VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:23%Scanner(s) (9/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-10 11:09:48 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 7
antivir 1.9.2.0 1.9.159.0 7.11.183.220 Found nothing 17
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Android.Adware.Utchi.A 1
avast 141109-0 4.7.4 2014-11-09 Android:MTK-HC [Trj] 31
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57645 7.90123 2014-11-09 Android.Adware.Utchi.A 7
clamav 19600 0.97.5 2014-11-08 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 51
fortinet 23.151, 23.151 5.1.158 2014-11-10 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-09 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Android.Adware.Utchi.A 3
gdata 24.3819 24.3819 2014-08-29 Android.Adware.Utchi.A 8
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-09 AdWare.AndroidOS.Utchi 20
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 15
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 33
kingsoft 2.1 2.1 2013-09-22 Android.RISKWARE.MTK.vv.(kcloud) 3
mcafee 7520 5400.1158 2014-08-04 Found nothing 15
nod32 0436 3.0.21 2014-09-18 a variant of Android/AdDisplay.Utchi.A application 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 3
pcc 11.266.06 9.500-1005 2014-11-09 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
qqphone 1.0.0.0 1.0.0.0 2014-11-10 Found nothing 1
quickheal 14.00 14.00 2014-06-14 Found nothing 2
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 1
sophos 5.04 3.51.0 2014-08-05 Andr/MTK-C 8
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 1
symantec 20141107.002 1.3.0.24 2014-11-07 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 4
vba 3.12.26.3 3.12.26.3 2014-11-08 Found nothing 5
virusbuster 15.0.962.0 5.5.2.13 2014-11-08 Found nothing 23
权限列表
许可名称 信息
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SET_WALLPAPER 设置桌面壁纸
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
文件信息
VirSCANVirSCAN
安全评分 :73
基本信息
VirSCANVirSCAN
MD5:b7a594048b0e5bb8ceb3ce84696de784
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:cn.efefeheg.eheedleceeeeei
最低运行环境:Android 2.0
版权:o
关键行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ThunderRT6Main]
行为描述: 按名称获取主机地址
详情信息: api.4134.com
进程行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ThunderRT6Main]
行为描述: 按名称获取主机地址
详情信息: api.4134.com
文件行为
VirSCANVirSCAN
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-Q6EKH.tmp\sample.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\_isetup\_RegDLL.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\_isetup\_shfoldr.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\isskin.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\webctrl.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\zhainan.style
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\SetupTV.dll
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\bg1.bmp---> Offset = 262144
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\bg2.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\editback.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close1.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close2.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close3.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup1.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup2.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup3.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish1.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish2.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish3.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse1.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse2.bmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse3.bmp---> Offset = 0
网络行为
VirSCANVirSCAN
行为描述: 建立到一个指定的套接字连接
详情信息: 127.0.0.1:1040
127.0.0.1:1041
127.0.0.1:1042
127.0.0.1:1043
127.0.0.1:1044
127.0.0.1:1045
127.0.0.1:1046
127.0.0.1:1047
127.0.0.1:1048
127.0.0.1:1049
127.0.0.1:1050
127.0.0.1:1051
127.0.0.1:1052
127.0.0.1:1053
127.0.0.1:1054
行为描述: 按名称获取主机地址
详情信息: api.4134.com
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{AB85BD57-8032-48EA-973B-12C8B658560D}\2.0\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{AB85BD57-8032-48EA-973B-12C8B658560D}\2.0\FLAGS\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{AB85BD57-8032-48EA-973B-12C8B658560D}\2.0\0\win32\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{AB85BD57-8032-48EA-973B-12C8B658560D}\2.0\HELPDIR\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F0E208F3-3ADE-49F8-B885-854D3A8CC8EE}\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F0E208F3-3ADE-49F8-B885-854D3A8CC8EE}\ProxyStubClsid\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F0E208F3-3ADE-49F8-B885-854D3A8CC8EE}\ProxyStubClsid32\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F0E208F3-3ADE-49F8-B885-854D3A8CC8EE}\TypeLib\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F0E208F3-3ADE-49F8-B885-854D3A8CC8EE}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1F4F6E7-7022-4754-8102-A40A3349D5AD}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1F4F6E7-7022-4754-8102-A40A3349D5AD}\ProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1F4F6E7-7022-4754-8102-A40A3349D5AD}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1F4F6E7-7022-4754-8102-A40A3349D5AD}\TypeLib\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1F4F6E7-7022-4754-8102-A40A3349D5AD}\VERSION\
\REGISTRY\MACHINE\SOFTWARE\Classes\SetupTV.Core\
行为描述: 删除注册表键值
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1F4F6E7-7022-4754-8102-A40A3349D5AD}\InprocServer32\ThreadingModel
\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
其他行为
VirSCANVirSCAN
行为描述: 枚举窗口
详情信息: N/A
行为描述: 创建互斥体
详情信息: SHIMLIB_LOG_MUTEX
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ThunderRT6Main]
行为描述: 打开图片文件
详情信息: \DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\bg1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\bg2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\editback.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close3.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup3.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish3.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse3.bmp
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
异常崩溃
VirSCANVirSCAN
行为描述: 枚举窗口
详情信息: N/A
行为描述: 创建互斥体
详情信息: SHIMLIB_LOG_MUTEX
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ThunderRT6Main]
行为描述: 打开图片文件
详情信息: \DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\bg1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\bg2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\editback.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\Close3.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\setup3.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\finish3.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse1.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse2.bmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-0B3M5.tmp\browse3.bmp
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
cn.efefeheg.eheedleceeeeei.d6
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/852/cmdline length:105
path:/proc/863/cmdline length:105
path:/proc/865/cmdline length:105
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/cn.efefeheg.eheedleceeeeei-1.apk
行为描述: 初始化Intent
详情信息: Landroid/content/Context;=cn.efefeheg.eheedleceeeeei.c97@4153ead0 | Ljava/lang/Class;=class cn.efefeheg.eheedleceeeeei.d6
Landroid/content/Context;=cn.efefeheg.eheedleceeeeei.d6@415d5f18 | Ljava/lang/Class;=class cn.efefeheg.eheedleceeeeei.d6
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
.c97 android.intent.action.MAIN
.c97 android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getLine1Number 获取手机号
TelephonyManager;->getSimSerialNumber 获取SIM序列号
启动方式
VirSCANVirSCAN
名称 信息
cn.efefeheg.eheedleceeeeei.e51 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SET_WALLPAPER 设置桌面壁纸
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
服务列表
VirSCANVirSCAN
名称
cn.efefeheg.eheedleceeeeei.d6
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xd09ce231
META-INF/CERT.SF 0x20e81307
META-INF/CERT.RSA 0xb4c9337a
assets/1a81aec1d54744f390e099d5e53fdbd3.mp4 0x818233a0
assets/2fbde35952974ee3b4b05919f3e3397d.mp4 0xd8a81447
assets/300350248a6542528b9e4cf1530bde40.mp4 0x5294f180
assets/5b7708dcbc4146dda35dcffd4d0cf87e.mp4 0x4794db79
assets/890d6e4620a744f88b373b3e538cde25.mp4 0x692803a5
assets/d227027497044483af9f9ef365d163ed.mp4 0x95cc7307
assets/f96f087b9e3241cb8c319cb3d9d854b6.mp4 0x40c593f9
assets/index 0x8b6299eb
assets/s 0x7b13ecdd
assets/t1 0x3aca23f6
assets/t10 0xa294056e
assets/t11 0x4c23f4f7
assets/t12 0x2c5fe5fd
assets/t13 0x5838c73e
assets/t14 0xf74fd0e
assets/t15 0x61c50c23
assets/t2 0x612bc42f
assets/t3 0x31f751f0
assets/t4 0x11454ef9
assets/t5 0x8734e137
assets/t6 0x70ec0c79
assets/t7 0x1f043d17
assets/t8 0xc093de72
assets/t9 0x83c4b263
res/drawable/btn_next_chapter.png 0x1cf1a384
res/drawable/btn_prev_chapter.png 0x3aeceaad
res/drawable/btn_read_chapter.png 0x37ea8358
res/drawable/btn_start_read.png 0xc973339e
res/drawable/btn_to_index.png 0x8b1e31ca
res/drawable/gray_border.xml 0x3dba9ae1
res/drawable/ic_about.png 0x758afdf3
res/drawable/ic_back_to_cover.png 0xf658265d
res/drawable/ic_back_to_index.png 0x3365b71a
res/drawable/ic_exit.png 0x4c5854a7
res/drawable/icon.png 0xd6c12a88
res/drawable/zt__adchitu.png 0x3ee65eae
res/drawable/zt__back.png 0xf772d32f
res/drawable/zt__down.png 0x499234e1
res/drawable/zt__down_w.png 0x5c80c16d
res/drawable/zt__icon_lack.png 0x7e1d313f
res/drawable/zt__title_sep.xml 0x773fae7
res/drawable/zt__waiting.png 0x651b7426
res/layout/book_cover.xml 0x7e1c125d
res/layout/chapter_cover.xml 0xf52ee890
res/layout/index_l0_iconed.xml 0x6167ab48
res/layout/index_l0_text.xml 0x45874965
res/layout/index_l1_text.xml 0x1acd637d
res/layout/index_title.xml 0x283a9cd0
res/layout/main.xml 0x1cf6f11
res/layout/zt__offerinfo.xml 0x377b34f2
res/layout/zt__offerwall.xml 0xadf9db49
res/layout/zt__offerwall_line.xml 0x3f83da61
res/layout/zt__offerwall_line_logo.xml 0xd44235de
res/layout/zview.xml 0x347038a3
res/menu/debug.xml 0x1098d49f
res/menu/notuse.xml 0x2bb66541
res/menu/options.xml 0x276b6fc5
AndroidManifest.xml 0xc95329b0
resources.arsc 0x5422ebfc
classes.dex 0xab0430ee
运行截图
VirSCANVirSCAN
VirSCAN