VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-17 22:30:54 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.3911 25.3911 2015-10-17 Found nothing 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 41
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Found nothing 18
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:e611849aac3eb2efaa8f66c68cfb33b2
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.sorais.bakastg
最低运行环境:Android 2.2.x
版权:personal
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.MNF..IHGGH
MSCTF.MarshalInterface.FileMap.MNF.B.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.C.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.D.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.E.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.F.HJGGH
MSCTF.MarshalInterface.FileMap.MNF.G.HKGGH
Local\UrlZonesSM_Administrator
行为描述: 跨进程写入数据
详情信息: TargetProcess = explore.exe, WriteAddress = 0x00400000, Size = 1024
TargetProcess = explore.exe, WriteAddress = 0x0043f000, Size = 0
TargetProcess = explore.exe, WriteAddress = 0x00443000, Size = 0
TargetProcess = explore.exe, WriteAddress = 0x7ffd3008, Size = 4
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [one simply informer 1.1.2 Installation,obj_App]
[Window,Class] = [Smart Install Maker,obj_Form]
[Window,Class] = [,obj_STATIC]
[Window,Class] = [one simply informer 1.1.2 Installation,obj_Form]
行为描述: 设置线程上下文
详情信息: C:\Program Files\Compressed data archive\one simply informer\explore.exe
进程行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.MNF..IHGGH
MSCTF.MarshalInterface.FileMap.MNF.B.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.C.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.D.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.E.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.F.HJGGH
MSCTF.MarshalInterface.FileMap.MNF.G.HKGGH
Local\UrlZonesSM_Administrator
行为描述: 跨进程写入数据
详情信息: TargetProcess = explore.exe, WriteAddress = 0x00400000, Size = 1024
TargetProcess = explore.exe, WriteAddress = 0x0043f000, Size = 0
TargetProcess = explore.exe, WriteAddress = 0x00443000, Size = 0
TargetProcess = explore.exe, WriteAddress = 0x7ffd3008, Size = 4
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [one simply informer 1.1.2 Installation,obj_App]
[Window,Class] = [Smart Install Maker,obj_Form]
[Window,Class] = [,obj_STATIC]
[Window,Class] = [one simply informer 1.1.2 Installation,obj_Form]
行为描述: 设置线程上下文
详情信息: C:\Program Files\Compressed data archive\one simply informer\explore.exe
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.MNF..IHGGH
MSCTF.MarshalInterface.FileMap.MNF.B.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.C.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.D.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.E.IIGGH
MSCTF.MarshalInterface.FileMap.MNF.F.HJGGH
MSCTF.MarshalInterface.FileMap.MNF.G.HKGGH
Local\UrlZonesSM_Administrator
行为描述: 创建可执行文件
详情信息: C:\Program Files\Compressed data archive\one simply informer\explore.exe
C:\Program Files\Compressed data archive\one simply informer\Uninstall.exe
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\$inst\2.tmp---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\$inst\temp_0.tmp---> Offset = 65536
C:\Program Files\Compressed data archive\one simply informer\Uninstall.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\explore.exe---> Offset = 0
行为描述: 查找文件
详情信息: FileName = C:\Program Files
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\My Documents
FileName = C:\Documents and Settings\All Users
FileName = C:\Documents and Settings\All Users\Documents
FileName = C:\Documents and Settings\Administrator\桌面
FileName = C:\Documents and Settings\All Users\桌面
FileName = C:\Program Files\Compressed data archive\one simply informer\explore.exe
行为描述: 修改新生成的可执行文件
详情信息: C:\Program Files\Compressed data archive\one simply informer\Uninstall.exe---> Offset = 99914
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\DisplayName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\DisplayVersion
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\VersionMajor
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\VersionMinor
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\Publisher
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\DisplayIcon
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\UninstallString
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\InstallLocation
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\InstallSource
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\InstallDate
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\Language
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\EstimatedSize
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\NoModify
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\one simply informer 1.1.2\NoRepair
\REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program Files\Compressed data archive\one simply informer\explore.exe
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [one simply informer 1.1.2 Installation,obj_App]
[Window,Class] = [Smart Install Maker,obj_Form]
[Window,Class] = [,obj_STATIC]
[Window,Class] = [one simply informer 1.1.2 Installation,obj_Form]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 窗口信息
详情信息: {"text": "bakaSTG", "class": "android.widget.TextView"}
{"text": " PLAY ", "class": "android.widget.Button"}
{"text": " OPTION ", "class": "android.widget.Button"}
{"text": " EXIT ", "class": "android.widget.Button"}
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414dfc68', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#8020002 pfl=0x8 fmt=-2 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414b8610']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@4155a180', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414b8610']
行为描述: 写入文件
详情信息: path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:109
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:147
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:185
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:223
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:261
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:261
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:261
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:261
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:261
path:/data/data/com.sorais.bakastg/shared_prefs/baka_STG.xml length:261
行为描述: 解析通用资源标识符
详情信息: android.resource://com.sorais.bakastg/2131099669
Activities
VirSCANVirSCAN
活动名 类型
.Title android.intent.action.MAIN
.Title android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
文件列表
VirSCANVirSCAN
文件名 校验码
assets/MedievalSharp.ttf 0xa38ecc2b
res/anim/left_in.xml 0x425323c4
res/anim/left_out.xml 0x5e484e48
res/anim/right_in.xml 0x9e6c3e3
res/anim/right_out.xml 0x93da05d2
res/drawable/button_anim.xml 0x20a2d15a
res/drawable/button_anim_red.xml 0x2beb41ff
res/layout/report.xml 0x199c357f
res/layout/seekbar_pref.xml 0x361c2dbb
res/layout/seekbar_touch.xml 0x7185d56d
res/layout/select.xml 0x3fd24cf3
res/layout/title.xml 0xc31baa39
res/menu/activity_title.xml 0x64f33968
res/raw/bom.ogg 0xbf926386
res/raw/bossbla.ogg 0x3bb04927
res/raw/bossdel.ogg 0x24f827e8
res/raw/change.ogg 0x1443f311
res/raw/changedir.ogg 0x6082c41e
res/raw/chen.ogg 0x3203577f
res/raw/daichan.ogg 0x1648d49f
res/raw/edel.ogg 0x3c9c1c4c
res/raw/item.ogg 0xd3b6d44e
res/raw/lazer.ogg 0x3a4c4283
res/raw/medicine.ogg 0x2e90c85b
res/raw/nitori.ogg 0x85a9918e
res/raw/pdel.ogg 0x5d89c583
res/raw/pshot.ogg 0x7753ef35
res/raw/rain.ogg 0xe35cbf4a
res/raw/rumya.ogg 0x3177a69
res/raw/sanae.ogg 0xa41137c3
res/raw/shot0.ogg 0x418d6f1f
res/raw/shot1.ogg 0xff9d561e
res/raw/shot2.ogg 0x97ab5e0f
res/raw/shot3.ogg 0xc319f4b4
res/raw/theme.ogg 0x68a85306
res/xml/preferences.xml 0x4a099e7
AndroidManifest.xml 0x3a0b709f
resources.arsc 0x20111dad
res/drawable-hdpi/chenimg.png 0x2abc75cc
res/drawable-hdpi/daichanimg.png 0x121b724d
res/drawable-hdpi/ic_action_search.png 0x64275be8
res/drawable-hdpi/ic_launcher.png 0xf8b49d1e
res/drawable-hdpi/medicineimg.png 0x7287c66e
res/drawable-hdpi/nitoriimg.png 0x171fe046
res/drawable-hdpi/rumyaimg.png 0x26c285c9
res/drawable-hdpi/sanaeimg.png 0xabb3c5b5
res/drawable-hdpi/star0.png 0x73a60640
res/drawable-hdpi/star1.png 0x44c8f490
res/drawable-hdpi/star2.png 0x2b45e2de
res/drawable-hdpi/star3.png 0xaa381ac8
res/drawable-ldpi/ic_launcher.png 0x12a5f840
res/drawable-mdpi/ic_action_search.png 0xb4091fdc
res/drawable-mdpi/ic_launcher.png 0x64615224
res/drawable-nodpi/bg.png 0xcc33905
res/drawable-nodpi/bullet.png 0x46abd308
res/drawable-nodpi/chen.png 0xb08f3ba7
res/drawable-nodpi/chencut.png 0x2c08c989
res/drawable-nodpi/daichan.png 0xfa3a7ff
res/drawable-nodpi/daichancut.png 0xd7117200
res/drawable-nodpi/effect.png 0x46486b40
res/drawable-nodpi/hex.png 0xf1a08f2d
res/drawable-nodpi/kuro.png 0x97e98645
res/drawable-nodpi/medicine.png 0x6e5a212a
res/drawable-nodpi/medicinecut.png 0xfba5e11f
res/drawable-nodpi/nitori.png 0xaa5d6f59
res/drawable-nodpi/nitoricut.png 0xa3c48829
res/drawable-nodpi/num.png 0xf46863c
res/drawable-nodpi/pb.png 0x65047c98
res/drawable-nodpi/rumia.png 0xbfa471a7
res/drawable-nodpi/rumyacut.png 0xdb9955c8
res/drawable-nodpi/sanae.png 0x5d85c77a
res/drawable-nodpi/sanaecut.png 0xdc87f575
res/drawable-nodpi/tewi.png 0x927e869e
res/drawable-nodpi/tt2.png 0x27c61fa3
res/drawable-xhdpi/ic_action_search.png 0x3294aee3
res/drawable-xhdpi/ic_launcher.png 0xf2ff247a
classes.dex 0x3c3b35be
lib/armeabi/libdum.so 0x974925e6
lib/armeabi/libstg.so 0x73891258
lib/armeabi-v7a/libdum.so 0x29a198f1
lib/armeabi-v7a/libstg.so 0x4180056a
lib/mips/libdum.so 0xe94cf6ed
lib/mips/libstg.so 0xdd93feb1
lib/x86/libdum.so 0xf170675d
lib/x86/libstg.so 0x2bd4b1ca
META-INF/MANIFEST.MF 0xa81613a3
META-INF/CERT.SF 0x7bb78428
META-INF/CERT.RSA 0xbda7f170
运行截图
VirSCANVirSCAN
VirSCAN