1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.
File Name :org.bruxo.gpsconnected_1.8_10.apk (File not down)
 |
| File Size :552240 byte |
| File Type : application/zip |
| MD5:38bae636815839ae552233533732b808 |
| SHA1:78232659cd31fc150a5a2d1871eb0e851d384d04 |
| Scanner results:0%Antivirus software(0/32)found malware! |
| Behavior analysis report: Habo file analysis |
| Time: 2017-06-28 14:12:20 (CST) |
| Scanner | Engine Ver | Sig Ver | Sig Date | Scan result | Time |
|---|---|---|---|---|---|
| antiy | AVL SDK 2.0 | 1970-01-01 | Found nothing | 5 | |
| asquared | 9.0.0.4799 | 9.0.0.4799 | 2015-03-08 | Found nothing | 1 |
| avast | 170303-1 | 4.7.4 | 2017-03-03 | Found nothing | 60 |
| avg | 2109/14105 | 10.0.1405 | 2017-06-26 | Found nothing | 60 |
| baidu | 2.0.1.0 | 4.1.3.52192 | 2.0.1.0 | Found nothing | 7 |
| baidusd | 1.0 | 1.0 | 2017-03-22 | Found nothing | 1 |
| bitdefender | 7.58879 | 7.90123 | 2015-01-16 | Found nothing | 60 |
| clamav | 23503 | 0.97.5 | 2017-06-24 | Found nothing | 60 |
| drweb | 5.0.2.3300 | 5.0.1.1 | 2017-06-18 | Found nothing | 60 |
| fortinet | 49.794, 49.794, 49.794 | 5.4.233 | 2017-06-27 | Found nothing | 60 |
| fprot | 4.6.2.117 | 6.5.1.5418 | 2016-02-05 | Found nothing | 60 |
| fsecure | 2015-08-01-02 | 9.13 | 2015-08-01 | Found nothing | 60 |
| gdata | 25.13083 | 25.13083 | 2017-06-27 | Found nothing | 11 |
| ikarus | 1.06.01 | V1.32.31.0 | 2016-11-28 | Found nothing | 60 |
| jiangmin | 16.0.100 | 1.0.0.0 | 2017-06-25 | Found nothing | 2 |
| kaspersky | 5.5.33 | 5.5.33 | 2014-04-01 | Found nothing | 60 |
| kingsoft | 2.1 | 2.1 | 2017-06-27 | Found nothing | 60 |
| mcafee | 8261 | 5400.1158 | 2016-08-18 | Found nothing | 60 |
| nod32 | 1777 | 3.0.21 | 2015-06-12 | Found nothing | 60 |
| panda | 9.05.01 | 9.05.01 | 2017-06-26 | Found nothing | 4 |
| pcc | 13.302.06 | 9.500-1005 | 2017-03-27 | Found nothing | 60 |
| qh360 | 1.0.1 | 1.0.1 | 1.0.1 | Found nothing | 6 |
| qqphone | 1.0.0.0 | 1.0.0.0 | 2015-12-30 | Found nothing | 60 |
| quickheal | 14.00 | 14.00 | 2017-06-27 | Found nothing | 3 |
| rising | 26.28.00.01 | 26.28.00.01 | 2016-07-18 | Found nothing | 1 |
| sophos | 5.32 | 3.65.2 | 2016-10-10 | Found nothing | 60 |
| symantec | 20151230.005 | 1.3.0.24 | 2015-12-30 | Found nothing | 60 |
| tachyon | 9.9.9 | 9.9.9 | 2013-12-27 | Found nothing | 3 |
| thehacker | 6.8.0.5 | 6.8.0.5 | 2017-06-25 | Found nothing | 1 |
| tws | 17.47.17308 | 1.0.2.2108 | 2017-06-27 | Found nothing | 13 |
| vba | 3.12.29.5 beta | 3.12.29.5 beta | 2017-06-27 | Found nothing | 60 |
| virusbuster | 15.0.985.0 | 5.5.2.13 | 2014-12-05 | Found nothing | 60 |
| 许可名称 | 信息 |
| android.permission.ACCESS_FINE_LOCATION | 获取精确的位置(通过GPS) |
| android.permission.ACCESS_COARSE_LOCATION | 获取粗略的位置(通过wifi、基站) |
| android.permission.ACCESS_NETWORK_STATE | 读取网络状态(2G或3G) |
| 安全评分 : |
| MD5:38bae636815839ae552233533732b808 |
| 文件大小:5.58MB |
| 上传时间: 2014-09-22 10:36:30 (CST) |
| 包名:org.bruxo.gpsconnected |
| 最低运行环境:Android 2.3, 2.3.1, 2.3.2 |
| 版权: |
| 行为描述: | 屏蔽窗口关闭消息 |
| 详情信息: | hWnd = 0x0017032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm. |
| hWnd = 0x00060380, Text = 安装, ClassName = TApplication. | |
| 行为描述: | 查找PE资源信息 |
| 详情信息: | (FindResourceA) hModule = 0x00400000, ResName: REGDLL_EXE, ResType: |
| (FindResourceA) hModule = 0x00400000, ResName: SHFOLDERDLL, ResType: | |
| 行为描述: | 获取TickCount值 |
| 详情信息: | TickCount = 5460456, SleepMilliseconds = 50. |
| TickCount = 5460518, SleepMilliseconds = 50. | |
| TickCount = 5460581, SleepMilliseconds = 50. | |
| TickCount = 5460643, SleepMilliseconds = 50. | |
| TickCount = 5460706, SleepMilliseconds = 50. | |
| TickCount = 5460768, SleepMilliseconds = 50. | |
| TickCount = 5460831, SleepMilliseconds = 50. | |
| TickCount = 5460893, SleepMilliseconds = 50. | |
| TickCount = 5460956, SleepMilliseconds = 50. | |
| TickCount = 5461018, SleepMilliseconds = 50. | |
| TickCount = 5461081, SleepMilliseconds = 50. | |
| TickCount = 5461143, SleepMilliseconds = 50. | |
| TickCount = 5461206, SleepMilliseconds = 50. | |
| TickCount = 5461268, SleepMilliseconds = 50. | |
| TickCount = 5461331, SleepMilliseconds = 50. |
| 行为描述: | 屏蔽窗口关闭消息 |
| 详情信息: | hWnd = 0x0017032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm. |
| hWnd = 0x00060380, Text = 安装, ClassName = TApplication. | |
| 行为描述: | 查找PE资源信息 |
| 详情信息: | (FindResourceA) hModule = 0x00400000, ResName: REGDLL_EXE, ResType: |
| (FindResourceA) hModule = 0x00400000, ResName: SHFOLDERDLL, ResType: | |
| 行为描述: | 获取TickCount值 |
| 详情信息: | TickCount = 5460456, SleepMilliseconds = 50. |
| TickCount = 5460518, SleepMilliseconds = 50. | |
| TickCount = 5460581, SleepMilliseconds = 50. | |
| TickCount = 5460643, SleepMilliseconds = 50. | |
| TickCount = 5460706, SleepMilliseconds = 50. | |
| TickCount = 5460768, SleepMilliseconds = 50. | |
| TickCount = 5460831, SleepMilliseconds = 50. | |
| TickCount = 5460893, SleepMilliseconds = 50. | |
| TickCount = 5460956, SleepMilliseconds = 50. | |
| TickCount = 5461018, SleepMilliseconds = 50. | |
| TickCount = 5461081, SleepMilliseconds = 50. | |
| TickCount = 5461143, SleepMilliseconds = 50. | |
| TickCount = 5461206, SleepMilliseconds = 50. | |
| TickCount = 5461268, SleepMilliseconds = 50. | |
| TickCount = 5461331, SleepMilliseconds = 50. |
| 行为描述: | 创建文件 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll | |
| 行为描述: | 删除文件 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll | |
| 行为描述: | 创建可执行文件 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll | |
| 行为描述: | 修改文件内容 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 0 |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 65536 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 131072 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 196608 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> Offset = 262144 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll ---> Offset = 0 | |
| 行为描述: | 查找文件 |
| 详情信息: | FileName = C:\DOCUME~1 |
| FileName = C:\DOCUME~1\ADMINI~1 | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1 | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-RK89L.tmp | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-RK89L.tmp\996E.tmp | |
| FileName = C:\Documents and Settings | |
| FileName = C:\Documents and Settings\Administrator | |
| FileName = C:\Documents and Settings\Administrator\「开始」菜单 | |
| FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序 | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-R871S.tmp\* | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-R871S.tmp\_isetup\* |
| 行为描述: | 创建互斥体 |
| 详情信息: | CTF.LBES.MutexDefaultS-* |
| CTF.Compart.MutexDefaultS-* | |
| CTF.Asm.MutexDefaultS-* | |
| CTF.Layouts.MutexDefaultS-* | |
| CTF.TMD.MutexDefaultS-* | |
| CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-* | |
| MSCTF.Shared.MUTEX.ELH | |
| MSCTF.Shared.MUTEX.EGE | |
| 行为描述: | 隐藏指定窗口 |
| 详情信息: | [Window,Class] = [,ComboLBox] |
| [Window,Class] = [安装 - DPK打印机联机设置,TWizardForm] | |
| 行为描述: | 打开事件 |
| 详情信息: | HookSwitchHookEnabledEvent |
| _fCanRegisterWithShellService | |
| CTF.ThreadMIConnectionEvent.000007B4.00000000.00000054 | |
| CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000054 | |
| MSCTF.SendReceiveConection.Event.ELH.IC | |
| MSCTF.SendReceive.Event.ELH.IC | |
| 行为描述: | 查找指定窗口 |
| 详情信息: | NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,] |
| NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,] | |
| 行为描述: | 枚举窗口 |
| 详情信息: | N/A |
| 行为描述: | 获取TickCount值 |
| 详情信息: | TickCount = 5460456, SleepMilliseconds = 50. |
| TickCount = 5460518, SleepMilliseconds = 50. | |
| TickCount = 5460581, SleepMilliseconds = 50. | |
| TickCount = 5460643, SleepMilliseconds = 50. | |
| TickCount = 5460706, SleepMilliseconds = 50. | |
| TickCount = 5460768, SleepMilliseconds = 50. | |
| TickCount = 5460831, SleepMilliseconds = 50. | |
| TickCount = 5460893, SleepMilliseconds = 50. | |
| TickCount = 5460956, SleepMilliseconds = 50. | |
| TickCount = 5461018, SleepMilliseconds = 50. | |
| TickCount = 5461081, SleepMilliseconds = 50. | |
| TickCount = 5461143, SleepMilliseconds = 50. | |
| TickCount = 5461206, SleepMilliseconds = 50. | |
| TickCount = 5461268, SleepMilliseconds = 50. | |
| TickCount = 5461331, SleepMilliseconds = 50. | |
| 行为描述: | 调整进程token权限 |
| 详情信息: | SE_LOAD_DRIVER_PRIVILEGE |
| 行为描述: | 屏蔽窗口关闭消息 |
| 详情信息: | hWnd = 0x0017032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm. |
| hWnd = 0x00060380, Text = 安装, ClassName = TApplication. | |
| 行为描述: | 窗口信息 |
| 详情信息: | Pid = 280, Hwnd=0x703bc, Text = 欢迎使用 DPK打印机联机设置 安装向导 , ClassName = TNewStaticText. |
| Pid = 280, Hwnd=0x1c037a, Text = 现在将安装 DPK打印机联机设置 到您的电脑中。 推荐您在继续安装前关闭所有其它应用程序。 单击“下一步”继续,或单击“取消”退出安装程序。, ClassName = TNewStaticText. | |
| Pid = 280, Hwnd=0xf03c8, Text = 自定义安装, ClassName = TNewComboBox. | |
| Pid = 280, Hwnd=0x15030c, Text = DirEdit, ClassName = TEdit. | |
| Pid = 280, Hwnd=0xb037c, Text = 下一步(&N) >, ClassName = TNewButton. | |
| Pid = 280, Hwnd=0x503ae, Text = 取消, ClassName = TNewButton. | |
| Pid = 280, Hwnd=0x17032e, Text = 安装 - DPK打印机联机设置, ClassName = TWizardForm. | |
| Pid = 280, Hwnd=0x110310, Text = 是(&Y), ClassName = Button. | |
| Pid = 280, Hwnd=0xf0370, Text = 否(&N), ClassName = Button. | |
| Pid = 280, Hwnd=0xd0396, Text = 安装程序未完成安装。如果您现在退出,您的程序将不能安装。 您可以以后再运行安装程序完成安装。 退出安装程序吗?, ClassName = Static. | |
| Pid = 280, Hwnd=0x17030e, Text = 退出安装程序, ClassName = #32770. | |
| 行为描述: | 查找PE资源信息 |
| 详情信息: | (FindResourceA) hModule = 0x00400000, ResName: REGDLL_EXE, ResType: |
| (FindResourceA) hModule = 0x00400000, ResName: SHFOLDERDLL, ResType: | |
| 行为描述: | 可执行文件签名信息 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp(签名验证: 未通过) |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp(签名验证: 未通过) | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll(签名验证: 未通过) | |
| 行为描述: | 调用Sleep函数 |
| 详情信息: | [1]: MilliSeconds = 50. |
| [2]: MilliSeconds = 50. | |
| [3]: MilliSeconds = 50. | |
| [4]: MilliSeconds = 50. | |
| [5]: MilliSeconds = 50. | |
| [6]: MilliSeconds = 50. | |
| [7]: MilliSeconds = 50. | |
| [8]: MilliSeconds = 50. | |
| [9]: MilliSeconds = 50. | |
| [10]: MilliSeconds = 50. | |
| [2]: MilliSeconds = 250. | |
| [3]: MilliSeconds = 250. | |
| [4]: MilliSeconds = 250. | |
| [5]: MilliSeconds = 250. | |
| [6]: MilliSeconds = 250. | |
| 行为描述: | 创建事件对象 |
| 详情信息: | EventName = MSCTF.SendReceive.Event.EGE.IC |
| EventName = MSCTF.SendReceiveConection.Event.EGE.IC | |
| 行为描述: | 可执行文件MD5 |
| 详情信息: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-RK89L.tmp\996E.tmp ---> 2df9dfb907f2fbec57fd5e64f6d68f62 |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_RegDLL.tmp ---> 4248fa25d2f50ebe23ead46140933013 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-R871S.tmp\_isetup\_shfoldr.dll ---> 92dc6ef532fbb4a5c3201469a5b5eb63 | |
| 行为描述: | 打开互斥体 |
| 详情信息: | ShimCacheMutex |
| 活动名 | 类型 |
| org.bruxo.gpsconnected.MainActivity | android.intent.action.MAIN |
| org.bruxo.gpsconnected.MainActivity | android.intent.category.LAUNCHER |
| 函数名称 | 信息 |
| ContentResolver;->query | 读取联系人、短信等数据库 |
| android/app/NotificationManager;->notify | 信息通知栏 |
| 许可名称 | 信息 |
| android.permission.ACCESS_FINE_LOCATION | 获取精确的位置(通过GPS) |
| android.permission.ACCESS_COARSE_LOCATION | 获取粗略的位置(通过wifi、基站) |
| android.permission.ACCESS_NETWORK_STATE | 读取网络状态(2G或3G) |
| 名称 | |
| org.bruxo.gpsconnected.GPSService |
| 文件名 | 校验码 |
| AndroidManifest.xml | 0xec18f102 |
| META-INF/CERT.RSA | 0x92184e4a |
| META-INF/CERT.SF | 0xd8eb3a96 |
| META-INF/MANIFEST.MF | 0xa0f33dd4 |
| classes.dex | 0xbd828c2f |
| res/drawable-hdpi-v11/ic_stat_name.png | 0x3ca0a204 |
| res/drawable-hdpi-v4/ic_launcher.png | 0x994b81a2 |
| res/drawable-hdpi-v9/ic_stat_name.png | 0xf16b1594 |
| res/drawable-ldpi-v11/ic_stat_name.png | 0xc6c58bb6 |
| res/drawable-ldpi-v4/ic_launcher.png | 0x95c4f71b |
| res/drawable-ldpi-v9/ic_stat_name.png | 0x61b32f47 |
| res/drawable-mdpi-v11/ic_stat_name.png | 0x377d800b |
| res/drawable-mdpi-v4/ic_launcher.png | 0xfa4e42f1 |
| res/drawable-mdpi-v9/ic_stat_name.png | 0xa8017223 |
| res/drawable-xhdpi-v11/ic_stat_name.png | 0x4e0fed8b |
| res/drawable-xhdpi-v4/ic_launcher.png | 0x4a52f697 |
| res/drawable-xhdpi-v9/ic_stat_name.png | 0xca603086 |
| res/drawable-xxhdpi-v4/ic_launcher.png | 0xf4a5282a |
| res/drawable/permission_selector.xml | 0xb42e4286 |
| res/layout-land/activity_main.xml | 0xc32d43f6 |
| res/layout/activity_main.xml | 0x9642c313 |
| res/menu-v11/main_activity.xml | 0xa83f6d98 |
| res/menu/main_activity.xml | 0xda092876 |
| resources.arsc | 0x9c4bcbe2 |
|
HOME
