VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-03-04 23:32:06 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 60
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 60
avast 141231-0 4.7.4 2014-12-31 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 7
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 60
baidusd 1.0 1.0 2014-04-02 Found nothing 60
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
clamav 19745 0.97.5 2014-12-07 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 50
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 4
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 14
gdata 25.473 25.473 2015-03-01 Found nothing 60
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 9
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 60
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 31
kingsoft 2.1 2.1 2013-09-22 Found nothing 60
mcafee 7638 5400.1158 2014-11-30 Found nothing 33
nod32 0920 3.0.21 2014-12-23 Found nothing 4
panda 9.05.01 9.05.01 2014-12-31 Found nothing 60
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 4
qh360 1.0.1 1.0.1 1.0.1 Found nothing 60
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
quickheal 14.00 14.00 2014-12-31 Found nothing 60
rising 25.46.06.04 25.46.06.04 2014-12-28 Found nothing 60
sophos 5.08 3.55.0 2014-12-01 Found nothing 10
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 60
thehacker 6.8.0.5 6.8.0.5 2014-12-29 Found nothing 60
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 60
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 26
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 29
权限列表
许可名称 信息
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.ACCESS_SUPERUSER
文件信息
VirSCANVirSCAN
安全评分 :85
基本信息
VirSCANVirSCAN
MD5:d9b3cc9a7d5be93b3fbbf56cdf5164f6
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:org.imei.mtk65xx
最低运行环境:Android 2.2.x
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [安装,TApplication]
[Window,Class] = [,Auto-Suggest Dropdown]
进程行为
VirSCANVirSCAN
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [安装,TApplication]
[Window,Class] = [,Auto-Suggest Dropdown]
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.MarshalInterface.FileMap.EOJ..EEOFF
MSCTF.MarshalInterface.FileMap.EOJ.B.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.C.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.D.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.E.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.F.EFOFF
MSCTF.MarshalInterface.FileMap.EOJ.G.DGOFF
MSCTF.MarshalInterface.FileMap.AJK..LGPGF
MSCTF.MarshalInterface.FileMap.AJK.B.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.C.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.D.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.E.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.F.LGPGF
MSCTF.MarshalInterface.FileMap.AJK.G.LGPGF
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KCIMG.tmp\sample.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-A1PC0.tmp\_isetup\_shfoldr.dll
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-A1PC0.tmp\汉化说明.txt---> Offset = 0
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.Shared.MUTEX.AEH
MSCTF.Shared.MUTEX.AJK
MSCTF.Shared.MUTEX.EOJ
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [安装,TApplication]
[Window,Class] = [,Auto-Suggest Dropdown]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
行为描述: 窗口信息
详情信息: Pid = 2528, Hwnd=0x10350, Text = 是(&Y), ClassName = Button.
Pid = 2528, Hwnd=0x10352, Text = 否(&N), ClassName = Button.
Pid = 2528, Hwnd=0x10356, Text = 现在将安装 DU Meter 6.20 汉化补丁。您想要继续吗?, ClassName = Static.
Pid = 2528, Hwnd=0x1034c, Text = 安装, ClassName = #32770.
Pid = 2700, Hwnd=0x1038a, Text = 欢迎使用 DU Meter 6.20 汉化补丁 安装向导 , ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x10388, Text = 现在将安装 DU Meter 6.20 Build 4628 汉化补丁 到您的电脑中。 推荐您在继续安装前关闭所有其它应用程序。 单击“下一步”继续,或, ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x2036a, Text = C:\Program Files\DU Meter, ClassName = TEdit.
Pid = 2700, Hwnd=0x1037c, Text = 软件类别 网络监测 运行环境 Win7, WinVista, Win2008, Win2003, WinXp, Win2000, 32bit & 64bit Windows 原版安装 需要 授权方式 , ClassName = TRichEditViewer.
Pid = 2700, Hwnd=0x10384, Text = 下一步(&N) >, ClassName = TNewButton.
Pid = 2700, Hwnd=0x10382, Text = 取消, ClassName = TNewButton.
Pid = 2700, Hwnd=0x60358, Text = 安装 - DU Meter 6.20 汉化补丁, ClassName = TWizardForm.
Pid = 2700, Hwnd=0x10392, Text = 天罡汉化 , ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x10390, Text = 信息, ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x1038e, Text = 请在继续安装前阅读下列重要信息。, ClassName = TNewStaticText.
Pid = 2700, Hwnd=0x4036c, Text = 如果您想继续安装,单击“下一步”。, ClassName = TNewStaticText.
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
动态列表行为
VirSCANVirSCAN
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 读取文件
详情信息: path:/proc/761/cmdline length:105
path:/proc/776/cmdline length:105
path:/proc/788/cmdline length:105
path:/proc/818/cmdline length:105
path:/proc/831/cmdline length:105
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/org.imei.mtk65xx-1.apk
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
com.mayor.codeSig.CodeSigWindow android.intent.action.MAIN
com.mayor.codeSig.CodeSigWindow android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
android/app/NotificationManager;->notify 信息通知栏
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
ContentResolver;->query 读取联系人、短信等数据库
chmod 更改文件权限
启动方式
VirSCANVirSCAN
名称 信息
org.imei.mtk65xx.BootBroadcast 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.ACCESS_SUPERUSER
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x3b1b88ae
META-INF/CERT.SF 0x8f3c5246
META-INF/CERT.RSA 0x98873eb1
res/layout/phonetype_dialog_sub.xml 0x72ea5b0f
res/drawable-hdpi/ic_shutdown.png 0xb0ef07ac
res/drawable-mdpi/vpi__tab_selected_focused_holo.9.png 0x6f51e593
res/layout/page_nvram_first.xml 0xfac5ccb7
res/layout-v14/fileselect.xml 0x62d46aa4
res/layout/custom_title.xml 0x64027cdd
res/layout/input_imei_dialog.xml 0xf7fa988e
res/drawable-hdpi/background1.png 0x857f2ac1
res/layout/phonetype_dialog.xml 0xaf63e28c
res/layout/other_item_pink.xml 0xf9edd9a
res/layout-v14/page_nvram_file.xml 0x83d9e934
res/drawable-hdpi/vpi__tab_selected_focused_holo.9.png 0x18146f4e
res/drawable-hdpi/vpi__tab_selected_holo.9.png 0xc88b0629
res/layout-v14/page_other.xml 0x73c83bd6
res/drawable/indicator_bg.xml 0x455678ed
res/drawable-hdpi/background3.png 0xb392c58
res/drawable-xhdpi/ic_launcher.png 0xd6021bf8
res/layout/page_sim_record.xml 0x2a90fc0d
res/drawable-hdpi/folder.png 0x92696a23
res/drawable-xhdpi/vpi__tab_unselected_holo.9.png 0x33643ecb
res/drawable-xhdpi/vpi__tab_selected_pressed_holo.9.png 0xbb04ca93
resources.arsc 0x27bdbf58
assets/nvram 0x2da86881
res/drawable-ldpi/ic_shutdown.png 0x855637f1
res/layout/myspinner.xml 0x25e22940
AndroidManifest.xml 0x4bd6d057
res/drawable/itemtitle_bg.xml 0x1dc5d620
res/drawable-mdpi/vpi__tab_unselected_holo.9.png 0xeb0ef4ce
res/drawable-xhdpi/ic_shutdown.png 0x45961432
res/drawable-hdpi/back02.png 0x8db5e810
res/layout/phone_type.xml 0x3956785f
res/layout-800x480-v14/page_other.xml 0x73c83bd6
res/layout-v14/other_item.xml 0x73dfcf61
res/xml/preferences.xml 0x92971699
res/drawable-hdpi/icon.png 0xedc5602
res/drawable-mdpi/vpi__tab_selected_holo.9.png 0x2ab487a
res/layout/sim_record_item_sub_only.xml 0x8752b120
res/color/vpi__dark_theme.xml 0xf87b4d1d
res/layout/page_nvram_file.xml 0xbf15111f
res/layout/autorun.xml 0xbc585581
res/drawable-mdpi/vpi__tab_unselected_pressed_holo.9.png 0xd59cc9e6
res/layout-v14/dataport_dialog.xml 0xd47ac2c9
res/drawable-hdpi/vpi__tab_unselected_holo.9.png 0x76e16777
res/layout-v14/pathselect.xml 0x10ecf9cb
res/layout-v14/phonetype_dialog.xml 0xedc2b58
res/drawable/itemtitle_pink_bg.xml 0x929543ed
res/drawable-hdpi/ic_cleaner.png 0x97567bf
res/drawable-hdpi/vpi__tab_unselected_pressed_holo.9.png 0x3f9a3680
res/layout-v14/custom_title.xml 0xa7fea227
res/menu/activity_main.xml 0xa77c8d45
res/drawable/titlebar_bg.xml 0x953e308e
res/drawable-xhdpi/vpi__tab_selected_holo.9.png 0x20fb759a
res/layout/pathselect.xml 0x5d3a5258
res/drawable-hdpi/vpi__tab_selected_pressed_holo.9.png 0x3461add3
res/layout/help.xml 0xf4c137d2
res/layout/dataport_dialog.xml 0x9294935b
res/layout-v14/other_sn_item.xml 0x163f23c7
assets/ic_launcher.png 0xcefa6b08
res/layout/codesigwindow.xml 0x8d2d3f74
assets/assets.md5 0xec809356
res/layout/file_row.xml 0xb76a5536
res/drawable-hdpi/doc.png 0x6620c1e8
res/drawable-hdpi/background2.png 0x19024a53
res/layout-800x480/page_other.xml 0x6e6fac97
res/drawable-ldpi/ic_launcher.png 0xd6021bf8
res/layout/other_item.xml 0x8ae69c5a
res/drawable-mdpi/ic_launcher.png 0xd6021bf8
res/layout/textinfo.xml 0x381bd08e
res/drawable/icon.png 0xedc5602
res/layout/new_main.xml 0xe741cf2b
res/drawable-xhdpi/vpi__tab_unselected_pressed_holo.9.png 0x313d81a3
res/drawable-mdpi/vpi__tab_selected_pressed_holo.9.png 0xc0728d80
res/layout-v14/page_imei.xml 0x4c5312d0
res/layout/other_sn_item.xml 0x46115466
res/drawable-mdpi/ic_shutdown.png 0xb529e634
res/layout/input_simname_dialog.xml 0xaf41bd58
res/layout/sim_record_item.xml 0xb84e8abc
res/drawable-xhdpi/vpi__tab_selected_focused_holo.9.png 0x7c3f77bc
res/layout/page_nvram.xml 0xd1e32211
assets/MP0B_001 0xe10f5434
res/layout/page_imei.xml 0x5a90140f
res/drawable-xhdpi/vpi__tab_unselected_focused_holo.9.png 0x7ec0b6eb
res/layout-v14/other_sn_item_pink.xml 0x69cec3f9
res/layout/input_sn_dialog.xml 0xcdcdd744
res/layout-v14/page_nvram.xml 0xd231c08d
res/layout/nvram_row.xml 0x266ccf67
res/layout-v14/other_item_pink.xml 0xcbab5787
res/layout/other_sn_item_pink.xml 0x273eb0fe
res/drawable-hdpi/back01.png 0x5ee7a8d
res/layout-480x320/page_other.xml 0x121865b8
res/drawable/listview_selected.xml 0x285d992c
res/drawable-hdpi/ic_launcher.png 0xd6021bf8
res/drawable/vpi__tab_indicator.xml 0x11acce2f
res/drawable-hdpi/ic_help.png 0xeb0bac07
res/layout/input_address_dialog.xml 0x84adda49
res/layout/other_item_hide.xml 0x42bdfbc4
res/layout/fileselect.xml 0xc9e01eff
res/layout/other_item_hide_pink.xml 0x46b7f361
res/layout/sim_record_item_sub_associate.xml 0x98cece07
res/menu/option_menu.xml 0x4288a0ac
res/drawable-480dpi/ic_launcher.png 0xd6021bf8
res/drawable-hdpi/vpi__tab_unselected_focused_holo.9.png 0x1ff0438f
res/layout/page_other.xml 0x6e6fac97
res/raw/nvram 0xaa481b5b
res/drawable-480dpi/ic_shutdown.png 0xfeac9fd8
res/color/vpi__light_theme.xml 0xb1b0a233
res/layout/sim_record_item_sub.xml 0x87721444
res/drawable-mdpi/vpi__tab_unselected_focused_holo.9.png 0x80488155
classes.dex 0xb4fa6407
res/layout-v14/page_sim_record.xml 0xda2fee61
运行截图
VirSCANVirSCAN
VirSCAN