VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

File Name :com.sugen.ipcall.apk (File not down)
File Size :1011846 byte
File Type : Zip archive data
MD5:81462495893ccce88ecfd6a49e88f9a7
SHA1:0651d36c259936e603a47e1368ae1c5b932fa7b8
SHA256:e238dcd9a5dad86a4319a5dfb77aedd63a8028e12460f03e43043d69f7d87602
SSDEEP:24576:SWZd1hPdfTTPOA+n0E14mQliTwFZW5qesDOO7:SWZdhf/OXe7Fwse6OO7
Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-10-07 18:39:32 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 160912-2 4.7.4 2016-09-12 Found nothing 32
avg 2109/10757 10.0.1405 2015-12-26 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
clamav 22213 0.97.5 2016-09-16 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2016-09-20 Found nothing 52
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 18
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 18
gdata 25.8543 25.8543 2016-10-07 Found nothing 10
ikarus 1.06.01 V1.32.31.0 2016-09-20 Found nothing 33
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 42
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 37
kingsoft 2.1 2.1 2013-09-22 Found nothing 5
mcafee 8254 5400.1158 2016-08-11 Found nothing 45
nod32 1777 3.0.21 2015-06-12 Found nothing 5
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 6
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 4.62 3.16.1 2016-09-20 Found nothing 18
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
vba 3.12.29.3 beta 3.12.29.3 beta 2016-09-19 Found nothing 55
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 39
权限列表
许可名称 信息
android.permission.PROCESS_OUTGOING_CALLS 监视、修改有关拨出电话
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:81462495893ccce88ecfd6a49e88f9a7
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.sugen.ipcall
最低运行环境:Android 2.2.x
版权:sugen
关键行为
VirSCANVirSCAN
行为描述: 打开注册表_检测虚拟机相关
详情信息: \REGISTRY\USER\S-*\Software\VMware, Inc.
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x00401000, Size = 0x00010c00
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x00412000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x7ffd5008, Size = 0x00000004
行为描述: 获取TickCount值
详情信息: TickCount = 5349688, SleepMilliseconds = 1.
行为描述: 通过内存映射跨进程修改内存
详情信息: TargetProcess = svchost.exe
行为描述: 设置线程上下文
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
进程行为
VirSCANVirSCAN
行为描述: 打开注册表_检测虚拟机相关
详情信息: \REGISTRY\USER\S-*\Software\VMware, Inc.
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x00401000, Size = 0x00010c00
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x00412000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe, WriteAddress = 0x7ffd5008, Size = 0x00000004
行为描述: 获取TickCount值
详情信息: TickCount = 5349688, SleepMilliseconds = 1.
行为描述: 通过内存映射跨进程修改内存
详情信息: TargetProcess = svchost.exe
行为描述: 设置线程上下文
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\prntxcqd.exe
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\prntxcqd.exe
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\prntxcqd.exe ---> Offset = 0
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
FileName = C:\WINDOWS
FileName = C:\WINDOWS\system32
FileName = C:\WINDOWS\system32\svchost.exe
注册表行为
VirSCANVirSCAN
行为描述: 打开注册表_检测虚拟机相关
详情信息: \REGISTRY\USER\S-*\Software\VMware, Inc.
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: 2GVWNQJz1
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
行为描述: 创建事件对象
详情信息: EventName = Y2mNyaZ3
EventName = Global\crypt32LogoffEvent
行为描述: 获取TickCount值
详情信息: TickCount = 5349688, SleepMilliseconds = 1.
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
Global\crypt32LogoffEvent
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Y2mNyaZ3
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\prntxcqd.exe(签名验证: 未通过)
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\prntxcqd.exe ---> 7ff0e957615d696249207e1b23b79430
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Activities
VirSCANVirSCAN
活动名 类型
com.sugen.ipcall.ui.WelcomeActivity android.intent.action.MAIN
com.sugen.ipcall.ui.WelcomeActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
启动方式
VirSCANVirSCAN
名称 信息
com.sugen.ipcall.common.OutgoingCallReceiver
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.PROCESS_OUTGOING_CALLS 监视、修改有关拨出电话
文件列表
VirSCANVirSCAN
文件名 校验码
assets/phoneloc.dat 0x85a642f8
res/color/textview_color.xml 0xa81519c7
res/color/textview_color_under.xml 0x7d7254b7
res/drawable/textview_color.xml 0x3f045a2e
res/layout/about_view.xml 0x5fce68b0
res/layout/activity_main.xml 0x164c6069
res/layout/layout_welcome.xml 0xfda5e560
res/layout/popup_form.xml 0x343deadc
res/menu/main.xml 0x97e149ca
AndroidManifest.xml 0x208c236
resources.arsc 0xbb4483cf
res/drawable-hdpi/alert.png 0x98210c95
res/drawable-hdpi/checkbox_checked.png 0x340ec1f3
res/drawable-hdpi/checkbox_default.png 0xa43e8228
res/drawable-hdpi/custom_button.xml 0xdf3aa9bf
res/drawable-hdpi/edit.png 0xa7a610c7
res/drawable-hdpi/focused.png 0xca8c2a33
res/drawable-hdpi/icon.png 0xf06100c9
res/drawable-hdpi/info.png 0x98a1412a
res/drawable-hdpi/loading.png 0xfd2a92d9
res/drawable-hdpi/logo.png 0x2895e18d
res/drawable-hdpi/nofocused.png 0xec16a8c6
res/drawable-hdpi/top_bar_bg.png 0x5915c463
res/drawable-ldpi/icon2.png 0xdbbb1fed
res/drawable-mdpi/ic_launcher.png 0x6a84dfd9
res/drawable-xhdpi/ic_launcher.png 0xa227fc8a
res/drawable-xxhdpi/ic_launcher.png 0x2a4a99d1
classes.dex 0x294a454e
lib/armeabi/libphoneloc-jni.so 0x4c80429b
META-INF/MANIFEST.MF 0xe9cb5cd5
META-INF/CERT.SF 0x80b41298
META-INF/CERT.RSA 0xd1adcfeb
运行截图
VirSCANVirSCAN
VirSCAN