VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-05-05 08:01:16 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 21
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 6
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
clamav 19861 0.97.5 2014-12-31 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 45
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 4
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 31
gdata 25.6465 25.6465 2016-05-04 Found nothing 8
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 7
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 40
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 36
kingsoft 2.1 2.1 2013-09-22 Found nothing 4
mcafee 7638 5400.1158 2014-11-30 Found nothing 30
nod32 0920 3.0.21 2014-12-23 Found nothing 1
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 2
qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 5.08 3.55.0 2014-12-01 Found nothing 5
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 8
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 6

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:197949a7b7145a88fc61a52141538ad3
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.xfunforx.luckymoney
最低运行环境:Android 4.0.3, 4.0.4
版权:v
关键行为
VirSCANVirSCAN
行为描述: 查找反病毒常用工具窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [OllyDbg,]
进程行为
VirSCANVirSCAN
行为描述: 查找反病毒常用工具窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [OllyDbg,]
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.log
C:\Documents and Settings\Administrator\Local Settings\Temp\Cab3.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar4.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Cab5.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar6.tmp
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\Cab3.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar4.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Cab5.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar6.tmp
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\Cab3.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar4.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Cab5.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar6.tmp
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\Cab3.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar4.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar4.tmp ---> Offset = 32768
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar4.tmp ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar4.tmp ---> Offset = 98304
C:\Documents and Settings\Administrator\Local Settings\Temp\Cab5.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar6.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar6.tmp ---> Offset = 32768
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar6.tmp ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\Tar6.tmp ---> Offset = 98304
C:\WINDOWS\system32\CatRoot2\dberr.txt ---> Offset = 5382
C:\WINDOWS\system32\CatRoot2\dberr.txt ---> Offset = 4096
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: WinHttpConnect: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x01f82000, hConnect = 0x01f82100, Flags = 0x00000000
行为描述: 打开HTTP连接
详情信息: WinHttpOpen: UserAgent: Microsoft-CryptoAPI/5.131.2600.5512, hSession = 0x01f82000
行为描述: 建立到一个指定的套接字连接
详情信息: URL: w****., IP: **.133.40.**:80, SOCKET = 0x00000304
URL: w****., IP: **.133.40.**:80, SOCKET = 0x0000030c
URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000308
行为描述: 发送HTTP包
详情信息: GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Microsoft-CryptoAPI/5.131.2600.5512 Host: **.133.40.** Connection: Keep-Alive
GET /msdownload/update/v3/static/trustedr/en/authrootseq.txt HTTP/1.1 Accept: */* User-Agent: Microsoft-CryptoAPI/5.131.2600.5512 Host: ww****om Connection: Keep-Alive Cache-Control: no-cache Pragma: no-cache
行为描述: 打开HTTP请求
详情信息: WinHttpOpenRequest: ww****om:80/msdownload/update/v3/static/trustedr/en/authrootseq.txt, hConnect = 0x01f82100, hRequest = 0x01ff0000, Verb: GET, Referer: , Flags = 0x00000100
行为描述: 按名称获取主机地址
详情信息: gethostbyname: w****.
GetAddrInfoW: ww****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\mobileEx\3.5\Card\Serv0
\REGISTRY\USER\S-*\Software\mobileEx\3.5\Card\Serv1
\REGISTRY\USER\S-*\Software\mobileEx\3.5\Card\Serv2
其他行为
VirSCANVirSCAN
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [{D194C736-E507-45D6-AD48-17AF483D8CD9},]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [#32770,]
NtUserFindWindowEx: [Class,Window] = [Button,]
NtUserFindWindowEx: [Class,Window] = [OT_PLUGIN_0001,]
NtUserFindWindowEx: [Class,Window] = [OT_PLUGIN_0005,]
NtUserFindWindowEx: [Class,Window] = [ATL:0043E0A8,]
NtUserFindWindowEx: [Class,Window] = [ATL:67EF23C8,]
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\crypt32LogoffEvent
EventName = Global\userenv: User Profile setup event
行为描述: 创建互斥体
详情信息: oleacc-msaa-loaded
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
RasPbFile
行为描述: 查找反病毒常用工具窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [OllyDbg,]
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0x67df1ae5
assets/xposed_init 0x84e6c8f5
res/drawable-hdpi-v4/ic_launcher.png 0x5f8a1eb4
res/drawable-mdpi-v4/ic_launcher.png 0xa5bfa0ca
res/drawable-xhdpi-v4/ic_launcher.png 0xc9c090e8
resources.arsc 0x5fc51ec5
classes.dex 0xd2a2a912
META-INF/MANIFEST.MF 0xfe29cea2
META-INF/CERT.SF 0x557e1051
META-INF/CERT.RSA 0xc4df28e2
运行截图
VirSCANVirSCAN
VirSCAN