VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
File Name :【宅男】小草V1.71.apk (File not down)
File Size :908678 byte
File Type :Zip archive data
MD5:6d380acf9e1d739d1b5a1f08e0a75313
SHA1:fa05ddf293c0b6df0a2dad70fda4472141cfae5e
SHA256:9b3260d197828acf9b2cbffd487caeea40f0dc72863c8e9fd72f72277fcafbc6
SSDEEP:24576:VbQrN+dtKfuW56QLviEPRPkoMpJtBFEZ2JCccBZOkQ5M/e:vdtKfuW5vvigRPk3TFEZyuBZ45B
  • 扫描结果
  • 权限
  • 文件行为分析
  • Scanner results
    Scanner results:3%Scanner(s) (1/32)found malware!
    Behavior analysis report:         Habo file analysis
    Time: 2017-07-13 08:13:37 (CST)
    VirSCANVirSCAN
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    antiy AVL SDK 2.0 1970-01-01 Found nothing 5
    asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
    avast 170303-1 4.7.4 2017-03-03 Found nothing 60
    avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
    baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
    baidusd 1.0 1.0 2017-03-22 Found nothing 1
    bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
    clamav 23551 0.97.5 2017-07-10 Found nothing 60
    drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
    fortinet Found nothing 60
    fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
    fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
    gdata 25.13334 25.13334 2017-07-13 Android.Adware.Agent.DN 11
    ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
    jiangmin 16.0.100 1.0.0.0 2017-07-10 Found nothing 2
    kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
    kingsoft 2.1 2.1 2017-07-12 Found nothing 4
    mcafee 8261 5400.1158 2016-08-18 Found nothing 60
    nod32 1777 3.0.21 2015-06-12 Found nothing 60
    panda 9.05.01 9.05.01 2017-07-11 Found nothing 4
    pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
    qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
    qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
    quickheal 14.00 14.00 2017-07-12 Found nothing 3
    rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 2
    sophos 5.32 3.65.2 2016-10-10 Found nothing 60
    symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
    tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
    thehacker 6.8.0.5 6.8.0.5 2017-07-09 Found nothing 2
    tws 17.47.17308 1.0.2.2108 2017-07-12 Found nothing 14
    vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-10 Found nothing 60
    virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
    Heuristic/Suspicious Exact
    NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
  • 权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_COARSE_UPDATES
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
  • 文件信息
    安全评分 :
    基本信息
    MD5:6d380acf9e1d739d1b5a1f08e0a75313
    包名:com.cl.newt66y
    最低运行环境:Android 4.1, 4.1.1
    版权:
    关键行为
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x0003033c, Text = Preparing setup..., ClassName = Preparing setup....
    进程行为
    行为描述:创建本地线程
    详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2612, ThreadID = 2664, StartAddress = 00A1D9CE, Parameter = 0003033C
    网络行为
    行为描述:建立到一个指定的套接字连接
    详情信息:URL: fu****id, IP: **.133.40.**:128, SOCKET = 0x00000714
    行为描述:发送HTTP包
    详情信息:GET http://fun.losscook.bid/h_redir.php?offer_id=4&aff_id=3556&source=4656&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=1409514783&url=http%3A%2F%2Ffun.losscook.bid/offer.php%3FaffId%3D{aff_id}%26trackingId%3D249494431%26instId%3D4656%26ho_trackingid%3D{transaction_id}%26cc%3D{country_code}%26cc_typ%3Dho%26sb%3Dx86%26net%3D4.0.30319%26ie%3D8%2e0%2e6001%2e18702%26wv%3Dxpsp3%26db%3DInternetExplorer%26uac%3D1%26cid%3D3b65da4af021e9102aaf60ce441118c8%26v%3D3 HTTP/1.1 Host: fu****id Connection: close Accept: */* User-Agent: InstallCapital
    行为描述:按名称获取主机地址
    详情信息:GetAddrInfoW: fu****id
    其他行为
    行为描述:创建互斥体
    详情信息:CTF.LBES.MutexDefaultS-*
    CTF.Compart.MutexDefaultS-*
    CTF.Asm.MutexDefaultS-*
    CTF.Layouts.MutexDefaultS-*
    CTF.TMD.MutexDefaultS-*
    CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
    MSCTF.Shared.MUTEX.IOH
    MSCTF.Shared.MUTEX.IDK
    行为描述:创建事件对象
    详情信息:EventName = MSCTF.SendReceive.Event.IDK.IC
    EventName = MSCTF.SendReceiveConection.Event.IDK.IC
    行为描述:查找指定窗口
    详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
    NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
    行为描述:打开事件
    详情信息:HookSwitchHookEnabledEvent
    CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
    \SECURITY\LSA_AUTHENTICATION_INITIALIZED
    CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
    MSCTF.SendReceiveConection.Event.IOH.IC
    MSCTF.SendReceive.Event.IOH.IC
    行为描述:屏蔽窗口关闭消息
    详情信息:hWnd = 0x0003033c, Text = Preparing setup..., ClassName = Preparing setup....
    行为描述:窗口信息
    详情信息:Pid = 2612, Hwnd=0x3033c, Text = Preparing setup..., ClassName = Preparing setup....
    行为描述:打开互斥体
    详情信息:ShimCacheMutex
    行为描述:解密数据
    详情信息:[CryptDecrypt] Data: 0x001AA0F8, CipherTextLen: 3256, PlainTextLen: 3254, Flags: 0x00000000
    行为描述:导入密钥
    详情信息:[CryptImportKey] Algorithm: CALG_3DES (0x00006603), Data: 0x00E0F194, DataLen: 36, Flags: 0x00000001
    Activities
    活动名类型
    com.cl.newt66y.MainActivityandroid.intent.action.MAIN
    com.cl.newt66y.MainActivityandroid.intent.category.LAUNCHER
    危险函数
    函数名称信息
    java/net/URL;->openConnection连接URL
    广告信息
    名称信息
    com.baidu百度
    权限列表
    许可名称信息
    android.permission.INTERNET连接网络(2G或3G)
    android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
    android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
    android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
    android.permission.ACCESS_WIFI_STATE读取wifi网络状态
    android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
    android.permission.READ_PHONE_STATE读取电话状态
    android.permission.GET_TASKS获取有关当前或最近运行的任务信息
    android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
    android.permission.ACCESS_COARSE_UPDATES
    android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
    服务列表
    名称
    ric.pmx.djtmm
    ric.pmx.lipqp
    ric.pmx.lbmmn
    ric.pmx.un
    com.qq.e.comm.DownloadService
    文件列表
    文件名 校验码
    META-INF/MANIFEST.MF 0x94ccfc8a
    META-INF/MM.SF 0xde66938
    META-INF/MM.RSA 0x7c2c6fc6
    AndroidManifest.xml 0xf10c8c63
    assets/gj 0xb38b9576
    assets/help.html 0xaeda0713
    assets/image.html 0x40a33482
    assets/index.html 0x68757aca
    assets/libs/arm64-v8a/libajdkr 0xfdb4287b
    assets/libs/armeabi-v7a/libajdkr 0xc664fc1d
    assets/libs/armeabi/libajdkr 0x46068115
    assets/libs/x86/libajdkr 0x49d4ff0a
    assets/pkg 0xaad4cb44
    assets/qrcode.png 0xecdfe44e
    assets/sk 0xd1e4ced8
    assets/verifydomain.html 0x6917c54b
    classes.dex 0x32f0f038
    res/drawable-anydpi-v21/button_actionbar_close.xml 0xd5b80a38
    res/drawable-anydpi-v21/button_actionbar_menu.xml 0x56a9643e
    res/drawable-anydpi-v21/button_back.xml 0xd1d5aa24
    res/drawable-anydpi-v21/button_back_night.xml 0x98866f54
    res/drawable-anydpi-v21/button_menu.xml 0x665477be
    res/drawable-anydpi-v21/button_menu_night.xml 0x961c964b
    res/drawable-hdpi-v4/actionbarbutton.xml 0x7002bc25
    res/drawable-hdpi-v4/button_actionbar_close.png 0x7cb9fe47
    res/drawable-hdpi-v4/button_actionbar_menu.png 0xe34b8995
    res/drawable-hdpi-v4/button_back.png 0x1bd20f43
    res/drawable-hdpi-v4/button_back_night.png 0x791de53f
    res/drawable-hdpi-v4/button_menu.png 0x5ea65c96
    res/drawable-hdpi-v4/button_menu_night.png 0x25bfd9ca
    res/drawable-hdpi-v4/ic_launcher.png 0x1d9e0356
    res/drawable-hdpi-v4/menucorner.xml 0xaccdb62b
    res/drawable-hdpi-v4/navigationbarbutton.xml 0x4a4c7270
    res/drawable-ldpi-v4/button_actionbar_close.png 0xf93d0c6c
    res/drawable-ldpi-v4/button_actionbar_menu.png 0xb64ebbdc
    res/drawable-ldpi-v4/button_back.png 0x3705c272
    res/drawable-ldpi-v4/button_back_night.png 0x63b555a0
    res/drawable-ldpi-v4/button_menu.png 0xeb71cdf2
    res/drawable-ldpi-v4/button_menu_night.png 0x6d48cb84
    res/drawable-mdpi-v4/button_actionbar_close.png 0x1e6802ae
    res/drawable-mdpi-v4/button_actionbar_menu.png 0xf2d25527
    res/drawable-mdpi-v4/button_back.png 0x7ee87ce4
    res/drawable-mdpi-v4/button_back_night.png 0x4e17a065
    res/drawable-mdpi-v4/button_menu.png 0x46be2e51
    res/drawable-mdpi-v4/button_menu_night.png 0xb833a56f
    res/drawable-mdpi-v4/ic_launcher.png 0x53be8d71
    res/drawable-xhdpi-v4/button_actionbar_close.png 0x708a5af1
    res/drawable-xhdpi-v4/button_actionbar_menu.png 0x24de8c22
    res/drawable-xhdpi-v4/button_back.png 0xfb385ba6
    res/drawable-xhdpi-v4/button_back_night.png 0x65be58a0
    res/drawable-xhdpi-v4/button_menu.png 0x7565c8fe
    res/drawable-xhdpi-v4/button_menu_night.png 0xcf000ba7
    res/drawable-xhdpi-v4/ic_launcher.png 0xc5ec7233
    res/drawable-xxhdpi-v4/button_actionbar_close.png 0xdb280085
    res/drawable-xxhdpi-v4/button_actionbar_menu.png 0x11156ab1
    res/drawable-xxhdpi-v4/button_back.png 0xe5497d45
    res/drawable-xxhdpi-v4/button_back_night.png 0x8822e22a
    res/drawable-xxhdpi-v4/button_menu.png 0x3b679239
    res/drawable-xxhdpi-v4/button_menu_night.png 0x3478fd01
    res/drawable-xxhdpi-v4/ic_launcher.png 0xd64ccf52
    res/drawable-xxxhdpi-v4/button_actionbar_close.png 0x7d3c6124
    res/drawable-xxxhdpi-v4/button_actionbar_menu.png 0xd195ad99
    res/drawable-xxxhdpi-v4/button_back.png 0x2bf51a8b
    res/drawable-xxxhdpi-v4/button_back_night.png 0xb8ba11d7
    res/drawable-xxxhdpi-v4/button_menu.png 0x37ed127d
    res/drawable-xxxhdpi-v4/button_menu_night.png 0x95535830
    res/drawable/progressbar.xml 0x7cded0b5
    res/drawable/progressbar_night.xml 0x78e230c1
    res/drawable/style_button_menu.xml 0xd8c08d4b
    res/drawable/style_button_setting.xml 0xab0389cc
    res/layout/actionbar_close.xml 0x5356654f
    res/layout/actionbar_closeandmenu.xml 0x41d0d41f
    res/layout/actionbar_menu.xml 0xc856edbb
    res/layout/activity_get.xml 0x4e3add04
    res/layout/activity_get_outside.xml 0xf0d4ae16
    res/layout/activity_help.xml 0x7f6f4774
    res/layout/activity_launch.xml 0x82dd7efc
    res/layout/activity_listview.xml 0xff280284
    res/layout/activity_listview_item.xml 0x2b3f2a25
    res/layout/activity_main.xml 0xc0d16a3b
    res/layout/activity_passlogin.xml 0xd69f6990
    res/layout/activity_password.xml 0xe79b9c6e
    res/layout/activity_settings.xml 0xbe6900c1
    res/layout/activity_setzoom.xml 0xebdda262
    res/layout/activity_showimage.xml 0xf55cd4d5
    res/layout/menu_favorite.xml 0xd7faa738
    res/layout/menu_getaddress.xml 0x1ef33ce3
    res/layout/menu_history.xml 0x83c60f1d
    res/layout/menu_openimage.xml 0x5c3ed92a
    res/layout/menu_openoutside.xml 0xae5f8271
    res/layout/menu_openthread.xml 0xd585254d
    res/layout/menu_openurl.xml 0xd61fcf62
    resources.arsc 0x49563b34
    运行截图
    VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号