VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:3%Antivirus software(1/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-03-04 11:29:34 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 60
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 60
avast 141231-0 4.7.4 2014-12-31 Found nothing 31
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 6
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 60
baidusd 1.0 1.0 2014-04-02 Found nothing 60
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
clamav 19745 0.97.5 2014-12-07 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 48
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 5
fsecure 2014-04-02-01 9.13 2014-04-02 Android.Adware.Adwo.A 15
gdata 25.473 25.473 2015-03-01 Found nothing 60
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 9
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 60
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 38
kingsoft 2.1 2.1 2013-09-22 Found nothing 60
mcafee 7638 5400.1158 2014-11-30 Found nothing 32
nod32 0920 3.0.21 2014-12-23 Found nothing 4
panda 9.05.01 9.05.01 2014-12-31 Found nothing 60
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 3
qh360 1.0.1 1.0.1 1.0.1 Found nothing 60
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
quickheal 14.00 14.00 2014-12-31 Found nothing 60
rising 25.46.06.04 25.46.06.04 2014-12-28 Found nothing 60
sophos 5.08 3.55.0 2014-12-01 Found nothing 9
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 60
thehacker 6.8.0.5 6.8.0.5 2014-12-29 Found nothing 60
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 60
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 12
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 32
权限列表
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CAMERA 访问照相机设备
文件信息
VirSCANVirSCAN
安全评分 :79
基本信息
VirSCANVirSCAN
MD5:cfb278792b71b652baaababde95f415e
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:mandroid.calculators
最低运行环境:Android 1.6
版权:reaper
关键行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [安装,TApplication]
[Window,Class] = [,Auto-Suggest Dropdown]
进程行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [安装,TApplication]
[Window,Class] = [,Auto-Suggest Dropdown]
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.MarshalInterface.FileMap.EOJ..EEOFF
MSCTF.MarshalInterface.FileMap.EOJ.B.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.C.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.D.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.E.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.F.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.G.DGOFF
MSCTF.MarshalInterface.FileMap.AJK..LGPGF
MSCTF.MarshalInterface.FileMap.AJK.B.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.C.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.D.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.E.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.F.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.G.LGPGF
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KCIMG.tmp\sample.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-A1PC0.tmp\_isetup\_shfoldr.dll
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-A1PC0.tmp\汉化说明.txt---> Offset = 0
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.Shared.MUTEX.AEH
MSCTF.Shared.MUTEX.AJK
MSCTF.Shared.MUTEX.EOJ
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [安装,TApplication]
[Window,Class] = [,Auto-Suggest Dropdown]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
行为描述: 窗口信息
详情信息: Pid = 2528, Hwnd=0x10350, Text = 是(&Y), ClassName = Button.
Pid = 2528, Hwnd=0x10352, Text = 否(&N), ClassName = Button.
Pid = 2528, Hwnd=0x10356, Text = 现在将安装 DU Meter 6.20 汉化补丁。您想要继续吗?, ClassName = Static.
Pid = 2528, Hwnd=0x1034c, Text = 安装, ClassName = #32770.
Pid = 2700, Hwnd=0x1038a, Text = 欢迎使用 DU Meter 6.20 汉化补丁 安装向导 , ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x10388, Text = 现在将安装 DU Meter 6.20 Build 4628 汉化补丁 到您的电脑中。 推荐您在继续安装前关闭所有其它应用程序。 单击“下一步”继续,或, ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x2036a, Text = C:\Program Files\DU Meter, ClassName = TEdit.
Pid = 2700, Hwnd=0x1037c, Text = 软件类别 网络监测 运行环境 Win7, WinVista, Win2008, Win2003, WinXp, Win2000, 32bit & 64bit Windows 原版安装 需要 授权方式 , ClassName = TRichEditViewer.
Pid = 2700, Hwnd=0x10384, Text = 下一步(&N) >, ClassName = TNewButton.
Pid = 2700, Hwnd=0x10382, Text = 取消, ClassName = TNewButton.
Pid = 2700, Hwnd=0x60358, Text = 安装 - DU Meter 6.20 汉化补丁, ClassName = TWizardForm.
Pid = 2700, Hwnd=0x10392, Text = 天罡汉化 , ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x10390, Text = 信息, ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x1038e, Text = 请在继续安装前阅读下列重要信息。, ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x4036c, Text = 如果您想继续安装,单击“下一步”。, ClassName = TNewStaticText.
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
动态列表行为
VirSCANVirSCAN
行为描述: 获取设备ID
详情信息: 357242043237511
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
行为描述: 读取文件
详情信息: path:/proc/761/cmdline length:105
path:/proc/777/cmdline length:105
path:/proc/789/cmdline length:105
path:/proc/819/cmdline length:105
path:/proc/832/cmdline length:105
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/mandroid.calculators-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/mandroid.calculators/shared_prefs/mandroid.calculators_preferences.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
.myCalculators android.intent.action.MAIN
.myCalculators android.intent.action.CREATE_SHORTCUT
.myCalculators android.intent.category.LAUNCHER
com.google.zxing.client.android.CaptureActivity com.google.zxing.client.android.SCAN
com.google.zxing.client.android.CaptureActivity android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
LocationManager;->getLastKnownLocation 获取地址位置
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
DefaultHttpClient;->execute 发送HTTP请求
TelephonyManager;->getLine1Number 获取手机号
TelephonyManager;->getSimSerialNumber 获取SIM序列号
java/net/URLConnection;->connect 连接URL
android/app/NotificationManager;->notify 信息通知栏
Camera;->open 开启相机
广告信息
VirSCANVirSCAN
名称 信息
net.youmi 有米广告
cn.domob.android 多盟
com.adwo.adsdk 安沃
com.vpon.adon Vpon
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CAMERA 访问照相机设备
文件列表
VirSCANVirSCAN
文件名 校验码
res/color/color.xml 0x7efd56a0
res/drawable/bg1_button_color_eqs.xml 0x47cb7374
res/drawable/bg1_button_color_function.xml 0xad6cd3fa
res/drawable/bg1_button_color_nums.xml 0xfbea3f34
res/drawable/bg1_button_color_oper.xml 0x11b1a482
res/drawable/bg2_button_color_eqs.xml 0x11b1a482
res/drawable/bg2_button_color_function.xml 0x9b0c4efb
res/drawable/bg2_button_color_nums.xml 0xddeff61e
res/drawable/bg2_button_color_oper.xml 0xec7185f8
res/drawable/bg_button_color_blue.xml 0xb39cb091
res/drawable/bg_button_color_blue1.xml 0x5de4af2e
res/drawable/bg_button_color_green.xml 0xdc9d8b15
res/drawable/bg_button_color_jihuang.xml 0xf0011789
res/drawable/bg_button_pressed.xml 0x964e12b8
res/drawable/btn_bg1_eqs.xml 0x58dec87c
res/drawable/btn_bg1_function.xml 0xd69c7942
res/drawable/btn_bg1_nums.xml 0x9f2aac41
res/drawable/btn_bg1_oper.xml 0x11681d7f
res/drawable/btn_bg2_eqs.xml 0xc470647
res/drawable/btn_bg2_function.xml 0x8205b779
res/drawable/btn_bg2_nums.xml 0xcbb3627a
res/drawable/btn_bg2_oper.xml 0x45f1d344
res/drawable/btn_bg_eqs.xml 0x39a3c514
res/drawable/btn_bg_function.xml 0xfe57a129
res/drawable/btn_bg_nums.xml 0x70151017
res/drawable/btn_bg_oper.xml 0xb7e1742a
res/drawable/icon.png 0x8ef78580
res/drawable/logo.png 0xe2c04e41
res/layout/capture.xml 0xce2546a7
res/layout/foritemedit.xml 0x7992223b
res/layout/foritemview.xml 0x56f06446
res/layout/forlistview.xml 0x714b137d
res/layout/formula.xml 0x96862c3
res/layout/fun_item.xml 0xf4d07298
res/layout/main.xml 0x272994d2
res/layout/main_240_320.xml 0x1c3b3870
res/layout/main_color_0.xml 0x1dc7a9a2
res/layout/main_color_1.xml 0xebb8f1a2
res/layout/main_color_2.xml 0x528b19c3
res/layout/main_sm.xml 0x87c68bfc
res/layout/main_sm_color_1.xml 0x8d872ef2
res/layout/main_sm_color_2.xml 0x659324c7
res/layout/setforitemexpvalues.xml 0x45408f9b
res/layout/setting.xml 0x40ad3c9b
res/layout/unit.xml 0x1ade6311
res/raw/nv_0.wav 0x9c45c1ae
res/raw/nv_1.wav 0x88e5cde5
res/raw/nv_2.wav 0x339ba0a0
res/raw/nv_3.wav 0x1e3ade68
res/raw/nv_4.wav 0xb5fc32cf
res/raw/nv_5.wav 0x51d949d9
res/raw/nv_6.wav 0x7e8cdc5d
res/raw/nv_7.wav 0xac5cf4f1
res/raw/nv_8.wav 0x4db9865c
res/raw/nv_9.wav 0xf3c69641
res/raw/nv_cou.wav 0xb6c0691e
res/raw/nv_dal.wav 0x2a28d309
res/raw/nv_del.wav 0x8601f7aa
res/raw/nv_dian.wav 0xca9257e6
res/raw/nv_div.wav 0xed9f9e13
res/raw/nv_eqs.wav 0x22d4a426
res/raw/nv_mul.wav 0x22dba97c
res/raw/nv_sum.wav 0x4a17ed57
res/xml/preferences.xml 0xaec82337
AndroidManifest.xml 0x22feba20
resources.arsc 0x219781fa
classes.dex 0x35e82706
480_b_prev.png 0xfdc7f54a
480_b_next.png 0x8087a06
server.properties 0x98409eca
480_opennew.png 0xa5be3406
480_b_close.png 0x27902b75
480_bg.png 0x2a88f2d8
org/apache/http/entity/mime/version.properties 0xdea0ee5e
res/anim/adwo_grow_from_bottom.xml 0x6fc20d76
res/anim/adwo_grow_from_top.xml 0x7274837f
res/anim/adwo_shrink_from_bottom.xml 0xfcaee665
res/anim/adwo_shrink_from_top.xml 0x810dd009
assets/adwo_bg.png 0xb533d5d6
assets/adwo_done.png 0x3a03f77a
assets/adwo_left_arrow.png 0xe6c0c433
assets/adwo_rec.png 0x59d864b
assets/adwo_right_arrow.png 0xb7db7f72
res/values/styles.xml 0x93c896ba
META-INF/MANIFEST.MF 0x882afee1
META-INF/CERT.SF 0x63e8555d
META-INF/CERT.RSA 0x42145a72
运行截图
VirSCANVirSCAN
VirSCAN