
TickCount = 5433353, SleepMilliseconds = 10.
TickCount = 5433416, SleepMilliseconds = 10.
TickCount = 5433431, SleepMilliseconds = 10.
TickCount = 5433525, SleepMilliseconds = 10.
TickCount = 5433541, SleepMilliseconds = 10.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\krnln.fnr
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\exui.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.dll
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db-journal
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\krnln.fnr
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\exui.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.dll
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\mdata.db
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db-journal
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\krnln.fnr ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\exui.fne ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.fne ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db-journal ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db-journal ---> Offset = 512
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db-journal ---> Offset = 516
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db-journal ---> Offset = 1540
C:\Documents and Settings\Administrator\Local Settings\%temp%\mdate.db ---> Offset = 1024
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.EGJ
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = MSCTF.SendReceive.Event.EGJ.IC
EventName = MSCTF.SendReceiveConection.Event.EGJ.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000052
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000052
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
行为描述: 获取TickCount值
详情信息: TickCount = 5432775, SleepMilliseconds = 10.
TickCount = 5432916, SleepMilliseconds = 10.
TickCount = 5432947, SleepMilliseconds = 10.
TickCount = 5432994, SleepMilliseconds = 10.
TickCount = 5433088, SleepMilliseconds = 10.
TickCount = 5433103, SleepMilliseconds = 10.
TickCount = 5433197, SleepMilliseconds = 10.
TickCount = 5433213, SleepMilliseconds = 10.
TickCount = 5433306, SleepMilliseconds = 10.
TickCount = 5433322, SleepMilliseconds = 10.
TickCount = 5433353, SleepMilliseconds = 10.
TickCount = 5433416, SleepMilliseconds = 10.
TickCount = 5433431, SleepMilliseconds = 10.
TickCount = 5433525, SleepMilliseconds = 10.
TickCount = 5433541, SleepMilliseconds = 10.
行为描述: 窗口信息
详情信息: Pid = 2400, Hwnd=0x303dc, Text = 资料记录软件登陆界面, ClassName = WTWindow.
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\krnln.fnr(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\exui.fne(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.fne(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.dll(签名验证: 未通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 10.
[2]: MilliSeconds = 10.
[3]: MilliSeconds = 10.
[4]: MilliSeconds = 10.
[5]: MilliSeconds = 10.
[6]: MilliSeconds = 10.
[7]: MilliSeconds = 10.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,WindowEx]
[Window,Class] = [,PictureEx]
[Window,Class] = [,ButtonEx]
[Window,Class] = [,EditboxEx]
[Window,Class] = [,LabelEx]
[Window,Class] = [,MinutesboxEx]
[Window,Class] = [,ChoiceboxEx]
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\krnln.fnr ---> b3b09f4a3a6704000c3a0c6acc825e9d
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\exui.fne ---> 855e299574af6b3d878625b4b0207668
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.fne ---> 430c1c7c7c32e2c90a869779b0b4a238
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite\sqlite3.dll ---> 495d3d4af3dfc66c67ce230f81070058
行为描述: 打开互斥体
详情信息: ShimCacheMutex
行为描述: 加载新释放的文件
详情信息: Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sqlite\krnln.fnr.
Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sqlite\sqlite3.dll.
Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sqlite\exui.fne.
Activities
VirSCANVirSCAN
活动名 类型
net.droidjack.server.MainActivity android.intent.action.MAIN
net.droidjack.server.MainActivity android.intent.category.LAUNCHER
net.droidjack.server.CamSnap android.intent.action.CAMSNAP
net.droidjack.server.CamSnap android.intent.category.DEFAULT
net.droidjack.server.VideoCap android.intent.action.VIDEOCAP
net.droidjack.server.VideoCap android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
WifiManager;->setWifiEnabled 变更WIFI状态
MediaRecorder;->setAudioSource 开启录音功能
ContentResolver;->query 读取联系人、短信等数据库
ContentResolver;->delete 删除短信、联系人
LocationManager;->getLastKnownLocation 获取地址位置
MediaRecorder;->setVideoSource 开启视频录制
Camera;->open 开启相机
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
TelephonyManager;->getLine1Number 获取手机号
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
SmsManager;->sendMultipartTextMessage 发送彩信
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
启动方式
VirSCANVirSCAN
名称 信息
net.droidjack.server.Connector 网络连接改变时启动服务
net.droidjack.server.Connector 开机启动服务
net.droidjack.server.CallListener
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_SMS 读取短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.INTERNET 连接网络(2G或3G)
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_SMS 写短信
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CAMERA 访问照相机设备
android.permission.WRITE_CONTACTS 写入联系人信息
android.permission.READ_CONTACTS 读取联系人信息
android.permission.SEND_SMS 发送短信
android.permission.READ_CALL_LOG 读取通话记录
android.permission.WRITE_CALL_LOG 写入通话记录
android.permission.GET_ACCOUNTS 访问账户列表
com.android.browser.permission.READ_HISTORY_BOOKMARKS 读取浏览器书签
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CALL_PHONE 拨打电话
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
服务列表
VirSCANVirSCAN
名称
net.droidjack.server.Controller
net.droidjack.server.GPSLocation
net.droidjack.server.Toaster
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xc61d5a93
META-INF/CERT.SF 0xc24c38b5
META-INF/CERT.RSA 0x7d9fc1fa
AndroidManifest.xml 0x3b7d132b
res/drawable-mdpi/ic_launcher.png 0xa5bfa0ca
res/layout/cameraview.xml 0xe13d755c
res/layout/activity_main.xml 0xc63537ca
resources.arsc 0x43f8af77
res/drawable-hdpi/ic_launcher.png 0x5f8a1eb4
res/drawable-xhdpi/ic_launcher.png 0xc9c090e8
classes.dex 0xde6a296d
res/layout/videoview.xml 0xfcc90b10
运行截图
VirSCANVirSCAN
VirSCAN