VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-06-28 14:12:20 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14105 10.0.1405 2017-06-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23503 0.97.5 2017-06-24 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 49.794, 49.794, 49.794 5.4.233 2017-06-27 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13083 25.13083 2017-06-27 Found nothing 11
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-06-25 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-06-27 Found nothing 60
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-06-26 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-06-27 Found nothing 3
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 1
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-06-25 Found nothing 1
tws 17.47.17308 1.0.2.2108 2017-06-27 Found nothing 13
vba 3.12.29.5 beta 3.12.29.5 beta 2017-06-27 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:38bae636815839ae552233533732b808
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:org.bruxo.gpsconnected
最低运行环境:Android 2.3, 2.3.1, 2.3.2
版权:
关键行为
VirSCANVirSCAN
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x0017032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm.
hWnd = 0x00060380, Text = 安装, ClassName = TApplication.
行为描述: 查找PE资源信息
详情信息: (FindResourceA) hModule = 0x00400000, ResName: REGDLL_EXE, ResType:
(FindResourceA) hModule = 0x00400000, ResName: SHFOLDERDLL, ResType:
行为描述: 获取TickCount值
详情信息: TickCount = 5460456, SleepMilliseconds = 50.
TickCount = 5460518, SleepMilliseconds = 50.
TickCount = 5460581, SleepMilliseconds = 50.
TickCount = 5460643, SleepMilliseconds = 50.
TickCount = 5460706, SleepMilliseconds = 50.
TickCount = 5460768, SleepMilliseconds = 50.
TickCount = 5460831, SleepMilliseconds = 50.
TickCount = 5460893, SleepMilliseconds = 50.
TickCount = 5460956, SleepMilliseconds = 50.
TickCount = 5461018, SleepMilliseconds = 50.
TickCount = 5461081, SleepMilliseconds = 50.
TickCount = 5461143, SleepMilliseconds = 50.
TickCount = 5461206, SleepMilliseconds = 50.
TickCount = 5461268, SleepMilliseconds = 50.
TickCount = 5461331, SleepMilliseconds = 50.
进程行为
VirSCANVirSCAN
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x0017032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm.
hWnd = 0x00060380, Text = 安装, ClassName = TApplication.
行为描述: 查找PE资源信息
详情信息: (FindResourceA) hModule = 0x00400000, ResName: REGDLL_EXE, ResType:
(FindResourceA) hModule = 0x00400000, ResName: SHFOLDERDLL, ResType:
行为描述: 获取TickCount值
详情信息: TickCount = 5460456, SleepMilliseconds = 50.
TickCount = 5460518, SleepMilliseconds = 50.
TickCount = 5460581, SleepMilliseconds = 50.
TickCount = 5460643, SleepMilliseconds = 50.
TickCount = 5460706, SleepMilliseconds = 50.
TickCount = 5460768, SleepMilliseconds = 50.
TickCount = 5460831, SleepMilliseconds = 50.
TickCount = 5460893, SleepMilliseconds = 50.
TickCount = 5460956, SleepMilliseconds = 50.
TickCount = 5461018, SleepMilliseconds = 50.
TickCount = 5461081, SleepMilliseconds = 50.
TickCount = 5461143, SleepMilliseconds = 50.
TickCount = 5461206, SleepMilliseconds = 50.
TickCount = 5461268, SleepMilliseconds = 50.
TickCount = 5461331, SleepMilliseconds = 50.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 131072
C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 196608
C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 262144
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll ---> Offset = 0
行为描述: 查找文件
详情信息: FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-RK89L.tmp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-RK89L.tmp\996E.tmp
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\「开始」菜单
FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-R871S.tmp\*
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-R871S.tmp\_isetup\*
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.EGE
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [安装 - DPK打印机联机设置,TWizardForm]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
_fCanRegisterWithShellService
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000054
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000054
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 枚举窗口
详情信息: N/A
行为描述: 获取TickCount值
详情信息: TickCount = 5460456, SleepMilliseconds = 50.
TickCount = 5460518, SleepMilliseconds = 50.
TickCount = 5460581, SleepMilliseconds = 50.
TickCount = 5460643, SleepMilliseconds = 50.
TickCount = 5460706, SleepMilliseconds = 50.
TickCount = 5460768, SleepMilliseconds = 50.
TickCount = 5460831, SleepMilliseconds = 50.
TickCount = 5460893, SleepMilliseconds = 50.
TickCount = 5460956, SleepMilliseconds = 50.
TickCount = 5461018, SleepMilliseconds = 50.
TickCount = 5461081, SleepMilliseconds = 50.
TickCount = 5461143, SleepMilliseconds = 50.
TickCount = 5461206, SleepMilliseconds = 50.
TickCount = 5461268, SleepMilliseconds = 50.
TickCount = 5461331, SleepMilliseconds = 50.
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x0017032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm.
hWnd = 0x00060380, Text = 安装, ClassName = TApplication.
行为描述: 窗口信息
详情信息: Pid = 280, Hwnd=0x703bc, Text = 欢迎使用 DPK打印机联机设置 安装向导 , ClassName = TNewStaticText.
Pid = 280, Hwnd=0x1c037a, Text = 现在将安装 DPK打印机联机设置 到您的电脑中。 推荐您在继续安装前关闭所有其它应用程序。 单击“下一步”继续,或单击“取消”退出安装程序。, ClassName = TNewStaticText.
Pid = 280, Hwnd=0xf03c8, Text = 自定义安装, ClassName = TNewComboBox.
Pid = 280, Hwnd=0x15030c, Text = DirEdit, ClassName = TEdit.
Pid = 280, Hwnd=0xb037c, Text = 下一步(&N) >, ClassName = TNewButton.
Pid = 280, Hwnd=0x503ae, Text = 取消, ClassName = TNewButton.
Pid = 280, Hwnd=0x17032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm.
Pid = 280, Hwnd=0x110310, Text = 是(&Y), ClassName = Button.
Pid = 280, Hwnd=0xf0370, Text = 否(&N), ClassName = Button.
Pid = 280, Hwnd=0xd0396, Text = 安装程序未完成安装。如果您现在退出,您的程序将不能安装。 您可以以后再运行安装程序完成安装。 退出安装程序吗?, ClassName = Static.
Pid = 280, Hwnd=0x17030e, Text = 退出安装程序, ClassName = #32770.
行为描述: 查找PE资源信息
详情信息: (FindResourceA) hModule = 0x00400000, ResName: REGDLL_EXE, ResType:
(FindResourceA) hModule = 0x00400000, ResName: SHFOLDERDLL, ResType:
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp(签名验证: 未通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll(签名验证: 未通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 50.
[2]: MilliSeconds = 50.
[3]: MilliSeconds = 50.
[4]: MilliSeconds = 50.
[5]: MilliSeconds = 50.
[6]: MilliSeconds = 50.
[7]: MilliSeconds = 50.
[8]: MilliSeconds = 50.
[9]: MilliSeconds = 50.
[10]: MilliSeconds = 50.
[2]: MilliSeconds = 250.
[3]: MilliSeconds = 250.
[4]: MilliSeconds = 250.
[5]: MilliSeconds = 250.
[6]: MilliSeconds = 250.
行为描述: 创建事件对象
详情信息: EventName = MSCTF.SendReceive.Event.EGE.IC
EventName = MSCTF.SendReceiveConection.Event.EGE.IC
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> 2df9dfb907f2fbec57fd5e64f6d68f62
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp ---> 4248fa25d2f50ebe23ead46140933013
C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll ---> 92dc6ef532fbb4a5c3201469a5b5eb63
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Activities
VirSCANVirSCAN
活动名 类型
org.bruxo.gpsconnected.MainActivity android.intent.action.MAIN
org.bruxo.gpsconnected.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
android/app/NotificationManager;->notify 信息通知栏
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
服务列表
VirSCANVirSCAN
名称
org.bruxo.gpsconnected.GPSService
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0xec18f102
META-INF/CERT.RSA 0x92184e4a
META-INF/CERT.SF 0xd8eb3a96
META-INF/MANIFEST.MF 0xa0f33dd4
classes.dex 0xbd828c2f
res/drawable-hdpi-v11/ic_stat_name.png 0x3ca0a204
res/drawable-hdpi-v4/ic_launcher.png 0x994b81a2
res/drawable-hdpi-v9/ic_stat_name.png 0xf16b1594
res/drawable-ldpi-v11/ic_stat_name.png 0xc6c58bb6
res/drawable-ldpi-v4/ic_launcher.png 0x95c4f71b
res/drawable-ldpi-v9/ic_stat_name.png 0x61b32f47
res/drawable-mdpi-v11/ic_stat_name.png 0x377d800b
res/drawable-mdpi-v4/ic_launcher.png 0xfa4e42f1
res/drawable-mdpi-v9/ic_stat_name.png 0xa8017223
res/drawable-xhdpi-v11/ic_stat_name.png 0x4e0fed8b
res/drawable-xhdpi-v4/ic_launcher.png 0x4a52f697
res/drawable-xhdpi-v9/ic_stat_name.png 0xca603086
res/drawable-xxhdpi-v4/ic_launcher.png 0xf4a5282a
res/drawable/permission_selector.xml 0xb42e4286
res/layout-land/activity_main.xml 0xc32d43f6
res/layout/activity_main.xml 0x9642c313
res/menu-v11/main_activity.xml 0xa83f6d98
res/menu/main_activity.xml 0xda092876
resources.arsc 0x9c4bcbe2
运行截图
VirSCANVirSCAN
VirSCAN