VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-09-17 17:30:51 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 4
antivir 1.9.2.0 1.9.159.0 7.11.172.156 Found nothing 15
antiy 115008 AVL140915 2014-09-17 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 140916-0 4.7.4 2014-09-16 Found nothing 22
avg 2109/7706 10.0.1405 2014-09-13 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.56837 7.90123 2014-09-16 Found nothing 6
clamav 19366 0.97.5 2014-09-16 Found nothing 1
comodo 15023 5.1 2014-09-16 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-09-14 Found nothing 34
fortinet 22.817, 22.817 5.1.153 2014-09-17 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-09-16 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 2
gdata 24.4067 24.4067 2014-09-16 Found nothing 8
hauri 2.73 2.73 2014-09-16 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-09-16 Found nothing 14
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 33
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 6
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0298 3.0.21 2014-08-22 Found nothing 1
panda 9.05.01 9.05.01 2014-09-16 Found nothing 5
pcc 11.152.06 9.500-1005 2014-09-16 Found nothing 2
qh360 1.0.1 1.0.1 1.0.1 Found nothing 13
qqphone 1.0.0.0 1.0.0.0 2014-09-17 Found nothing 1
quickheal 14.00 14.00 2014-09-16 Found nothing 3
rising 25.31.06.04 25.31.06.04 2014-09-14 Found nothing 1
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-09-14 Found nothing 2
symantec 20140913.021 1.3.0.24 2014-09-13 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2014-09-15 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-09-17 Found nothing 7
vba 3.12.26.3 3.12.26.3 2014-09-16 Found nothing 4
virusbuster 15.0.909.0 5.5.2.13 2014-09-15 Found nothing 14
权限列表
许可名称 信息
android.permission.SET_WALLPAPER 设置桌面壁纸
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_WAP_PUSH 接收wap push信息
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.REBOOT 重启设备
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.READ_SMS 读取短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.SEND_SMS 发送短信
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.WRITE_SMS 写短信
android.permission.INSTALL_PACKAGES 安装应用
android.permission.DELETE_PACKAGES 删除应用
android.permission.CLEAR_APP_CACHE 清除应用缓存
android.permission.CLEAR_APP_USER_DATA 清除用户数据
android.permission.MOUNT_FORMAT_FILESYSTEMS 格式化文件系统
文件信息
VirSCANVirSCAN
安全评分 :80
基本信息
VirSCANVirSCAN
MD5:db4a09de7fa951b5daf37e11be46ec17
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.wingball.falseman
最低运行环境:Android 2.2.x
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [WinImage Self Extractor,#32770]
其他行为
VirSCANVirSCAN
行为描述: 创建驱动文件镜像
详情信息: C:\WINDOWS\system32\drivers\fastfat.sys
行为描述: 窗口信息
详情信息: Pid = 1160, Hwnd=0xc0174, Text = 确定, ClassName = Button.
Pid = 1160, Hwnd=0xc016c, Text = 取消, ClassName = Button.
Pid = 1160, Hwnd=0xc01b6, Text = Insert floppy to write, ClassName = Static.
Pid = 1160, Hwnd=0xc0192, Text = Batch assistant, ClassName = #32770.
Pid = 1160, Hwnd=0xd0166, Text = Writing on &Floppy, ClassName = Button(CheckBox).
Pid = 1160, Hwnd=0xb016a, Text = File &extraction, ClassName = Button(CheckBox).
Pid = 1160, Hwnd=0xb01de, Text = Image File, ClassName = Button(CheckBox).
Pid = 1160, Hwnd=0xc01d6, Text = Writing on Floppy, ClassName = Button(GroupBox).
Pid = 1160, Hwnd=0xd01c8, Text = F&loppy:, ClassName = Static.
Pid = 1160, Hwnd=0xc01c2, Text = A:, ClassName = ComboBox.
Pid = 1160, Hwnd=0xb0184, Text = For&matting, ClassName = Button(CheckBox).
Pid = 1160, Hwnd=0xa01aa, Text = Number of &set, ClassName = Static.
Pid = 1160, Hwnd=0xb01b0, Text = 1, ClassName = Edit.
Pid = 1160, Hwnd=0xa018c, Text = File extraction, ClassName = Button(GroupBox).
Pid = 1160, Hwnd=0xe016e, Text = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\, ClassName = Edit.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [WinImage Self Extractor,#32770]
动态列表行为
VirSCANVirSCAN
行为描述: 访问网络
详情信息: host:121.199.2.179 port:9800
host:218.244.130.181 port:9800
行为描述: 传递附加信息
详情信息: Ljava/lang/String;=KEY_INIT_CTRL | Ljava/lang/String;=KEY_INIT_CTRL
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
esh.usfwsmrfkh.uuompblu.safzq
com.android.mms.transaction.SmsReceiverService
android.com.my.controller.service.SupportService
com.android.providers.downloads.DownloadService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/847/cmdline length:105
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:9
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:23
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:98
path:/proc/863/cmdline length:105
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:9
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:22
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:94
path:/proc/897/cmdline length:105
path:/proc/899/cmdline length:105
path:/data/data/com.wingball.falseman/service/smsrpt.i length:105
path:/proc/934/cmdline length:105
path:/proc/936/cmdline length:105
path:/data/data/com.wingball.falseman/service/smsrpt.i length:105
行为描述: 数据泄露
详情信息: sink:File operation:write data:data:2014-04-30 09:45:21 post_data: {"aappinfo":"","apppath":"\/data\/app","v":"50015","androidid":"d38
sink:File operation:write data:data:2014-04-30 09:45:27 post_data: {"aappinfo":"","apppath":"\/data\/app","v":"50015","androidid":"d38
sink:File operation:write data:data:[report] configurl=http://121.199.2.179:9800/server2014/BUSS configurl2=http://218.244.130.181:980
sink:File operation:write data:data:2014-04-30 09:45:33 local_num: 15555215554
sink:File operation:write data:data:2014-04-30 09:45:56 post_data: {"aappinfo":"","apppath":"\/data\/app","v":"50015","androidid":"d38
行为描述: 访问URL
详情信息: libcore.net.http.HttpURLConnectionImpl:http://api.showji.com/Locating/www.show.ji.c.o.m.aspx?output=json&callback=&timestamp=&m=15555215554
行为描述: 数据加密
详情信息: {u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'64, 36, 35, 6, -102, -32, 77, -64'}
{u'operation': u'decryption', u'data': u'unknown.service.special.marking', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'USER_INFO', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'isblack', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'serviceName', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'SERVICE_TAG', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'mservice', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'msg', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'-121, 42, -48, -105, 69, -89, -28, 45'}
{u'operation': u'decryption', u'data': u'ProxyService', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'extra.from', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'extra.dex.path', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'extra.class', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'75, 64, -122, 118, -66, -11, 95, 28'}
{u'operation': u'decryption', u'data': u'outdex', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'!QJZne2Dy_U(%[M}', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'-47, 27, 94, 110, 82, -31, 50, -116'}
{u'operation': u'decryption', u'data': u'DES', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'33, 81, 74, 90, 110, 101, 50, 68'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'49, -85, -118, -125, 84, -112, -12, 65'}
{u'operation': u'decryption', u'data': u'move file', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'success', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'7, 67, 116, 19, 105, 56, -99, 82'}
{u'operation': u'decryption', u'data': u'com.system.plugin.PlugService', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'mClass=', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u' mDexPath=', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'start launchTargetActivity, className=', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'instance = ', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'onCreate', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'onDestory', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'onBind', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'onRebind', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'onUnbind', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'onStart', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'setProxy', u'algorithm': u'DES/CBC/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'119, 119, 119, 46, 98, 97, 105, 100'}
{u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'83, 101, 103, 68, 100, 109, 48, 80'}
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.wingball.falseman-1.apk
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar
行为描述: 初始化Intent
详情信息: Ljava/lang/String;=action.my.SupportService
Ljava/lang/String;=unknown.service.special.marking
Landroid/content/Context;=com.wallpaper.ringtones.activitys.MainActivity@4153c560 | Ljava/lang/Class;=class esh.usfwsmrfkh.uuompblu.safzq
Ljava/lang/String;=alarm_intent_filter
Landroid/content/Context;=com.wallpaper.ringtones.services.UpdateAPKService@41599d18 | Ljava/lang/Class;=class com.wallpaper.ringtones.services.UpdateAPKService
Landroid/content/Context;=com.wallpaper.ringtones.services.UpdateAPKService@41599d18 | Ljava/lang/Class;=class com.wallpaper.ringtones.activitys.FinishActivity
Landroid/content/Context;=android.app.ReceiverRestrictedContext@4159cb10 | Ljava/lang/Class;=class android.com.my.controller.service.SupportService
行为描述: 获取设备ID
详情信息: 357242043237511
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:80
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:61
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:69
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:48
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:52
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:49
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:50
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:50
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:42
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:45
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:49
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:45
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:47
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:50
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:61
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:24
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:61
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:64
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:55
path:/data/data/com.wingball.falseman/app_outdex/cmcode_after.jar length:56
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:81
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:63
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:61
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:47
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:61
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:55
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:47
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:46
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:46
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:46
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:47
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:42
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:47
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:41
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:63
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:55
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:46
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:64
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:46
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:52
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:50
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:58
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:52
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:58
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:59
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:52
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:63
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:48
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:46
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:43
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:61
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:50
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:56
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:50
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:61
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:64
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:48
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:49
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:48
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:55
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:58
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:62
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:60
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:55
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:55
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:48
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:57
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:52
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:58
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:47
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:47
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:58
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:53
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:50
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:51
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:54
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:65
path:/data/data/com.wingball.falseman/app_outdex/vnggicepqoot.jar length:47
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:42
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:50
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:46
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:56
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:47
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:47
path:/data/data/com.wingball.falseman/shared_prefs/USER_INFO.xml length:105
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:41
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:41
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:39
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:51
path:/data/data/com.wingball.falseman/service/smsrpt.i length:105
path:/data/data/com.wingball.falseman/service/smsrpt.i length:11
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:48
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:40
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:76
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:41
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:42
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:42
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:78
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:41
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:42
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:39
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:52
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:48
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:46
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:49
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:40
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:48
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:56
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:45
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:51
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:45
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:51
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:40
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:68
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:42
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:42
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:47
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:47
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:41
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:40
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:39
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:51
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:48
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:40
path:/data/data/com.wingball.falseman/.android_Log/log.txt length:76
Activities
VirSCANVirSCAN
活动名 类型
com.wallpaper.ringtones.activitys.MainActivity android.intent.action.MAIN
com.wallpaper.ringtones.activitys.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getLine1Number 获取手机号
ContentResolver;->delete 删除短信、联系人
SmsManager;->sendTextMessage 发送普通短信
SmsManager;->sendDataMessage 发送二进制消息
getRuntime 获取命令行环境
HttpClient;->execute 请求远程服务器
java/lang/Runtime;->exec 执行字符串命令
LocationManager;->getLastKnownLocation 获取地址位置
android/app/NotificationManager;->notify 信息通知栏
启动方式
VirSCANVirSCAN
名称 信息
com.wallpaper.ringtones.receiver.BootReceiver 开机启动服务
esh.usfwsmrfkh.uuompblu.ksdifvyfg 屏幕解锁启动服务
esh.usfwsmrfkh.uuompblu.ksdifvyfg 开机启动服务
android.com.my.controller.receiver.BootReceiver 开机启动服务
android.com.my.controller.receiver.BootReceiver WIFI状态改变时启动服务
android.com.my.controller.receiver.BootReceiver 网络连接改变时启动服务
android.com.my.controller.receiver.BootReceiver 屏幕解锁启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.SET_WALLPAPER 设置桌面壁纸
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_WAP_PUSH 接收wap push信息
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.REBOOT 重启设备
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.READ_SMS 读取短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.SEND_SMS 发送短信
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.WRITE_SMS 写短信
android.permission.INSTALL_PACKAGES 安装应用
android.permission.DELETE_PACKAGES 删除应用
android.permission.CLEAR_APP_CACHE 清除应用缓存
android.permission.CLEAR_APP_USER_DATA 清除用户数据
android.permission.MOUNT_FORMAT_FILESYSTEMS 格式化文件系统
服务列表
VirSCANVirSCAN
名称
com.wallpaper.ringtones.services.ScreenService
com.wallpaper.ringtones.services.TimekeepingService
com.wallpaper.ringtones.services.DownGGService
com.wallpaper.ringtones.services.UpdateAPKService
esh.usfwsmrfkh.uuompblu.safzq
android.com.my.controller.service.SupportService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x7e583116
META-INF/CERT.SF 0xca7f2acc
META-INF/CERT.RSA 0x26b56741
res/layout/diy_store.xml 0x332b7299
res/drawable/setting_item_bg_press.9.png 0xd57557a4
assets/out.jar 0x823c67af
res/drawable/style_setting_item_bg.xml 0x357942f6
res/drawable-hdpi/time_frame_3.png 0x47bc5bff
res/layout/setting_time.xml 0xbe2b12e5
res/layout/custom_pic.xml 0xff75a177
res/drawable/divide_line.png 0x53365d6c
resources.arsc 0x4b979ac4
res/layout/mshare.xml 0x10652ec3
res/layout/display.xml 0x160fbac3
res/drawable-hdpi/back_s.jpg 0xa353931b
res/layout/menu.xml 0xdc43c36f
res/layout/browse_pic.xml 0x72688634
res/drawable/time_frame_3.png 0x47bc5bff
res/drawable-hdpi/time_frame_1.png 0x975209fa
AndroidManifest.xml 0x1f7f06b8
res/drawable-ldpi/icon.png 0x26231c6
res/drawable/setting_item_bg.9.png 0xc739e177
res/drawable/time_frame_2.png 0x3dacdf9f
res/drawable-mdpi/icon.png 0x26231c6
assets/Controller.apk 0x2d240f6a
assets/360x640_0_mm2.jpg 0x6564790a
res/anim/slide_right.xml 0x334a2d2a
res/layout/diy_grid_item.xml 0xba72414d
res/layout/diy.xml 0x5c3d1707
res/layout/progress.xml 0xe489a34c
res/layout/notice.xml 0x6e311a7e
assets/vnggicepqoot.jar 0x3ab178bc
assets/config 0xc8525780
res/layout/setting.xml 0xf479ae2d
res/layout/help.xml 0x29f87e59
res/layout/edit_dialog.xml 0x5fb0db19
res/layout/screen_saver.xml 0x7bc530ca
assets/360x640_1_FJ11.jpg 0xe9b0e856
res/drawable-hdpi/divide_line.png 0x53365d6c
classes.dex 0x3bfd815d
res/layout/main.xml 0xcff9775e
res/drawable-hdpi/time_frame_2.png 0x3dacdf9f
res/drawable/time_frame_1.png 0x975209fa
assets/cmcode_before.jar 0xfc0949e1
res/anim/slide_left.xml 0x78ffcd0d
res/drawable-hdpi/up.png 0xc64e7ddd
res/drawable-hdpi/back_s1.jpg 0xe743d216
res/layout/about.xml 0x47cd4e30
res/drawable-hdpi/icon.png 0x26231c6
运行截图
VirSCANVirSCAN
VirSCAN