VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:2%Scanner(s) (1/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-06 17:10:22 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 4
antivir 1.9.2.0 1.9.159.0 7.11.183.62 Found nothing 14
antiy 112633 AVL141104 2014-11-05 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141105-0 4.7.4 2014-11-05 Found nothing 29
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 2
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57568 7.90123 2014-11-05 Found nothing 7
clamav 19588 0.97.5 2014-11-05 Found nothing 1
comodo 15023 5.1 2014-11-05 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 36
fortinet 23.123, 23.123 5.1.158 2014-11-06 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-05 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 6
gdata 24.4794 24.4794 2014-11-05 Found nothing 7
hauri 2.73 2.73 2014-11-05 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-05 Found nothing 14
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 32
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 6
mcafee 7520 5400.1158 2014-08-04 Found nothing 8
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-11-05 Found nothing 4
pcc 11.258.05 9.500-1005 2014-11-05 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 13
qqphone 1.0.0.0 1.0.0.0 2014-11-06 盟徳(a.spot.admob.b) 1
quickheal 14.00 14.00 2014-11-03 Found nothing 2
rising 25.38.01.01 25.38.01.01 2014-10-28 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-11-05 Found nothing 2
symantec 20141104.004 1.3.0.24 2014-11-04 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2014-11-03 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-11-05 Found nothing 7
vba 3.12.26.3 3.12.26.3 2014-11-05 Found nothing 3
virusbuster 15.0.959.0 5.5.2.13 2014-11-05 Found nothing 14
权限列表
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_SMS 读取短信
android.permission.WRITE_SMS 写短信
android.permission.SEND_SMS 发送短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.INSTALL_PACKAGES 安装应用
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
文件信息
VirSCANVirSCAN
安全评分 :74
基本信息
VirSCANVirSCAN
MD5:465cf20da73a1313684cbdb93469af26
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.bejoy.myletter
最低运行环境:Android 1.5
版权:1
其他行为
VirSCANVirSCAN
行为描述: 窗口信息
详情信息: Pid = 1032, Hwnd=0xa0196, Text = By 野球小子 2009.06.13. WebSite:www.hack520.org QQ:75229219 , ClassName = TMemo.
Pid = 1032, Hwnd=0xb01c6, Text = 监视选项, ClassName = TGroupBox.
Pid = 1032, Hwnd=0xc01e8, Text = 文件大小发生改变, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xd01a4, Text = 文件(文件夹)修改时间发生改变, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xa0198, Text = 文件(文件夹)创建时间发生改变, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xe016e, Text = 文件(文件夹)访问权限发生改变, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xa018c, Text = 文件(文件夹)最后访问时间发生改变, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xb01b0, Text = 文件(文件夹)属性发生改变, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xa01aa, Text = 文件夹新建/删除/重命名, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xb0184, Text = 文件新建/删除/重命名, ClassName = TCheckBox.
Pid = 1032, Hwnd=0xc01c2, Text = 停止监视, ClassName = TButton.
Pid = 1032, Hwnd=0xd01c8, Text = 开始监视, ClassName = TButton.
Pid = 1032, Hwnd=0xc016a, Text = 监视结果, ClassName = TPanel.
Pid = 1032, Hwnd=0xb01de, Text = 清空, ClassName = TButton.
Pid = 1032, Hwnd=0xd0166, Text = Windows文件监视器 V1.0 , ClassName = TForm1.
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.proxyserver.service.AppService
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/852/cmdline length:105
path:/proc/928/cmdline length:105
path:/proc/930/cmdline length:105
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.bejoy.myletter/shared_prefs/device_id.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
行为描述: 注册ContentObserver
详情信息: URI=content://sms
行为描述: 访问URL
详情信息: libcore.net.http.HttpURLConnectionImpl:http://mi.aixiami.net:19871/api/work.ashx?id=10102
行为描述: 数据加密
详情信息: {u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'110, 97, 116, 105, 111, 110, 97, 108'}
{u'operation': u'decryption', u'data': u'com.bejoy.myletter.MyLetter', u'algorithm': u'DES'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'18, 52, 86, 120, -112, 18, 52, 86'}
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.bejoy.myletter-1.apk
行为描述: 执行SQL查询
详情信息: select * from block where countblock < count
行为描述: 获取用户ID
详情信息: 310260000000000
行为描述: 缓冲区读取一行数据
详情信息: 10102
行为描述: 初始化Intent
详情信息: Ljava/lang/String;=android.proxyserver.action.TASK
Landroid/content/Context;=com.android.proxyserver.activity.MainActivity@41541bb0 | Ljava/lang/Class;=class com.android.proxyserver.service.AppService
行为描述: 激活Activity
详情信息: cmp=com.bejoy.myletter/com.bejoy.mobile.notelist.NoteListActivity
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
com.android.proxyserver.activity.MainActivity android.intent.action.MAIN
com.android.proxyserver.activity.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
java/net/URL;->openConnection 连接URL
ContentResolver;->query 读取联系人、短信等数据库
HttpClient;->execute 请求远程服务器
WifiManager;->setWifiEnabled 变更WIFI状态
java/net/HttpURLConnection;->connect 连接URL
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
android/app/NotificationManager;->notify 信息通知栏
ContentResolver;->delete 删除短信、联系人
SmsManager;->sendMultipartTextMessage 发送彩信
LocationManager;->getLastKnownLocation 获取地址位置
DefaultHttpClient;->execute 发送HTTP请求
启动方式
VirSCANVirSCAN
名称 信息
com.android.proxyserver.receiver.AppReceiver 监控短信(收到短信)启动服务
com.android.proxyserver.receiver.AppReceiver 网络连接改变时启动服务
com.android.proxyserver.receiver.AppReceiver 应用安装时启动服务
com.google.service.fd.GoogleBroadcast 开机启动服务
com.google.service.fd.GoogleBroadcast 网络连接改变时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_SMS 读取短信
android.permission.WRITE_SMS 写短信
android.permission.SEND_SMS 发送短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.INSTALL_PACKAGES 安装应用
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
服务列表
VirSCANVirSCAN
名称
com.android.proxyserver.service.AppService
com.google.service.fd.GoogleService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xb7f2b2d9
META-INF/BIN.SF 0x90465641
META-INF/BIN.RSA 0x410c18ae
assets/data.ben 0x9870765e
res/drawable/btn_append_char.xml 0xbd93270b
res/drawable/btn_bk_niupizhi.png 0xc11d7dd6
res/drawable/btn_camera_arrow_left.xml 0x2f40e8d8
res/drawable/btn_camera_arrow_right.xml 0x2adf0085
res/drawable/btn_zoom_in.xml 0x1b20507a
res/drawable/btn_zoom_out.xml 0xc4aac556
res/drawable/icon.png 0x10290d6b
res/drawable-hdpi/btn_camera_arrow_left_default.png 0xb33be299
res/drawable-hdpi/btn_camera_arrow_left_press.png 0xf5f75871
res/drawable-hdpi/btn_camera_arrow_left_selected.png 0x9c6b607c
res/drawable-hdpi/btn_camera_arrow_right_default.png 0x9812af61
res/drawable-hdpi/btn_camera_arrow_right_press.png 0xa6971b68
res/drawable-hdpi/btn_camera_arrow_right_selected.png 0x14ba221
res/drawable-hdpi/btn_check_buttonless_default.png 0x395ad6eb
res/drawable-hdpi/btn_check_buttonless_press.png 0xc2d33933
res/drawable-hdpi/btn_hud_zoom_in_normal.png 0x3fa14b73
res/drawable-hdpi/btn_hud_zoom_in_pressed.png 0x23394278
res/drawable-hdpi/btn_hud_zoom_out_normal.png 0xb989b794
res/drawable-hdpi/btn_hud_zoom_out_pressed.png 0x3f77bf05
res/drawable-hdpi/ic_backspace.png 0x5122b7df
res/drawable-hdpi/ic_btn_about.png 0xdfe904a
res/drawable-hdpi/ic_btn_actionmenu_delete_default.png 0x21bb4cd8
res/drawable-hdpi/ic_btn_background.png 0x1d4081a5
res/drawable-hdpi/ic_btn_done.png 0xb5867627
res/drawable-hdpi/ic_btn_new.png 0xf25ed699
res/drawable-hdpi/ic_btn_save.png 0x8223cf23
res/drawable-hdpi/ic_btn_share.png 0xecfd7a9f
res/drawable-hdpi/ic_btn_theme.png 0x17185f6f
res/drawable-hdpi/ic_clock.png 0x253c5963
res/drawable-hdpi/icon_edit.png 0x956f1262
res/drawable-hdpi/search_plate_browser.9.png 0x6e03273
res/drawable-hdpi/sym_keyboard_delete.png 0x50dec51f
res/drawable-hdpi/sym_keyboard_return.png 0xb4e34af
res/drawable-hdpi/sym_keyboard_space.png 0x3d06a256
res/drawable-hdpi/theme_1_header.jpg 0x9f15c93b
res/drawable-hdpi/theme_1_header_bg.png 0xedd67d2b
res/drawable-hdpi/theme_2_header.png 0x5adabc84
res/drawable-hdpi/theme_2_header_bg.png 0x67230f81
res/drawable-hdpi/theme_3_header.png 0x3bfb642b
res/drawable-hdpi/theme_3_header_bg.png 0x8558a068
res/drawable-hdpi/theme_4_header.jpg 0x738ffb0
res/drawable-hdpi/theme_4_header_bg.png 0x6c6823c2
res/drawable-hdpi/title_niupizhi.png 0xc91e4930
res/drawable-mdpi/btn_bk_niupizhi.png 0xc11d7dd6
res/drawable-mdpi/btn_camera_arrow_left_default.png 0xa7c53a50
res/drawable-mdpi/btn_camera_arrow_left_press.png 0xd7143e5e
res/drawable-mdpi/btn_camera_arrow_left_selected.png 0x1cce8a75
res/drawable-mdpi/btn_camera_arrow_right_default.png 0x8d32a0e4
res/drawable-mdpi/btn_camera_arrow_right_press.png 0xae63e448
res/drawable-mdpi/btn_camera_arrow_right_selected.png 0x358af0f6
res/drawable-mdpi/btn_check_buttonless_default.png 0xcc25d146
res/drawable-mdpi/btn_check_buttonless_press.png 0x297d501f
res/drawable-mdpi/btn_hud_zoom_in_normal.png 0x4556cc21
res/drawable-mdpi/btn_hud_zoom_in_pressed.png 0xf649301a
res/drawable-mdpi/btn_hud_zoom_out_normal.png 0x759ca3a0
res/drawable-mdpi/btn_hud_zoom_out_pressed.png 0x76e3e6ea
res/drawable-mdpi/ic_backspace.png 0x5122b7df
res/drawable-mdpi/ic_btn_about.png 0x47b09dc
res/drawable-mdpi/ic_btn_actionmenu_delete_default.png 0x95d6a1c8
res/drawable-mdpi/ic_btn_background.png 0x7fe07be7
res/drawable-mdpi/ic_btn_done.jpg 0xd9fd8d45
res/drawable-mdpi/ic_btn_new.png 0x1a89d1b8
res/drawable-mdpi/ic_btn_save.png 0xa17c0127
res/drawable-mdpi/ic_btn_share.png 0x242d27c9
res/drawable-mdpi/ic_btn_theme.png 0xb86670ab
res/drawable-mdpi/ic_clock.png 0x8978d4b8
res/drawable-mdpi/icon_edit.png 0x956f1262
res/drawable-mdpi/search_plate_browser.9.png 0xaa9f3fcc
res/drawable-mdpi/theme_1_header.jpg 0x8d42073d
res/drawable-mdpi/theme_1_header_bg.png 0x324641b9
res/drawable-mdpi/theme_2_header.png 0x2c55f090
res/drawable-mdpi/theme_2_header_bg.png 0x4c648c11
res/drawable-mdpi/theme_3_header.png 0x751e68e4
res/drawable-mdpi/theme_3_header_bg.png 0x56634afa
res/drawable-mdpi/theme_4_header.jpg 0x1db3b4f
res/drawable-mdpi/theme_4_header_bg.png 0xb3f2ae0b
res/drawable-mdpi/title_niupizhi.png 0x452b7e20
res/layout/alarm_dialog.xml 0x840129d2
res/layout/memo_edit_land.xml 0xb4327a90
res/layout/memo_edit_portrait.xml 0xcfeba2af
res/layout/note_list.xml 0x5965d454
res/layout/note_list_item.xml 0x2df55ab7
AndroidManifest.xml 0x5ba61a8
classes.dex 0x34b52d6f
resources.arsc 0x86e52812
运行截图
VirSCANVirSCAN
VirSCAN