VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:7%Scanner(s) (3/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-14 13:53:58 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.185.62 Found nothing 13
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 9
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Found nothing 1
avast 141113-0 4.7.4 2014-11-13 Found nothing 29
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57701 7.90123 2014-11-13 Found nothing 6
clamav 19618 0.97.5 2014-11-12 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 31
fortinet 23.171, 23.171 5.1.158 2014-11-13 Adware/Youmi.B 1
fprot 4.6.2.117 6.5.1.5418 2014-11-13 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 1
gdata 24.3819 24.3819 2014-08-29 Found nothing 7
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-13 PUA.AndroidOS.Youmi 13
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 13
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 2
mcafee 7520 5400.1158 2014-08-04 Found nothing 8
nod32 0436 3.0.21 2014-09-18 a variant of Android/AdDisplay.Youmi.E application 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 3
pcc 11.274.04 9.500-1005 2014-11-13 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-11-14 Found nothing 1
quickheal 14.00 14.00 2014-06-14 Found nothing 2
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 1
sophos 5.04 3.51.0 2014-08-05 Found nothing 6
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 1
symantec 20141111.002 1.3.0.24 2014-11-11 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-11-13 Found nothing 3
virusbuster 15.0.967.0 5.5.2.13 2014-11-13 Found nothing 15
权限列表
许可名称 信息
android.permission.READ_CONTACTS 读取联系人信息
android.permission.WRITE_CONTACTS 写入联系人信息
android.permission.WRITE_SMS 写短信
android.permission.READ_SMS 读取短信
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
文件信息
VirSCANVirSCAN
安全评分 :84
基本信息
VirSCANVirSCAN
MD5:175caf2ed148416370c6e240a465710a
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.naivesoft.phonesmsforgery
最低运行环境:Android 1.1
版权:student
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/853/cmdline length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/proc/862/cmdline length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.naivesoft.phonesmsforgery/shared_prefs/SHARE_PRE_WELCOME.xml length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
path:/data/data/com.naivesoft.phonesmsforgery/files/6B6DA94B758249A59AB92CFA1A855349 length:105
行为描述: 对指定数据计算哈希
详情信息: 357242043237511310260000000000yuJtmxbnRzbmWJnK
51440503525a433d515f67472551151b055f
3069ba20988b7b6d7f96
1ec0155d490f3069ba20
0359204502517f2316154f427a024269
50a4a8c3cbcd12228258
7c0a2bd9979850a4a8c3
ahDu4bFEsqvpH7sQ1293902561
ahDu4bFEsqvpH7sQ1525977692
0a5c4b165f4304444c52421a5d18591940421b0d1708490b
d9f018412605a23ede08
84f4791cf99fd9f01841
0b0f114851455a574252480b410c0816575712561205525411
58f1263fff9638fe16bd
6813b5116f5558f1263f
ahDu4bFEsqvpH7sQ1584819123
ahDu4bFEsqvpH7sQ942208683
ahDu4bFEsqvpH7sQ1540606014
ahDu4bFEsqvpH7sQ1236194905
行为描述: 数据泄露
详情信息: sink:File operation:write data:data:# #Wed Apr 30 09:44:51 GMT 2014 244E323803A84B9CAB38E2CB7FEE1DF0=1398851091 http.keepAlive=false 48F
行为描述: 获取用户ID
详情信息: 310260000000000
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.naivesoft.phonesmsforgery-1.apk
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 初始化Intent
详情信息: Landroid/content/Context;=com.naivesoft.phonesmsforgery.Main@4153ce58 | Ljava/lang/Class;=class com.naivesoft.phonesmsforgery.SmsTab
Landroid/content/Context;=com.naivesoft.phonesmsforgery.Main@4153ce58 | Ljava/lang/Class;=class com.naivesoft.phonesmsforgery.PhoneTab
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
.Main android.intent.action.MAIN
.Main android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
LocationManager;->getLastKnownLocation 获取地址位置
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getSimSerialNumber 获取SIM序列号
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_CONTACTS 读取联系人信息
android.permission.WRITE_CONTACTS 写入联系人信息
android.permission.WRITE_SMS 写短信
android.permission.READ_SMS 读取短信
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
文件列表
VirSCANVirSCAN
文件名 校验码
res/drawable/add.png 0x78389870
res/drawable/lephone.png 0xf1ac2281
res/drawable/phonemaster.png 0x4898cbc4
res/drawable/smsmaster.png 0xd9ad26ae
res/layout/main.xml 0x6fceeb95
res/layout/muti_phone_number_item.xml 0xb9573d84
res/layout/mutiphonenumber.xml 0x9f6496b0
res/layout/phone_main.xml 0x323380f0
res/layout/sms_main.xml 0xcb8d2a26
AndroidManifest.xml 0x1dd67cc3
resources.arsc 0x9ac04dab
res/drawable-hdpi/icon.png 0x3c13576b
res/drawable-hdpi/lephone.png 0x64573e49
res/drawable-hdpi/phonemaster.png 0xe2cdced6
res/drawable-hdpi/smsmaster.png 0x3d0c464d
res/drawable-hdpi/smsphone.png 0x7a68da55
res/drawable-ldpi/icon.png 0x8ef78580
res/drawable-ldpi/lephone.png 0x553ea567
res/drawable-ldpi/phonemaster.png 0xed3bbe8a
res/drawable-ldpi/smsmaster.png 0x227cf643
res/drawable-ldpi/smsphone.png 0x3ed800bb
res/drawable-mdpi/icon.png 0x99a4f90b
res/drawable-mdpi/lephone.png 0xf1ac2281
res/drawable-mdpi/phonemaster.png 0x4898cbc4
res/drawable-mdpi/smsmaster.png 0xd9ad26ae
res/drawable-mdpi/smsphone.png 0x724aaeef
classes.dex 0x22b6a8f
META-INF/MANIFEST.MF 0x95acd26
META-INF/CERT.SF 0x6c59dbd8
META-INF/CERT.RSA 0x59a35c4a
运行截图
VirSCANVirSCAN
VirSCAN