VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-24 23:31:45 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.4025 25.4025 2015-10-23 Android:Agent-GNN 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 44
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Android.Troj.ya_HakerSpy.gf.(kcloud) 7
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:9766682e2a96cf24029f3a15d13f37e1
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.shjshs.vsg
最低运行环境:Android 2.2.x
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_v4_168
Global\Cor_SxSPublic_IPCBlock_168
CiceroSharedMemDefaultS-*
\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
MSCTF.MarshalInterface.FileMap.EL..CHEHH
MSCTF.MarshalInterface.FileMap.EL.B.CIEHH
MSCTF.MarshalInterface.FileMap.EL.C.CIEHH
MSCTF.MarshalInterface.FileMap.EL.D.CIEHH
MSCTF.MarshalInterface.FileMap.EL.E.CIEHH
MSCTF.MarshalInterface.FileMap.EL.F.CIEHH
MSCTF.MarshalInterface.FileMap.EL.G.CIEHH
MSCTF.Shared.SFM.EL
进程行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_v4_168
Global\Cor_SxSPublic_IPCBlock_168
CiceroSharedMemDefaultS-*
\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
MSCTF.MarshalInterface.FileMap.EL..CHEHH
MSCTF.MarshalInterface.FileMap.EL.B.CIEHH
MSCTF.MarshalInterface.FileMap.EL.C.CIEHH
MSCTF.MarshalInterface.FileMap.EL.D.CIEHH
MSCTF.MarshalInterface.FileMap.EL.E.CIEHH
MSCTF.MarshalInterface.FileMap.EL.F.CIEHH
MSCTF.MarshalInterface.FileMap.EL.G.CIEHH
MSCTF.Shared.SFM.EL
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_v4_168
Global\Cor_SxSPublic_IPCBlock_168
CiceroSharedMemDefaultS-*
\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
MSCTF.MarshalInterface.FileMap.EL..CHEHH
MSCTF.MarshalInterface.FileMap.EL.B.CIEHH
MSCTF.MarshalInterface.FileMap.EL.C.CIEHH
MSCTF.MarshalInterface.FileMap.EL.D.CIEHH
MSCTF.MarshalInterface.FileMap.EL.E.CIEHH
MSCTF.MarshalInterface.FileMap.EL.F.CIEHH
MSCTF.MarshalInterface.FileMap.EL.G.CIEHH
MSCTF.Shared.SFM.EL
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT---> Offset = 0
行为描述: 查找文件
详情信息: FileName = C:\WINDOWS\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.INI
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445626134.669182.exe_7zdump
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445626134.672659.exe_7zdump\KeyGen 2014 (Vip Edition)
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445626134.676136.exe_7zdump\KeyGen 2014 (Vip Edition)\KeyGen 2014 (Vip Edition).exe
FileName = C:\Documents and Settings\ADMINI~1
FileName = C:\Documents and Settings\Administrator\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445626134.686581.exe_7zdump\KeyGen 2014 (Vip Edition)\KeyGen 2014 (Vip Edition).INI
FileName = C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.INI
FileName = C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.INI
FileName = C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.INI
其他行为
VirSCANVirSCAN
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 窗口信息
详情信息: Pid = 168, Hwnd=0x202d8, Text = KeyGen 2014 (Vip Edition)- By Pooria Sharaffodin - www.Sharaffodin.Blogspot.De, ClassName = WindowsForms10.Window.8.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x202c2, Text = Random Key List, ClassName = WindowsForms10.STATIC.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x202c4, Text = Random Key, ClassName = WindowsForms10.STATIC.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x402bc, Text = Save, ClassName = WindowsForms10.Window.8.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x202c8, Text = 100, ClassName = WindowsForms10.BUTTON.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x202ca, Text = 50, ClassName = WindowsForms10.BUTTON.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x202c6, Text = 25, ClassName = WindowsForms10.BUTTON.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x302da, Text = 10, ClassName = WindowsForms10.BUTTON.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x302b8, Text = --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- , ClassName = WindowsForms10.EDIT.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x302b4, Text = Generate Key List, ClassName = WindowsForms10.Window.8.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x302b2, Text = Generate Key, ClassName = WindowsForms10.Window.8.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x302cc, Text = Clear, ClassName = WindowsForms10.Window.8.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x402be, Text = 5, ClassName = WindowsForms10.EDIT.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x702c0, Text = Length, ClassName = WindowsForms10.STATIC.app.0.34f5582_r23_ad1.
Pid = 168, Hwnd=0x402dc, Text = KeyGen 2014 (Vip Edition)- By Pooria Sharaffodin - www.Sharaffodin.Blogspot.De, ClassName = WindowsForms10.Window.8.app.0.34f5582_r23_ad1.
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.EL
行为描述: 获取系统权限
详情信息: SE_DEBUG_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 加载链接库文件
详情信息: /data/data/com.shjshs.vsg/lib/libgreywolf.so
行为描述: 获取加密实例
详情信息: [u'RSA']
Activities
VirSCANVirSCAN
活动名 类型
com.yougaile.iapp.logoActivity android.intent.action.MAIN
com.yougaile.iapp.logoActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
SmsManager;->sendTextMessage 发送普通短信
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getLine1Number 获取手机号
ActivityManager;->killBackgroundProcesses 中断进程,可用于关闭杀软
java/net/URL;->openConnection 连接URL
android/app/NotificationManager;->notify 信息通知栏
WifiManager;->setWifiEnabled 变更WIFI状态
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
文件列表
VirSCANVirSCAN
文件名 校验码
assets/Userimg/1444325645955.jpeg 0x3458f2ce
res/drawable-hdpi/icon.png 0x718d24e5
AndroidManifest.xml 0xfeb26d9a
assets/.i 0xc78f584f
assets/fps_images.png 0x112b3776
assets/mian.iyu 0xc3ae8c63
assets/sendsas.myu 0xe3cf48a8
assets/sendscs.myu 0xae9a9ae4
assets/sendshs.myu 0xd547492
assets/sendsks.myu 0x4a9d225b
assets/sendsms.myu 0xf6bcb6bb
assets/sendsss.myu 0xd73a0a86
assets/sendsxs.myu 0x2bdcd294
assets/syscode.myu 0x16c9e954
classes.dex 0x12e07ad8
keys/keystore.ks 0x3d7ea71f
keys/media.pk8 0xb2ff8b4b
keys/media.sbt 0x787af273
keys/media.x509.pem 0xb2b93fdc
keys/platform.pk8 0x7d91e3b8
keys/platform.sbt 0x78fc5c38
keys/platform.x509.pem 0xe2b43571
keys/shared.pk8 0x44b55be
keys/shared.sbt 0xcb0d9b76
keys/shared.x509.pem 0x52234887
keys/testkey.pk8 0x5c6d8836
keys/testkey.sbt 0x197cd57f
keys/testkey.x509.pem 0xc3fc0954
lib/armeabi/libgdx.so 0x39a6b20c
lib/armeabi/libgreywolf.so 0x6771a154
lib/x86/libgdx.so 0x7ec621b5
res/drawable-hdpi/ic_arrow_left.png 0xede5ec62
res/drawable-hdpi/notice_down_icon.png 0x13e56a9c
res/drawable/hy_xml_ui_user_it32.xml 0xa078c251
res/drawable/hy_xml_ui_user_it52.xml 0x39674a32
res/drawable/hy_xml_ui_user_itt.xml 0xc0850268
res/drawable/hy_xml_ui_user_itt2.xml 0x5137b432
res/drawable/hy_xml_ui_user_t.xml 0x33f6fbad
res/drawable/list_itemshighlighted_translucent.xml 0x169e3780
res/layout/activity_main.xml 0xa98e18b3
res/layout/activity_webview.xml 0x70a82c79
resources.arsc 0xa02315bc
META-INF/MANIFEST.MF 0x37fc50bd
META-INF/CERT.SF 0x4dc4de13
META-INF/CERT.RSA 0x19096215
运行截图
VirSCANVirSCAN
VirSCAN