VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

File Name :木马.apk (File not down)
File Size :395699 byte
File Type : application/zip
MD5:f446402a565aab0f9afb1f2c8a42c062
SHA1:1b809d76200b690946004d43bf3535087b59d7e2
Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-26 17:55:16 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.4043 25.4043 2015-10-25 Android.Trojan.SMSSend.ADJ 8
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 40
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Found nothing 12
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Android.SmsThief.AU 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 12
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
权限列表
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.RECEIVE_SMS 监控接收短信
android.permission.READ_SMS 读取短信
android.permission.SEND_SMS 发送短信
android.permission.CALL_PHONE 拨打电话
android.permission.READ_CALL_LOG 读取通话记录
android.permission.WRITE_CALL_LOG 写入通话记录
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.WRITE_SMS 写短信
android.permission.READ_CONTACTS 读取联系人信息
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:f446402a565aab0f9afb1f2c8a42c062
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.qihoo360.mobilesafe_mobilepad
最低运行环境:Android 2.2.x
版权:
关键行为
VirSCANVirSCAN
行为描述: DLL样本(x86)
详情信息: N/A
进程行为
VirSCANVirSCAN
行为描述: DLL样本(x86)
详情信息: N/A
文件行为
VirSCANVirSCAN
行为描述: 查找文件
详情信息: FileName = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
FileName = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
其他行为
VirSCANVirSCAN
行为描述: DLL样本(x86)
详情信息: N/A
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
SE_DEBUG_PRIVILEGE
危险行为
VirSCANVirSCAN
行为描述: 发送短信
详情信息: number:10086 data:message: 老板发财 群发勿回
number:1-381-173-1123 data:message: 老板发财 群发勿回
number:1-381-173-1321 data:message: 老板发财 群发勿回
number:15639976883 data:message:6-357143040944263
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: {"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.qihoo360.mobilesafe_mobilepad\/cn.baidujiayuan.ver5304.M2}"}
{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.qihoo360.mobilesafe_mobilepad\/cn.baidujiayuan.ver5304.M2}"}
{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.qihoo360.mobilesafe_mobilepad\/cn.baidujiayuan.ver5304.M2}"}
{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.qihoo360.mobilesafe_mobilepad\/cn.baidujiayuan.ver5304.M2}"}
行为描述: 读取URL数据
详情信息: []
[]
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@4158dc30', u'WM.LayoutParams{(0,0)(fillxfill) ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414b8a18']
行为描述: webview加载网页
详情信息: http://xiangce.baidu.com/
行为描述: 获取邮件Session
详情信息: [u'{mail.smtp.port=25, mail.smtp.host=smtp.139.com, mail.smtp.socketFactory.fallback=false, mail.smtp.auth=true, mail.debug=true, mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory, mail.smtp.socketFactory.port=465}', u'cn.baidujiayuan.ver5304.Mail@41503228']
[u'{mail.smtp.port=25, mail.smtp.host=smtp.139.com, mail.smtp.socketFactory.fallback=false, mail.smtp.auth=true, mail.debug=true, mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory, mail.smtp.socketFactory.port=465}', u'cn.baidujiayuan.ver5304.Mail@414d4ea0']
行为描述: 获取本机电话号码
详情信息: 13661158120
13661158120
13661158120
行为描述: 读取文件
详情信息: path:/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk length:9
path:/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk length:23
path:/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk length:69
path:/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk length:7
path:/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk length:7
path:/proc/meminfo length:69
行为描述: 激活ActivityForResult
详情信息: {"ACTION":"android.app.action.ADD_DEVICE_ADMIN","FLAG":0,"EXTRAS":{"android.app.extra.DEVICE_ADMIN":"ComponentInfo{com.qihoo360.mobilesafe_mobilepad\/cn.baidujiayuan.ver5304.D1}","android.app.extra.ADD_EXPLANATION":""}}
行为描述: 登录邮箱
详情信息: name:18701327046@139.com,password:woaini123
name:18701327046@139.com,password:woaini123
行为描述: 初始化Intent
详情信息: [u'cn.baidujiayuan.ver5304.C1@4151a138', u'class cn.baidujiayuan.ver5304.M2']
[u'android.os.Parcel@414b6028']
[u'android.app.action.ADD_DEVICE_ADMIN']
[u'cn.baidujiayuan.ver5304.M2@41504d78', u'class cn.baidujiayuan.ver5304.A1']
[u'android.os.Parcel@414b6028']
[u'android.app.ReceiverRestrictedContext@415245c0', u'class cn.baidujiayuan.ver5304.M2']
[u'android.os.Parcel@414b5fe8']
[u'android.os.Parcel@414b6028']
[u'android.os.Parcel@414b5fe8']
[u'android.os.Parcel@414b6028']
[u'android.app.ReceiverRestrictedContext@415245c0', u'class cn.baidujiayuan.ver5304.M2']
[u'android.os.Parcel@414b5fe8']
[u'android.os.Parcel@414b5fe8']
[u'android.app.ReceiverRestrictedContext@415245c0', u'class cn.baidujiayuan.ver5304.M2']
[u'android.os.Parcel@414b6028']
行为描述: 传递附加信息
详情信息: android.app.extra.DEVICE_ADMIN:ComponentInfo{com.qihoo360.mobilesafe_mobilepad/cn.baidujiayuan.ver5304.D1}
android.app.extra.ADD_EXPLANATION:
行为描述: 调用哈希算法
详情信息: SHA1
行为描述: 解析通用资源标识符
详情信息: content://com.android.contacts
content://sms/
content://sms/
webkit/android-weberror.png
行为描述: 注册ContentObserver
详情信息: URI=content://sms/
行为描述: 初始化URL
详情信息: [u'file', u'', u'-1', u'/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk', u'null']
[u'jar:file:/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk!/mailcap']
[u'file', u'', u'-1', u'/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk', u'null']
[u'jar:file:/data/app/com.qihoo360.mobilesafe_mobilepad-1.apk!/mailcap']
行为描述: 发送短信
详情信息: number:10086 data:message: 老板发财 群发勿回
number:1-381-173-1123 data:message: 老板发财 群发勿回
number:1-381-173-1321 data:message: 老板发财 群发勿回
number:15639976883 data:message:6-357143040944263
行为描述: 发送邮件
详情信息: [u'{"content":"javax.mail.internet.MimeMultipart@414c1920","to":"[18701327046@139.com]","from":"[18701327046@139.com]"}']
[u'{"content":"javax.mail.internet.MimeMultipart@414d4ef0","to":"[18701327046@139.com]","from":"[18701327046@139.com]"}']
行为描述: 获取设备ID
详情信息: 357143040944263
357143040944263
357143040944263
行为描述: 读取手机短信
详情信息: [u'content://sms/', u'[_id, address, person, body, date, type]', u'null', u'null', u'date desc']
行为描述: 隐藏桌面快捷图标
详情信息: [u'ComponentInfo{com.qihoo360.mobilesafe_mobilepad/cn.baidujiayuan.ver5304.C1}', u'2', u'1']
行为描述: 设置组件属性
详情信息: [u'ComponentInfo{com.qihoo360.mobilesafe_mobilepad/cn.baidujiayuan.ver5304.C1}', u'2', u'1']
行为描述: 数据库查询
详情信息: [u'formurl', u'null', u'null', u'null', u'null', u'null', u'null']
行为描述: 缓冲区读取一行数据
详情信息: #
# @(#)mailcap 1.8 05/04/20
#
# Default mailcap file for the JavaMail System.
#
# JavaMail content-handlers:
#
text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
#
# can't support image types because myjava.awt.Toolkit doesn't work on servers
#
#image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
#image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
null
text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
null
text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
null
text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
null
multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed
#
# @(#)mailcap 1.8 05/04/20
#
null
# Default mailcap file for the JavaMail System.
#
message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
# JavaMail content-handlers:
null
#
text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
#
# can't support image types because myjava.awt.Toolkit doesn't work on servers
#
#image/gif;; x-java-content-handler=com.sun.mail.handlers.image_gif
#image/jpeg;; x-java-content-handler=com.sun.mail.handlers.image_jpeg
null
text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
null
text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
null
text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
null
multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed
null
message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
null
行为描述: 查询App共享数据
详情信息: [u'content://com.android.contacts/contacts', u'null', u'null', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 1', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 2', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 3', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 4', u'null', u'null']
[u'content://sms/', u'[_id, address, person, body, date, type]', u'null', u'null', u'date desc']
[u'content://com.android.contacts/contacts', u'null', u'null', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 1', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 2', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 3', u'null', u'null']
[u'content://com.android.contacts/data/phones', u'null', u'contact_id = 4', u'null', u'null']
行为描述: 循环任务
详情信息: [u'0', u'1439264634326', u'50000', u'PendingIntent{41520e28: android.os.BinderProxy@414b09b8}']
Activities
VirSCANVirSCAN
活动名 类型
cn.baidujiayuan.ver5304.U1 android.intent.action.DELETE
cn.baidujiayuan.ver5304.U1 android.intent.action.VIEW
cn.baidujiayuan.ver5304.U1 android.intent.category.DEFAULT
cn.baidujiayuan.ver5304.U3 android.intent.action.DELETE
cn.baidujiayuan.ver5304.U3 android.intent.action.VIEW
cn.baidujiayuan.ver5304.U3 android.intent.category.DEFAULT
cn.baidujiayuan.ver5304.C1 android.intent.action.MAIN
cn.baidujiayuan.ver5304.C1 android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
SmsManager;->sendTextMessage 发送普通短信
TelephonyManager;->getLine1Number 获取手机号
ContentResolver;->query 读取联系人、短信等数据库
java/net/URL;->openConnection 连接URL
启动方式
VirSCANVirSCAN
名称 信息
cn.baidujiayuan.ver5304.X1 监控短信(收到短信)启动服务
cn.baidujiayuan.ver5304.B1 开机启动服务
cn.baidujiayuan.ver5304.A1 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.RECEIVE_SMS 监控接收短信
android.permission.READ_SMS 读取短信
android.permission.SEND_SMS 发送短信
android.permission.CALL_PHONE 拨打电话
android.permission.READ_CALL_LOG 读取通话记录
android.permission.WRITE_CALL_LOG 写入通话记录
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.WRITE_SMS 写短信
android.permission.READ_CONTACTS 读取联系人信息
服务列表
VirSCANVirSCAN
名称
cn.baidujiayuan.ver5304.M2
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0x7c54fc2
META-INF/MANIFEST.MF 0xe61f0aa5
META-INF/QIHOO.SF 0xf762d496
META-INF/QIHOO.RSA 0x8cda6199
META-INF/CERT.SF 0xce610e30
META-INF/CERT.RSA 0xd963894d
com/sun/mail/dsn/mailcap 0x7605dc17
dsn.mf 0x1e4e9355
res/layout/uninstall_progress.xml 0x2d0a3dc1
res/drawable-hdpi/iocn.png 0x2b1066f8
res/layout/op_progress.xml 0x35c2f372
res/layout/dialog.xml 0x1f659f97
javamail.default.address.map 0xf20496b
res/layout/uninstall_confirm.xml 0x16a5eaff
javamail.smtp.provider 0x990c469d
res/layout/x.xml 0x375db97c
javamail.imap.provider 0x8934555a
res/xml/ds.xml 0x5174a133
org/apache/harmony/awt/internal/nls/messages.properties 0x5f88eb12
mimetypes.default 0x97dd5cdb
res/layout/main.xml 0x2d98e6d2
javamail.pop3.provider 0xa23c9bc
res/layout/activity_main.xml 0x2d98e6d2
mailcap.default 0x6f616b6
javamail.default.providers 0x45ea1b21
lib/armeabi/libcore.so 0x8f7e16db
javamail.smtp.address.map 0xf20496b
res/layout/app_details.xml 0xbfb8c64
javamail.charset.map 0xad0dfcee
resources.arsc 0xd06d09bb
classes.dex 0x80b7adcf
mailcap 0xd7759e43
运行截图
VirSCANVirSCAN
VirSCAN