VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:15%Scanner(s) (6/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-04 13:14:34 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 4
antivir 1.9.2.0 1.9.159.0 7.11.182.228 Found nothing 15
antiy 104619 AVL141102 2014-11-03 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141103-1 4.7.4 2014-11-03 Android:Dlwx-B [Trj] 29
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57535 7.90123 2014-11-03 Found nothing 7
clamav 19574 0.97.5 2014-11-02 Found nothing 1
comodo 15023 5.1 2014-11-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 36
fortinet 23.108, 23.108 5.1.158 2014-11-03 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-03 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 6
gdata 24.4760 24.4760 2014-11-03 Android:Dlwx-B 8
hauri 2.73 2.73 2014-11-03 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-03 Trojan-Dropper.AndroidOS.Agent 14
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 30
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Android.Troj.gen_Seldor.d.(kcloud) 4
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 multiple threats 1
panda 9.05.01 9.05.01 2014-11-03 Found nothing 4
pcc 11.254.05 9.500-1005 2014-11-03 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-11-04 a.privacy.dlwx.b 1
quickheal 14.00 14.00 2014-11-03 Found nothing 2
rising 25.38.01.01 25.38.01.01 2014-10-28 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-11-01 Found nothing 2
symantec 20141028.001 1.3.0.24 2014-10-28 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2014-10-31 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-11-03 Found nothing 7
vba 3.12.26.3 3.12.26.3 2014-11-03 Found nothing 3
virusbuster 15.0.957.1 5.5.2.13 2014-11-03 Found nothing 14
权限列表
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.INTERNET 连接网络(2G或3G)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.RECEIVE_SMS 监控接收短信
android.permission.SEND_SMS 发送短信
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
文件信息
VirSCANVirSCAN
安全评分 :73
基本信息
VirSCANVirSCAN
MD5:7234db9f7f7811130669fbb99c3dcf41
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.xnjsnxjsgggg
最低运行环境:Android 2.2.x
版权:dongliwuxian
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.imaadpcm\MaxRTEncodeSetting
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.imaadpcm\MaxRTDecodeSetting
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.msgsm610\MaxRTEncodeSetting
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\msacm.msgsm610\MaxRTDecodeSetting
其他行为
VirSCANVirSCAN
行为描述: 窗口信息
详情信息: Pid = 1760, Hwnd=0xa018c, Text = 定位, ClassName = TButton.
Pid = 1760, Hwnd=0xb0184, Text = ToolBar1, ClassName = TToolBar.
Pid = 1760, Hwnd=0xc01d6, Text = 控制, ClassName = TControlForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:2/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:5/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:8/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:11/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:14/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:17/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:20/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:23/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:26/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:29/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:32/3:55 Player, ClassName = TPlayForm.
Pid = 1760, Hwnd=0xb016a, Text = 0:35/3:55 Player, ClassName = TPlayForm.
危险行为
VirSCANVirSCAN
行为描述: 监听包含特定号码或内容的短信
详情信息: 10658899
动态列表行为
VirSCANVirSCAN
行为描述: 传递附加信息
详情信息: Ljava/lang/String;=timesover | Z=true
Ljava/lang/String;=param | I=1
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.my.pub.MainServiceD
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/854/cmdline length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/firstStartStore.xml length:105
path:/dev/urandom length:13
path:/proc/meminfo length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/SstoreNamePublic.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/killSelfFlagStore.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/sniii.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/funcToolstore.xml length:105
path:/proc/meminfo length:105
path:/proc/933/cmdline length:105
path:/proc/947/cmdline length:105
path:/proc/949/cmdline length:105
path:/proc/984/cmdline length:105
path:/proc/986/cmdline length:105
path:/proc/1062/cmdline length:105
path:/proc/1064/cmdline length:105
行为描述: 数据加密
详情信息: {u'operation': u'keyalgo', u'algorithm': u'DES', u'key': u'97, 107, 106, 102, 114, 100, 103, 102'}
行为描述: 监听包含特定号码或内容的短信
详情信息: 10658899
行为描述: 数据泄露
详情信息: sink:File operation:write data:data:<?xml version='1.0' encoding='utf-8' standalone='yes' ?> <map> <int name="serviceNameCount" value="1
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.xnjsnxjsgggg-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/firstStartStore.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/isFirst.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/killSelfFlagStore.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/sniii.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/funcToolstore.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/SstoreNamePublic.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/SstoreNamePublic.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/killSelfFlagStore.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/sniii.xml length:105
path:/data/data/com.xnjsnxjsgggg/shared_prefs/sniii.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
.MMDActivity android.intent.action.MAIN
.MMDActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
WifiManager;->setWifiEnabled 变更WIFI状态
SmsManager;->sendTextMessage 发送普通短信
启动方式
VirSCANVirSCAN
名称 信息
com.aa.clean_mc.broadcast.InstallApk 应用安装时启动服务
com.aa.clean_mc.broadcast.InstallApk 应用卸载时启动服务
com.my.pub.MainGBReceive1 屏幕解锁启动服务
com.my.pub.MainGBReceive1 监控短信(收到短信)启动服务
com.my.pub.MainGBReceive1 网络连接改变时启动服务
com.my.pub.MainGBReceive1 屏幕解锁启动服务
com.my.pub.MainGBReceive3 应用安装时启动服务
com.my.pub.MainGBReceive3 应用卸载时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.INTERNET 连接网络(2G或3G)
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.RECEIVE_SMS 监控接收短信
android.permission.SEND_SMS 发送短信
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
服务列表
VirSCANVirSCAN
名称
com.my.pub.MainServiceD
文件列表
VirSCANVirSCAN
文件名 校验码
assets/config 0x58b9590f
assets/id 0x3d3c29a8
res/drawable/more_feedback_normal.png 0xf3083af7
res/drawable/more_feedback_pressed.png 0x10dae61
res/drawable/my_feedback_normal.png 0x6d9ee2f3
res/drawable/my_feedback_pressed.png 0x3ff6d161
res/drawable/myfeedback_list_normal.png 0x99e04576
res/drawable/myfeedback_list_pressed.png 0x9bf3e753
res/drawable/selector_blue.xml 0x47b4b747
res/drawable/selector_btn_scanner.xml 0xe8758bc2
res/drawable/selector_feedback_more.xml 0x59651f8d
res/drawable/selector_img_feedback.xml 0xe33d02ef
res/drawable/selector_imt_clear_all.xml 0x82e2f2e5
res/drawable/selector_item.xml 0x2433dbdf
res/drawable/selector_myfeedback_list.xml 0xde9e537b
res/drawable/selector_recommand.xml 0xdd9660c6
res/drawable/selector_setting_item.xml 0xe3c7bfe2
res/drawable/selector_ssgreen.xml 0xe3c7bfe2
res/drawable/selector_tv_back.xml 0x6ad6915b
res/drawable/selector_tv_see_momery.xml 0xd08e8c39
res/drawable/selector_tv_submit.xml 0xdef4fa0
res/drawable/setting_head.png 0xeb6b9786
res/drawable/umeng_fb_gradient_green.xml 0xf20a5f8e
res/drawable/umeng_fb_gradient_orange.xml 0xb1318c6f
res/layout/customerphone.xml 0x18b86ab9
res/layout/dtxplug_ad.xml 0x284915cd
res/layout/dtxplug_ad_notification.xml 0xce142951
res/layout/expandlistview_item.xml 0x1a3a532d
res/layout/expandlistview_sub_item.xml 0x2b43bbf3
res/layout/expandlistview_sub_item_dialog.xml 0x2c99485d
res/layout/feedback.xml 0x2b5ef27d
res/layout/install_dialog.xml 0xf93e2bf3
res/layout/main.xml 0xcba6212f
res/layout/my_feedback.xml 0x8c14af0b
res/layout/my_feedback_item.xml 0x9b9206de
res/layout/my_feedback_type.xml 0x6c02ce5d
res/layout/my_feedback_type_item.xml 0x4767af1e
res/layout/setting.xml 0xa62dcb67
AndroidManifest.xml 0x88cbb06b
resources.arsc 0x15e9b564
res/drawable-hdpi/ab.png 0x3626ca5a
res/drawable-hdpi/bg_black_uns.png 0xe074c6ed
res/drawable-hdpi/bg_blue_s.png 0xa34482a1
res/drawable-hdpi/bg_blue_uns.png 0x856acaa4
res/drawable-hdpi/bg_bottom.png 0x331424af
res/drawable-hdpi/bg_dialog.png 0xe055046d
res/drawable-hdpi/bg_green_s.png 0x199e50d2
res/drawable-hdpi/bg_green_uns.png 0x72350621
res/drawable-hdpi/bg_item.png 0x331424af
res/drawable-hdpi/bg_item_s.png 0xb5be1423
res/drawable-hdpi/bg_main.png 0xde9ce97c
res/drawable-hdpi/feedback_type_item.png 0xb17816e1
res/drawable-hdpi/icon_recommend.png 0x3c2bdcaa
res/drawable-hdpi/img_back.png 0xc9c156c4
res/drawable-hdpi/img_checkall.png 0x6fc1534a
res/drawable-hdpi/img_clear_all_normal.png 0xa34482a1
res/drawable-hdpi/img_clear_all_pressed.png 0x856acaa4
res/drawable-hdpi/img_down.png 0x613ac1f8
res/drawable-hdpi/img_goto.png 0x6578d5e2
res/drawable-hdpi/img_nocheck.png 0xecaf4807
res/drawable-hdpi/img_recommand.png 0x1460ff13
res/drawable-hdpi/img_recommand_press.png 0xae9e11a7
res/drawable-hdpi/img_setting_normal.png 0x863e8588
res/drawable-hdpi/img_setting_press.png 0x7d1f6406
res/drawable-hdpi/img_state_off.png 0xb2afabde
res/drawable-hdpi/img_state_on.png 0x1424fd3e
res/drawable-hdpi/logo.png 0x270f4855
res/drawable-hdpi/main_bottom.png 0x627a89ce
res/drawable-hdpi/umeng_xp_detail365.png 0x182ca4a9
res/drawable-ldpi/logo.png 0x270f4855
res/drawable-mdpi/logo.png 0x270f4855
classes.dex 0x6a253737
lib/armeabi/libSSDEFGGJKC.so 0xa32dbbb9
META-INF/MANIFEST.MF 0xe755ea8a
META-INF/CERT.SF 0x92053b26
META-INF/CERT.RSA 0xc480fd7f
运行截图
VirSCANVirSCAN
VirSCAN