VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :66.apk (File not down)
File Size :8569202 byte
File Type :Zip archive data
MD5:47fed516909627a7c99d527f01f18117
SHA1:2d4813757df5d235cbd1b7528db2f2cca1e759ad
SHA256:d69f22bc2144c825d481986e3f97d051b7589708731dd75fdd174e4d59c23a03
SSDEEP:196608:KlyWOaSAELzb1w3585+TUgHYrTdBBpUuY98H5dPoFbn19oPhex:KlyWOtV1w35e2UwYrTtdomQx
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:9%Scanner(s) (3/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2017-07-22 07:55:02 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 7
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 2
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 23583 0.97.5 2017-07-21 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
    fortinet 50.353, 50.281, 50.305 5.4.247 2017-07-22 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.13484 25.13484 2017-07-21 Android.Trojan.Rootnik.MZ 13
    ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-07-21 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2017-07-21 Found nothing 4
    mcafee 8261 5400.1158 2016-08-18 Found nothing 60
    nod32 1777 3.0.21 2015-06-12 Found nothing 60
    panda 9.05.01 9.05.01 2017-07-21 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Android mobile malware 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-07-21 Android.Triada.GEN8482 4
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 4
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
    thehacker 6.8.0.5 6.8.0.5 2017-07-19 Found nothing 3
    tws 17.47.17308 1.0.2.2108 2017-07-21 Found nothing 18
    vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-17 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.SEND_SMS发送短信
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_MMS接收彩信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    android.permission.ACCESS_MTK_MMHW
    android.permission.BROADCAST_STICKY发送持久广播
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.CAMERA访问照相机设备
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.INTERACT_ACROSS_USERS_FULL
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_SETTINGS
    android.permission.READ_INTERNAL_STORAGE
    android.permission.READ_USER_DICTIONARY读取用户字典
    android.permission.SAMSUNG_TUNTAP
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.UPDATE_APP_OPS_STATS
    android.permission.WRITE_INTERNAL_STORAGE
  • 文件信息
    安全评分 :
    基本信息
    MD5:47fed516909627a7c99d527f01f18117
    包名:com.tj.tjcty07761
    最低运行环境:Android 2.3, 2.3.1, 2.3.2
    版权:()
    关键行为
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x277eaf8b, EDX = 0x000000b7
    EAX = 0x277eafd7, EDX = 0x000000b7
    EAX = 0x277eb023, EDX = 0x000000b7
    EAX = 0x277eb06f, EDX = 0x000000b7
    EAX = 0x277eb0bb, EDX = 0x000000b7
    EAX = 0x277eb107, EDX = 0x000000b7
    EAX = 0x277eb153, EDX = 0x000000b7
    EAX = 0x277eb19f, EDX = 0x000000b7
    EAX = 0x277eb1eb, EDX = 0x000000b7
    EAX = 0x277eb237, EDX = 0x000000b7
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00010378, DC = 0x01010669.
    Foreground window Info: HWND = 0x0001034e, DC = 0x01010055.
    Foreground window Info: HWND = 0x0001037c, DC = 0x01010055.
    Foreground window Info: HWND = 0x00010376, DC = 0x0a010375.
    Foreground window Info: HWND = 0x0001036e, DC = 0x01010669.
    Foreground window Info: HWND = 0x0001036c, DC = 0x01010055.
    行为描述:获取TickCount值
    详情信息:TickCount = 279296, SleepMilliseconds = 60000.
    TickCount = 280078, SleepMilliseconds = 60000.
    TickCount = 280546, SleepMilliseconds = 60000.
    TickCount = 280796, SleepMilliseconds = 60000.
    TickCount = 280812, SleepMilliseconds = 60000.
    TickCount = 280875, SleepMilliseconds = 60000.
    TickCount = 281062, SleepMilliseconds = 60000.
    TickCount = 281125, SleepMilliseconds = 60000.
    TickCount = 281140, SleepMilliseconds = 60000.
    TickCount = 281156, SleepMilliseconds = 60000.
    TickCount = 282750, SleepMilliseconds = 60000.
    TickCount = 287687, SleepMilliseconds = 60000.
    TickCount = 287703, SleepMilliseconds = 60000.
    TickCount = 291843, SleepMilliseconds = 60000.
    TickCount = 292140, SleepMilliseconds = 60000.
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2636, ThreadID = 3008, StartAddress = 77C0A341, Parameter = 009369D8
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2636, ThreadID = 3024, StartAddress = 77DC845A, Parameter = 00000000
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2636, ThreadID = 3028, StartAddress = 77E56C7D, Parameter = 001B04F0
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2636, ThreadID = 3032, StartAddress = 769AE43B, Parameter = 001B3A18
    文件行为
    行为描述:创建文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll
    行为描述:创建可执行文件
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll
    行为描述:修改文件内容
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll ---> Offset = 0
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll ---> Offset = 0
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x32(BGR 0)
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    MSCTF.Shared.MUTEX.AFK
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = MSCTF.SendReceiveConection.Event.AFK.IC
    EventName = MSCTF.SendReceive.Event.AFK.IC
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    MSFT.VSA.COM.DISABLE.2636
    MSFT.VSA.IEC.STATUS.6c736db0
    CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:获取TickCount值
    详情信息:TickCount = 279296, SleepMilliseconds = 60000.
    TickCount = 280078, SleepMilliseconds = 60000.
    TickCount = 280546, SleepMilliseconds = 60000.
    TickCount = 280796, SleepMilliseconds = 60000.
    TickCount = 280812, SleepMilliseconds = 60000.
    TickCount = 280875, SleepMilliseconds = 60000.
    TickCount = 281062, SleepMilliseconds = 60000.
    TickCount = 281125, SleepMilliseconds = 60000.
    TickCount = 281140, SleepMilliseconds = 60000.
    TickCount = 281156, SleepMilliseconds = 60000.
    TickCount = 282750, SleepMilliseconds = 60000.
    TickCount = 287687, SleepMilliseconds = 60000.
    TickCount = 287703, SleepMilliseconds = 60000.
    TickCount = 291843, SleepMilliseconds = 60000.
    TickCount = 292140, SleepMilliseconds = 60000.
    行为描述:获取光标位置
    详情信息:CursorPos = (80,18468), SleepMilliseconds = 60000.
    CursorPos = (6373,26501), SleepMilliseconds = 60000.
    行为描述:窗口信息
    详情信息:Pid = 2636, Hwnd=0x1037c, Text = 剧名:, ClassName = Afx:1f40000:b:10011:1900015:0.
    Pid = 2636, Hwnd=0x10378, Text = 关于作者, ClassName = Button.
    Pid = 2636, Hwnd=0x1036e, Text = 剧集:, ClassName = Afx:1f40000:b:10011:1900015:0.
    Pid = 2636, Hwnd=0x1036c, Text = 选择播放源:, ClassName = Afx:1f40000:b:10011:1900015:0.
    Pid = 2636, Hwnd=0x10362, Text = 视频简介:, ClassName = Edit.
    Pid = 2636, Hwnd=0x1035c, Text = 搜索结果:, ClassName = Afx:1f40000:b:10011:1900015:0.
    Pid = 2636, Hwnd=0x1034e, Text = 搜索一下, ClassName = Button.
    Pid = 2636, Hwnd=0x20346, Text = Howe影视 - 破解vip视频免费观看 QQ949643229, ClassName = WTWindow.
    Pid = 2636, Hwnd=0x1034c, Text = 123456, ClassName = Edit.
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00010378, DC = 0x01010669.
    Foreground window Info: HWND = 0x0001034e, DC = 0x01010055.
    Foreground window Info: HWND = 0x0001037c, DC = 0x01010055.
    Foreground window Info: HWND = 0x00010376, DC = 0x0a010375.
    Foreground window Info: HWND = 0x0001036e, DC = 0x01010669.
    Foreground window Info: HWND = 0x0001036c, DC = 0x01010055.
    行为描述:可执行文件签名信息
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll(签名验证: 通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL(签名验证: 通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll(签名验证: 通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll(签名验证: 通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll(签名验证: 未通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll(签名验证: 通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll(签名验证: 通过)
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll(签名验证: 通过)
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 60000.
    [2]: MilliSeconds = 0.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,_EL_DrawPanel]
    行为描述:可执行文件MD5
    详情信息:C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr ---> b3b09f4a3a6704000c3a0c6acc825e9d
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr ---> 856495a1605bfc7f62086d482b502c6f
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne ---> dba5fdbe7ec94463b3f6fdf2162c9f95
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne ---> 206396257b97bd275a90ce6c2c0c37fd
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne ---> f9a994df4d407bc79f7c84886fe7a654
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne ---> bd6eef5ea9a52a412a8f57490d8bd8e4
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll ---> c7479e84869fd0ad3cc675bc82d359a8
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL ---> 12c0990ecf799eea874c260eb185d763
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll ---> 7645b57df463e4dfaa2c6e99420060da
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll ---> ba6b9cd9b20780d17261defc1df2cebe
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll ---> c3a8d3a3f594d1d6da2017e996b7766f
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll ---> 00c607f43b7f986c51b22dd4cf0a3ae1
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll ---> daf9a0e44128b79125cf9c69ca5254db
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll ---> 46b536fc727208f37f0e3fcd2e27183a
    C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll ---> 87073fc631c14d82c0b162118b3923aa
    行为描述:直接获取CPU时钟
    详情信息:EAX = 0x277eaf8b, EDX = 0x000000b7
    EAX = 0x277eafd7, EDX = 0x000000b7
    EAX = 0x277eb023, EDX = 0x000000b7
    EAX = 0x277eb06f, EDX = 0x000000b7
    EAX = 0x277eb0bb, EDX = 0x000000b7
    EAX = 0x277eb107, EDX = 0x000000b7
    EAX = 0x277eb153, EDX = 0x000000b7
    EAX = 0x277eb19f, EDX = 0x000000b7
    EAX = 0x277eb1eb, EDX = 0x000000b7
    EAX = 0x277eb237, EDX = 0x000000b7
    行为描述:加载新释放的文件
    详情信息:Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_N60005\krnln.fnr.
    Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_N60005\iext2.fne.
    Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_N60005\iext.fnr.
    Activities
    活动名类型
    com.boyous.biyi.AppActivityandroid.intent.action.MAIN
    com.boyous.biyi.AppActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    ContentResolver;->query读取联系人、短信等数据库
    TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
    TelephonyManager;->getSimSerialNumber获取SIM序列号
    TelephonyManager;->getLine1Number获取手机号
    HttpClient;->execute请求远程服务器
    getRuntime获取命令行环境
    java/lang/Runtime;->exec执行字符串命令
    ContentResolver;->delete删除短信、联系人
    SmsManager;->sendDataMessage发送二进制消息
    SmsManager;->sendTextMessage发送普通短信
    DefaultHttpClient;->execute发送HTTP请求
    LocationManager;->getLastKnownLocation获取地址位置
    java/net/URL;->openConnection连接URL
    java/net/HttpURLConnection;->connect连接URL
    权限列表
    许可名称信息
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.SEND_SMS发送短信
    android.permission.READ_SMS读取短信
    android.permission.WRITE_SMS写短信
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.RECEIVE_MMS接收彩信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.DISABLE_KEYGUARD禁用键盘锁
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
    android.permission.ACCESS_MTK_MMHW
    android.permission.BROADCAST_STICKY发送持久广播
    android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
    android.permission.CAMERA访问照相机设备
    android.permission.GET_ACCOUNTS访问账户列表
    android.permission.INTERACT_ACROSS_USERS_FULL
    android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    android.permission.READ_SETTINGS
    android.permission.READ_INTERNAL_STORAGE
    android.permission.READ_USER_DICTIONARY读取用户字典
    android.permission.SAMSUNG_TUNTAP
    android.permission.WRITE_SETTINGS读写系统设置项
    android.permission.UPDATE_APP_OPS_STATS
    android.permission.WRITE_INTERNAL_STORAGE
    服务列表
    名称
    com.amaz.onib.FSrvi
    com.core.main.pay.plugmain.service.SyService
    com.core.tools.sms.SmsPlugKeppLiveService
    com.wyzf.service.InitService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x55f7d8a7
    META-INF/CERT.SF 0x1300aea3
    META-INF/CERT.RSA 0xa1813ecf
    assets/btn_life.png 0xff3fb118
    assets/photo/6/8.jpg 0x2a044bc
    assets/box/num_money.png 0xb85c72db
    assets/photo/2/9.jpg 0x36ab622d
    assets/photo/7/5.jpg 0xef998ff8
    assets/btn_main.png 0xd379814b
    assets/tip_jiao4.png 0xd2f2cc39
    assets/box/title_lifeget.png 0x77a8395c
    assets/photo/1/1.jpg 0x6b7cfa7
    assets/photo/4/siyi.jpg 0xc943d72c
    assets/tip_jiao11.png 0x319f5c6
    assets/box/btn_ok.png 0xe371ac3c
    assets/icon_quan2.png 0x7104cf45
    assets/box/title_jipin.png 0x5dea845
    assets/photo/2/dress.jpg 0xfa02c339
    assets/photo/2/2.jpg 0x8fb303f2
    assets/btn_tool1.png 0xcc728e53
    assets/p3Pic/xx03.png 0x8781d124
    assets/box/text_siyi.png 0x65e454b3
    assets/photo/1/dress.jpg 0x347872fe
    assets/box/text_paidfailed.png 0xf5ed1f05
    assets/photo/7/thumb_opened.png 0x4cdbbebd
    assets/photo/3/6.jpg 0xd8fec437
    resources.arsc 0xd1be0027
    assets/photo/4/3.jpg 0xc09770bd
    assets/btn_caiquan.png 0xa66fc291
    assets/photo/touchhole2.png 0x50bdaed3
    assets/audio/bg.ogg 0x3e0eaeef
    AndroidManifest.xml 0x36ab20c5
    assets/slider_quan2.png 0x8239505c
    assets/photo/3/2.jpg 0x8b4cb86c
    assets/photo/1/8.jpg 0x300196ab
    assets/photo/4/12.jpg 0xadad0ba7
    assets/photo/6/siyi.jpg 0x100c4a43
    assets/photo/6/11.jpg 0xce3eddf4
    assets/photo/7/1.jpg 0x32b2e57a
    assets/photo/2/6.jpg 0xb7ee4a89
    assets/photo/2/11.jpg 0x5614394d
    assets/tip_jiao1.png 0x7eb070b6
    assets/icon_tool1.png 0xd3b0867b
    assets/photo/5/7.jpg 0x41bfa21
    assets/btn_quan3.png 0xea779b9f
    assets/btn_tiaojiao.png 0x2481746
    assets/photo/3/10.jpg 0xa46be012
    assets/box/btn_close.png 0x72025f1b
    assets/btn_siyip1.png 0x7926b404
    assets/anim.plist 0xbe37bf08
    assets/photo/2/thumb.png 0x9abf6a0b
    assets/p3Pic/xx07.png 0xbdabe158
    assets/photo/1/siyi.jpg 0x83ca06fa
    assets/photo/6/1.jpg 0xe5eec49b
    assets/photo/7/10.jpg 0x5af2ff9c
    assets/photo/3/9.jpg 0x98dc547f
    assets/tip_jiao8.png 0x4cdb5bf
    assets/audio/jiao1.mp3 0x2de99cb1
    assets/btn_quit.png 0xde031de0
    assets/box/btn_close2.png 0xfbe1b996
    assets/photo/4/7.jpg 0x217c8360
    assets/box/text_yuan.png 0x7f26a054
    assets/box/text_unlockAll.png 0xbd53ac23
    assets/photo/7/8.jpg 0x5d63c752
    assets/photo/4/4.jpg 0x599d52bd
    assets/photo/1/2.jpg 0x36a9b035
    res/drawable-hdpi-v4/icon.png 0xe02c8fc2
    assets/box/title_rule.png 0xf86f4c21
    assets/photo/3/7.jpg 0x7b97049
    assets/photo/5/dress.jpg 0x270f597f
    assets/photo/6/9.jpg 0x5f292848
    lib/armeabi/libcrypt_sign.so 0x8d9223d7
    assets/photo/7/siyi.jpg 0x3d311aab
    assets/photo/5/3.jpg 0xaeac1163
    assets/photo/3/thumb.png 0x1a494d40
    assets/tip_jiao5.png 0x99fadb8e
    assets/btn_return.png 0xf38d6871
    assets/box/text_unlock.png 0xd3fbb9f7
    assets/tip_jiao10.png 0x8837f18b
    assets/photo/6/5.jpg 0x2f3530ed
    assets/box/bg_box.png 0xfad2ccb0
    assets/box/btn_siyi.png 0x73a74cca
    assets/box/text_rule.png 0xcd53b39b
    assets/box/num_zifei2.png 0x56718195
    assets/tip_quan_lose.png 0x60e523e
    assets/icon_quan3.png 0x10017a7e
    assets/photo/5/8.jpg 0xd783d1ab
    lib/armeabi/libcocos2dcpp.so 0x7fc58677
    res/drawable-xhdpi-v4/icon.png 0xf03f70a9
    assets/icon_quang1.png 0xe5679c88
    assets/btn_tool2.png 0xf93e77b0
    assets/photo/2/8.jpg 0x8e68c23a
    assets/box/num_zifei.png 0xfbf6c5de
    assets/p3Pic/xx02.png 0x66e434d9
    assets/photo/4/thumb.png 0x3500b5bd
    assets/photo/7/4.jpg 0x6659c1b
    assets/photo/3/siyi.jpg 0x8dcc4383
    assets/photo/5/12.jpg 0x8d4d753f
    assets/ep/rsp 0xbd0c58d2
    assets/photo/4/8.jpg 0xa44c1220
    assets/audio/win.ogg 0x7b67f245
    assets/btn_gift.png 0x721f17d5
    assets/photo/7/9.jpg 0x1b5fbcdb
    assets/tip_siyi3.png 0xa937edba
    assets/bg_main.jpg 0x36dc3d6a
    assets/tip_jiao9.png 0x3ac0b08
    assets/btn_siyip2.png 0x6f35b6b5
    assets/photo/6/4.jpg 0x21060887
    assets/photo/3/3.jpg 0x5ebafcf2
    assets/photo/7/11.jpg 0x8d135010
    assets/photo/4/11.jpg 0xf8a9d453
    assets/photo/2/12.jpg 0x2850eea4
    assets/qshp_3001_2278 0x36d02f59
    assets/photo/6/dress.jpg 0x249e053d
    assets/box/text_jiao.png 0x875d638
    assets/photo/5/4.jpg 0xd7c2d8ed
    assets/photo/1/10.jpg 0x7495f98f
    assets/photo/2/3.jpg 0x6c86886a
    assets/icon_tool4.png 0xda5b02a1
    assets/p3Pic/xx06.png 0xd859f72c
    assets/box/btn_lifeget.png 0xe371ac3c
    assets/audio/jiao2.mp3 0xcea67cea
    assets/photo/1/7.jpg 0xbb01eb2
    assets/box/text_jipin.png 0xb440d584
    assets/audio/select.ogg 0x84108ab5
    assets/btn_tool3.png 0x26380d59
    assets/tip_jiao6.png 0xccb24eee
    assets/p3Pic/xx01.png 0x98f80f52
    assets/photo/6/thumb.png 0x2827136e
    assets/box/bg_new.png 0x8b35b606
    assets/photo/4/5.jpg 0x2ca0a3a2
    assets/photo/5/2.jpg 0x85f2c233
    assets/title_yunyu.png 0x2c76a164
    assets/box/text_lifeget.png 0x1404841
    assets/p3Pic/xx08.png 0x448cdea3
    assets/yfbb/plugin 0xc75ffc68
    assets/photo/3/8.jpg 0xe529e350
    assets/please_jiao.png 0xf97ced15
    assets/icon_quang2.png 0xe2fe94d9
    assets/photo/2/7.jpg 0xf05120e6
    assets/photo/3/4.jpg 0xe58df6ed
    assets/photo/4/10.jpg 0xde14c3f7
    assets/photo/6/10.jpg 0x867e55e8
    assets/photo/7/3.jpg 0xbb8c90f
    assets/photo/2/10.jpg 0xe0630ae3
    assets/tip_quan_draw.png 0xb77e0a75
    assets/text_yunyu.png 0x4315ae70
    assets/anim2.plist 0x52a10318
    assets/photo/7/thumb.png 0xb96bd93b
    assets/tip_jiao2.png 0xe20a9af2
    assets/box/text_zifei.png 0xc7e01136
    assets/photo/6/6.jpg 0x5f4a559
    assets/p3Pic/xxxx 0x1c824440
    assets/photo/1/3.jpg 0xcab88d7f
    assets/photo/5/9.jpg 0x2b113604
    assets/photo/7/12.jpg 0x3b484597
    assets/p3Pic/xx05.png 0xfb517d18
    assets/photo/6/3.jpg 0x72ea1ac0
    assets/btn_soundClose.png 0x8224db52
    assets/photo/4/9.jpg 0xfd740560
    assets/please_quan.png 0x99ac192e
    assets/photo/3/12.jpg 0x30aec7d9
    assets/touchhole2.png 0x69233916
    assets/audio/jiao3.mp3 0x6d658df9
    assets/photo/5/11.jpg 0x3658a31e
    assets/please_siyi.png 0x223546af
    assets/box/btn_unlockone.png 0x76cfc8e
    assets/tip_siyi2.png 0x8b42a3cf
    assets/photo/5/thumb.png 0x2010443a
    assets/box/text_zifei2.png 0x5189683a
    assets/photo/1/11.jpg 0xdab590b1
    assets/box/btn_newok.png 0x31a12376
    assets/photo/7/dress.jpg 0x25a77beb
    assets/btn_quan1.png 0xb8ad9d18
    assets/num_life.png 0xa8905afe
    assets/audio/btn.ogg 0x3a0f47e
    assets/photo/7/thumb_closed.png 0x1ad674b9
    assets/tip_quan_win.png 0xa1865d38
    assets/photo/1/6.jpg 0xddd8af01
    assets/icon_lock.png 0x951b9394
    res/drawable-mdpi-v4/icon.png 0xb661273d
    assets/photo/5/5.jpg 0xd390ec6c
    assets/photo/2/4.jpg 0x6b36a15f
    assets/icon_tool3.png 0x89b2f14
    assets/photo/5/1.jpg 0xa496b567
    assets/eplus/utils 0xc714c720
    assets/btn_tool4.png 0x2700b85f
    assets/tip_jiao12.png 0x93dee0c5
    assets/btn_soundOpen.png 0xa9cffaac
    assets/bg_game.jpg 0xa9d6175
    assets/icon_quan1.png 0xe2e81346
    assets/audio/clear.mp3 0xa58c73aa
    assets/photo/1/4.jpg 0xaea38e6e
    assets/p3Pic/xx09.png 0xc61098ba
    assets/audio/lose.ogg 0xb5aa88a
    assets/photo/7/6.jpg 0x57c56c99
    assets/tip_siyi1.png 0x27d77b45
    assets/photo/4/dress.jpg 0xfcd409a1
    assets/tip_jiao3.png 0xd3a235e5
    assets/anim2.png 0x1f7643e0
    assets/photo/7/thumb_title.png 0x717dcd28
    assets/photo/4/2.jpg 0xc41bcf49
    assets/photo/3/5.jpg 0x2e01955
    assets/icon_quang3.png 0x81576132
    assets/photo/2/siyi.jpg 0x288cf511
    assets/photo/2/1.jpg 0x738639ba
    assets/anim.png 0x92eae282
    assets/photo/6/7.jpg 0xfca03158
    assets/box/btn_unlockall.png 0x38f9e47b
    assets/onib_clz.jar 0x1c483b7d
    assets/photo/1/thumb.png 0xea1740c4
    assets/photo/6/12.jpg 0xa8011783
    assets/sypayinfo/UI_PAY_CODE 0x67287a17
    assets/photo/3/1.jpg 0xc1032a3
    assets/icon_tool2.png 0x8942aa8c
    assets/slider_quan1.png 0x1733a025
    assets/photo/2/5.jpg 0xcfa29128
    assets/photo/5/6.jpg 0x1f4e8edc
    assets/btn_quan2.png 0xaeb9d4a8
    assets/p3Pic/xx04.png 0x9c02c211
    assets/photo/1/12.jpg 0x5ea62d20
    assets/sypayinfo/UI_PAY_CODE_WC 0x900aa8e9
    assets/photo/3/11.jpg 0x329e32ff
    assets/photo/7/2.jpg 0xfea8eece
    assets/touchhole1.png 0x25da887a
    assets/photo/4/1.jpg 0x339d4650
    assets/audio/jiao4.mp3 0x9b178f62
    assets/photo/1/9.jpg 0xb4c8c04a
    assets/photo/touchhole1.png 0xb0167db9
    assets/photo/4/6.jpg 0x8698f8cd
    assets/photo/1/5.jpg 0xf914dfc8
    assets/photo/5/10.jpg 0xd48a8e2b
    assets/wyzf/res.bin 0x30dabe29
    assets/p3Pic/xx10.png 0x611ad8b4
    assets/photo/7/7.jpg 0xfdc309b5
    assets/p3Pic/xxx 0xa2727f61
    assets/photo/5/siyi.jpg 0x675ee6b8
    assets/audio/si.ogg 0x714a41e
    assets/box/btn_check.png 0x6f109a1e
    assets/box/title_siyi.png 0x34653516
    assets/photo/3/dress.jpg 0x97cfb9d
    assets/photo/6/2.jpg 0xc573800e
    classes.dex 0xc70b2f8f
    assets/tip_jiao7.png 0xa338ca67
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号