VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-14 17:59:45 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.3863 25.3863 2015-10-13 Found nothing 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 57
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Found nothing 27
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:2b250a6461355f69405f4b7606cd27e3
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:pan.howdifficult
最低运行环境:Android 2.2.x
版权:yunling
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.MarshalInterface.FileMap.IDI..GPLIG
MSCTF.MarshalInterface.FileMap.IDI.B.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.C.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.D.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.E.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.F.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.G.GPLIG
MSCTF.Shared.SFM.IDI
MSCTF.MarshalInterface.FileMap.IDI.H.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.I.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.J.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.K.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.L.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.M.CPCNG
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,_EL_Timer]
[Window,Class] = [,Afx:400000:b:10011:0:0]
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.MarshalInterface.FileMap.IDI..GPLIG
MSCTF.MarshalInterface.FileMap.IDI.B.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.C.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.D.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.E.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.F.GPLIG
MSCTF.MarshalInterface.FileMap.IDI.G.GPLIG
MSCTF.Shared.SFM.IDI
MSCTF.MarshalInterface.FileMap.IDI.H.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.I.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.J.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.K.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.L.CPCNG
MSCTF.MarshalInterface.FileMap.IDI.M.CPCNG
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = www.54xl.cn, PORT = 80
InternetConnectA: ServerName = www.haodailiip.com, PORT = 80
行为描述: 读取网络文件
详情信息: hFile = 0x00000568, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000564, BytesToRead =1024, BytesRead = 1024.
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: www.54xl.cn:80/nf/k8up.html, hConnect = 0x00000570
HttpOpenRequestA: www.haodailiip.com:80/domftiqu, hConnect = 0x0000056c
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x16(565 0)
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.Shared.MUTEX.AEH
MSCTF.Shared.MUTEX.IDI
行为描述: 内联HOOK
详情信息: C:\WINDOWS\system32\GDI32.dll--->ExtTextOutA Offset = 0x0
C:\WINDOWS\system32\GDI32.dll--->ExtTextOutW Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetWindowLongA Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->SetWindowLongA Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->SetWindowLongW Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetWindowLongW Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->BeginPaint Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->EndPaint Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetWindowDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->ReleaseDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->WindowFromDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetScrollInfo Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetScrollPos Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetScrollRange Offset = 0x0
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,_EL_Timer]
[Window,Class] = [,Afx:400000:b:10011:0:0]
行为描述: 窗口信息
详情信息: Pid = 2100, Hwnd=0x301d0, Text = 使用匿名代理隐藏IP(会影响效率), ClassName = Button(CheckBox).
Pid = 2100, Hwnd=0x301c0, Text = 温馨提示:本软件专治各种牛皮癣小广告,不要太邪恶哦, ClassName = _EL_Label.
Pid = 2100, Hwnd=0x301be, Text = 注意:该软件攻击1分钟1000条短信,请合理使用 使用本软件发生的任何纠纷与本软件作者无关, ClassName = _EL_Label.
Pid = 2100, Hwnd=0x40248, Text = 小刀娱乐网 , ClassName = _EL_Label.
Pid = 2100, Hwnd=0x60240, Text = 停止, ClassName = Button.
Pid = 2100, Hwnd=0x70196, Text = 短信测试, ClassName = Button.
Pid = 2100, Hwnd=0x401ce, Text = 手机号码, ClassName = _EL_Label.
Pid = 2100, Hwnd=0x4020e, Text = 卡吧短信压力测试器V2.5, ClassName = WTWindow.
动态列表行为
VirSCANVirSCAN
行为描述: 窗口信息
详情信息: {"text": "网盘提取器", "class": "android.widget.TextView"}
{"text": "请输入网盘地址", "class": "android.widget.EditText"}
{"text": "清空", "class": "android.widget.Button"}
{"text": "确定", "class": "android.widget.Button"}
{"text": "制作:HOWDIFFICULT", "class": "android.widget.TextView"}
行为描述: 解析通用资源标识符
详情信息: http://pan.baidu.com/share/home?uk=
行为描述: 初始化Intent
详情信息: [u'android.intent.action.VIEW', u'http://pan.baidu.com/share/home?uk=']
行为描述: 激活Activity
详情信息: Intent { act=android.intent.action.VIEW dat=http://pan.baidu.com/share/home?uk= }
行为描述: 添加悬浮窗口
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414a69a8', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#810100 pfl=0x8 wanim=0x103028f}', u'android.view.CompatibilityInfoHolder@414b40f8']
Activities
VirSCANVirSCAN
活动名 类型
.MainActivity android.intent.action.MAIN
.MainActivity android.intent.category.LAUNCHER
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xfe42c0f0
META-INF/CERT.SF 0xd476ff79
META-INF/CERT.RSA 0x968bf2bc
AndroidManifest.xml 0xe96e0f8d
classes.dex 0x533cd819
res/drawable-hdpi/ic_launcher.png 0x80334075
res/drawable-mdpi/ic_launcher.png 0x80334075
res/drawable-xhdpi/ic_launcher.png 0x80334075
res/drawable-xxhdpi/ic_launcher.png 0x80334075
res/drawable/image_teach.png 0x6610f50d
res/layout/about.xml 0xc00b9fe3
res/layout/main.xml 0xb84ff8ee
res/layout/teach.xml 0xddb3377
resources.arsc 0x12fdf3ba
运行截图
VirSCANVirSCAN
VirSCAN