VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:9%Antivirus software(3/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-22 07:55:02 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 7
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 2
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23583 0.97.5 2017-07-21 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 50.353, 50.281, 50.305 5.4.247 2017-07-22 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13484 25.13484 2017-07-21 Android.Trojan.Rootnik.MZ 13
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-21 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-21 Found nothing 4
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-21 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Android mobile malware 3
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-21 Android.Triada.GEN8482 4
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 4
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2017-07-19 Found nothing 3
tws 17.47.17308 1.0.2.2108 2017-07-21 Found nothing 18
vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-17 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.SEND_SMS 发送短信
android.permission.READ_SMS 读取短信
android.permission.WRITE_SMS 写短信
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.RECEIVE_MMS 接收彩信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS 访问额外的定位指令
android.permission.ACCESS_MTK_MMHW
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
android.permission.CAMERA 访问照相机设备
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.READ_SETTINGS
android.permission.READ_INTERNAL_STORAGE
android.permission.READ_USER_DICTIONARY 读取用户字典
android.permission.SAMSUNG_TUNTAP
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.UPDATE_APP_OPS_STATS
android.permission.WRITE_INTERNAL_STORAGE
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:47fed516909627a7c99d527f01f18117
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.tj.tjcty07761
最低运行环境:Android 2.3, 2.3.1, 2.3.2
版权:()
关键行为
VirSCANVirSCAN
行为描述: 直接获取CPU时钟
详情信息: EAX = 0x277eaf8b, EDX = 0x000000b7
EAX = 0x277eafd7, EDX = 0x000000b7
EAX = 0x277eb023, EDX = 0x000000b7
EAX = 0x277eb06f, EDX = 0x000000b7
EAX = 0x277eb0bb, EDX = 0x000000b7
EAX = 0x277eb107, EDX = 0x000000b7
EAX = 0x277eb153, EDX = 0x000000b7
EAX = 0x277eb19f, EDX = 0x000000b7
EAX = 0x277eb1eb, EDX = 0x000000b7
EAX = 0x277eb237, EDX = 0x000000b7
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00010378, DC = 0x01010669.
Foreground window Info: HWND = 0x0001034e, DC = 0x01010055.
Foreground window Info: HWND = 0x0001037c, DC = 0x01010055.
Foreground window Info: HWND = 0x00010376, DC = 0x0a010375.
Foreground window Info: HWND = 0x0001036e, DC = 0x01010669.
Foreground window Info: HWND = 0x0001036c, DC = 0x01010055.
行为描述: 获取TickCount值
详情信息: TickCount = 279296, SleepMilliseconds = 60000.
TickCount = 280078, SleepMilliseconds = 60000.
TickCount = 280546, SleepMilliseconds = 60000.
TickCount = 280796, SleepMilliseconds = 60000.
TickCount = 280812, SleepMilliseconds = 60000.
TickCount = 280875, SleepMilliseconds = 60000.
TickCount = 281062, SleepMilliseconds = 60000.
TickCount = 281125, SleepMilliseconds = 60000.
TickCount = 281140, SleepMilliseconds = 60000.
TickCount = 281156, SleepMilliseconds = 60000.
TickCount = 282750, SleepMilliseconds = 60000.
TickCount = 287687, SleepMilliseconds = 60000.
TickCount = 287703, SleepMilliseconds = 60000.
TickCount = 291843, SleepMilliseconds = 60000.
TickCount = 292140, SleepMilliseconds = 60000.
进程行为
VirSCANVirSCAN
行为描述: 直接获取CPU时钟
详情信息: EAX = 0x277eaf8b, EDX = 0x000000b7
EAX = 0x277eafd7, EDX = 0x000000b7
EAX = 0x277eb023, EDX = 0x000000b7
EAX = 0x277eb06f, EDX = 0x000000b7
EAX = 0x277eb0bb, EDX = 0x000000b7
EAX = 0x277eb107, EDX = 0x000000b7
EAX = 0x277eb153, EDX = 0x000000b7
EAX = 0x277eb19f, EDX = 0x000000b7
EAX = 0x277eb1eb, EDX = 0x000000b7
EAX = 0x277eb237, EDX = 0x000000b7
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00010378, DC = 0x01010669.
Foreground window Info: HWND = 0x0001034e, DC = 0x01010055.
Foreground window Info: HWND = 0x0001037c, DC = 0x01010055.
Foreground window Info: HWND = 0x00010376, DC = 0x0a010375.
Foreground window Info: HWND = 0x0001036e, DC = 0x01010669.
Foreground window Info: HWND = 0x0001036c, DC = 0x01010055.
行为描述: 获取TickCount值
详情信息: TickCount = 279296, SleepMilliseconds = 60000.
TickCount = 280078, SleepMilliseconds = 60000.
TickCount = 280546, SleepMilliseconds = 60000.
TickCount = 280796, SleepMilliseconds = 60000.
TickCount = 280812, SleepMilliseconds = 60000.
TickCount = 280875, SleepMilliseconds = 60000.
TickCount = 281062, SleepMilliseconds = 60000.
TickCount = 281125, SleepMilliseconds = 60000.
TickCount = 281140, SleepMilliseconds = 60000.
TickCount = 281156, SleepMilliseconds = 60000.
TickCount = 282750, SleepMilliseconds = 60000.
TickCount = 287687, SleepMilliseconds = 60000.
TickCount = 287703, SleepMilliseconds = 60000.
TickCount = 291843, SleepMilliseconds = 60000.
TickCount = 292140, SleepMilliseconds = 60000.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll ---> Offset = 0
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x32(BGR 0)
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
MSCTF.Shared.MUTEX.AFK
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = MSCTF.SendReceiveConection.Event.AFK.IC
EventName = MSCTF.SendReceive.Event.AFK.IC
行为描述: 打开互斥体
详情信息: ShimCacheMutex
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
MSFT.VSA.COM.DISABLE.2636
MSFT.VSA.IEC.STATUS.6c736db0
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
行为描述: 获取TickCount值
详情信息: TickCount = 279296, SleepMilliseconds = 60000.
TickCount = 280078, SleepMilliseconds = 60000.
TickCount = 280546, SleepMilliseconds = 60000.
TickCount = 280796, SleepMilliseconds = 60000.
TickCount = 280812, SleepMilliseconds = 60000.
TickCount = 280875, SleepMilliseconds = 60000.
TickCount = 281062, SleepMilliseconds = 60000.
TickCount = 281125, SleepMilliseconds = 60000.
TickCount = 281140, SleepMilliseconds = 60000.
TickCount = 281156, SleepMilliseconds = 60000.
TickCount = 282750, SleepMilliseconds = 60000.
TickCount = 287687, SleepMilliseconds = 60000.
TickCount = 287703, SleepMilliseconds = 60000.
TickCount = 291843, SleepMilliseconds = 60000.
TickCount = 292140, SleepMilliseconds = 60000.
行为描述: 获取光标位置
详情信息: CursorPos = (80,18468), SleepMilliseconds = 60000.
CursorPos = (6373,26501), SleepMilliseconds = 60000.
行为描述: 窗口信息
详情信息: Pid = 2636, Hwnd=0x1037c, Text = 剧名:, ClassName = Afx:1f40000:b:10011:1900015:0.
Pid = 2636, Hwnd=0x10378, Text = 关于作者, ClassName = Button.
Pid = 2636, Hwnd=0x1036e, Text = 剧集:, ClassName = Afx:1f40000:b:10011:1900015:0.
Pid = 2636, Hwnd=0x1036c, Text = 选择播放源:, ClassName = Afx:1f40000:b:10011:1900015:0.
Pid = 2636, Hwnd=0x10362, Text = 视频简介:, ClassName = Edit.
Pid = 2636, Hwnd=0x1035c, Text = 搜索结果:, ClassName = Afx:1f40000:b:10011:1900015:0.
Pid = 2636, Hwnd=0x1034e, Text = 搜索一下, ClassName = Button.
Pid = 2636, Hwnd=0x20346, Text = Howe影视 - 破解vip视频免费观看 QQ949643229, ClassName = WTWindow.
Pid = 2636, Hwnd=0x1034c, Text = 123456, ClassName = Edit.
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00010378, DC = 0x01010669.
Foreground window Info: HWND = 0x0001034e, DC = 0x01010055.
Foreground window Info: HWND = 0x0001037c, DC = 0x01010055.
Foreground window Info: HWND = 0x00010376, DC = 0x0a010375.
Foreground window Info: HWND = 0x0001036e, DC = 0x01010669.
Foreground window Info: HWND = 0x0001036c, DC = 0x01010055.
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll(签名验证: 通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 60000.
[2]: MilliSeconds = 0.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,_EL_DrawPanel]
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\krnln.fnr ---> b3b09f4a3a6704000c3a0c6acc825e9d
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext.fnr ---> 856495a1605bfc7f62086d482b502c6f
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\iext2.fne ---> dba5fdbe7ec94463b3f6fdf2162c9f95
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\EThread.fne ---> 206396257b97bd275a90ce6c2c0c37fd
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\HtmlView.fne ---> f9a994df4d407bc79f7c84886fe7a654
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\spec.fne ---> bd6eef5ea9a52a412a8f57490d8bd8e4
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Comdlg32.dll ---> c7479e84869fd0ad3cc675bc82d359a8
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\IPHLPAPI.DLL ---> 12c0990ecf799eea874c260eb185d763
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\imm32.dll ---> 7645b57df463e4dfaa2c6e99420060da
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shdocvw.dll ---> ba6b9cd9b20780d17261defc1df2cebe
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\shlwapi.dll ---> c3a8d3a3f594d1d6da2017e996b7766f
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Psapi.dll ---> 00c607f43b7f986c51b22dd4cf0a3ae1
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\atl.dll ---> daf9a0e44128b79125cf9c69ca5254db
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\Powrprof.dll ---> 46b536fc727208f37f0e3fcd2e27183a
C:\Documents and Settings\Administrator\Local Settings\Temp\E_N60005\oleaut32.dll ---> 87073fc631c14d82c0b162118b3923aa
行为描述: 直接获取CPU时钟
详情信息: EAX = 0x277eaf8b, EDX = 0x000000b7
EAX = 0x277eafd7, EDX = 0x000000b7
EAX = 0x277eb023, EDX = 0x000000b7
EAX = 0x277eb06f, EDX = 0x000000b7
EAX = 0x277eb0bb, EDX = 0x000000b7
EAX = 0x277eb107, EDX = 0x000000b7
EAX = 0x277eb153, EDX = 0x000000b7
EAX = 0x277eb19f, EDX = 0x000000b7
EAX = 0x277eb1eb, EDX = 0x000000b7
EAX = 0x277eb237, EDX = 0x000000b7
行为描述: 加载新释放的文件
详情信息: Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_N60005\krnln.fnr.
Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_N60005\iext2.fne.
Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_N60005\iext.fnr.
Activities
VirSCANVirSCAN
活动名 类型
com.boyous.biyi.AppActivity android.intent.action.MAIN
com.boyous.biyi.AppActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getSimSerialNumber 获取SIM序列号
TelephonyManager;->getLine1Number 获取手机号
HttpClient;->execute 请求远程服务器
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
ContentResolver;->delete 删除短信、联系人
SmsManager;->sendDataMessage 发送二进制消息
SmsManager;->sendTextMessage 发送普通短信
DefaultHttpClient;->execute 发送HTTP请求
LocationManager;->getLastKnownLocation 获取地址位置
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.SEND_SMS 发送短信
android.permission.READ_SMS 读取短信
android.permission.WRITE_SMS 写短信
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.RECEIVE_MMS 接收彩信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS 访问额外的定位指令
android.permission.ACCESS_MTK_MMHW
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
android.permission.CAMERA 访问照相机设备
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.READ_SETTINGS
android.permission.READ_INTERNAL_STORAGE
android.permission.READ_USER_DICTIONARY 读取用户字典
android.permission.SAMSUNG_TUNTAP
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.UPDATE_APP_OPS_STATS
android.permission.WRITE_INTERNAL_STORAGE
服务列表
VirSCANVirSCAN
名称
com.amaz.onib.FSrvi
com.core.main.pay.plugmain.service.SyService
com.core.tools.sms.SmsPlugKeppLiveService
com.wyzf.service.InitService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x55f7d8a7
META-INF/CERT.SF 0x1300aea3
META-INF/CERT.RSA 0xa1813ecf
assets/btn_life.png 0xff3fb118
assets/photo/6/8.jpg 0x2a044bc
assets/box/num_money.png 0xb85c72db
assets/photo/2/9.jpg 0x36ab622d
assets/photo/7/5.jpg 0xef998ff8
assets/btn_main.png 0xd379814b
assets/tip_jiao4.png 0xd2f2cc39
assets/box/title_lifeget.png 0x77a8395c
assets/photo/1/1.jpg 0x6b7cfa7
assets/photo/4/siyi.jpg 0xc943d72c
assets/tip_jiao11.png 0x319f5c6
assets/box/btn_ok.png 0xe371ac3c
assets/icon_quan2.png 0x7104cf45
assets/box/title_jipin.png 0x5dea845
assets/photo/2/dress.jpg 0xfa02c339
assets/photo/2/2.jpg 0x8fb303f2
assets/btn_tool1.png 0xcc728e53
assets/p3Pic/xx03.png 0x8781d124
assets/box/text_siyi.png 0x65e454b3
assets/photo/1/dress.jpg 0x347872fe
assets/box/text_paidfailed.png 0xf5ed1f05
assets/photo/7/thumb_opened.png 0x4cdbbebd
assets/photo/3/6.jpg 0xd8fec437
resources.arsc 0xd1be0027
assets/photo/4/3.jpg 0xc09770bd
assets/btn_caiquan.png 0xa66fc291
assets/photo/touchhole2.png 0x50bdaed3
assets/audio/bg.ogg 0x3e0eaeef
AndroidManifest.xml 0x36ab20c5
assets/slider_quan2.png 0x8239505c
assets/photo/3/2.jpg 0x8b4cb86c
assets/photo/1/8.jpg 0x300196ab
assets/photo/4/12.jpg 0xadad0ba7
assets/photo/6/siyi.jpg 0x100c4a43
assets/photo/6/11.jpg 0xce3eddf4
assets/photo/7/1.jpg 0x32b2e57a
assets/photo/2/6.jpg 0xb7ee4a89
assets/photo/2/11.jpg 0x5614394d
assets/tip_jiao1.png 0x7eb070b6
assets/icon_tool1.png 0xd3b0867b
assets/photo/5/7.jpg 0x41bfa21
assets/btn_quan3.png 0xea779b9f
assets/btn_tiaojiao.png 0x2481746
assets/photo/3/10.jpg 0xa46be012
assets/box/btn_close.png 0x72025f1b
assets/btn_siyip1.png 0x7926b404
assets/anim.plist 0xbe37bf08
assets/photo/2/thumb.png 0x9abf6a0b
assets/p3Pic/xx07.png 0xbdabe158
assets/photo/1/siyi.jpg 0x83ca06fa
assets/photo/6/1.jpg 0xe5eec49b
assets/photo/7/10.jpg 0x5af2ff9c
assets/photo/3/9.jpg 0x98dc547f
assets/tip_jiao8.png 0x4cdb5bf
assets/audio/jiao1.mp3 0x2de99cb1
assets/btn_quit.png 0xde031de0
assets/box/btn_close2.png 0xfbe1b996
assets/photo/4/7.jpg 0x217c8360
assets/box/text_yuan.png 0x7f26a054
assets/box/text_unlockAll.png 0xbd53ac23
assets/photo/7/8.jpg 0x5d63c752
assets/photo/4/4.jpg 0x599d52bd
assets/photo/1/2.jpg 0x36a9b035
res/drawable-hdpi-v4/icon.png 0xe02c8fc2
assets/box/title_rule.png 0xf86f4c21
assets/photo/3/7.jpg 0x7b97049
assets/photo/5/dress.jpg 0x270f597f
assets/photo/6/9.jpg 0x5f292848
lib/armeabi/libcrypt_sign.so 0x8d9223d7
assets/photo/7/siyi.jpg 0x3d311aab
assets/photo/5/3.jpg 0xaeac1163
assets/photo/3/thumb.png 0x1a494d40
assets/tip_jiao5.png 0x99fadb8e
assets/btn_return.png 0xf38d6871
assets/box/text_unlock.png 0xd3fbb9f7
assets/tip_jiao10.png 0x8837f18b
assets/photo/6/5.jpg 0x2f3530ed
assets/box/bg_box.png 0xfad2ccb0
assets/box/btn_siyi.png 0x73a74cca
assets/box/text_rule.png 0xcd53b39b
assets/box/num_zifei2.png 0x56718195
assets/tip_quan_lose.png 0x60e523e
assets/icon_quan3.png 0x10017a7e
assets/photo/5/8.jpg 0xd783d1ab
lib/armeabi/libcocos2dcpp.so 0x7fc58677
res/drawable-xhdpi-v4/icon.png 0xf03f70a9
assets/icon_quang1.png 0xe5679c88
assets/btn_tool2.png 0xf93e77b0
assets/photo/2/8.jpg 0x8e68c23a
assets/box/num_zifei.png 0xfbf6c5de
assets/p3Pic/xx02.png 0x66e434d9
assets/photo/4/thumb.png 0x3500b5bd
assets/photo/7/4.jpg 0x6659c1b
assets/photo/3/siyi.jpg 0x8dcc4383
assets/photo/5/12.jpg 0x8d4d753f
assets/ep/rsp 0xbd0c58d2
assets/photo/4/8.jpg 0xa44c1220
assets/audio/win.ogg 0x7b67f245
assets/btn_gift.png 0x721f17d5
assets/photo/7/9.jpg 0x1b5fbcdb
assets/tip_siyi3.png 0xa937edba
assets/bg_main.jpg 0x36dc3d6a
assets/tip_jiao9.png 0x3ac0b08
assets/btn_siyip2.png 0x6f35b6b5
assets/photo/6/4.jpg 0x21060887
assets/photo/3/3.jpg 0x5ebafcf2
assets/photo/7/11.jpg 0x8d135010
assets/photo/4/11.jpg 0xf8a9d453
assets/photo/2/12.jpg 0x2850eea4
assets/qshp_3001_2278 0x36d02f59
assets/photo/6/dress.jpg 0x249e053d
assets/box/text_jiao.png 0x875d638
assets/photo/5/4.jpg 0xd7c2d8ed
assets/photo/1/10.jpg 0x7495f98f
assets/photo/2/3.jpg 0x6c86886a
assets/icon_tool4.png 0xda5b02a1
assets/p3Pic/xx06.png 0xd859f72c
assets/box/btn_lifeget.png 0xe371ac3c
assets/audio/jiao2.mp3 0xcea67cea
assets/photo/1/7.jpg 0xbb01eb2
assets/box/text_jipin.png 0xb440d584
assets/audio/select.ogg 0x84108ab5
assets/btn_tool3.png 0x26380d59
assets/tip_jiao6.png 0xccb24eee
assets/p3Pic/xx01.png 0x98f80f52
assets/photo/6/thumb.png 0x2827136e
assets/box/bg_new.png 0x8b35b606
assets/photo/4/5.jpg 0x2ca0a3a2
assets/photo/5/2.jpg 0x85f2c233
assets/title_yunyu.png 0x2c76a164
assets/box/text_lifeget.png 0x1404841
assets/p3Pic/xx08.png 0x448cdea3
assets/yfbb/plugin 0xc75ffc68
assets/photo/3/8.jpg 0xe529e350
assets/please_jiao.png 0xf97ced15
assets/icon_quang2.png 0xe2fe94d9
assets/photo/2/7.jpg 0xf05120e6
assets/photo/3/4.jpg 0xe58df6ed
assets/photo/4/10.jpg 0xde14c3f7
assets/photo/6/10.jpg 0x867e55e8
assets/photo/7/3.jpg 0xbb8c90f
assets/photo/2/10.jpg 0xe0630ae3
assets/tip_quan_draw.png 0xb77e0a75
assets/text_yunyu.png 0x4315ae70
assets/anim2.plist 0x52a10318
assets/photo/7/thumb.png 0xb96bd93b
assets/tip_jiao2.png 0xe20a9af2
assets/box/text_zifei.png 0xc7e01136
assets/photo/6/6.jpg 0x5f4a559
assets/p3Pic/xxxx 0x1c824440
assets/photo/1/3.jpg 0xcab88d7f
assets/photo/5/9.jpg 0x2b113604
assets/photo/7/12.jpg 0x3b484597
assets/p3Pic/xx05.png 0xfb517d18
assets/photo/6/3.jpg 0x72ea1ac0
assets/btn_soundClose.png 0x8224db52
assets/photo/4/9.jpg 0xfd740560
assets/please_quan.png 0x99ac192e
assets/photo/3/12.jpg 0x30aec7d9
assets/touchhole2.png 0x69233916
assets/audio/jiao3.mp3 0x6d658df9
assets/photo/5/11.jpg 0x3658a31e
assets/please_siyi.png 0x223546af
assets/box/btn_unlockone.png 0x76cfc8e
assets/tip_siyi2.png 0x8b42a3cf
assets/photo/5/thumb.png 0x2010443a
assets/box/text_zifei2.png 0x5189683a
assets/photo/1/11.jpg 0xdab590b1
assets/box/btn_newok.png 0x31a12376
assets/photo/7/dress.jpg 0x25a77beb
assets/btn_quan1.png 0xb8ad9d18
assets/num_life.png 0xa8905afe
assets/audio/btn.ogg 0x3a0f47e
assets/photo/7/thumb_closed.png 0x1ad674b9
assets/tip_quan_win.png 0xa1865d38
assets/photo/1/6.jpg 0xddd8af01
assets/icon_lock.png 0x951b9394
res/drawable-mdpi-v4/icon.png 0xb661273d
assets/photo/5/5.jpg 0xd390ec6c
assets/photo/2/4.jpg 0x6b36a15f
assets/icon_tool3.png 0x89b2f14
assets/photo/5/1.jpg 0xa496b567
assets/eplus/utils 0xc714c720
assets/btn_tool4.png 0x2700b85f
assets/tip_jiao12.png 0x93dee0c5
assets/btn_soundOpen.png 0xa9cffaac
assets/bg_game.jpg 0xa9d6175
assets/icon_quan1.png 0xe2e81346
assets/audio/clear.mp3 0xa58c73aa
assets/photo/1/4.jpg 0xaea38e6e
assets/p3Pic/xx09.png 0xc61098ba
assets/audio/lose.ogg 0xb5aa88a
assets/photo/7/6.jpg 0x57c56c99
assets/tip_siyi1.png 0x27d77b45
assets/photo/4/dress.jpg 0xfcd409a1
assets/tip_jiao3.png 0xd3a235e5
assets/anim2.png 0x1f7643e0
assets/photo/7/thumb_title.png 0x717dcd28
assets/photo/4/2.jpg 0xc41bcf49
assets/photo/3/5.jpg 0x2e01955
assets/icon_quang3.png 0x81576132
assets/photo/2/siyi.jpg 0x288cf511
assets/photo/2/1.jpg 0x738639ba
assets/anim.png 0x92eae282
assets/photo/6/7.jpg 0xfca03158
assets/box/btn_unlockall.png 0x38f9e47b
assets/onib_clz.jar 0x1c483b7d
assets/photo/1/thumb.png 0xea1740c4
assets/photo/6/12.jpg 0xa8011783
assets/sypayinfo/UI_PAY_CODE 0x67287a17
assets/photo/3/1.jpg 0xc1032a3
assets/icon_tool2.png 0x8942aa8c
assets/slider_quan1.png 0x1733a025
assets/photo/2/5.jpg 0xcfa29128
assets/photo/5/6.jpg 0x1f4e8edc
assets/btn_quan2.png 0xaeb9d4a8
assets/p3Pic/xx04.png 0x9c02c211
assets/photo/1/12.jpg 0x5ea62d20
assets/sypayinfo/UI_PAY_CODE_WC 0x900aa8e9
assets/photo/3/11.jpg 0x329e32ff
assets/photo/7/2.jpg 0xfea8eece
assets/touchhole1.png 0x25da887a
assets/photo/4/1.jpg 0x339d4650
assets/audio/jiao4.mp3 0x9b178f62
assets/photo/1/9.jpg 0xb4c8c04a
assets/photo/touchhole1.png 0xb0167db9
assets/photo/4/6.jpg 0x8698f8cd
assets/photo/1/5.jpg 0xf914dfc8
assets/photo/5/10.jpg 0xd48a8e2b
assets/wyzf/res.bin 0x30dabe29
assets/p3Pic/xx10.png 0x611ad8b4
assets/photo/7/7.jpg 0xfdc309b5
assets/p3Pic/xxx 0xa2727f61
assets/photo/5/siyi.jpg 0x675ee6b8
assets/audio/si.ogg 0x714a41e
assets/box/btn_check.png 0x6f109a1e
assets/box/title_siyi.png 0x34653516
assets/photo/3/dress.jpg 0x97cfb9d
assets/photo/6/2.jpg 0xc573800e
classes.dex 0xc70b2f8f
assets/tip_jiao7.png 0xa338ca67
运行截图
VirSCANVirSCAN
VirSCAN