VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:5%Scanner(s) (2/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-10-30 14:47:32 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 4
antivir 1.9.2.0 1.9.159.0 7.11.182.42 Found nothing 14
antiy 114619 AVL141027 2014-10-29 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141029-1 4.7.4 2014-10-29 Found nothing 28
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57431 7.90123 2014-10-29 Found nothing 6
clamav 19554 0.97.5 2014-10-30 Found nothing 1
comodo 15023 5.1 2014-10-28 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-30 Found nothing 32
fortinet 23.078, 23.078 5.1.158 2014-10-30 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-10-29 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Trojan:Android/LoveSpy.B 5
gdata 24.4664 24.4664 2014-10-30 Found nothing 8
hauri 2.73 2.73 2014-10-29 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-10-29 Found nothing 13
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 31
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Android.Troj.at_hzl.a.(kcloud) 6
mcafee 7520 5400.1158 2014-08-04 Found nothing 8
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-10-29 Found nothing 5
pcc 11.242.06 9.500-1005 2014-10-29 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 13
qqphone 1.0.0.0 1.0.0.0 2014-10-30 Found nothing 1
quickheal 14.00 14.00 2014-10-28 Found nothing 2
rising 25.38.01.01 25.38.01.01 2014-10-28 Found nothing 1
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-10-29 Found nothing 2
symantec 20141028.001 1.3.0.24 2014-10-28 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2014-10-27 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-10-29 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-10-29 Found nothing 3
virusbuster 15.0.952.0 5.5.2.13 2014-10-28 Found nothing 14
权限列表
许可名称 信息
android.permission.BLUETOOTH 连接蓝牙设备
android.permission.READ_SMS 读取短信
android.permission.WRITE_SMS 写短信
android.permission.SEND_SMS 发送短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.RECEIVE_MMS 接收彩信
android.permission.RECEIVE_WAP_PUSH 接收wap push信息
android.permission.MODIFY_PHONE_STATE 修改电话状态
android.permission.FLASHLIGHT 访问闪光灯
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CAMERA 访问照相机设备
android.permission.READ_LOGS 读取系统日志
android.permission.VIBRATE 允许设备震动
文件信息
VirSCANVirSCAN
安全评分 :84
基本信息
VirSCANVirSCAN
MD5:0521ce84e08291116c8a52baeafb5292
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.maxelus.infernogalaxylivewallpaper
最低运行环境:Android 2.1.x
版权:sdlkfjd
进程行为
VirSCANVirSCAN
文件行为
VirSCANVirSCAN
行为描述: 重命名文件
详情信息: C:\%temp%\1414604740.164026.exe_7zdump\CF落日窗口化-完美版1.15.exe ---> C:\%temp%\1414604740.164026.exe_7zdump\CF落日窗口化-完美版1.15.exe
其他行为
VirSCANVirSCAN
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Progman,Program Manager]
行为描述: 窗口信息
详情信息: Pid = 260, Hwnd=0xa0198, Text = 确定, ClassName = Button.
Pid = 260, Hwnd=0xc01e8, Text = 检测到外挂[MD5-2]数据错误,已经被破坏! 请到官网重新下载打开即可!不要做任何修改! 如果没有在压缩包里面重新打开即可正常! CF落日官, ClassName = Static.
Pid = 260, Hwnd=0xe016e, Text = 外挂错误!, ClassName = #32770.
行为描述: 获取系统权限
详情信息: SE_INC_BASE_PRIORITY_PRIVILEGE
危险行为
VirSCANVirSCAN
行为描述: 监听包含特定号码或内容的短信
详情信息: mounted
qjqxtb0
qjqxtb1
qjqxhttb0
qjqxhttb1
qjqxhmd0
qjqxhmd1
qjqxbbxx0
qjqxbbxx1
qjqxbb0
qjqxbb1
qjqxfmt0
qjqxfmt1
qjqxlog1
qjqxlogon
qjqxlogoff
qjqxback0
qjqxback1
qjqxzhuce1
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/792/cmdline length:105
path:/proc/807/cmdline length:105
path:/proc/819/cmdline length:105
path:/proc/849/cmdline length:105
path:/proc/862/cmdline length:105
path:/proc/882/cmdline length:105
path:/proc/884/cmdline length:105
path:/proc/918/cmdline length:105
path:/proc/920/cmdline length:105
行为描述: 注册ContentObserver
详情信息: URI=content://sms/
行为描述: 监听包含特定号码或内容的短信
详情信息: mounted
qjqxtb0
qjqxtb1
qjqxhttb0
qjqxhttb1
qjqxhmd0
qjqxhmd1
qjqxbbxx0
qjqxbbxx1
qjqxbb0
qjqxbb1
qjqxfmt0
qjqxfmt1
qjqxlog1
qjqxlogon
qjqxlogoff
qjqxback0
qjqxback1
qjqxzhuce1
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.maxelus.infernogalaxylivewallpaper-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
.OpenApp android.intent.action.MAIN
.OpenApp android.intent.category.LAUNCHER
.OpenApp android.intent.category.DEFAULT
.WallpaperSettings android.intent.action.MAIN
.WallpaperSettings android.intent.category.PREFERENCE
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getSimSerialNumber 获取SIM序列号
ContentResolver;->query 读取联系人、短信等数据库
WifiManager;->setWifiEnabled 变更WIFI状态
HttpClient;->execute 请求远程服务器
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
SmsManager;->sendTextMessage 发送普通短信
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
ContentResolver;->delete 删除短信、联系人
android/app/NotificationManager;->notify 信息通知栏
Camera;->open 开启相机
启动方式
VirSCANVirSCAN
名称 信息
com.a0001.a0001.CoreReceiver 监控短信(收到短信)启动服务
com.a0001.a0001.CoreReceiver 开机启动服务
com.a0001.a0001.CoreReceiver 屏幕解锁启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.BLUETOOTH 连接蓝牙设备
android.permission.READ_SMS 读取短信
android.permission.WRITE_SMS 写短信
android.permission.SEND_SMS 发送短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.RECEIVE_MMS 接收彩信
android.permission.RECEIVE_WAP_PUSH 接收wap push信息
android.permission.MODIFY_PHONE_STATE 修改电话状态
android.permission.FLASHLIGHT 访问闪光灯
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CAMERA 访问照相机设备
android.permission.READ_LOGS 读取系统日志
android.permission.VIBRATE 允许设备震动
服务列表
VirSCANVirSCAN
名称
com.maxelus.infernogalaxylivewallpaper.WallpaperService
com.a0001.push.MspSrv
com.a0001.a0001.CoreService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xe1ed4c81
META-INF/CERT.SF 0xd9d8675
META-INF/CERT.RSA 0x358ca0b5
res/xml/wallpaper_settings.xml 0xe2560c68
res/layout/dialog_activity.xml 0xea54dc85
res/drawable/getmore22.jpg 0xc9c9f1b5
resources.arsc 0x990d7ea0
assets/inferno/InfernoT.parc 0x8d423678
res/layout/listitem.xml 0xe118e658
AndroidManifest.xml 0xc8815410
res/drawable/maxelus_32.png 0x6145b0b
res/drawable-ldpi/icon.png 0x530134f0
res/drawable-mdpi/icon.png 0x530134f0
res/drawable-xxhdpi/icon.png 0xe6932f4a
assets/inferno/InfernoAtlas.txt 0x97212c0a
res/drawable/maxelus.png 0x2f6a7878
lib/armeabi/libandroidgl20.so 0xfaab590d
res/drawable/twitter.png 0xb776f856
res/drawable-xhdpi/icon.png 0xa56ef342
res/drawable/google.png 0xec6e1411
res/drawable/thumbnail.jpg 0x8d6fd90b
res/layout/icons.xml 0xd6b58cdc
assets/inferno/Inferno.parc 0x617e5838
classes.dex 0x50a6a715
lib/armeabi/libgdx.so 0x84516053
lib/armeabi-v7a/libandroidgl20.so 0xfaab590d
res/xml/wallpaper.xml 0x1e17f087
res/layout/preference_icon.xml 0x5d0b0586
res/layout/main.xml 0x181da14a
res/drawable/facebook.png 0x4b0a0c96
assets/inferno/InfernoAtlas.png 0xba20ac75
lib/armeabi-v7a/libgdx.so 0x5f50dd8e
res/drawable/share.png 0x3f4f68ef
res/drawable-hdpi/icon.png 0x3c3dc436
运行截图
VirSCANVirSCAN
VirSCAN