VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-07 19:40:36 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 2
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23536 0.97.5 2017-07-05 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 49.995, 49.961, 49.970 5.4.247 2017-07-07 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13252 25.13252 2017-07-06 Android.Adware.Epatroa.A 11
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-05 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-06 Found nothing 6
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-06 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-06 Android.Styricka.GEN6254 3
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 2
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2017-07-04 Found nothing 2
tws 17.47.17308 1.0.2.2108 2017-07-06 Found nothing 14
vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-04 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:3bc6adf34c27d5aa4fb2df2894016c48
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.beichen2
最低运行环境:Android 2.2.x
版权:E4A
关键行为
VirSCANVirSCAN
行为描述: 获取TickCount值
详情信息: TickCount = 221363, SleepMilliseconds = 4.
TickCount = 221383, SleepMilliseconds = 8.
TickCount = 221445, SleepMilliseconds = 8.
TickCount = 221476, SleepMilliseconds = 8.
行为描述: 查找PE资源信息
详情信息: (FindResourceW) hModule = 0x00000000, ResName: 92(ID), ResType: DLL
(FindResourceW) hModule = 0x00000000, ResName: 93(ID), ResType: DLL
(FindResourceW) hModule = 0x00000000, ResName: 8a(ID), ResType: EXE
行为描述: 杀掉进程
详情信息: C:\WINDOWS\system32\DriveTheLife.exe
进程行为
VirSCANVirSCAN
行为描述: 获取TickCount值
详情信息: TickCount = 221363, SleepMilliseconds = 4.
TickCount = 221383, SleepMilliseconds = 8.
TickCount = 221445, SleepMilliseconds = 8.
TickCount = 221476, SleepMilliseconds = 8.
行为描述: 查找PE资源信息
详情信息: (FindResourceW) hModule = 0x00000000, ResName: 92(ID), ResType: DLL
(FindResourceW) hModule = 0x00000000, ResName: 93(ID), ResType: DLL
(FindResourceW) hModule = 0x00000000, ResName: 8a(ID), ResType: EXE
行为描述: 杀掉进程
详情信息: C:\WINDOWS\system32\DriveTheLife.exe
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\libcurl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\ResDll.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\dtl6_wnqd_pcol_silent.exe
C:\Program Files\DTLSoft\DriveTheLife\HWBox\skin\png\basic_logo_gif_1.gif
C:\Program Files\DTLSoft\DriveTheLife\HWBox\skin\png\VR_Loading.gif
C:\Program Files\DTLSoft\DriveTheLife\skin\ad_image\20150120160wifi.jpg
C:\Program Files\DTLSoft\DriveTheLife\skin\ad_image\20150120rili.jpg
C:\Program Files\DTLSoft\DriveTheLife\skin\ad_image\20150120wan.jpg
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\635945191665798750.jpg
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\101_48_1398302313.png
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\10314_48_1378453152.png
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\103_48_1449798959.png
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\10455_48_1377491722.png
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\1103_48_1387247768.png
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\1202_48_1384933060.png
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\libcurl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\ResDll.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\dtl6_wnqd_pcol_silent.exe
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\libcurl.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\ResDll.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\dtl6_wnqd_pcol_silent.exe ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\HWBox\skin\png\basic_logo_gif_1.gif ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\HWBox\skin\png\VR_Loading.gif ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\skin\ad_image\20150120160wifi.jpg ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\skin\ad_image\20150120rili.jpg ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\skin\ad_image\20150120wan.jpg ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\635945191665798750.jpg ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\101_48_1398302313.png ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\10314_48_1378453152.png ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\103_48_1449798959.png ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\10455_48_1377491722.png ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\1103_48_1387247768.png ---> Offset = 0
C:\Program Files\DTLSoft\DriveTheLife\OneKeyInst\DataConfig\icon\1202_48_1384933060.png ---> Offset = 0
行为描述: 查找文件
详情信息: FileName = C:\WINDOWS
FileName = C:\WINDOWS\system32
FileName = C:\WINDOWS\system32\CMD.exe
FileName = C:\WINDOWS\system32\cmd.exe
FileName = C:\WINDOWS\system32\ping.*
FileName = C:\WINDOWS\system32\ping.COM
FileName = C:\WINDOWS\system32\ping.EXE
FileName = C:\WINDOWS\system32\ping.exe
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
网络行为
VirSCANVirSCAN
行为描述: 建立到一个指定的套接字连接
详情信息: URL: in****om, IP: **.133.40.**:128, SOCKET = 0x000000d0
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: in****om
GetAddrInfoW: ww****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表_延迟重命名项
详情信息: \REGISTRY\MACHINE\SYSTEM\ControlSet002\Control\Session Manager\PendingFileRenameOperations
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
Global\{A043B702-166A-4FB8-9733-E2BC4713F36F}53
MSCTF.Shared.MUTEX.AIK
行为描述: 创建事件对象
详情信息: EventName = MSCTF.SendReceive.Event.AIK.IC
EventName = MSCTF.SendReceiveConection.Event.AIK.IC
行为描述: 窗口信息
详情信息: Pid = 2684, Hwnd=0x10346, Text = 万能驱动工具, ClassName = Afx:00400000:3:00010011:00000000:00000000.
Pid = 2928, Hwnd=0x20362, Text = 确定, ClassName = Button.
Pid = 2928, Hwnd=0x20368, Text = 释放文件时出现错误,安装程序将终止!, ClassName = Static.
Pid = 2928, Hwnd=0x3034a, Text = 驱动人生6 安装, ClassName = #32770.
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [dtl_inst_univeral_2012,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000011
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000011
行为描述: 获取TickCount值
详情信息: TickCount = 221363, SleepMilliseconds = 4.
TickCount = 221383, SleepMilliseconds = 8.
TickCount = 221445, SleepMilliseconds = 8.
TickCount = 221476, SleepMilliseconds = 8.
行为描述: 调整进程token权限
详情信息: SE_DEBUG_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
行为描述: 查找PE资源信息
详情信息: (FindResourceW) hModule = 0x00000000, ResName: 92(ID), ResType: DLL
(FindResourceW) hModule = 0x00000000, ResName: 93(ID), ResType: DLL
(FindResourceW) hModule = 0x00000000, ResName: 8a(ID), ResType: EXE
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\libcurl.dll(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\ResDll.dll(签名验证: 通过)
C:\Documents and Settings\Administrator\Local Settings\Temp\dtl6_wnqd_pcol_silent.exe(签名验证: 通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 4.
[2]: MilliSeconds = 8.
[3]: MilliSeconds = 0.
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\libcurl.dll ---> 43291983172885d6a4fe3bcfb93ab6e3
C:\Documents and Settings\Administrator\Local Settings\Temp\ResDll.dll ---> 256e5841ff14008f40f2555ded5c12e7
C:\Documents and Settings\Administrator\Local Settings\Temp\dtl6_wnqd_pcol_silent.exe ---> 文件过大!
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Global\{029E1EB6-7A55-4fd7-8815-105B2087C1FA}dtl2013
DBWinMutex
行为描述: 加载新释放的文件
详情信息: Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ResDll.dll.
Image: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\libcurl.dll.
Activities
VirSCANVirSCAN
活动名 类型
com.e4a.runtime.android.StartActivity android.intent.action.MAIN
com.e4a.runtime.android.StartActivity android.intent.category.DEFAULT
com.e4a.runtime.android.StartActivity android.intent.category.LAUNCHER
com.e4a.runtime.android.mainActivity android.intent.action.MAIN
com.e4a.runtime.android.mainActivity android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
权限列表
VirSCANVirSCAN
许可名称 信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xce4543c6
META-INF/MYKE.SF 0x9f01b86d
META-INF/MYKE.RSA 0xa50dcd14
assets/1.png 0xd491b5bb
assets/10.png 0x6978c5
assets/123654.jpg 0x88d31109
assets/1b3.png 0x5f727de4
assets/2.png 0xf61fb4a2
assets/3.png 0x8390db75
assets/4.png 0xd0d7681e
assets/5.png 0x3cd2c67c
assets/6.png 0x9896e3e2
assets/7.png 0x7454060f
assets/8.png 0x9ed78a83
assets/9.png 0x1141ecbd
assets/Shape10.png 0x8494273a
assets/Shape11.png 0xf9b2af1b
assets/background.jpg 0xc2187c12
assets/btn_attention_nor.9.png 0x5830cbc7
assets/btn_attention_sel.9.png 0x6f8418d4
assets/channel_art.png 0xec880c0e
assets/ckrw.png 0xa89bccf
assets/dialog_bottom_bg.9.png 0xe8c929
assets/dlbj.png 0x7a66ef02
assets/dlbj1.png 0x675f4133
assets/gbsn.png 0xfb6fc112
assets/health_button_orange_line.9.png 0x9114f6dc
assets/ic_settings_privacy.png 0xa8d30d2e
assets/ic_student_data_account_icon.png 0xa5d5f1b5
assets/icon1_1.png 0xa9e9fb00
assets/icon_1.png 0x99e652b9
assets/icon_2.png 0xdae3cec3
assets/icon_2_d.png 0x79ca0ff1
assets/icon_3.png 0x9632e14d
assets/icon_4.png 0x943403c5
assets/icon_5.png 0x60ef3f10
assets/icon_6.png 0x49cf85ca
assets/icon_7.png 0xe2634180
assets/icon_8.png 0xdd813922
assets/img_praise_gray.png 0x179ccf23
assets/jz.png 0x1df4d708
assets/jztp.gif 0x1c2ee0c
assets/laohu.png 0xbe20cb27
assets/lb1.jpg 0x7cd8ecc3
assets/lb2.jpg 0x248e28f3
assets/left_normal_3.png 0xeb9040ea
assets/login_button_big_orange.9.png 0x75a9badd
assets/login_key_hightlighted.png 0x4b759911
assets/login_user_hightlighted.png 0x38e333ed
assets/more_icon_qq.png 0x5f1ccc7c
assets/page_indicator_focused.png 0x8350bc2c
assets/page_indicator_unfocused.png 0x443e9026
assets/pf1.jpg 0x4c08f17d
assets/pf2.jpg 0xb06f0059
assets/pf3.jpg 0x5429ceae
assets/pf4.jpg 0xe2e0f055
assets/pf5.jpg 0x7f505a03
assets/pf6.jpg 0x7c12f262
assets/right_normal_11.png 0x12c36ebd
assets/statusdetail_toolbar_follow_background.9.png 0x2d7fc27e
assets/sxan.jpg 0x82fb608c
assets/sytp.png 0x5f727de4
assets/titlebar.png 0xf0c9e588
assets/tm.png 0x863db4b0
assets/userinfo_navigationbar_small_background.9.png 0x9ccdce9e
assets/w01.jpg 0xe52db707
assets/w02.jpg 0x439ee5c5
assets/w03.jpg 0x52e774ab
assets/z1.jpg 0x52e774ab
assets/zz.txt 0xee58d9d1
res/drawable/bkg.9.png 0x6e530870
res/drawable/e4alistview_new_message.png 0x1cdc5409
res/drawable/icon.png 0xe11d3927
res/drawable/send1.9.png 0x23abec1e
res/drawable/send2.9.png 0x98622f74
res/drawable/text.9.png 0x5a578819
res/drawable/whatsnew_btn_nor.9.png 0xd2514971
res/drawable/whatsnew_btn_pressed.9.png 0xb7b50efc
AndroidManifest.xml 0xef4b662e
resources.arsc 0xea742909
classes.dex 0x5431788e
运行截图
VirSCANVirSCAN
VirSCAN