VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:5%Scanner(s) (2/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-07 21:41:56 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 5
antivir 1.9.2.0 1.9.159.0 7.11.183.128 Found nothing 15
antiy 110646 AVL141105 2014-11-06 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 9
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141106-0 4.7.4 2014-11-06 Found nothing 14
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 2
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57589 7.90123 2014-11-06 Found nothing 6
clamav 19595 0.97.5 2014-11-07 Found nothing 1
comodo 15023 5.1 2014-11-06 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 43
fortinet 23.129, 23.129 5.1.158 2014-11-07 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-06 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 2
gdata 24.4815 24.4815 2014-11-07 Found nothing 8
hauri 2.73 2.73 2014-11-06 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-06 Trojan.AndroidOS.SMSForw 14
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 39
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Android.RISKWARE.luomao.cr.(kcloud) 5
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-11-06 Found nothing 8
pcc 11.260.05 9.500-1005 2014-11-06 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 13
qqphone 1.0.0.0 1.0.0.0 2014-11-07 Found nothing 1
quickheal 14.00 14.00 2014-11-03 Found nothing 2
rising 25.39.03.01 25.39.03.01 2014-11-06 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-11-06 Found nothing 2
symantec 20141104.004 1.3.0.24 2014-11-04 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2014-11-03 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-11-06 Found nothing 7
vba 3.12.26.3 3.12.26.3 2014-11-06 Found nothing 4
virusbuster 15.0.960.0 5.5.2.13 2014-11-06 Found nothing 15
权限列表
许可名称 信息
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.VIBRATE 允许设备震动
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.REORDER_TASKS 系统任务排序
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CAMERA 访问照相机设备
文件信息
VirSCANVirSCAN
安全评分 :78
基本信息
VirSCANVirSCAN
MD5:36e28371da518f5c4cb23d743623543d
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:mohammad.adib.sidebar
最低运行环境:Android 2.1.x
版权:Android
文件行为
VirSCANVirSCAN
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\1.ppt.LNK---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\index.dat---> Offset = 28
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\sample.exe_7zdump.LNK---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\5E496729.wmf---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\1BD59316.wmf---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\DF993C1F.wmf---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\47C36794.wmf---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\9DA53A85.wmf---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\8DB1F6C2.wmf---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\334CD3DB.wmf---> Offset = 0
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency\StartupItems\]
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency\StartupItems\)
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493450-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493442-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493451-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493452-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493453-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493454-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493455-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493456-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493457-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493458-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{91493459-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9149345A-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9149345B-5A91-11CF-8700-00AA0060263B}\TypeLib\Version
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency\StartupItems\)
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency\StartupItems\C
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency\StartupItems\O
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency\StartupItems\]
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\PowerPointName
行为描述: 删除注册表键
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency\StartupItems
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Office\11.0\PowerPoint\Resiliency
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: Local\Mutex_MSOSharedMem
CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
Local\Mso97SharedDg19211108221Mutex
Local\Mso97SharedDg20321108221Mutex
Global\MTX_MSO_Formal1_S-1-5-21-1482476501-1645522239-1417001333-500
Global\MTX_MSO_AdHoc1_S-1-5-21-1482476501-1645522239-1417001333-500
Local\Mso97SharedDg19521108221Mutex
Local\Mso97SharedDg19531108221Mutex
OfficeAssistantStateMutex
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/798/cmdline length:105
path:/proc/810/cmdline length:105
path:/proc/840/cmdline length:105
path:/proc/853/cmdline length:105
path:/proc/861/cmdline length:105
path:/proc/863/cmdline length:105
path:/proc/911/cmdline length:105
path:/proc/913/cmdline length:105
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/mohammad.adib.sidebar-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
mohammad.adib.sidebar.MainActivity android.intent.action.MAIN
mohammad.adib.sidebar.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
android/app/NotificationManager;->notify 信息通知栏
ContentResolver;->query 读取联系人、短信等数据库
ActivityManager;->killBackgroundProcesses 中断进程,可用于关闭杀软
WifiManager;->setWifiEnabled 变更WIFI状态
Camera;->open 开启相机
启动方式
VirSCANVirSCAN
名称 信息
mohammad.adib.sidebar.BootReceiver 开机启动服务
mohammad.adib.sidebar.PackageChangeReceiver 应用安装时启动服务
mohammad.adib.sidebar.PackageChangeReceiver 应用卸载时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.VIBRATE 允许设备震动
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.REORDER_TASKS 系统任务排序
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CAMERA 访问照相机设备
服务列表
VirSCANVirSCAN
名称
mohammad.adib.sidebar.SwipeDetector
mohammad.adib.sidebar.Sidebar
mohammad.adib.sidebar.AppSelector
mohammad.adib.sidebar.AppDrawer
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x26f47d5a
META-INF/CERT.SF 0xff4bfeb2
META-INF/CERT.RSA 0x995ae200
res/layout-zh-CN/settings.xml 0x8ed867e7
res/anim/popin.xml 0x14adfa24
res/drawable-hdpi/swipe.png 0x3c3700a2
res/drawable-hdpi/whitebacki.png 0xbd99e75f
res/drawable-hdpi/shadeup.png 0xaf868071
res/drawable-hdpi/delete.png 0x7d4abac2
res/drawable-zh-hdpi/close.png 0x2547d6e0
res/drawable-hdpi/pause.png 0x35a35fa3
res/anim/fall.xml 0xb44a2599
res/drawable-hdpi/currentindicator.png 0xeaf170c5
res/anim/show_right.xml 0xd71524b7
res/drawable-zh-hdpi/delete.png 0x933ff5e3
res/layout/tutorial_right.xml 0x4537679c
res/drawable-hdpi/add_inv.png 0x9b40145d
res/drawable-hdpi/ic_allapps.png 0x79aca144
res/anim/swype_left.xml 0xd4fa8817
res/drawable-hdpi/btn_enabled.9.png 0x15e88fca
res/layout/tutorial1.xml 0x69042250
lib/armeabi/libAPKProtect.so 0xb951f68b
res/drawable-hdpi/bluetooth.png 0x503f0953
res/drawable-xxhdpi/ic_launcher.png 0xa6c4102c
res/drawable-hdpi/s.png 0x4c35ffe1
res/drawable-hdpi/runningapps.png 0x1d0a7bf
lib/armeabi-v7a/libAPKProtect.so 0xb951f68b
res/anim/swype_right.xml 0x66652245
res/anim/undock_right.xml 0x83744712
res/drawable-hdpi/sound.png 0xe528ccb8
res/drawable-hdpi/tabselected.png 0x761c763c
res/drawable-hdpi/ic_launcher.png 0x83ff3167
res/layout-zh-CN/notification.xml 0xd341cb3c
res/drawable-hdpi/appinfo.png 0xa0fcf9c0
res/anim/swype_right_tut.xml 0x7c2bfb34
res/drawable-hdpi/skip_forward.png 0x38c58a5e
resources.arsc 0x70246866
res/drawable-hdpi/shadeleft.png 0x7e28770a
res/layout/runningapps.xml 0xa36153c5
res/drawable-hdpi/shadedown.png 0x1cacaa88
res/anim/kill_right.xml 0x84091bc
AndroidManifest.xml 0xd368a769
res/layout/drop_down_list_item.xml 0xbb54791d
res/drawable-hdpi/torch.png 0xabe324af
res/anim/kill_left.xml 0x6cd99b59
res/drawable-hdpi/whiteback.png 0x1ba41739
res/drawable-zh-hdpi/unlock.png 0x8ced747f
res/drawable-hdpi/brightness.png 0x46f148f6
res/drawable-hdpi/holder_topi.png 0x53ffac90
res/anim/undock_left.xml 0x31ebed40
classes.dex 0x3e351399
res/layout/sidebar.xml 0xcbc9cb2b
res/layout/tutorial_left.xml 0x31373f2d
res/drawable-hdpi/hide.png 0x433462a9
res/drawable-hdpi/border.9.png 0x10fc78c0
res/drawable-hdpi/btn_pressed.9.png 0x1aaf391
res/drawable-hdpi/s_white.png 0x85be03b0
res/drawable-hdpi/nothing.png 0xc7ade417
res/drawable-hdpi/trans.png 0xa2883b56
res/drawable-hdpi/desktop.png 0xf4fd11e3
res/drawable-xhdpi/ic_launcher.png 0x8ac6c7d8
res/layout/app_drawer.xml 0x24fd6fdf
res/drawable-hdpi/maximize.png 0x9522810a
res/drawable-hdpi/corner.png 0x5d331965
res/drawable-hdpi/border_focused.9.png 0x9803414c
res/drawable-hdpi/shaderight.png 0xa5eb3611
res/anim/slide_in_bottom.xml 0x42aca908
res/drawable/button.xml 0xb7ae715a
res/anim/slide_out_bottom.xml 0xb553b3a7
res/drawable-hdpi/shade.png 0xbebf4034
res/drawable-hdpi/holder_top.png 0x86144e44
res/layout/swipe.xml 0xb82a42c
res/drawable-hdpi/skip_backward.png 0x8372b70e
res/drawable-hdpi/mobiledata.png 0x73fae2fb
res/drawable-hdpi/gps.png 0x139bf500
res/drawable-hdpi/wifi.png 0xf035b3ff
res/anim/fadein.xml 0xc9316d75
res/anim/dock_right.xml 0x98eea7b9
res/anim/dock_left.xml 0x2a710deb
res/anim/slide_out_left.xml 0x5e2df7b8
res/layout-zh-CN/runningapps.xml 0xfa85f8f1
res/drawable-hdpi/holder_bottom.png 0xa6b138b6
res/anim/show_left.xml 0x1a876f2d
res/layout/tutorial2.xml 0x94e8c640
res/layout/shortcut_selector.xml 0x60527739
res/drawable-hdpi/rotation.png 0x1bc1c597
res/layout-zh-CN/tutorial2.xml 0x2b04d0b
res/drawable-hdpi/unlock.png 0x6083d892
res/layout/system_window_decorators.xml 0x6caa8cc0
res/drawable/gradient.xml 0x32032ac2
res/drawable-zh-hdpi/edit.png 0x6da20b26
res/layout/settings.xml 0xaa91e053
res/anim/rise.xml 0x46a69096
res/drawable-hdpi/close.png 0xfb4952b
res/layout-zh-CN/app_selector.xml 0xdcb5cf72
res/drawable-hdpi/insert.png 0xfcbab680
res/layout-zh-CN/shortcut_selector.xml 0x208e957d
res/layout-zh-CN/tutorial1.xml 0xa738bd78
res/drawable-hdpi/play.png 0x598c1b05
res/drawable-hdpi/indicator2.png 0x96be2942
res/drawable-hdpi/pick.png 0x269e5f3
res/layout/app_selector.xml 0x3e9152a3
res/drawable-hdpi/web.png 0xbe5dae87
res/drawable-hdpi/shortcut.png 0x80dde0cc
res/drawable-hdpi/cling.png 0x496cbfd
res/layout/app_row.xml 0x8d372423
res/layout/notification.xml 0x4e7fc024
res/anim/press.xml 0x47ebb9b5
res/drawable-hdpi/swipei.png 0x992c22f4
res/drawable-zh-hdpi/appinfo.png 0x671cc932
res/layout/dialog_color_picker.xml 0x4c33746c
res/drawable-hdpi/add.png 0xbab9c2c8
res/drawable-mdpi/ic_launcher.png 0x3de476bd
res/anim/swype_left_tut.xml 0xe022042
res/drawable-zh-hdpi/insert.png 0x4c4aed52
res/layout-zh-CN/app_row.xml 0xeafce369
res/drawable-hdpi/home.png 0xa82d7c33
res/drawable-hdpi/holder_bottomi.png 0x4d69bade
res/drawable-hdpi/edit.png 0x9b6c2493
运行截图
VirSCANVirSCAN
VirSCAN