VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:2%Scanner(s) (1/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-03 18:34:44 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 4
antivir 1.9.2.0 1.9.159.0 7.11.182.198 Found nothing 17
antiy 110655 AVL141101 2014-11-02 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141102-0 4.7.4 2014-11-02 Found nothing 29
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 2
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57515 7.90123 2014-11-03 Found nothing 7
clamav 19571 0.97.5 2014-11-02 Found nothing 1
comodo 15023 5.1 2014-11-02 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 53
fortinet 23.108, 23.108 5.1.158 2014-11-03 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-10-31 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 4
gdata 24.4740 24.4740 2014-11-03 Found nothing 8
hauri 2.73 2.73 2014-10-31 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-02 Found nothing 14
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 32
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 21
kingsoft 2.1 2.1 2013-09-22 Found nothing 16
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 a variant of Android/Nqshield.A application 1
panda 9.05.01 9.05.01 2014-11-02 Found nothing 5
pcc 11.252.05 9.500-1005 2014-11-02 Found nothing 2
qh360 1.0.1 1.0.1 1.0.1 Found nothing 13
qqphone 1.0.0.0 1.0.0.0 2014-11-03 Found nothing 1
quickheal 14.00 14.00 2014-11-01 Found nothing 3
rising 25.38.01.01 25.38.01.01 2014-10-28 Found nothing 3
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-11-01 Found nothing 3
symantec 20141028.001 1.3.0.24 2014-10-28 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-10-31 Found nothing 3
tws 17.47.17308 1.0.2.2108 2014-11-02 Found nothing 8
vba 3.12.26.3 3.12.26.3 2014-10-31 Found nothing 4
virusbuster 15.0.956.0 5.5.2.13 2014-11-02 Found nothing 15
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_LOGS 读取系统日志
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.VIBRATE 允许设备震动
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
文件信息
VirSCANVirSCAN
安全评分 :71
基本信息
VirSCANVirSCAN
MD5:016e690481f82be267830996bd4bd299
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.xnewgp.uscjgu.nydxycdo
最低运行环境:Android 2.2.x
版权:
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk.zip length:9
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk.zip length:23
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk.zip length:82
path:/proc/cpuinfo length:105
path:/proc/783/cmdline length:105
path:/proc/797/cmdline length:105
path:/proc/809/cmdline length:105
path:/proc/839/cmdline length:105
path:/proc/850/cmdline length:105
path:/proc/860/cmdline length:105
path:/proc/873/cmdline length:105
path:/proc/meminfo length:105
path:/proc/894/cmdline length:105
path:/proc/896/cmdline length:105
行为描述: 数据泄露
详情信息: sink:File operation:write data:data:<?xml version='1.0' encoding='utf-8' standalone='yes' ?> <map> <string name="header">{&quot;os&quot;
行为描述: 数据加密
详情信息: {u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'86, 48, 70, 81, 85, 119, 61, 61'}
{u'operation': u'encryption', u'data': u'357242043237511', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'm_udid=357242043237511&m_imsi=310260000000000&m_net=&m_mac=&m_device_name=Full%20Android%20on%20Emulator', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'49, 50, 51, 52, 53, 54, 55, 56'}
{u'operation': u'encryption', u'data': u'6d57886e7d4573ed3c8a57a4ed3af3b6', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'mpid_baidu_nydxycdo', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'310260000000000', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'com.xnewgp.uscjgu.nydxycdo', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'android', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'4.1.1', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'Full Android on Emulator', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'2.2.5p', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'app_id=6d57886e7d4573ed3c8a57a4ed3af3b6&udid=357242043237511&imsi=310260000000000&net=&base=wapx.cn&app_version=1.0&sdk_version=2.1.0&device_name=Full%20Android%20on%20Emulator&device_brand=Android&y=b29f0801cdbf3261fbdb30b14b118ecf&device_type=android&os_version=4.1.1&country_code=US&language=en&act=com.xnewgp.uscjgu.nydxycdo&root=true&channel=mpid_baidu_nydxycdo&device_width=768&device_height=1184&m_udid=357242043237511&m_imsi=310260000000000&m_net=&m_mac=&m_device_name=Full%20Android%20on%20Emulator', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'http://app.wapx.cn/action/', u'algorithm': u'DES/CBC/PKCS5Padding'}
行为描述: 获取用户ID
详情信息: 310260000000000
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.xnewgp.uscjgu.nydxycdo-1.apk
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.xnewgp.uscjgu.nydxycdo/shared_prefs/nqshield_pref_file.xml length:105
path:/data/data/com.xnewgp.uscjgu.nydxycdo/shared_prefs/nqshield_pref_file.xml length:105
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:54
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:59
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:54
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:51
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:52
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:53
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:54
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:60
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:44
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:49
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:58
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:55
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/DexToLoad.apk length:64
path:/data/data/com.xnewgp.uscjgu.nydxycdo/.cache/nqdata length:82
path:/data/data/com.xnewgp.uscjgu.nydxycdo/files/CacheTime.dat length:18
path:/data/data/com.xnewgp.uscjgu.nydxycdo/shared_prefs/AppSettings.xml length:105
path:/data/data/com.xnewgp.uscjgu.nydxycdo/shared_prefs/PaySettings.xml length:105
path:/data/data/com.xnewgp.uscjgu.nydxycdo/shared_prefs/mobclick_agent_state_com.xnewgp.uscjgu.nydxycdo.xml length:105
path:/data/data/com.xnewgp.uscjgu.nydxycdo/files/mobclick_agent_cached_com.xnewgp.uscjgu.nydxycdo length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.xnewgp.uscjgu.nydxycdo/files/UnPackage.dat length:105
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
.LocateActivity android.intent.action.MAIN
.LocateActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_LOGS 读取系统日志
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.VIBRATE 允许设备震动
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xf311af5b
META-INF/MYKEY-GP.SF 0x54f78663
META-INF/MYKEY-GP.RSA 0xfc19bcf8
AndroidManifest.xml 0x38134698
assets/ 0x0
assets/312000100869399-Signature.pfx 0xb12670fb
assets/DexToLoad.apk 0x5f576ffd
assets/alipay-newmsp-5.1.0.apk 0xab42ce5b
assets/libnqshieldx86.so 0xfbae48f0
assets/nqdata 0x172eb5c4
assets/payeco_plugin_config.xml 0x861c9af
classes.dex 0x4ac8b951
lib/ 0x0
lib/armeabi/ 0x0
lib/armeabi/libnqshield.so 0xc985d6a0
lib/armeabi/libuninstall.so 0x196c7c6a
res/drawable-hdpi/icon.png 0xce1d4e09
res/drawable-hdpi/m00.jpg 0xbd9a1428
res/drawable-hdpi/m11.jpg 0x413c7b64
res/drawable-hdpi/m12.jpg 0x6f943930
res/drawable-hdpi/m13.jpg 0x65855fdb
res/drawable-hdpi/m14.jpg 0x54949eff
res/drawable-hdpi/payeco_camera_clicked.png 0x62f82213
res/drawable-hdpi/payeco_camera_normal.png 0x4d877392
res/drawable-hdpi/payeco_camerabtn_background.xml 0x2779fb96
res/drawable-hdpi/payeco_keyboard_bg.xml 0xb63a5312
res/drawable-hdpi/payeco_keyboard_btn1_background.xml 0xd4cbb399
res/drawable-hdpi/payeco_keyboard_btn1_default.9.png 0xfb65b376
res/drawable-hdpi/payeco_keyboard_btn1_on.9.png 0x89d10a74
res/drawable-hdpi/payeco_keyboard_btn_selector.xml 0x7ae247b3
res/drawable-hdpi/payeco_keyboard_input_bg.9.png 0xf2aea5a2
res/drawable-hdpi/payeco_keyboard_key.9.png 0xf6805b29
res/drawable-hdpi/payeco_keyboard_letter_a1.9.png 0x782a62d
res/drawable-hdpi/payeco_keyboard_letter_a2.9.png 0x1784a36e
res/drawable-hdpi/payeco_keyboard_toast_bg.9.png 0x302d9c8b
res/drawable-hdpi/payeco_pay_input.xml 0xc88def79
res/drawable-hdpi/payeco_plugin_btnleft_selector.xml 0xbba42d02
res/drawable-hdpi/payeco_plugin_btnright_selector.xml 0x52b204e1
res/drawable-hdpi/payeco_plugin_checkbox_bg.xml 0x11f5afb4
res/drawable-hdpi/payeco_plugin_checkbox_checked.png 0xc7566d86
res/drawable-hdpi/payeco_plugin_checkbox_normal.png 0x4c051e16
res/drawable-hdpi/payeco_plugin_common_info_bg.9.png 0x130d05ec
res/drawable-hdpi/payeco_plugin_common_info_bottom.9.png 0x40f6752e
res/drawable-hdpi/payeco_plugin_common_info_title.9.png 0xb54e6b28
res/drawable-hdpi/payeco_plugin_input_bg.9.png 0x14ce53ac
res/drawable-hdpi/payeco_plugin_input_bg_on.9.png 0xb45b8caf
res/drawable-hdpi/payeco_plugin_listview_selector.xml 0x55d9329f
res/drawable-hdpi/payeco_plugin_pop_bg.xml 0x2842771c
res/drawable-hdpi/payeco_plugin_progressbar.xml 0xeeeb5d20
res/drawable-hdpi/payeco_plugin_radiobt_bg.png 0xd8120860
res/drawable-hdpi/payeco_plugin_radiobt_bg_checked.png 0xb6dec8f5
res/drawable-hdpi/payeco_plugin_radiobt_selector.xml 0x5d045a30
res/drawable-hdpi/payeco_plugin_solidgray.xml 0x778e8684
res/drawable-hdpi/payeco_plugin_solidyellow.xml 0x3e385387
res/drawable-hdpi/payeco_plugin_spinner_bg.9.png 0x2838b898
res/drawable-hdpi/payeco_plugin_spinner_bg_on.9.png 0xb6c8e5a
res/drawable-hdpi/payeco_plugin_spinner_selector.xml 0xaafe8d2
res/drawable-hdpi/payeco_plugin_toast_bg.xml 0x30c8f396
res/drawable-hdpi/payeco_radiu_dialog.xml 0xd16c288e
res/drawable-hdpi/payeco_smallbtn_bg.xml 0xde248081
res/drawable-hdpi/payeco_takepickture_tips_bg.xml 0xd066c04d
res/drawable-hdpi/payeco_unionpay_logo.9.png 0x8843c289
res/drawable-hdpi/r1.jpg 0xfd2155bf
res/drawable-hdpi/r2.jpg 0x8b216662
res/drawable-hdpi/r3.jpg 0x6fac3c10
res/drawable-hdpi/r4.jpg 0xb1d015d2
res/drawable-hdpi/r5.jpg 0xd4ef867a
res/drawable-hdpi/wppay_btn_back.png 0x2ad37c0c
res/drawable-hdpi/wppay_btn_back_clicked.png 0x8111a03e
res/drawable-hdpi/wppay_btn_back_normal.png 0x49e4359e
res/drawable-hdpi/wppay_btn_back_selector.xml 0xb188961f
res/drawable-hdpi/wppay_logo_alipay.png 0x328a4699
res/drawable-hdpi/wppay_logo_bankpay.png 0x167b89db
res/drawable-hdpi/wppay_logo_cardpay.png 0x2113c5b1
res/drawable-hdpi/wppay_logo_tenpay.png 0x60031cbe
res/drawable-hdpi/wppay_pay_type_bg.png 0x4fb636d7
res/drawable-xhdpi/ic_launcher.png 0x15584193
res/drawable-xxhdpi/ic_launcher.png 0x3236a854
res/layout-land/payeco_keyboard.xml 0x27382e45
res/layout/main.xml 0x8c66e802
res/layout/pay_view.xml 0x95242086
res/layout/payeco_plugin_creditinfo.xml 0xc379b7d2
res/layout/payeco_plugin_keyboard.xml 0xb12c6797
res/layout/payeco_plugin_list_item.xml 0x9985fab1
res/layout/payeco_plugin_loading.xml 0x9fbd532c
res/layout/payeco_plugin_order_detail.xml 0xad09bc8f
res/layout/payeco_plugin_pay_result.xml 0xbf33aea3
res/layout/payeco_plugin_paystep_layout.xml 0x6c286ac9
res/layout/payeco_plugin_popupwindow.xml 0x3b45fdae
res/layout/payeco_plugin_risk_control.xml 0x70f74b64
res/layout/payeco_plugin_title.xml 0x7f6f699c
res/layout/payeco_plugin_toast.xml 0x62e7b23f
res/layout/payeco_plugin_wait_dialog.xml 0x1c7944e0
res/layout/payeco_plugin_webview.xml 0x7c87e291
res/layout/result.xml 0xa821c9c5
res/raw/allend.ogg 0x9f0630b6
res/raw/end.ogg 0x667975f0
res/raw/show_map.wav 0x34e28726
res/raw/step.mp3 0xe9bca734
resources.arsc 0x76d26372
运行截图
VirSCANVirSCAN
VirSCAN