VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:9%Antivirus software(3/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-05 12:02:10 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 17
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 4
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
baidusd 1.0 1.0 2017-03-22 Found nothing 7
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23530 0.97.5 2017-07-03 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 49.962, 49.961, 49.820 5.4.247 2017-07-05 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13217 25.13217 2017-07-05 Android.Adware.CyFin.A 22
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-02 RiskTool.AndroidOS.betn 3
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-04 Found nothing 6
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-03 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 10
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-04 Android.Agent.GEN10334 (PUP) 5
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 6
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 7
thehacker 6.8.0.5 6.8.0.5 2017-07-02 Found nothing 4
tws 17.47.17308 1.0.2.2108 2017-07-04 Found nothing 22
vba 3.12.29.5 beta 3.12.29.5 beta 2017-06-30 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.VIBRATE 允许设备震动
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.READ_LOGS 读取系统日志
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.INTERNET 连接网络(2G或3G)
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:fe5be74fff32463274fc716cb10c8028
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:cn.bd.aide.ttkpfzgj
最低运行环境:Android 2.2.x
版权:18183
关键行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\IETldCache
行为描述: 获取TickCount值
详情信息: TickCount = 218213, SleepMilliseconds = 10.
TickCount = 218338, SleepMilliseconds = 10.
TickCount = 218353, SleepMilliseconds = 10.
TickCount = 218385, SleepMilliseconds = 10.
TickCount = 218400, SleepMilliseconds = 10.
TickCount = 218447, SleepMilliseconds = 10.
TickCount = 218463, SleepMilliseconds = 10.
TickCount = 218494, SleepMilliseconds = 10.
TickCount = 218525, SleepMilliseconds = 10.
TickCount = 218541, SleepMilliseconds = 10.
TickCount = 218572, SleepMilliseconds = 10.
TickCount = 218885, SleepMilliseconds = 10.
TickCount = 218916, SleepMilliseconds = 10.
TickCount = 218931, SleepMilliseconds = 10.
TickCount = 218978, SleepMilliseconds = 10.
进程行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\IETldCache
行为描述: 获取TickCount值
详情信息: TickCount = 218213, SleepMilliseconds = 10.
TickCount = 218338, SleepMilliseconds = 10.
TickCount = 218353, SleepMilliseconds = 10.
TickCount = 218385, SleepMilliseconds = 10.
TickCount = 218400, SleepMilliseconds = 10.
TickCount = 218447, SleepMilliseconds = 10.
TickCount = 218463, SleepMilliseconds = 10.
TickCount = 218494, SleepMilliseconds = 10.
TickCount = 218525, SleepMilliseconds = 10.
TickCount = 218541, SleepMilliseconds = 10.
TickCount = 218572, SleepMilliseconds = 10.
TickCount = 218885, SleepMilliseconds = 10.
TickCount = 218916, SleepMilliseconds = 10.
TickCount = 218931, SleepMilliseconds = 10.
TickCount = 218978, SleepMilliseconds = 10.
文件行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\IETldCache
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\Certificates\*
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\CRLs\*
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\CTLs\*
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = ww****ee, PORT = 443, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: AutoIt, hSession = 0x00cc0004
行为描述: 建立到一个指定的套接字连接
详情信息: URL: ww****ee, IP: **.133.40.**:443, SOCKET = 0x0000037c
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: ww****ee:443/download/7193237/4019931ba7bd11e2f882/server.exe, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00800000
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: ww****ee
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\GlobalUserOffline
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
其他行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: IsDebuggerPresent
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
RasPbFile
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
Local\c:!documents and settings!administrator!ietldcache!
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
EventName = Global\crypt32LogoffEvent
行为描述: 获取TickCount值
详情信息: TickCount = 218213, SleepMilliseconds = 10.
TickCount = 218338, SleepMilliseconds = 10.
TickCount = 218353, SleepMilliseconds = 10.
TickCount = 218385, SleepMilliseconds = 10.
TickCount = 218400, SleepMilliseconds = 10.
TickCount = 218447, SleepMilliseconds = 10.
TickCount = 218463, SleepMilliseconds = 10.
TickCount = 218494, SleepMilliseconds = 10.
TickCount = 218525, SleepMilliseconds = 10.
TickCount = 218541, SleepMilliseconds = 10.
TickCount = 218572, SleepMilliseconds = 10.
TickCount = 218885, SleepMilliseconds = 10.
TickCount = 218916, SleepMilliseconds = 10.
TickCount = 218931, SleepMilliseconds = 10.
TickCount = 218978, SleepMilliseconds = 10.
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
_fCanRegisterWithShellService
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
Global\crypt32LogoffEvent
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 10.
[2]: MilliSeconds = 10.
[3]: MilliSeconds = 10.
[4]: MilliSeconds = 10.
[5]: MilliSeconds = 10.
[6]: MilliSeconds = 10.
[7]: MilliSeconds = 10.
[8]: MilliSeconds = 10.
[9]: MilliSeconds = 10.
[10]: MilliSeconds = 10.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [AutoIt v3,AutoIt v3]
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
RasPbFile
Local\!IETld!Mutex
Local\c:!documents and settings!administrator!ietldcache!
Activities
VirSCANVirSCAN
活动名 类型
cn.bd.aide.ttkpfzgj.LoadingActivity android.intent.action.MAIN
cn.bd.aide.ttkpfzgj.LoadingActivity android.intent.category.LAUNCHER
cn.bd.aide.ttkpfzgj.MainActivity android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
HttpClient;->execute 请求远程服务器
android/app/NotificationManager;->notify 信息通知栏
ContentResolver;->query 读取联系人、短信等数据库
DefaultHttpClient;->execute 发送HTTP请求
java/net/URL;->openConnection 连接URL
WifiManager;->setWifiEnabled 变更WIFI状态
ContentResolver;->delete 删除短信、联系人
getRuntime 获取命令行环境
java/net/HttpURLConnection;->connect 连接URL
java/net/URLConnection;->connect 连接URL
java/lang/Runtime;->exec 执行字符串命令
启动方式
VirSCANVirSCAN
名称 信息
cn.bd.aide.ttkpfzgj.NavigationReceiver
cn.bd.aide.ttkpfzgj.NotificationReceiver
com.umeng.message.SystemReceiver 开机启动服务
com.umeng.message.SystemReceiver 网络连接改变时启动服务
com.umeng.message.SystemReceiver 应用卸载时启动服务
com.umeng.message.MessageReceiver
com.umeng.message.ElectionReceiver
com.umeng.message.RegistrationReceiver
com.umeng.message.BootBroadcastReceiver 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.VIBRATE 允许设备震动
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.READ_LOGS 读取系统日志
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.INTERNET 连接网络(2G或3G)
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
服务列表
VirSCANVirSCAN
名称
com.umeng.message.UmengService
com.umeng.message.UmengIntentService
com.umeng.message.UmengDownloadResourceService
cn.bd.aide.ttkpfzgj.UmengPushIntentService
Providers
VirSCANVirSCAN
名称 信息
com.umeng.message.UmengService
com.umeng.message.UmengIntentService
com.umeng.message.UmengDownloadResourceService
cn.bd.aide.ttkpfzgj.UmengPushIntentService
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0x78b614a2
assets/ttkpzs.apk 0x34274e7d
res/anim/awsome.xml 0xcd9531f9
res/anim/awsome_stay.xml 0x1ba73e10
res/anim/push_left_in.xml 0x274ea884
res/anim/push_left_out.xml 0xc324d778
res/anim/push_right_in.xml 0x6cfb48a3
res/anim/push_right_out.xml 0xeb69ce2
res/anim/push_top_in.xml 0x3680d0b6
res/anim/push_top_out.xml 0x96359fa2
res/drawable-hdpi-v4/back.png 0xc640a72a
res/drawable-hdpi-v4/bpush_gray_logo.png 0x5a9e13a8
res/drawable-hdpi-v4/bpush_list_item_bg.9.png 0x74b4f2ec
res/drawable-hdpi-v4/bpush_message_prompt.png 0x6771d1e2
res/drawable-hdpi-v4/bpush_return_btn.png 0xa5b225ea
res/drawable-hdpi-v4/bpush_top_bg.9.png 0x828bdb71
res/drawable-hdpi-v4/ic_launcher.png 0xa9da8c36
res/drawable-hdpi-v4/simple_notification_icon.png 0x76d1f872
res/drawable-ldpi-v4/simple_notification_icon.png 0x76d1f872
res/drawable-mdpi-v4/ic_launcher.png 0x12369165
res/drawable-mdpi-v4/simple_notification_icon.png 0x76d1f872
res/drawable-xhdpi-v4/back.png 0x3b7e672f
res/drawable-xhdpi-v4/box_x.png 0x9349d54
res/drawable-xhdpi-v4/i_into3.png 0x30725a24
res/drawable-xhdpi-v4/i_set.png 0xef1c10a7
res/drawable-xhdpi-v4/i_set_hover.png 0xf99bff3c
res/drawable-xhdpi-v4/ic_launcher.png 0x6b4a447b
res/drawable-xxhdpi-v4/back.png 0x58efaf51
res/drawable-xxhdpi-v4/ic_launcher.png 0x1ee00b64
res/drawable-xxhdpi-v4/loading.png 0x964d774d
res/drawable/blue_progress_bar.xml 0x5bdd36cb
res/drawable/enter.xml 0x1b7b620d
res/drawable/i_set_selector.xml 0x10de4d4b
res/drawable/selector_bg_list_item.xml 0x2c2bc4d0
res/drawable/selector_bg_title_btn.xml 0x5be4ee51
res/drawable/selector_blue_btn.xml 0xcdcd230a
res/drawable/selector_gray_btn.xml 0x198b64c3
res/drawable/setting_bg_selector.xml 0xb453a091
res/drawable/skip.xml 0x7ee84130
res/layout/act_about.xml 0x62bce08
res/layout/act_actionbar_home_layout.xml 0x747be18a
res/layout/act_actionbar_layout.xml 0x2f7d2464
res/layout/act_webview.xml 0xd7de6ce0
res/layout/activity_ad_splash_layout.xml 0x81b5ea25
res/layout/activity_back_title_layout.xml 0x918f5b59
res/layout/activity_loading.xml 0xa0eff2a5
res/layout/activity_main_layout.xml 0x963bf47d
res/layout/activity_title_loading_layout.xml 0xe4f80293
res/layout/activity_webview.xml 0x17b68f43
res/layout/bpush_download_progress.xml 0xd5550215
res/layout/bpush_media_list.xml 0x3b048257
res/layout/bpush_media_list_item.xml 0xe7c00128
res/layout/dialog_alert.xml 0xed3431ea
res/layout/dialog_app.xml 0x87470254
res/layout/dialog_confirm.xml 0xfc4cdbca
res/layout/dialog_forceupdate.xml 0x94d5ac22
res/layout/dialog_normalupdate.xml 0x934d14e3
res/layout/include_back_title_layout.xml 0xfedee5c
res/layout/include_titlebar_dialog.xml 0xc84a8a57
res/layout/line_1_head_bottom_interval_layout.xml 0x64b4c32c
res/layout/line_1_interval_layout.xml 0x45ac8698
res/layout/loading_empty_layout.xml 0xd0aeaee5
res/layout/loading_error_layout.xml 0x641a2e83
res/layout/loading_layout.xml 0xbc711c52
res/layout/loading_load_layout.xml 0x80a5e902
res/layout/loading_message_layout.xml 0x5a529098
res/layout/loading_no_found_layout.xml 0x83f4a1a1
res/layout/loading_nonetwork_layout.xml 0xe85241a0
res/layout/notification_custom_builder.xml 0x970b3f84
res/layout/notification_view.xml 0xf4218b21
res/layout/view_floating_ad_layout.xml 0x14719b9c
resources.arsc 0xa06ede0c
classes.dex 0x3d84f278
META-INF/MANIFEST.MF 0xd2e37090
META-INF/CERT.SF 0x70fc8a3b
META-INF/CERT.RSA 0x77375fdc
运行截图
VirSCANVirSCAN
VirSCAN