VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:28%Scanner(s) (9/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2020-02-05 15:48:35 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 AVL SDK 3.0 2020-02-05 Trojan/Generic.ASDroid.C3BA 1
avast 18.4.3895.0 18.4.3895.0 2020-02-05 Found nothing 46
avg 10.0.1405 10.0.1405 2020-02-05 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 13
baidusd 1.0 1.0 2020-02-05 Found nothing 1
bitdefender 7.141118 7.141118 2020-02-04 Found nothing 1
clamav 25715 0.100.2 2020-02-03 Found nothing 1
drweb 11.0.10.1810231600 11.0.10.1810231600 2020-02-04 Found nothing 11
emsisoft 9.0.0.4324 9.0.0.4324 2014-07-03 Android.Adware.Wapsx.A 3
fortinet 1.000, 71.889, 71.844, 71.868 5.4.247 2019-11-04 Adware/Waps!Android 1
fprot 4.6.2.117 6.5.1.5418 2020-02-05 Found nothing 1
fsecure 2015-08-01-02 9.13 2020-02-05 Found nothing 56
gdata 25.24732 25.24732 2020-01-29 Android.Adware.Wapsx.A 12
ikarus 5.02.09 V1.32.39.0 2020-01-13 PUA.AndroidOS.Domob 4
jiangmin 16.0.100 1.0.0.0 2020-02-05 AdWare.AndroidOS.dbvl 2
kaspersky 5.5.33 5.5.33 2020-02-05 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 8
mcafee 8254 5400.1158 2020-01-11 Found nothing 6
nod32 9846 4.5.15 2020-02-05 Found nothing 1
panda 9.05.01 9.05.01 2020-02-05 Found nothing 4
pcc 13.302.06 9.500-1005 2020-02-05 Android.33471775 2
qh360 1.0.1 1.0.1 2020-02-05 Adware.Android.Gen 2
qqphone 2.0.0.0 2.0.0.0 2020-02-05 Found nothing 1
quickheal 14.00 14.00 2020-02-05 Android.Waps.A (AdWare) 3
rising 5380 5380 2020-02-05 Found nothing 3
sophos 4.62 3.16.1 2016-09-20 Found nothing 10
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2020-02-05 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-03-30 Found nothing 13
tws 17.47.17308 1.0.2.2108 2020-02-05 Found nothing 4
vba 4.3.0 4.3.0 2020-01-24 Found nothing 1
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 4
权限列表
许可名称 信息
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
文件信息
VirSCANVirSCAN
安全评分 :71
基本信息
VirSCANVirSCAN
MD5:40b646632e0532b57b2ea5c44c3d650b
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.wy.pcinputassistant
最低运行环境:Android 1.6
版权:
关键行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
进程行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
文件行为
VirSCANVirSCAN
行为描述: 在系统敏感位置(如开始菜单等)释放链接或快捷方式
详情信息: C:\Documents and Settings\Administrator\「开始」菜单\程序\1241041\uninst.lnk
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\System.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\Inetc.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\NsProcess.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\NSISdl.dll
C:\Program Files\1241041\Uninstall.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\Base64.dll
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\「开始」菜单\程序\1241041\uninst.lnk---> Offset = 0
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = cn.xn--420ar66b.xn--55qx5d, PORT = 27
行为描述: 打开远程FTP文件
详情信息: FtpOpenFileA: 1.ico, hConnect = 0x00000680
行为描述: 下载文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\1.ico
行为描述: 读取网络文件
详情信息: hFile = 0x00000680, BytesToRead =8192, BytesRead = 8192.
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\X\BaseClass
行为描述: 修改注册表_延迟重命名项
详情信息: \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Session Manager\PendingFileRenameOperations
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: 1241041
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 读取文件
详情信息: path:/proc/792/cmdline length:105
path:/proc/806/cmdline length:105
path:/proc/818/cmdline length:105
path:/proc/848/cmdline length:105
path:/proc/859/cmdline length:105
path:/proc/meminfo length:105
path:/proc/meminfo length:105
path:/proc/meminfo length:105
行为描述: 缓冲区读取一行数据
详情信息: f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851073640&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
null
f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851094365&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851114804&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851135795&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
行为描述: 对指定数据计算哈希
详情信息: kingxiaoguang@gmail.com357242043237511c8ab8094f9188ee8e540170eaff497bf
357242043237511kingxiaoguang@gmail.com
行为描述: 访问URL
详情信息: libcore.net.http.HttpURLConnectionImpl:http://r.domob.cn/a/
行为描述: 获取用户ID
详情信息: 310260000000000
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.wy.pcinputassistant-1.apk
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/PushFlag.xml length:70
path:/data/data/com.wy.pcinputassistant/shared_prefs/Start_Tag.xml length:70
path:/data/data/com.wy.pcinputassistant/shared_prefs/PushFlag.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/AppSettings.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/com.wy.pcinputassistant_preferences.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/com.wy.pcinputassistant_preferences.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/PushFlag.xml length:105
path:/data/data/com.wy.pcinputassistant/files/UnPackage.dat length:105
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
.RHWPMain android.intent.action.MAIN
.RHWPMain android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
android/app/NotificationManager;->notify 信息通知栏
java/net/URL;->openConnection 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
ContentResolver;->query 读取联系人、短信等数据库
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
java/net/HttpURLConnection;->connect 连接URL
LocationManager;->getLastKnownLocation 获取地址位置
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
TelephonyManager;->getLine1Number 获取手机号
ContentResolver;->delete 删除短信、联系人
广告信息
VirSCANVirSCAN
名称 信息
cn.domob.android 多盟
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
文件列表
VirSCANVirSCAN
文件名 校验码
res/layout/alert.xml 0xf0e47fe9
res/layout/main.xml 0xc32b7d62
res/layout/note.xml 0xa2ca2d71
res/layout/push_layout.xml 0xa0f2d4ca
res/layout/seekbardialogpreference.xml 0x9c49d196
res/menu/menu.xml 0x66b65d00
res/xml/settings.xml 0xe550ab02
res/xml/settings_short.xml 0x2464556d
AndroidManifest.xml 0x85a53080
resources.arsc 0xec494fa3
res/drawable-hdpi/icon.png 0xcbb4c1d9
res/drawable-hdpi/market.png 0x52b3eaaa
res/drawable-ldpi/icon.png 0x4b6eda5
res/drawable-ldpi/market.png 0x52b3eaaa
res/drawable-mdpi/icon.png 0x4b6eda5
res/drawable-mdpi/market.png 0x52b3eaaa
classes.dex 0xb452149d
assets/domob.js 0x87ad5d91
assets/domob_banner.png 0x2d824ee
assets/domob_close.png 0xc60adaed
assets/domob_exit.png 0x6e628d21
assets/domob_loading.png 0x48342286
assets/domob_next.png 0xc667afa3
assets/domob_next_off.png 0x72b7a470
assets/domob_out.png 0x75b3379b
assets/domob_preview.png 0xe1ad2a0e
assets/domob_preview_off.png 0x2949548e
assets/domob_refresh.png 0x16696e6a
META-INF/MANIFEST.MF 0x42c3e9c9
META-INF/CERT.SF 0x6c9576d6
META-INF/CERT.RSA 0x6878a0c9
运行截图
VirSCANVirSCAN
VirSCAN