VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

File Name :ymcjjgjsq.apk (File not down)
File Size :316695 byte
File Type : application/zip
MD5:8479d6b806df0151e3236257eb6b2ecc
SHA1:cc92b26047dee1a889074b2820fb692e5a91f525
Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-20 13:10:29 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
权限列表
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:8479d6b806df0151e3236257eb6b2ecc
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.ymcjjgjsq
最低运行环境:Android 2.2.x
版权:Xy
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.IEF..ANHGH
MSCTF.MarshalInterface.FileMap.IEF.B.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.C.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.D.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.E.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.F.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.G.PNHGH
MSCTF.Shared.SFM.IEF
MSCTF.MarshalInterface.FileMap.IEF.H.FENKH
MSCTF.MarshalInterface.FileMap.IEF.I.FENKH
MSCTF.MarshalInterface.FileMap.IEF.J.FENKH
MSCTF.MarshalInterface.FileMap.IEF.K.FENKH
MSCTF.MarshalInterface.FileMap.IEF.L.FENKH
MSCTF.MarshalInterface.FileMap.IEF.M.FENKH
行为描述: DLL样本(x86)
详情信息: N/A
进程行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.IEF..ANHGH
MSCTF.MarshalInterface.FileMap.IEF.B.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.C.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.D.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.E.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.F.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.G.PNHGH
MSCTF.Shared.SFM.IEF
MSCTF.MarshalInterface.FileMap.IEF.H.FENKH
MSCTF.MarshalInterface.FileMap.IEF.I.FENKH
MSCTF.MarshalInterface.FileMap.IEF.J.FENKH
MSCTF.MarshalInterface.FileMap.IEF.K.FENKH
MSCTF.MarshalInterface.FileMap.IEF.L.FENKH
MSCTF.MarshalInterface.FileMap.IEF.M.FENKH
行为描述: DLL样本(x86)
详情信息: N/A
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.IEF..ANHGH
MSCTF.MarshalInterface.FileMap.IEF.B.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.C.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.D.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.E.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.F.PNHGH
MSCTF.MarshalInterface.FileMap.IEF.G.PNHGH
MSCTF.Shared.SFM.IEF
MSCTF.MarshalInterface.FileMap.IEF.H.FENKH
MSCTF.MarshalInterface.FileMap.IEF.I.FENKH
MSCTF.MarshalInterface.FileMap.IEF.J.FENKH
MSCTF.MarshalInterface.FileMap.IEF.K.FENKH
MSCTF.MarshalInterface.FileMap.IEF.L.FENKH
MSCTF.MarshalInterface.FileMap.IEF.M.FENKH
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32\ThreadingModel
\REGISTRY\MACHINE\SOFTWARE\Classes\InetCtls.Inet\
\REGISTRY\MACHINE\SOFTWARE\Classes\InetCtls.Inet\CLSID\
\REGISTRY\MACHINE\SOFTWARE\Classes\InetCtls.Inet\CurVer\
\REGISTRY\MACHINE\SOFTWARE\Classes\InetCtls.Inet.1\
\REGISTRY\MACHINE\SOFTWARE\Classes\InetCtls.Inet.1\CLSID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\VersionIndependentProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\TypeLib\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Version\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\1\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ToolboxBitmap32\
行为描述: 删除注册表键值
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32\ThreadingModel
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32\ThreadingModel
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: SHIMLIB_LOG_MUTEX
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.IEF
行为描述: DLL样本(x86)
详情信息: N/A
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
SE_DEBUG_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 获取安装应用列表
详情信息: [u'0']
行为描述: 获取加密实例
详情信息: [u'PBEWITHMD5andDES']
行为描述: 初始化IntentFilter
详情信息: [u'android.intent.action.PACKAGE_ADDED']
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@4154f1c0', u'WM.LayoutParams{(0,0)(fillxfill) sim=#120 ty=1 fl=#9010100 pfl=0x8 wanim=0x103028f}', u'android.view.CompatibilityInfoHolder@414af9c8']
[u'android.widget.LinearLayout@41569010', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
行为描述: webview加载网页
详情信息: http://au.youmi.net/offer/aos/slient.html?type=33&model=0
行为描述: 读取文件
详情信息: path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872b length:69
path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872b length:5
path:/proc/meminfo length:69
path:/mnt/sdcard/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI length:20
path:/mnt/sdcard/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI length:5
path:/mnt/sdcard/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p length:20
path:/mnt/sdcard/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p length:5
行为描述: 初始化Intent
详情信息: [u'ep_97da7ae01b08d1af']
[u'com.e4a.runtime.android.E4Aapplication@41530fd0', u'class net.youmi.android.AdService']
[u'android.os.Parcel@414ad158']
[u'android.os.Parcel@414ad198']
[u'android.os.Parcel@41544680']
[u'android.os.Parcel@41544680']
[u'android.intent.action.MAIN']
[u'{"FLAG":268435456,"COMPONENT_NAME":"ComponentInfo{com.ymcjjgjsq\\/com.e4a.runtime.android.mainActivity}"}']
[u'{"ACTION":"android.intent.action.MAIN","FLAG":270532608,"CATEGORIES":"[android.intent.category.HOME]","COMPONENT_NAME":"ComponentInfo{com.android.launcher\\/com.android.launcher2.Launcher}"}']
行为描述: 传递附加信息
详情信息: uMJpK6hDkTmz:net.youmi.android.offers.e@415887f0
行为描述: 调用哈希算法
详情信息: MD5
SHA
行为描述: 解析通用资源标识符
详情信息: webkit/android-weberror.png
行为描述: 注册广播接收器
详情信息: [u'net.youmi.android.b.a.g.e.f@41586810', u'android.content.IntentFilter@41586848']
[u'android.webkit.WebViewClassic$PackageListener@41543118', u'android.content.IntentFilter@41578538']
[u'android.webkit.WebViewClassic$ProxyReceiver@41587d58', u'android.content.IntentFilter@4157aba8']
[u'android.webkit.WebViewClassic$TrustStorageListener@41581678', u'android.content.IntentFilter@41574018']
[u'net.youmi.android.offers.b.b.c.g@415728d0', u'android.content.IntentFilter@41503ac8']
行为描述: 读取系统设置
详情信息: [u'android.app.ContextImpl$ApplicationContentResolver@41530d00', u'show_password']
行为描述: 读取sdcard
详情信息: path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872b
path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872b
path:/mnt/sdcard/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI
path:/mnt/sdcard/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI
path:/mnt/sdcard/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p
path:/mnt/sdcard/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p
行为描述: 窗口信息
详情信息: {"text": "赚积分", "class": "android.widget.Button"}
{"text": "计算结果", "class": "android.widget.Button"}
{"text": "清除", "class": "android.widget.Button"}
{"text": "检尺长", "class": "android.widget.TextView"}
{"text": "米", "class": "android.widget.TextView"}
{"text": "检尺径", "class": "android.widget.TextView"}
{"text": "厘米", "class": "android.widget.TextView"}
{"text": "数量", "class": "android.widget.TextView"}
{"text": "根", "class": "android.widget.TextView"}
{"text": "单价", "class": "android.widget.TextView"}
{"text": "元/m3", "class": "android.widget.TextView"}
{"text": "卸码费", "class": "android.widget.TextView"}
{"text": "元/m3", "class": "android.widget.TextView"}
{"text": "使用说明", "class": "android.widget.Button"}
行为描述: 写入sdcard
详情信息: path:/mnt/sdcard/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI
path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872b
path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872
path:/mnt/sdcard/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p
path:/mnt/sdcard/Android/data/.dataycache/m929bb76e8110d1a70260af57b446ebc
行为描述: 获取设备ID
详情信息: 357143040944263
行为描述: Toast->makeText弹出提示
详情信息: text:您当前可用积分为:0,版本号:v1.0 duration:0
行为描述: 获取当前连接的Wifi热点信息
详情信息: []
[]
[]
[]
行为描述: 获取用户ID
详情信息: 460000043140572
行为描述: 执行SQL查询
详情信息: [u'select * from a', u'null']
行为描述: 缓冲区读取一行数据
详情信息: 4d15070a07020552015e415f116276400d06750b4f236650094714405a0e5605000055071a0d1b1872060d2a0b51613302245b101c415505050207065202440b1406500a580700070055535402061644
äÔ£Qمþ‘úÊýu\¤
ãפP݆þ’òÊùr]¥
行为描述: 获取网络状态信息[*]
详情信息: NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
行为描述: 数据库查询
详情信息: [u'YINcpuKxQ5cA', u'null', u'a=?', u'[86d3803c]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[c3f73a78]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[751ca0f4]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[751ca0f4]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[c3f73a78]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[86d3803c]', u'null', u'null', u'null']
[u'a', u'[_id, b, a, c]', u'b=? and a=?', u'[97da7ae01b08d1af, 3]', u'null', u'null', u'null']
[u'a', u'[_id, b, a, c]', u'b=? and a=?', u'[97da7ae01b08d1af, 1]', u'null', u'null', u'null']
[u'a', u'[_id, b, a, c]', u'b=? and a=?', u'[97da7ae01b08d1af, 2]', u'null', u'null', u'null']
[u'formurl', u'null', u'null', u'null', u'null', u'null', u'null']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[1]', u'null', u'null', u'null', u'20']
[u'a', u'[_id, b, a, c, d]', u'a=?', u'[2]', u'null', u'null', u'null', u'50']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_host]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_host]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_host]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_port]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_port]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_port]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_wifi_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_wifi_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_wifi_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_wifi_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_wifi_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_wifi_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_2g_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_2g_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_2g_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_2g_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_2g_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_3g_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_2g_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_3g_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_3g_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_3g_type]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_3g_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[m_3g_rate]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[x34knSd6OxP]', u'null', u'null', u'null']
[u'YINcpuKxQ5cA', u'null', u'a=?', u'[x34knSd6OxP]', u'null', u'null', u'null']
行为描述: 写入文件
详情信息: path:/mnt/sdcard/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI length:20
path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872b length:69
path:/mnt/sdcard/Android/data/.tppqCache/6cae8e83d27a358b2594f22896be3872 length:13
path:/data/data/com.ymcjjgjsq/shared_prefs/C306239E75034d979DB1957AC06E4612.xml length:70
path:/data/data/com.ymcjjgjsq/shared_prefs/CE94557724F842149D690D0E8CBB1CBD.xml length:235
path:/data/data/com.ymcjjgjsq/shared_prefs/CE94557724F842149D690D0E8CBB1CBD.xml length:261
path:/data/data/com.ymcjjgjsq/shared_prefs/CE94557724F842149D690D0E8CBB1CBD.xml length:261
path:/mnt/sdcard/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p length:20
path:/data/data/com.ymcjjgjsq/shared_prefs/OFFERSCONFIG1.xml length:122
path:/mnt/sdcard/Android/data/.dataycache/m929bb76e8110d1a70260af57b446ebc length:17
Activities
VirSCANVirSCAN
活动名 类型
com.e4a.runtime.android.mainActivity android.intent.action.MAIN
com.e4a.runtime.android.mainActivity android.intent.category.DEFAULT
com.e4a.runtime.android.mainActivity android.intent.category.LAUNCHER
启动方式
VirSCANVirSCAN
名称 信息
net.youmi.android.AdReceiver 应用安装时启动服务
广告信息
VirSCANVirSCAN
名称 信息
net.youmi 有米广告
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
服务列表
VirSCANVirSCAN
名称
net.youmi.android.AdService
net.youmi.android.ExpService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xb63e179b
META-INF/MYKEY.SF 0x76fa2aa
META-INF/MYKEY.RSA 0xf9162281
res/drawable/icon.png 0xb21c1176
AndroidManifest.xml 0xd9811db1
resources.arsc 0x37e3e739
classes.dex 0xef32d579
运行截图
VirSCANVirSCAN
VirSCAN