VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-03 15:49:03 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14122 10.0.1405 2017-06-29 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23506 0.97.5 2017-06-25 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 49.915, 49.796 5.4.247 2017-07-03 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13180 25.13180 2017-07-03 Found nothing 11
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-01 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-02 Found nothing 7
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-01 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 5
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-01 Found nothing 3
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 1
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-06-27 Found nothing 1
tws 17.47.17308 1.0.2.2108 2017-07-03 Found nothing 14
vba 3.12.29.5 beta 3.12.29.5 beta 2017-06-30 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:4641748a13b9332ff1c7bb583f1c0617
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.zhanhong.RandomNumb
最低运行环境:Android 2.3.3, 2.3.4
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 创建系统服务
详情信息: [服务创建成功]: xiaodaoss, C:\WINDOWS\nujpmc.exe
行为描述: 获取TickCount值
详情信息: TickCount = 5429671, SleepMilliseconds = 500.
TickCount = 5429687, SleepMilliseconds = 500.
TickCount = 5429734, SleepMilliseconds = 500.
进程行为
VirSCANVirSCAN
行为描述: 创建系统服务
详情信息: [服务创建成功]: xiaodaoss, C:\WINDOWS\nujpmc.exe
行为描述: 获取TickCount值
详情信息: TickCount = 5429671, SleepMilliseconds = 500.
TickCount = 5429687, SleepMilliseconds = 500.
TickCount = 5429734, SleepMilliseconds = 500.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\WINDOWS\nujpmc.exe
行为描述: 创建可执行文件
详情信息: C:\WINDOWS\nujpmc.exe
行为描述: 修改文件内容
详情信息: C:\WINDOWS\nujpmc.exe ---> Offset = 0
C:\WINDOWS\nujpmc.exe ---> Offset = 65536
C:\WINDOWS\nujpmc.exe ---> Offset = 131072
C:\WINDOWS\nujpmc.exe ---> Offset = 196608
行为描述: 复制文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe ---> C:\WINDOWS\nujpmc.exe
网络行为
VirSCANVirSCAN
行为描述: 建立到一个指定的套接字连接
详情信息: IP: **.0.0.**:80, SOCKET = 0x000000c8
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SYSTEM\ControlSet002\Services\xiaodaoss\Description
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: xiaodaoss
行为描述: 启动系统服务
详情信息: [服务启动成功]: LocalSystem, 360ss, C:\WINDOWS\nujpmc.exe
行为描述: 获取TickCount值
详情信息: TickCount = 5429671, SleepMilliseconds = 500.
TickCount = 5429687, SleepMilliseconds = 500.
TickCount = 5429734, SleepMilliseconds = 500.
行为描述: 打开事件
详情信息: Global\SvcctrlStartEvent_A3752DX
HookSwitchHookEnabledEvent
行为描述: 可执行文件签名信息
详情信息: C:\WINDOWS\nujpmc.exe(签名验证: 未通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 500.
行为描述: 可执行文件MD5
详情信息: C:\WINDOWS\nujpmc.exe ---> 1affbcb98bbd2386b8d34ab6f6818a55
行为描述: 创建系统服务
详情信息: [服务创建成功]: xiaodaoss, C:\WINDOWS\nujpmc.exe
Activities
VirSCANVirSCAN
活动名 类型
.RandomNumbActivity android.intent.action.MAIN
.RandomNumbActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0x2b7f75b4
classes.dex 0xf0c06db3
META-INF/CERT.RSA 0x97442cd0
META-INF/CERT.SF 0xcbb1b0c2
META-INF/MANIFEST.MF 0xef2beda
res/drawable-hdpi/icon.png 0x5b385639
res/drawable-ldpi/icon.png 0x7f4f321b
res/drawable-mdpi/icon.png 0x76e633a8
res/layout/dialog1.xml 0x98b0385c
res/layout/dialog2.xml 0xeff983f9
res/layout/dialog3.xml 0x9af693af
res/layout/main.xml 0x2b1b6dec
resources.arsc 0x7aa78523
运行截图
VirSCANVirSCAN
VirSCAN