VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:6%Scanner(s) (2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-09-18 12:36:15 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 7
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 2
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14460 10.0.1405 2017-09-14 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23840 0.97.5 2017-09-16 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-09-11 Found nothing 60
fortinet 1.000, 51.717, 51.597, 51.621 5.4.247 2017-09-18 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.14225 25.14225 2017-09-18 Android.Riskware.SmsPay.XC 13
ikarus 3.02.08 V1.32.31.0 2017-09-17 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-09-17 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-09-17 Found nothing 60
mcafee 8620 5400.1158 2017-08-12 Found nothing 60
nod32 6091 3.0.21 2017-09-16 Found nothing 60
panda 9.05.01 9.05.01 2017-09-17 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 13
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-09-16 Android.Agent.GEN3293 3
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 4
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2017-09-16 Found nothing 3
tws 17.47.17308 1.0.2.2108 2017-09-17 Found nothing 17
vba 3.12.29.5 beta 3.12.29.5 beta 2017-09-15 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.INTERNET 连接网络(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.READ_SMS 读取短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.SEND_SMS 发送短信
android.permission.WRITE_SMS 写短信
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS 访问额外的定位指令
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.READ_SETTINGS
android.permission.READ_INTERNAL_STORAGE
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.UPDATE_APP_OPS_STATS
android.permission.WRITE_INTERNAL_STORAGE
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:29ff42c6753df0fc4bd05bb9252f01b1
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:leono.cldts852.dlrb
最低运行环境:Android 2.3, 2.3.1, 2.3.2
版权:Unknown
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\WINDOWS\ERegCleaner.exe, WriteAddress = 0x7ffd5008, Size = 0x00000004 TargetPID = 0x00000b20
TargetProcess = C:\WINDOWS\ERegCleaner.exe, WriteAddress = 0x00400000, Size = 0x00ffa000 TargetPID = 0x00000b20
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 设置线程上下文
详情信息: C:\WINDOWS\ERegCleaner.exe
行为描述: 获取TickCount值
详情信息: TickCount = 223046, SleepMilliseconds = 1000.
TickCount = 223078, SleepMilliseconds = 1000.
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\WINDOWS\ERegCleaner.exe, WriteAddress = 0x7ffd5008, Size = 0x00000004 TargetPID = 0x00000b20
TargetProcess = C:\WINDOWS\ERegCleaner.exe, WriteAddress = 0x00400000, Size = 0x00ffa000 TargetPID = 0x00000b20
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 设置线程上下文
详情信息: C:\WINDOWS\ERegCleaner.exe
行为描述: 获取TickCount值
详情信息: TickCount = 223046, SleepMilliseconds = 1000.
TickCount = 223078, SleepMilliseconds = 1000.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\2.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\temp_0.tmp
C:\WINDOWS\ERegCleaner.exe
C:\WINDOWS\gif.png
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\0001.tmp
C:\WINDOWS\TweakAssistKrnl.dll
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\fwqlj[1].asp
行为描述: 创建可执行文件
详情信息: C:\WINDOWS\ERegCleaner.exe
C:\WINDOWS\TweakAssistKrnl.dll
行为描述: 查找文件
详情信息: FileName = C:\Program Files
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\My Documents
FileName = C:\Documents and Settings\All Users
FileName = C:\Documents and Settings\All Users\Documents
FileName = C:\Documents and Settings\Administrator\桌面
FileName = C:\Documents and Settings\All Users\桌面
FileName = C:\WINDOWS
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\temp_0.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\0001.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\2.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\fwqlj[1].asp
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\2.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\2.tmp ---> Offset = 4
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\temp_0.tmp ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\temp_0.tmp ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\temp_0.tmp ---> Offset = 131072
C:\Documents and Settings\Administrator\Local Settings\Temp\$inst\temp_0.tmp ---> Offset = 196608
C:\WINDOWS\ERegCleaner.exe ---> Offset = 0
C:\WINDOWS\ERegCleaner.exe ---> Offset = 32768
C:\WINDOWS\ERegCleaner.exe ---> Offset = 65536
C:\WINDOWS\ERegCleaner.exe ---> Offset = 98304
C:\WINDOWS\gif.png ---> Offset = 0
C:\WINDOWS\gif.png ---> Offset = 29696
C:\WINDOWS\gif.png ---> Offset = 62464
C:\WINDOWS\gif.png ---> Offset = 95232
C:\WINDOWS\gif.png ---> Offset = 128000
网络行为
VirSCANVirSCAN
行为描述: 联网打开网址
详情信息: InternetOpenUrlA: http://aa****in//asp3.4/fwqlj.asp, hInternet = 0x00cc0004, Flags = 0x80000000
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = aa****in, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x80000000
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: cctv.mtv, hSession = 0x00cc0004
行为描述: 建立到一个指定的套接字连接
详情信息: URL: aa****in, IP: **.133.40.**:80, SOCKET = 0x0000028c
URL: aa****in, IP: **.133.40.**:80, SOCKET = 0x0000031c
行为描述: 读取网络文件
详情信息: hFile = 0x00cc000c, BytesToRead =2048, BytesRead = 2048.
行为描述: 发送HTTP包
详情信息: GET //asp3.4/fwqlj.asp HTTP/1.1 User-Agent: cctv.mtv Host: aa****in Cache-Control: no-cache
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: aa****in:80//asp3.4/fwqlj.asp, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x80000000
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: aa****in
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\DisplayName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\DisplayVersion
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\VersionMajor
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\VersionMinor
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\Publisher
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\DisplayIcon
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\UninstallString
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\URLInfoAbout
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\HelpLink
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\InstallLocation
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\InstallSource
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\InstallDate
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\Language
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\EstimatedSize
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\新安装文件 1.00\NoModify
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
RasPbFile
MSCTF.Shared.MUTEX.ECL
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
EventName = MSCTF.SendReceive.Event.ECL.IC
EventName = MSCTF.SendReceiveConection.Event.ECL.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 窗口信息
详情信息: Pid = 2848, Hwnd=0x1040a, Text = 读取记录, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x10408, Text = 重新填写, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x10406, Text = 验 证 码:, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x10400, Text = 点击后会对注册码进行注册及充值并登录, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x103fe, Text = 注册码登录, ClassName = Button.
Pid = 2848, Hwnd=0x103fa, Text = 注册码:, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x203b6, Text = 最新版本下载, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x203b0, Text = 购买充值卡, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x20350, Text = 状态, ClassName = msctls_statusbar32.
Pid = 2848, Hwnd=0x103ea, Text = 验 证 码:, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x103f8, Text = 记住密码, ClassName = Button(CheckBox).
Pid = 2848, Hwnd=0x103f6, Text = 记住账号, ClassName = Button(CheckBox).
Pid = 2848, Hwnd=0x103e6, Text = 用户账号: 用户密码: 验 证 码:, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 2848, Hwnd=0x103e4, Text = 一键登录, ClassName = Button.
Pid = 2848, Hwnd=0x103e2, Text = 登陆, ClassName = Button.
行为描述: 获取TickCount值
详情信息: TickCount = 223046, SleepMilliseconds = 1000.
TickCount = 223078, SleepMilliseconds = 1000.
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
_fCanRegisterWithShellService
CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
MSCTF.SendReceive.Event.IOH.IC
MSCTF.SendReceiveConection.Event.IOH.IC
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSFT.VSA.COM.DISABLE.2848
MSFT.VSA.IEC.STATUS.6c736db0
行为描述: 直接操作物理设备
详情信息: \??\PhysicalDrive0
行为描述: 可执行文件签名信息
详情信息: C:\WINDOWS\ERegCleaner.exe(签名验证: 未通过)
C:\WINDOWS\TweakAssistKrnl.dll(签名验证: 未通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 1000.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [新安装文件 1.00 安装,obj_App]
[Window,Class] = [Smart Install Maker,obj_Form]
[Window,Class] = [,obj_STATIC]
[Window,Class] = [新安装文件 1.00 安装,obj_Form]
[Window,Class] = [,Button]
[Window,Class] = [,_EL_Timer]
[Window,Class] = [,Afx:400000:b:10011:0:0]
[Window,Class] = [注:一键填写的为本机信息,账号密码相同,Afx:400000:b:10011:1900015:0]
[Window,Class] = [最新版本下载,Afx:400000:b:10011:1900015:0]
[Window,Class] = [验 证 码:,Afx:400000:b:10011:1900015:0]
[Window,Class] = [,Edit]
[Window,Class] = [,_EL_DrawPanel]
[Window,Class] = [重新填写,Afx:400000:b:10011:1900015:0]
[Window,Class] = [读取记录,Afx:400000:b:10011:1900015:0]
[Window,Class] = [登陆,Button]
行为描述: 可执行文件MD5
详情信息: C:\WINDOWS\ERegCleaner.exe ---> d99c4bb17b078e973f210728058b539b
C:\WINDOWS\TweakAssistKrnl.dll ---> 737f5a2ed1e0d6371852b6cb327533cc
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Local\!IETld!Mutex
RasPbFile
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
行为描述: 加载新释放的文件
详情信息: Image: C:\WINDOWS\TweakAssistKrnl.dll.
Activities
VirSCANVirSCAN
活动名 类型
com.jhtc.cf2.gameMain android.intent.action.MAIN
com.jhtc.cf2.gameMain android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
HttpClient;->execute 请求远程服务器
java/net/URL;->openConnection 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
ContentResolver;->query 读取联系人、短信等数据库
WifiManager;->setWifiEnabled 变更WIFI状态
SmsManager;->sendTextMessage 发送普通短信
SmsManager;->sendDataMessage 发送二进制消息
ContentResolver;->delete 删除短信、联系人
java/net/URLConnection;->connect 连接URL
java/net/HttpURLConnection;->connect 连接URL
TelephonyManager;->getSimSerialNumber 获取SIM序列号
TelephonyManager;->getLine1Number 获取手机号
DefaultHttpClient;->execute 发送HTTP请求
SmsReceiver;->abortBroadcast 拦截短信接收
启动方式
VirSCANVirSCAN
名称 信息
com.yq.yqpay.AutoSMS 监控短信(收到短信)启动服务
com.yf.jar.pay.InSmsReceiver 监控短信(收到短信)启动服务
com.mn.kt.rs.RsRe 监控短信(收到短信)启动服务
com.mn.kt.rs.RsRe 网络连接改变时启动服务
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe 开机启动服务
com.mn.kt.rs.RsRe
com.mn.kt.rs.RsRe 屏幕解锁启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.INTERNET 连接网络(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.READ_SMS 读取短信
android.permission.RECEIVE_SMS 监控接收短信
android.permission.SEND_SMS 发送短信
android.permission.WRITE_SMS 写短信
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.DISABLE_KEYGUARD 禁用键盘锁
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS 访问额外的定位指令
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.CHANGE_CONFIGURATION 修改当前设置(如:本地化)
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.READ_SETTINGS
android.permission.READ_INTERNAL_STORAGE
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.UPDATE_APP_OPS_STATS
android.permission.WRITE_INTERNAL_STORAGE
服务列表
VirSCANVirSCAN
名称
com.android.mai.mob.MaiService
com.wyzf.service.InitService
com.yf.jar.pay.SmsServices
com.yf.sms.service.InitService
com.mn.kt.rs.RsSe
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xbcdedf74
META-INF/KS215057.SF 0xed695fe
META-INF/KS215057.RSA 0x250bf4b5
AndroidManifest.xml 0xde6cc3a2
assets/anim/boss03.dat 0x38296473
assets/anim/boss03.plist 0x59ad8301
assets/anim/boss03.png 0x6ddd0ea1
assets/anim/box.dat 0xdb7aefdc
assets/anim/box.plist 0x58848171
assets/anim/box.png 0x64e8f42
assets/anim/boy.dat 0x8d82c0fb
assets/anim/boy.plist 0xbb601d7b
assets/anim/boy.png 0x8e189591
assets/anim/dead.dat 0xbe1846c0
assets/anim/dead.plist 0x35ead02b
assets/anim/dead.png 0x70aa8c73
assets/anim/girl.dat 0x6af14ac6
assets/anim/girl.plist 0x14909da5
assets/anim/girl.png 0x2b4b9104
assets/anim/guns_1.dat 0x915b6640
assets/anim/guns_1.plist 0xef05777f
assets/anim/guns_1.png 0x98bd2800
assets/anim/hero_1.dat 0x1280fbd8
assets/anim/hero_1.plist 0xcd751183
assets/anim/hero_1.png 0x55fcaf13
assets/anim/lianye.dat 0x42bf3384
assets/anim/lianye.plist 0x8b7c04ba
assets/anim/lianye.png 0xb1548fcd
assets/anim/ui_store1.plist 0x9298c607
assets/anim/ui_store1.png 0xfc9e1780
assets/dERlZG 0xc6e46af2
assets/extension/an_huodong.png 0xb1e3f831
assets/extension/an_jihuo.png 0x799c4a1f
assets/extension/bg_jihuo.png 0xc416d079
assets/extension/bgk_jzlb.png 0x56b7d2f2
assets/extension/bgkuang_jineng.png 0x94cbd97e
assets/extension/buy1.png 0xf81854dd
assets/extension/chaifen/diban.png 0x1a80233b
assets/extension/chaifen/guanbi.png 0xab3263e7
assets/extension/chaifen/quanpinghongzha.png 0xcdb05995
assets/extension/chaifen/queren.png 0x82013ba7
assets/extension/chaifen/shouchongSDK.png 0x50876686
assets/extension/chaifen/shouchongSDK1.png 0x75df72dd
assets/extension/choujiang.png 0xefb27f06
assets/extension/dialog.fnt 0xfd5a70f0
assets/extension/dialog.png 0x1e13cd38
assets/extension/goumai.png 0x4e7c0552
assets/extension/jifei_wenzi_d_12x19.png 0x9d89b850
assets/extension/libao1.png 0x9aeefcef
assets/extension/libao2.png 0x10c62f71
assets/extension/libao3.png 0xf9af3ebd
assets/extension/libao4.png 0xe72da2e7
assets/extension/libao5.png 0xb5087643
assets/extension/loading.plist 0x4d43b979
assets/extension/mf_p.plist 0xefa94300
assets/extension/mf_p.png 0x2a631fe
assets/extension/pai_jbbsdafz02.png 0xc4283baf
assets/extension/pai_jbbz01.png 0xc63df2b
assets/extension/pai_jinsdfbi2.png 0x7f330468
assets/extension/pai_zssdfabz02.png 0xca79cd27
assets/extension/pai_zuanssdfhi02.png 0xa6aab67c
assets/extension/queren.png 0x1f6bcdde
assets/extension/queren1.png 0xd33d93bf
assets/extension/quxiao1.png 0x54e5c8ac
assets/extension/shouchonglibao.png 0x35f4da66
assets/extension/shuzi_14x23_bai.png 0xbde3d140
assets/extension/shuzi_14x23_huang.png 0x7f7eb38a
assets/extension/shuzi_17x25_huang.png 0x8f95950
assets/extension/shuzi_diaoxie_11x19.png 0x81dd902f
assets/extension/shuzi_jinqian_11x19.png 0xf76a946e
assets/extension/yuan.png 0x2444ec8f
assets/extension/zi_libao_16x27.png 0x6e0fc20a
assets/extension/zi_yuan_20x33.png 0x4f62b9f5
assets/fengmianzi5.png 0x3bbd8cce
assets/luck.plist 0xdb70bd6e
assets/pay.md 0xb97362b4
assets/res 0xf809daa3
assets/stringsScript.xml 0x86e30956
assets/tkhzfd_3009_2281 0xaf6da230
assets/wyzf/res.bin 0x30dabe29
assets/yf.conf 0x6df4add4
assets/yylist.xml 0x8918ef77
classes.dex 0x91dfc15c
lib/armeabi/gdbserver 0x6b2a561d
lib/armeabi/libZombies.so 0x1f10f75d
lib/armeabi/libsfunityoffline.so 0xabac0b77
res/drawable-hdpi-v4/hfb_application.png 0x79af184
res/drawable-hdpi-v4/hfb_blue_btn.9.png 0x37fa8aa
res/drawable-hdpi-v4/hfb_btn_normal.9.png 0xd6917aa4
res/drawable-hdpi-v4/hfb_btn_normal2.9.png 0x9e963d6f
res/drawable-hdpi-v4/hfb_btn_pressed.9.png 0xf2a17e49
res/drawable-hdpi-v4/hfb_btn_pressed2.9.png 0xafd6f776
res/drawable-hdpi-v4/hfb_fail.png 0x68cb688b
res/drawable-hdpi-v4/hfb_ipt_bg.9.png 0x4c90052f
res/drawable-hdpi-v4/hfb_logo.png 0x1eab81ce
res/drawable-hdpi-v4/hfb_query.png 0xd7b3c106
res/drawable-hdpi-v4/hfb_red_btn.9.png 0xbf8c1d6f
res/drawable-hdpi-v4/hfb_step1.png 0xb0336f88
res/drawable-hdpi-v4/hfb_step2.png 0xa034b4d7
res/drawable-hdpi-v4/hfb_step3.png 0x48b4daa8
res/drawable-hdpi-v4/hfb_succ.png 0x51877707
res/drawable-hdpi-v4/jhtc_back_bt_jhtc.xml 0x6607dbcd
res/drawable-hdpi-v4/jhtc_button1_confirm.9.png 0x4cbca97a
res/drawable-hdpi-v4/jhtc_button1_confirmpress.9.png 0xc67a9e40
res/drawable-hdpi-v4/jhtc_button_back_press.png 0xb2916fe8
res/drawable-hdpi-v4/jhtc_dailog_bg.xml 0xc57869bc
res/drawable-hdpi-v4/jhtc_dailog_title_bg.xml 0x5ba74359
res/drawable-hdpi-v4/jhtc_infobg.9.png 0x27b498c5
res/drawable-hdpi-v4/jhtc_infoline.png 0xfc8044bf
res/drawable-hdpi-v4/jhtc_line.xml 0x54e193e2
res/drawable-hdpi-v4/jhtc_publicloading.png 0x22348b50
res/drawable-hdpi-v4/jhtc_seleter_bt_jhtc.xml 0x9d99136
res/drawable-hdpi-v4/jhtc_title2_bg.png 0xe8a1aa01
res/drawable-hdpi-v4/jhtc_top_button_back.png 0xf9df9e2f
res/drawable-hdpi-v4/xiipay_logo.png 0x8a9c0954
res/drawable-ldpi-v4/icon.png 0xf9bbe2c6
res/drawable-ldpi-v4/libao.png 0x7194d5df
res/drawable/hfb_btn.xml 0x214fc2f
res/drawable/hfb_btn2.xml 0x2922d28e
res/drawable/hfb_info_bg.xml 0x6edd93d9
res/drawable/hfb_merdesc_info_bg.xml 0x9fe514d7
res/layout/hfb_billingcode.xml 0x147e4ec5
res/layout/hfb_padquery.xml 0x91aa6a9a
res/layout/hfb_success.xml 0x96a60c27
res/layout/hfb_title.xml 0xcfff5eae
res/layout/hfb_upgrade_notification.xml 0x575b322e
res/layout/jhtc_loading_animation.xml 0x6e8f279f
res/layout/jhtc_loading_dialog.xml 0x5e4b65c5
res/layout/jhtc_paydailog.xml 0x77adc69b
res/layout/xiipay_info.xml 0xa260290a
resources.arsc 0x17a5ada
运行截图
VirSCANVirSCAN
VirSCAN