VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :PayDemo.apk (File not down)
File Size :47155 byte
File Type :Zip archive data
MD5:c4e483c83a0f653b264ab03250911809
SHA1:870f89c8dae07b5d2e9dac8e8e223be4258f2179
SHA256:a39db4c9ff71d5cf313166ed5af93256600fbe5615fd53e84246e29abaac76aa
SSDEEP:768:l1gfQfIt03WP8pdaPWdbFuW7/Xyz6PXQ0YXDCyJzjHYbxsQcZULe+vop5tLcD/JZ:vgofNTECF6zoXXYXuyJzjkW3UXwpaRGa
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2017-07-20 09:49:51 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 9
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 23575 0.97.5 2017-07-19 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
    fortinet 5.4.247 2017-07-20 Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.13454 25.13454 2017-07-20 Android.Trojan.SMSSend.APD 11
    ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-07-19 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2017-07-19 Found nothing 6
    mcafee 8261 5400.1158 2016-08-18 Found nothing 60
    nod32 1777 3.0.21 2015-06-12 Found nothing 60
    panda 9.05.01 9.05.01 2017-07-19 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-07-18 Found nothing 2
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 1
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2017-07-16 Found nothing 1
    tws 17.47.17308 1.0.2.2108 2017-07-19 Found nothing 13
    vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-17 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.READ_SMS读取短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
  • 文件信息
    安全评分 :
    基本信息
    MD5:c4e483c83a0f653b264ab03250911809
    包名:com.example.test
    最低运行环境:Android 2.3, 2.3.1, 2.3.2
    版权:Android
    关键行为
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00010348, DC = 0x01010057.
    Foreground window Info: HWND = 0x00010348, DC = 0x0c0101e7.
    Foreground window Info: HWND = 0x00010348, DC = 0x3e010648.
    行为描述:设置消息钩子
    详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2724, ThreadID = 2788, StartAddress = 00479350, Parameter = 00D97D88
    TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2724, ThreadID = 2792, StartAddress = 00479350, Parameter = 00D9AB00
    行为描述:枚举进程
    详情信息:N/A
    注册表行为
    行为描述:修改注册表
    详情信息:\REGISTRY\USER\S-*\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x32(BGR 0)
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    MSCTF.Shared.MUTEX.IKK
    行为描述:创建事件对象
    详情信息:EventName = DINPUTWINMM
    EventName = MSCTF.SendReceive.Event.IKK.IC
    EventName = MSCTF.SendReceiveConection.Event.IKK.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [,]
    NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:窗口信息
    详情信息:Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    Pid = 2724, Hwnd=0x10346, Text = 窗口设置, ClassName = Button(GroupBox).
    Pid = 2724, Hwnd=0x10358, Text = 创建桌面快捷方式(&C), ClassName = Button(CheckBox).
    Pid = 2724, Hwnd=0x10356, Text = 应用(&A), ClassName = Button.
    Pid = 2724, Hwnd=0x10354, Text = 关于 (&A), ClassName = Button.
    Pid = 2724, Hwnd=0x10350, Text = 推荐尺寸:800×600, ClassName = ComboBox.
    Pid = 2724, Hwnd=0x20342, Text = 大航海时代Ⅳ威力加强版 窗口化工具, ClassName = WTWindow.
    Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    Pid = 2724, Hwnd=0x10350, Text = 推荐尺寸:1024×768, ClassName = ComboBox.
    Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    Pid = 2724, Hwnd=0x10348, Text = 游戏:大航海时代Ⅳ威力加强版[繁体中文] 已启动, ClassName = msctls_statusbar32.
    行为描述:获取窗口截图信息
    详情信息:Foreground window Info: HWND = 0x00010348, DC = 0x01010057.
    Foreground window Info: HWND = 0x00010348, DC = 0x0c0101e7.
    Foreground window Info: HWND = 0x00010348, DC = 0x3e010648.
    行为描述:调用Sleep函数
    详情信息:[1]: MilliSeconds = 0.
    行为描述:隐藏指定窗口
    详情信息:[Window,Class] = [,ComboLBox]
    [Window,Class] = [,_EL_Timer]
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    Activities
    活动名类型
    com.example.demo.Mainandroid.intent.action.MAIN
    com.example.demo.Mainandroid.intent.category.LAUNCHER
    权限列表
    许可名称信息
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.CHANGE_NETWORK_STATE变更网络状态
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.READ_SMS读取短信
    android.permission.RECEIVE_SMS监控接收短信
    android.permission.SEND_SMS发送短信
    android.permission.WRITE_SMS写短信
    android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    文件列表
    文件名 校验码
    assets/test.jar 0x3eea458f
    res/layout/paymain.xml 0xcee20261
    AndroidManifest.xml 0x114c1b1a
    resources.arsc 0x5184a0f
    res/drawable-hdpi/ic_launcher.png 0xf248df62
    res/drawable-mdpi/ic_launcher.png 0x6a84dfd9
    res/drawable-xhdpi/ic_launcher.png 0xa227fc8a
    res/drawable-xxhdpi/ic_launcher.png 0x2a4a99d1
    classes.dex 0x3263c30c
    META-INF/MANIFEST.MF 0x171bc8f4
    META-INF/CERT.SF 0x319f2ea4
    META-INF/CERT.RSA 0x11e19969
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号