VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Scanner(s) (0/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-10-31 08:28:21 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.182.106 Found nothing 16
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Found nothing 1
avast 141030-1 4.7.4 2014-10-30 Found nothing 29
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57450 7.90123 2014-10-31 Found nothing 6
clamav 19554 0.97.5 2014-10-30 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 41
fortinet Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-10-30 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 7
gdata 24.3819 24.3819 2014-08-29 Found nothing 7
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-10-30 Found nothing 14
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 14
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 5
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 7
pcc 11.242.06 9.500-1005 2014-10-29 Found nothing 2
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-10-31 Found nothing 1
quickheal 14.00 14.00 2014-06-14 Found nothing 3
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 2
symantec 20141028.001 1.3.0.24 2014-10-28 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-10-30 Found nothing 4
virusbuster 15.0.952.0 5.5.2.13 2014-10-28 Found nothing 15
权限列表
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.VIBRATE 允许设备震动
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
文件信息
VirSCANVirSCAN
安全评分 :72
基本信息
VirSCANVirSCAN
MD5:89ff6f8872f8130df61050417175d6f3
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.johnny.share.xunlei
最低运行环境:Android 2.2.x
版权:null
关键行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [InstallShield Wizard,#32770]
[Window,Class] = [Windows Installer,#32770]
进程行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [InstallShield Wizard,#32770]
[Window,Class] = [Windows Installer,#32770]
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: \DOCUME~1\ADMINI~1\LOCALS~1\Temp\~2.tmp
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\Setup.INI
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\0x0409.ini
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\Applied Discovery"s Redaction and Print Components.msi
DfSharedHeapBEDC7
DfRoot0000BEDC7
DfSharedHeapBEFF3
DfRoot0000BEFF3
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\MSI4.tmp
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~2.tmp---> Offset = 1024
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\Setup.INI---> Offset = 1024
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\_ISMSIDEL.INI---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\0x0409.ini---> Offset = 4096
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\_ISMSIDEL.INI---> Offset = 70
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is3\Applied Discovery"s Redaction and Print Components.msi---> Offset = 4096
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\14ad75.msi---> Offset = 89286
其他行为
VirSCANVirSCAN
行为描述: 窗口信息
详情信息: Pid = 1748, Hwnd=0xd0166, Text = Cancel, ClassName = Button.
Pid = 1748, Hwnd=0xb016a, Text = Preparing to Install..., ClassName = Static.
Pid = 1748, Hwnd=0xb01de, Text = Applied Discovery"s Redaction and Print Components Setup is preparing the InstallShield Wizard, which will guide you through the , ClassName = Static.
Pid = 1748, Hwnd=0xc01d6, Text = Configuring Windows Installer, ClassName = Static.
Pid = 1748, Hwnd=0xd01c8, Text = Progress1, ClassName = msctls_progress32.
Pid = 1748, Hwnd=0xb01b0, Text = IDR_GIF1, ClassName = is_gif_class.
Pid = 1748, Hwnd=0xa0186, Text = InstallShield Wizard, ClassName = #32770.
Pid = 180, Hwnd=0xe016e, Text = &OK, ClassName = Button.
Pid = 180, Hwnd=0xa0198, Text = Adobe Acrobat cannot be found. Please install Adobe Acrobat Full Version 6.0 or greater., ClassName = Static.
Pid = 180, Hwnd=0xd01a4, Text = NewBinary4, ClassName = Static.
Pid = 180, Hwnd=0xe0180, Text = Applied Discovery"s Redaction and Print Components Installer Information, ClassName = MsiDialogCloseClass.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [InstallShield Wizard,#32770]
[Window,Class] = [Windows Installer,#32770]
行为描述: 创建互斥体
详情信息: SHIMLIB_LOG_MUTEX
行为描述: 获取系统权限
详情信息: SE_SHUTDOWN_PRIVILEGE
SE_INCREASE_QUOTA_PRIVILEGE
SE_CREATE_TOKEN_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/842/cmdline length:105
path:/proc/847/cmdline length:105
path:/proc/875/cmdline length:105
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.johnny.share.xunlei-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.johnny.share.xunlei/shared_prefs/storage.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.johnny.share.xunlei/shared_prefs/UMENG_RUNTIME_CACHE.xml length:70
Activities
VirSCANVirSCAN
活动名 类型
.WelcomeActivity android.intent.action.MAIN
.WelcomeActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
android/app/NotificationManager;->notify 信息通知栏
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
getRuntime 获取命令行环境
ContentResolver;->query 读取联系人、短信等数据库
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.VIBRATE 允许设备震动
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
服务列表
VirSCANVirSCAN
名称
com.umeng.update.net.DownloadingService
文件列表
VirSCANVirSCAN
文件名 校验码
res/anim/effect_alpha_content.xml 0xf35c7377
res/anim/effect_bounce_content.xml 0x3dd25d29
res/anim/effect_duration_content.xml 0x58c2a42d
res/anim/effect_overshot_content.xml 0x4148b3a
res/anim/effect_paralax_actions.xml 0xfc0201b3
res/anim/effect_replace_actions.xml 0x5c6bb38d
res/anim/effect_replace_content.xml 0xb02fcc9c
res/anim/inf_roll.xml 0x413b109f
res/anim/umeng_fb_slide_in_from_left.xml 0x970dfb8b
res/anim/umeng_fb_slide_in_from_right.xml 0xd29e9c99
res/anim/umeng_fb_slide_out_from_left.xml 0x807b5089
res/anim/umeng_fb_slide_out_from_right.xml 0x847927ad
res/color/exit_btn_bg_cloor.xml 0x67ce11a3
res/drawable/bg_code.xml 0x91b74e65
res/drawable/btn_bg.xml 0xc7826ea1
res/drawable/dialog_exit_bg.xml 0xc7826ea1
res/drawable/dialog_vote_bg.xml 0xfddc58d1
res/drawable/index_bg.9.png 0x8c58bd89
res/drawable/item_background_holo_light.xml 0xa78e86b9
res/drawable/item_bg.xml 0x27d416ac
res/drawable/list_selector_background_transition_holo_light.xml 0x606a70f5
res/drawable/progress_horizontal_holo_light.xml 0x1f805879
res/drawable/refresh.xml 0x4d1c2d27
res/drawable/umeng_common_gradient_green.xml 0x962bb903
res/drawable/umeng_common_gradient_orange.xml 0xd5106ae2
res/drawable/umeng_common_gradient_red.xml 0x133ade08
res/drawable/umeng_fb_arrow_right.png 0x7a1c5b28
res/drawable/umeng_fb_back_normal.png 0xf037944c
res/drawable/umeng_fb_back_selected.png 0x8c4fe8b
res/drawable/umeng_fb_back_selector.xml 0x6fbfd415
res/drawable/umeng_fb_bar_bg.9.png 0x382879f2
res/drawable/umeng_fb_btn_bg_selector.xml 0xd337a0c4
res/drawable/umeng_fb_conversation_bg.png 0xdc739dc7
res/drawable/umeng_fb_gradient_green.xml 0x962bb903
res/drawable/umeng_fb_gradient_orange.xml 0xd5106ae2
res/drawable/umeng_fb_gray_frame.xml 0xd1c4cb2
res/drawable/umeng_fb_list_item.9.png 0x1dd77523
res/drawable/umeng_fb_list_item_pressed.9.png 0xdcc0e0d
res/drawable/umeng_fb_list_item_selector.xml 0x7b2dd04c
res/drawable/umeng_fb_logo.png 0x2d6a27be
res/drawable/umeng_fb_point_new.xml 0xb0b65b88
res/drawable/umeng_fb_point_normal.xml 0xd54fcdde
res/drawable/umeng_fb_reply_left_bg.9.png 0xfa4a43b9
res/drawable/umeng_fb_reply_right_bg.9.png 0x49b36368
res/drawable/umeng_fb_see_list_normal.png 0x6d9ee2f3
res/drawable/umeng_fb_see_list_pressed.png 0x3ff6d161
res/drawable/umeng_fb_see_list_selector.xml 0xa1db90b4
res/drawable/umeng_fb_statusbar_icon.png 0x6eefda9a
res/drawable/umeng_fb_submit_selector.xml 0xec9d0d9
res/drawable/umeng_fb_tick_normal.png 0xdea435dd
res/drawable/umeng_fb_tick_selected.png 0x33316df3
res/drawable/umeng_fb_tick_selector.xml 0x2c4624e7
res/drawable/umeng_fb_top_banner.xml 0xf7574374
res/drawable/umeng_fb_user_bubble.9.png 0x23cfe9b2
res/drawable/umeng_fb_write_normal.png 0xf3083af7
res/drawable/umeng_fb_write_pressed.png 0x10dae61
res/drawable/umeng_fb_write_selector.xml 0xc665806e
res/drawable/umeng_update_button_cancel_bg_focused.xml 0xec2fe409
res/drawable/umeng_update_button_cancel_bg_normal.xml 0xec7f7152
res/drawable/umeng_update_button_cancel_bg_selector.xml 0xfb4a6992
res/drawable/umeng_update_button_cancel_bg_tap.xml 0x74f2500
res/drawable/umeng_update_button_check_selector.xml 0xa13b5371
res/drawable/umeng_update_button_close_bg_selector.xml 0x42238142
res/drawable/umeng_update_button_ok_bg_focused.xml 0x3f32fe76
res/drawable/umeng_update_button_ok_bg_normal.xml 0x88fce1f9
res/drawable/umeng_update_button_ok_bg_selector.xml 0x70ae7987
res/drawable/umeng_update_button_ok_bg_tap.xml 0x1f7e756e
res/drawable/umeng_update_dialog_bg.xml 0x565551a3
res/drawable/umeng_update_title_bg.xml 0x9173f89e
res/drawable/umeng_update_wifi_disable.png 0xe635e071
res/layout/about.xml 0x7efbef65
res/layout/action_list_item.xml 0xee0e49c9
res/layout/actions.xml 0x6fe719e6
res/layout/activity_sample.xml 0x1121b422
res/layout/category_list_item.xml 0xefccd00b
res/layout/content.xml 0x4e26a52c
res/layout/effect_actions.xml 0x2b67a637
res/layout/effect_alpha.xml 0x77f527a8
res/layout/effect_bounce.xml 0x45a6d90b
res/layout/effect_content.xml 0x2b874770
res/layout/effect_duration.xml 0x11142446
res/layout/effect_overshot.xml 0x5307ba6b
res/layout/effect_parallax.xml 0xada72f33
res/layout/effect_replace.xml 0xc0bae69c
res/layout/example.xml 0x8e496965
res/layout/history_content.xml 0x22952080
res/layout/history_list_item.xml 0xd5046f60
res/layout/info_layout.xml 0x57554da5
res/layout/pref_fade.xml 0x3a88683f
res/layout/pref_other.xml 0xfcccb0e0
res/layout/pref_shadow.xml 0x28ddafcc
res/layout/pref_spacing.xml 0x524c1eed
res/layout/pref_swiping.xml 0x36363c8a
res/layout/sandbox.xml 0x507aac9a
res/layout/umeng_common_download_notification.xml 0xbc4ef1ec
res/layout/umeng_fb_activity_contact.xml 0xd81b3ee
res/layout/umeng_fb_activity_conversation.xml 0x81060666
res/layout/umeng_fb_list_header.xml 0x9ca9cf1d
res/layout/umeng_fb_list_item.xml 0x9578e243
res/layout/umeng_fb_new_reply_alert_dialog.xml 0x1130bc1c
res/layout/umeng_update_dialog.xml 0xe67d7168
res/layout/webview.xml 0xbcf66f49
res/layout/welcome_last.xml 0xdcccc97b
AndroidManifest.xml 0x7b91b9e6
resources.arsc 0x67b56046
res/layout-v9/umeng_common_download_notification.xml 0x98594fdb
res/drawable-hdpi/list_focused_holo.9.png 0xb6034205
res/drawable-hdpi/list_longpressed_holo.9.png 0x9ee3dd42
res/drawable-hdpi/list_pressed_holo_light.9.png 0x816ffde7
res/drawable-hdpi/list_selector_disabled_holo_light.9.png 0x63f15616
res/drawable-hdpi/progress_bg_holo_light.9.png 0xf5f73187
res/drawable-hdpi/progress_primary_holo_light.9.png 0x3f8a1a53
res/drawable-hdpi/progress_secondary_holo_light.9.png 0xd86939a
res/drawable-hdpi/umeng_update_btn_check_off_focused_holo_light.png 0x63f5fdb0
res/drawable-hdpi/umeng_update_btn_check_off_holo_light.png 0x9dd19bd9
res/drawable-hdpi/umeng_update_btn_check_off_pressed_holo_light.png 0x3f0df474
res/drawable-hdpi/umeng_update_btn_check_on_focused_holo_light.png 0x3a86058e
res/drawable-hdpi/umeng_update_btn_check_on_holo_light.png 0x54ca4df0
res/drawable-hdpi/umeng_update_btn_check_on_pressed_holo_light.png 0xc6e0029f
res/drawable-hdpi/umeng_update_close_bg_normal.png 0xfbb3a5d2
res/drawable-hdpi/umeng_update_close_bg_tap.png 0xa852b3ec
res/drawable-mdpi/list_focused_holo.9.png 0xe40d1bf
res/drawable-mdpi/list_longpressed_holo.9.png 0xc09562f2
res/drawable-mdpi/list_pressed_holo_light.9.png 0x449401f4
res/drawable-mdpi/list_selector_disabled_holo_light.9.png 0xa481684d
res/drawable-mdpi/progress_bg_holo_light.9.png 0xf1ed1112
res/drawable-mdpi/progress_primary_holo_light.9.png 0x4e645825
res/drawable-mdpi/progress_secondary_holo_light.9.png 0x61da65aa
res/drawable-nodpi/shadow.png 0x42812269
res/drawable-xhdpi/ic.png 0x6d620f46
res/drawable-xhdpi/icon0.png 0xc110d216
res/drawable-xhdpi/icon1.png 0xf0c58d0e
res/drawable-xhdpi/icon2.png 0xbf9cad0f
res/drawable-xhdpi/icon3.png 0xfc0253b4
res/drawable-xhdpi/icon4.png 0xb65d0033
res/drawable-xhdpi/icon5.png 0xaf8499df
res/drawable-xhdpi/list_focused_holo.9.png 0x866a4f58
res/drawable-xhdpi/list_longpressed_holo.9.png 0xf31ffc88
res/drawable-xhdpi/list_pressed_holo_light.9.png 0xb9cef664
res/drawable-xhdpi/list_selector_disabled_holo_light.9.png 0x819deaae
res/drawable-xhdpi/progress_bg_holo_light.9.png 0x1f61ce1f
res/drawable-xhdpi/progress_primary_holo_light.9.png 0xd67380c5
res/drawable-xhdpi/progress_secondary_holo_light.9.png 0x955f18c2
res/drawable-xhdpi/refresh_pressed.png 0xa223978b
res/drawable-xhdpi/refresh_unpressed.png 0xe1612a5e
res/drawable-xhdpi/w0.png 0x21aa3881
res/drawable-xhdpi/w1.png 0xdf8d4ec5
res/drawable-xhdpi/w2.png 0xa9f1f754
res/drawable-xhdpi/w3.png 0x66364e1e
classes.dex 0x11690d7c
lib/armeabi/libbspatch.so 0x6333ecec
META-INF/MANIFEST.MF 0xe4abed47
META-INF/CERT.SF 0x6089b3e1
META-INF/CERT.RSA 0x1b4125f4
运行截图
VirSCANVirSCAN
VirSCAN