VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-08-17 10:44:56 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 10
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 5
avast 150725-1 4.7.4 2015-07-25 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
clamav 19861 0.97.5 2014-12-31 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
gdata 25.7912 25.7912 2016-08-17 Found nothing 23
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 56
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2013-09-22 Found nothing 9
mcafee 7638 5400.1158 2014-11-30 Found nothing 60
nod32 0920 3.0.21 2014-12-23 Found nothing 60
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 8
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
quickheal 14.00 14.00 2015-07-25 Found nothing 5
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 5
sophos 5.08 3.55.0 2014-12-01 Found nothing 60
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 20
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 4
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 19
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.MODIFY_AUDIO_SETTINGS 修改声音设置
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.CHANGE_WIFI_MULTICAST_STATE 变更WIFI多播状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.RESTART_PACKAGES 重启其他程序
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:d35abb999e2c332dca118a287d1dbae2
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.sunchip.livetv
最低运行环境:Android 2.2.x
版权:sunchip
关键行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\IETldCache
行为描述: 查询注册表_检测虚拟机相关
详情信息: \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
行为描述: 获取TickCount值
详情信息: TickCount = 5352015, SleepMilliseconds = 500.
TickCount = 5351709, SleepMilliseconds = 100.
TickCount = 5351756, SleepMilliseconds = 100.
TickCount = 5351771, SleepMilliseconds = 100.
TickCount = 5351787, SleepMilliseconds = 100.
TickCount = 5351818, SleepMilliseconds = 100.
TickCount = 5351850, SleepMilliseconds = 100.
TickCount = 5351865, SleepMilliseconds = 100.
TickCount = 5351881, SleepMilliseconds = 100.
TickCount = 5352296, SleepMilliseconds = 500.
TickCount = 5352312, SleepMilliseconds = 500.
TickCount = 5352375, SleepMilliseconds = 500.
TickCount = 5352390, SleepMilliseconds = 500.
TickCount = 5351990, SleepMilliseconds = 100.
TickCount = 5352006, SleepMilliseconds = 100.
行为描述: 杀掉进程
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
进程行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\IETldCache
行为描述: 查询注册表_检测虚拟机相关
详情信息: \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
行为描述: 获取TickCount值
详情信息: TickCount = 5352015, SleepMilliseconds = 500.
TickCount = 5351709, SleepMilliseconds = 100.
TickCount = 5351756, SleepMilliseconds = 100.
TickCount = 5351771, SleepMilliseconds = 100.
TickCount = 5351787, SleepMilliseconds = 100.
TickCount = 5351818, SleepMilliseconds = 100.
TickCount = 5351850, SleepMilliseconds = 100.
TickCount = 5351865, SleepMilliseconds = 100.
TickCount = 5351881, SleepMilliseconds = 100.
TickCount = 5352296, SleepMilliseconds = 500.
TickCount = 5352312, SleepMilliseconds = 500.
TickCount = 5352375, SleepMilliseconds = 500.
TickCount = 5352390, SleepMilliseconds = 500.
TickCount = 5351990, SleepMilliseconds = 100.
TickCount = 5352006, SleepMilliseconds = 100.
行为描述: 杀掉进程
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\0051A5EA.log
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\ie6_main.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\main.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\browse.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\button.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\checkbox.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\button-bg.png
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg-corner.png
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg.png
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg2.png
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\progress-bar.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\csshover3.htc
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\form.bmp.Mask
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\images\BGR.png
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\images\BGW.png
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\0051A5EA.log
C:\Documents and Settings\Administrator\Local Settings\Temp\0051AA4F.log
C:\Documents and Settings\Administrator\Local Settings\Temp\0051A91D.log
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\bootstrap_41385.html
C:\Documents and Settings\Administrator\Local Settings\Temp\in0B6E0CB6\0026824A.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\00522B6B.log
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\ie6_main.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\main.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\browse.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\button.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\checkbox.css
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\button-bg.png
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg-corner.png
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg.png
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\IETldCache
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\0051A5EA.log ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\ie6_main.css ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\main.css ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\browse.css ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\button.css ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\checkbox.css ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\button-bg.png ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg-corner.png ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg.png ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\images\progress-bg2.png ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\css\sdk-ui\progress-bar.css ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\csshover3.htc ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\form.bmp.Mask ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\images\BGR.png ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\images\BGW.png ---> Offset = 0
行为描述: 查找文件
详情信息: FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\inH53509068445
FileName = C:\Program Files\Internet Explorer\IEXPLORE.EXE
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\inH53509068445\bootstrap_41385.html
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\DOCUME~1
FileName = C:\Documents and Settings\ADMINI~1
FileName = C:\Documents and Settings\Administrator\LOCALS~1
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp\inH53509068445\bootstrap_41385.html
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
网络行为
VirSCANVirSCAN
行为描述: 联网打开网址
详情信息: InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x00000010
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = rp****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000010
InternetConnectA: ServerName = in****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0), hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
行为描述: 建立到一个指定的套接字连接
详情信息: URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000003ac
URL: rp****om, IP: **.133.40.**:80, SOCKET = 0x00000394
URL: rp****om, IP: **.133.40.**:80, SOCKET = 0x000003ac
URL: rp****om, IP: **.133.40.**:80, SOCKET = 0x000002d8
URL: rp****om, IP: **.133.40.**:80, SOCKET = 0x00000420
URL: in****om, IP: **.133.40.**:80, SOCKET = 0x000002f8
URL: rp****om, IP: **.133.40.**:80, SOCKET = 0x000002ec
URL: in****om, IP: **.133.40.**:80, SOCKET = 0x000002dc
URL: rp****om, IP: **.133.40.**:80, SOCKET = 0x00000310
行为描述: 读取网络文件
详情信息: hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc000c, BytesToRead =20480, BytesRead = 20480.
行为描述: 发送HTTP包
详情信息: GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128
POST /?v=2.0&subver=6.21&pcrc=1793293888 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 1760 Cache-Control: no-cache
POST /?v=2.0&subver=6.21&pcrc=933759592 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 1776 Cache-Control: no-cache
POST /?v=2.0&subver=6.21&pcrc=2088256590 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 2656 Cache-Control: no-cache
POST /?v=2.0&subver=6.21&pcrc=295643027 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 2656 Cache-Control: no-cache
POST /?v=1.03&c=31cdd1cd&at=56151696&cntr=1 HTTP/1.1 Accept: */* Host: in****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 152 Cache-Control: no-cache 30nF+X7j0wUkJIAFlwLGppV63mamfTJv2hhAqg7SM0IrWK3cSz6vCOQ3Swjd9//NP4tkzn56S51q2e1pclrz65EQCvkMBQpvmMCC1Vz2Ec1J/mDICrLf9dhOP7JlRPMJOysLOVMguMXZ3MI6l5zT0g==
POST /?v=2.0&subver=6.21&pcrc=80519980 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 2480 Cache-Control: no-cache
POST /?v=2.0&subver=6.21&pcrc=1204512210 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 2496 Cache-Control: no-cache
POST /?v=1.03&c=31cdd1cd&at=56151696&cntr=2 HTTP/1.1 Accept: */* Host: in****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 152 Cache-Control: no-cache 30nF+X7j0wUkJIAFlwLGppV63mamfTJv2hhAqg7SM0IrWK3cSz6vCOQ3Swjd9//NP4tkzn56S51q2e1pclrz65EQCvkMBQpvmMCC1Vz2Ec1J/mDICrLf9dhOP7JlRPMJOysLOVMguMXZ3MI6l5zT0g==
POST /?v=2.0&subver=6.21&pcrc=488893189 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 2496 Cache-Control: no-cache
POST /?v=2.0&subver=6.21&pcrc=1248663891 HTTP/1.1 Accept: */* Host: rp****om User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0) Content-Length: 2512 Cache-Control: no-cache
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=1793293888, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x00000010
HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=933759592, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: in****om:80/?v=1.03&c=31cdd1cd&at=56151696&cntr=0, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=2088256590, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=295643027, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: in****om:80/?v=1.03&c=31cdd1cd&at=56151696&cntr=1, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=80519980, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=1204512210, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: in****om:80/?v=1.03&c=31cdd1cd&at=56151696&cntr=2, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=488893189, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
HttpOpenRequestA: rp****om:80/?v=2.0&subver=6.21&pcrc=1248663891, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: POST, Referer: , Flags = 0x04080000
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: computer
GetAddrInfoW: wpad
GetAddrInfoW: rp****om
GetAddrInfoW: in****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\996E\DEBUG\Trace Level
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\996E\DEBUG\Trace Level
行为描述: 查询注册表_检测虚拟机相关
详情信息: \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
其他行为
VirSCANVirSCAN
行为描述: 获取光标位置
详情信息: CursorPos = (71,18468), SleepMilliseconds = 500.
CursorPos = (6364,26501), SleepMilliseconds = 100.
CursorPos = (19199,15725), SleepMilliseconds = 100.
CursorPos = (11508,29359), SleepMilliseconds = 100.
CursorPos = (26992,24465), SleepMilliseconds = 100.
CursorPos = (5735,28146), SleepMilliseconds = 500.
CursorPos = (23311,16828), SleepMilliseconds = 500.
CursorPos = (9991,492), SleepMilliseconds = 100.
CursorPos = (3025,11943), SleepMilliseconds = 100.
CursorPos = (4857,5437), SleepMilliseconds = 500.
CursorPos = (32421,14605), SleepMilliseconds = 500.
CursorPos = (3932,154), SleepMilliseconds = 10.
CursorPos = (322,12383), SleepMilliseconds = 10.
CursorPos = (17451,18717), SleepMilliseconds = 100.
CursorPos = (19748,19896), SleepMilliseconds = 100.
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
RasPbFile
Local\!PrivacIE!SharedMemory!Mutex
MSCTF.Shared.MUTEX.ELH
MSIMGSIZECacheMutex
MSCTF.Shared.MUTEX.AEC
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,THtmlUIForm]
[Window,Class] = [IDG Downloader,THtmlUIForm]
行为描述: 窗口信息
详情信息: Pid = 1472, Hwnd=0xa038e, Text = 确定, ClassName = Button.
Pid = 1472, Hwnd=0x12034c, Text = Product configuration is missing!, ClassName = Static.
Pid = 1472, Hwnd=0x10039e, Text = Information, ClassName = #32770.
Pid = 1472, Hwnd=0x803ba, Text = IDG Downloader, ClassName = THtmlUIForm.
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
Global\SvcctrlStartEvent_A3752DX
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
_fCanRegisterWithShellService
\INSTALLATION_SECURITY_HOLD
Global\crypt32LogoffEvent
MSFT.VSA.COM.DISABLE.1472
MSFT.VSA.IEC.STATUS.6c736db0
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000040
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000040
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000042
行为描述: 获取TickCount值
详情信息: TickCount = 5352015, SleepMilliseconds = 500.
TickCount = 5351709, SleepMilliseconds = 100.
TickCount = 5351756, SleepMilliseconds = 100.
TickCount = 5351771, SleepMilliseconds = 100.
TickCount = 5351787, SleepMilliseconds = 100.
TickCount = 5351818, SleepMilliseconds = 100.
TickCount = 5351850, SleepMilliseconds = 100.
TickCount = 5351865, SleepMilliseconds = 100.
TickCount = 5351881, SleepMilliseconds = 100.
TickCount = 5352296, SleepMilliseconds = 500.
TickCount = 5352312, SleepMilliseconds = 500.
TickCount = 5352375, SleepMilliseconds = 500.
TickCount = 5352390, SleepMilliseconds = 500.
TickCount = 5351990, SleepMilliseconds = 100.
TickCount = 5352006, SleepMilliseconds = 100.
行为描述: 调整进程token权限
详情信息: SE_SHUTDOWN_PRIVILEGE
SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 500.
[2]: MilliSeconds = 100.
[3]: MilliSeconds = 100.
[4]: MilliSeconds = 100.
[5]: MilliSeconds = 500.
[6]: MilliSeconds = 100.
[7]: MilliSeconds = 100.
[8]: MilliSeconds = 500.
[9]: MilliSeconds = 100.
[10]: MilliSeconds = 100.
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
EventName = Global\crypt32LogoffEvent
EventName = MSCTF.SendReceive.Event.AEC.IC
EventName = MSCTF.SendReceiveConection.Event.AEC.IC
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Local\!IETld!Mutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
RasPbFile
CtfmonInstMutexDefaultS-*
Local\c:!documents and settings!administrator!ietldcache!
Activities
VirSCANVirSCAN
活动名 类型
com.live.activity.MainActivity android.intent.category.DEFAULT
com.sunchip.activity.WelcomLiveTV android.intent.action.MAIN
com.sunchip.activity.WelcomLiveTV android.intent.action.SunchipLiveTV
com.sunchip.activity.WelcomLiveTV android.intent.category.LAUNCHER
com.sunchip.activity.WelcomLiveTV android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
HttpClient;->execute 请求远程服务器
ContentResolver;->query 读取联系人、短信等数据库
java/net/URL;->openConnection 连接URL
LocationManager;->getLastKnownLocation 获取地址位置
DefaultHttpClient;->execute 发送HTTP请求
java/net/HttpURLConnection;->connect 连接URL
TelephonyManager;->getSimSerialNumber 获取SIM序列号
android/app/NotificationManager;->notify 信息通知栏
java/net/URLConnection;->connect 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
启动方式
VirSCANVirSCAN
名称 信息
com.live.receiver.CXBootBroadcastReceiver 开机启动服务
com.live.receiver.CXPidReceiver
com.live.receiver.CXRunReceiver
com.live.receiver.UsbReceiver
广告信息
VirSCANVirSCAN
名称 信息
com.adchina 易传媒
com.baidu 百度
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.MODIFY_AUDIO_SETTINGS 修改声音设置
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.CHANGE_WIFI_MULTICAST_STATE 变更WIFI多播状态
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.RESTART_PACKAGES 重启其他程序
服务列表
VirSCANVirSCAN
名称
com.letv.pp.service.CdeService
com.live.activity.MainTask
com.live.service.AliCheckUpdataService
com.live.service.CxMediaService
com.adsmogo.controller.service.UpdateService
com.adsmogo.controller.service.CountService
com.qq.e.comm.DownloadService
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0x54f313fc
res/anim/bottom_in.xml 0x2a8ed17e
res/anim/bottom_out.xml 0x60b684b2
res/anim/change_source_loading.xml 0xf0642bf9
res/anim/dialog_in.xml 0x8da5b274
res/anim/dialog_out.xml 0x636c7a34
res/anim/fade_in.xml 0x3d50ef24
res/anim/fade_out.xml 0xc3b2fd3a
res/anim/focus_anim.xml 0xb5314473
res/anim/move_in.xml 0xc3a880dc
res/anim/move_out.xml 0xa106645e
res/anim/msg_move_in.xml 0xbb934369
res/anim/msg_move_out.xml 0xaf93a27a
res/anim/round_loading.xml 0x25b0a378
res/anim/scal_big.xml 0x2327fba1
res/anim/scal_big_film.xml 0x83b11b9a
res/anim/scal_small.xml 0xb8a67a33
res/anim/source_loading.xml 0xb6750d13
res/anim/toast_in.xml 0x9de69da2
res/anim/toast_out.xml 0xd42d3f73
res/anim/top_in.xml 0x522df14a
res/anim/top_out.xml 0x66f52a8d
res/anim/translate.xml 0x9c4322f9
res/anim/update_logo.xml 0x68bc6e43
res/anim/zoomin.xml 0x11ff18eb
res/anim/zoomout.xml 0xde683a87
res/color/channel_list_item_text.xml 0x68fa6df8
res/color/exit_btn_text.xml 0x97737782
res/color/text_gray_to_white.xml 0x420c8761
res/drawable-hdpi-v4/icon.png 0x9608b0a9
res/drawable-hdpi-v4/icon_error.png 0x6e8860d4
res/drawable-hdpi-v4/icon_ok_mini_16.png 0x40f33f3e
res/drawable-hdpi-v4/icon_right.png 0xed2f6e07
res/drawable-hdpi-v4/loading_m.png 0x274d907d
res/drawable-hdpi-v4/moretv_default.png 0x18ac8c42
res/drawable-hdpi-v4/recom_app_def.png 0x7c5aabc9
res/drawable-hdpi-v4/welcome.png 0xea79b5b0
res/drawable-ldpi-v4/icon.png 0x9608b0a9
res/drawable-ldpi-v4/icon_ok_mini_16.png 0x40f33f3e
res/drawable-mdpi-v4/bg.png 0xea79b5b0
res/drawable-mdpi-v4/channel_fav_icon.png 0xd8b59c2e
res/drawable-mdpi-v4/check_box_no.png 0xb308197b
res/drawable-mdpi-v4/check_box_yes.png 0x9a446fbe
res/drawable-mdpi-v4/conversion01.png 0x6930aed6
res/drawable-mdpi-v4/conversion02.png 0x35414f7e
res/drawable-mdpi-v4/conversion03.png 0xf0f00d63
res/drawable-mdpi-v4/conversion04.png 0xfc1a8baa
res/drawable-mdpi-v4/conversion05.png 0x614af766
res/drawable-mdpi-v4/conversion06.png 0xbce6df8b
res/drawable-mdpi-v4/conversion07.png 0x4dabd974
res/drawable-mdpi-v4/conversion08.png 0x95c8e12f
res/drawable-mdpi-v4/conversion09.png 0x46875a6f
res/drawable-mdpi-v4/conversion10.png 0xe182cceb
res/drawable-mdpi-v4/conversion11.png 0x9eddcaf
res/drawable-mdpi-v4/conversion12.png 0xfb4cc037
res/drawable-mdpi-v4/conversion13.png 0xfe5c9cab
res/drawable-mdpi-v4/empty.png 0x4f1c10bf
res/drawable-mdpi-v4/fav_logo_focus.png 0x6307a629
res/drawable-mdpi-v4/fav_logo_normal.png 0x9cfa4921
res/drawable-mdpi-v4/fav_remove_toast_icon.png 0x27635ad8
res/drawable-mdpi-v4/fav_toast_icon.png 0xad6d3fcb
res/drawable-mdpi-v4/fish.png 0xb81f296
res/drawable-mdpi-v4/golive_null_logo.png 0xede01dec
res/drawable-mdpi-v4/hqbar.png 0x395f816a
res/drawable-mdpi-v4/hqitem.png 0x830b67d3
res/drawable-mdpi-v4/icon.png 0x9608b0a9
res/drawable-mdpi-v4/icon_channel.png 0xc0f708da
res/drawable-mdpi-v4/icon_detection.png 0x57d1af7e
res/drawable-mdpi-v4/icon_downloaded.png 0xe0595367
res/drawable-mdpi-v4/icon_error.png 0x6e8860d4
res/drawable-mdpi-v4/icon_harddisk.png 0x26339002
res/drawable-mdpi-v4/icon_inf.png 0xff48a908
res/drawable-mdpi-v4/icon_installed.png 0x5c33aed3
res/drawable-mdpi-v4/icon_ok.png 0xeebc6c39
res/drawable-mdpi-v4/icon_ok_mini.png 0x51b20f81
res/drawable-mdpi-v4/icon_right.png 0xed2f6e07
res/drawable-mdpi-v4/icon_sd.png 0x50132ea4
res/drawable-mdpi-v4/icon_usb.png 0xd4600cd0
res/drawable-mdpi-v4/launch0.png 0xe3eb20c2
res/drawable-mdpi-v4/launch01.png 0x93fbc324
res/drawable-mdpi-v4/launch010.png 0xc5bfd64f
res/drawable-mdpi-v4/launch011.png 0x717e4e78
res/drawable-mdpi-v4/launch02.png 0xc82a6e70
res/drawable-mdpi-v4/launch03.png 0xc5f7bcae
res/drawable-mdpi-v4/launch04.png 0x73198f1d
res/drawable-mdpi-v4/launch05.png 0x58b601e7
res/drawable-mdpi-v4/launch06.png 0x6de22e4b
res/drawable-mdpi-v4/launch07.png 0xd2932548
res/drawable-mdpi-v4/launch08.png 0xce6b1fda
res/drawable-mdpi-v4/launch09.png 0xd876a7ca
res/drawable-mdpi-v4/loading_01.png 0x32bbaedd
res/drawable-mdpi-v4/loading_02.png 0xa4493948
res/drawable-mdpi-v4/loading_03.png 0x1c099850
res/drawable-mdpi-v4/loading_04.png 0x2a1aa372
res/drawable-mdpi-v4/loading_05.png 0x503f1e47
res/drawable-mdpi-v4/loading_06.png 0xcc9c58ec
res/drawable-mdpi-v4/loading_07.png 0xdeaa0a96
res/drawable-mdpi-v4/loading_08.png 0xfea6d950
res/drawable-mdpi-v4/loading_09.png 0x7dffdc01
res/drawable-mdpi-v4/loading_10.png 0x14c0e2d6
res/drawable-mdpi-v4/loading_11.png 0xf4cf513
res/drawable-mdpi-v4/loading_12.png 0xf17c4d80
res/drawable-mdpi-v4/loading_b.png 0xb3af267c
res/drawable-mdpi-v4/loading_m.png 0x274d907d
res/drawable-mdpi-v4/menu_clean_icon.png 0xa331353d
res/drawable-mdpi-v4/menu_fav_icon.png 0xad6d3fcb
res/drawable-mdpi-v4/menu_fav_remove_icon.png 0x27635ad8
res/drawable-mdpi-v4/menu_left_arrow.png 0x2666e544
res/drawable-mdpi-v4/menu_right_arrow.png 0xc0a109e6
res/drawable-mdpi-v4/menu_updata_icon.png 0xa56b5b6b
res/drawable-mdpi-v4/moretv_default.png 0x18ac8c42
res/drawable-mdpi-v4/pop_bg.9.png 0x67abb5c
res/drawable-mdpi-v4/progress_bg.png 0xee6fd5d5
res/drawable-mdpi-v4/progress_fill.png 0x12282788
res/drawable-mdpi-v4/qrcode.png 0xd2c89c4c
res/drawable-mdpi-v4/recom_app_def.png 0x7c5aabc9
res/drawable-mdpi-v4/satellite.png 0x565c515f
res/drawable-mdpi-v4/split_line.9.png 0xd1910dbd
res/drawable-mdpi-v4/voole_app_logo.png 0x27e8b1d7
res/drawable-mdpi-v4/welcome.png 0xea79b5b0
res/drawable-xhdpi-v4/icon.png 0x9608b0a9
res/drawable/btn_leading_selector.xml 0x3c6478fa
res/drawable/check_box.xml 0x3b58a71e
res/drawable/download_bar_pic.xml 0x735b4ec5
res/drawable/empty_frame_bg.xml 0x57729450
res/drawable/fav_logo.xml 0x3354e96e
res/drawable/live_channel_list_item_bg.xml 0x2a3b9acc
res/drawable/play_menu_bg_selector.xml 0xf1241c26
res/drawable/recom_list_item_focus_bg.xml 0x5e1dd1fa
res/drawable/recom_list_item_nofocus_bg.xml 0x8179d3de
res/drawable/recom_title_bg.xml 0x8eda1037
res/drawable/scrollbar_vertical_track.xml 0x177bede7
res/drawable/sp_live_control_main_txtbg.xml 0x76207f83
res/drawable/theme_btn_bg.xml 0x117f831
res/layout/android_videoview.xml 0x3711ad41
res/layout/channel_list_item.xml 0x3e147206
res/layout/check_net_detial.xml 0xaf408f
res/layout/check_net_detial_finish.xml 0xfc89d0af
res/layout/check_net_list_item.xml 0x530b1729
res/layout/dialog_layout.xml 0xa590e502
res/layout/diy_list_item.xml 0xb90320e
res/layout/epg_control_layout.xml 0x77dd7e9f
res/layout/epg_item.xml 0xd1bd25d9
res/layout/exist_layout.xml 0xcec707f8
res/layout/live_control_main.xml 0xf0648105
res/layout/live_epg_layout.xml 0xdcd9151e
res/layout/live_type_item.xml 0x2d54609f
res/layout/msg_layout.xml 0xcb3edac1
res/layout/num_key.xml 0x73b5e84c
res/layout/play_menu.xml 0xfc73d284
res/layout/recom_apps_item.xml 0xced58445
res/layout/text_progressbar.xml 0xe07a776c
res/layout/welcome.xml 0x25b3279e
res/raw/libarm.so 0x33204070
res/raw/pub.key 0xadbbf1a9
resources.arsc 0x7d481c93
classes.dex 0x2aecdb8f
extra/__pasys_remote_banner.jar 0xfd5dddda
assets/adchina_back.png 0x7e18e07b
assets/adchina_bg.png 0x1c22ab96
assets/adchina_btnconfirm.png 0xd2fbd8ea
assets/adchina_finish.png 0x267d8ead
assets/adchina_go.png 0xb863f9b7
assets/adchina_handleclose.png 0x5afaf38a
assets/adchina_handleopen.png 0x2c31566d
assets/adchina_loading.gif 0x88be9b10
assets/adchina_share.png 0xee4d1ac7
assets/button_share.png 0x18b64456
assets/default_ycm.jpg 0x8c572827
assets/logo_mail_b.png 0xcc020996
assets/logo_mail_s.png 0x9d187305
assets/logo_msg_b.png 0x9a5ce916
assets/logo_msg_s.png 0x43abf11f
assets/logo_qq_b.png 0x1d6ad745
assets/logo_qq_s.png 0x4ef05184
assets/logo_qzone_b.png 0x601115af
assets/logo_qzone_s.png 0x882c6b2a
assets/logo_rr_b.png 0xa1b8d84
assets/logo_rr_s.png 0x56324ed
assets/logo_sina_b.png 0xa3c3c37
assets/logo_sina_s.png 0x1a6af985
assets/logo_txwb_b.png 0xc8660086
assets/logo_txwb_s.png 0x238eaeaa
assets/logo_wxgroup_b.png 0x6c99c83
assets/logo_wxgroup_s.png 0xddb049dc
assets/logo_wx_b.png 0x23393fda
assets/logo_wx_s.png 0xf3c4748c
assets/mraid_close.png 0xd229d499
assets/point_dark.png 0x2f4a7d35
assets/point_light.png 0xf8985b0f
com/adchina/android/share/assets/c.png 0xdc6a654d
com/adchina/android/share/assets/friend_click_button.png 0x8089a565
com/adchina/android/share/assets/friend_close_button.png 0xa1306a48
com/adchina/android/share/assets/friend_select_button.png 0xaa1fead8
com/adchina/android/share/assets/friend_select_edit_bg.png 0xa669725e
com/adchina/android/share/assets/friend_select_show_bg.png 0x9be517cf
com/adchina/android/share/assets/l.png 0x8dbba409
com/adchina/android/share/assets/r.png 0x795e5bb2
com/adchina/android/share/assets/r_back.png 0xe8897d14
com/adchina/android/share/assets/r_back_press.png 0x1c5deacc
com/adchina/android/share/assets/r_bg.9.png 0xb4465126
com/adchina/android/share/assets/r_newtopbg.png 0x7e6af921
com/adchina/android/share/assets/r_toward.png 0x4d129ff
com/adchina/android/share/assets/r_toward_press.png 0x48648cc5
assets/voole.properties 0xd15e5a1b
assets/vooleauth.conf 0xcc21c77c
assets/voolert.conf 0xb2dd4b7f
assets/gntvauthd 0xee926fa2
assets/gntvdaemon 0x5ca9ae69
com/adsmogo/assets/button_refresh_1.png 0x2d8eee4a
com/adsmogo/assets/button_refresh_10.png 0x37fd2b06
com/adsmogo/assets/button_refresh_11.png 0xf62f415a
com/adsmogo/assets/button_refresh_12.png 0x9262b24c
com/adsmogo/assets/button_refresh_2.png 0x6f3641e1
com/adsmogo/assets/button_refresh_3.png 0x3a4d6012
com/adsmogo/assets/button_refresh_4.png 0x544f8733
com/adsmogo/assets/button_refresh_5.png 0x3aa48c10
com/adsmogo/assets/button_refresh_6.png 0x5f7cf702
com/adsmogo/assets/button_refresh_7.png 0xce278a94
com/adsmogo/assets/button_refresh_8.png 0xc9f6ae58
com/adsmogo/assets/button_refresh_9.png 0x865c61fc
com/adsmogo/assets/mg_close.png 0xd0e3a74d
com/adsmogo/assets/mg_close_h.png 0x7d9c3557
com/adsmogo/assets/mg_dialog_bg.png 0x443a4554
com/adsmogo/assets/mg_fill_bgb.png 0x237a3cda
com/adsmogo/assets/mg_fill_bgw.png 0x6f55d775
com/adsmogo/assets/mg_fullad_close.png 0x1e327967
com/adsmogo/assets/mg_rm_closeBtn.png 0x7dddc92e
com/adsmogo/assets/tow_click_download_btn_320.gif 0xf59a0e6
com/adsmogo/assets/tow_click_download_btn_640.gif 0x2c6151fc
com/adsmogo/assets/tow_click_open_webview_btn_320.gif 0xb890d4a5
com/adsmogo/assets/tow_click_open_webview_btn_640.gif 0x1afc41fe
com/adsmogo/assets/webview_ad_bar_bgimg.png 0x82459a0b
com/adsmogo/assets/webview_bar_back.png 0x9d5e268e
com/adsmogo/assets/webview_bar_back_grey.png 0x959b505e
com/adsmogo/assets/webview_bar_bgimg.png 0xa5c463d2
com/adsmogo/assets/webview_bar_bgimg_prs.png 0x81f130d8
com/adsmogo/assets/webview_bar_close.png 0x13e1adca
com/adsmogo/assets/webview_bar_next.png 0x963fd102
com/adsmogo/assets/webview_bar_next_grey.png 0xc50435c1
com/adsmogo/assets/webview_bar_pause.png 0x2cfb873e
com/adsmogo/assets/webview_bar_refresh.png 0xd3034b46
com/adsmogo/assets/webview_bar_share.png 0xd6d593d7
com/adsmogo/assets/ycm_btnconfirm.png 0xd2fbd8ea
com/adsmogo/assets/ycm_mraid_close.png 0xd229d499
lib/armeabi-v7a/libcde.1.0.10.so 0xd20367cf
lib/armeabi-v7a/libforcetv.so 0xc3f3d9c6
lib/armeabi-v7a/libtvlive.so 0x4321a021
lib/armeabi-v7a/libumeng_opustool.so 0x756d1162
lib/armeabi-v7a/libvooleglib.so 0xe2ca47bc
lib/armeabi-v7a/libvooletoken.so 0xcda62e66
META-INF/MANIFEST.MF 0x3eb767de
META-INF/CERT.SF 0x692f3f7e
META-INF/CERT.RSA 0xe68f3243
运行截图
VirSCANVirSCAN
VirSCAN