VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:23%Scanner(s) (9/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-12 14:39:30 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.184.98 Found nothing 13
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Android.Adware.Wapsx.A 2
avast 141111-0 4.7.4 2014-11-11 Found nothing 29
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 1
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57661 7.90123 2014-11-10 Android.Adware.Wapsx.A 6
clamav 19608 0.97.5 2014-11-10 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 36
fortinet 23.159, 23.159 5.1.158 2014-11-11 Adware/Waps.G 1
fprot 4.6.2.117 6.5.1.5418 2014-11-11 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Android.Adware.Wapsx.A 2
gdata 24.3819 24.3819 2014-08-29 Android.Adware.Wapsx.A 7
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-11 PUA.AndroidOS.Waps 14
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 14
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 3
mcafee 7520 5400.1158 2014-08-04 Found nothing 8
nod32 0436 3.0.21 2014-09-18 a variant of Android/AdDisplay.Waps.L application 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 3
pcc 11.270.05 9.500-1005 2014-11-11 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-11-12 a.gray.agrj 1
quickheal 14.00 14.00 2014-06-14 Found nothing 4
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 1
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Adware.AndroidOS.Waps.a 2
symantec 20141110.003 1.3.0.24 2014-11-10 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-11-11 Found nothing 5
virusbuster 15.0.965.0 5.5.2.13 2014-11-11 Found nothing 15
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
文件信息
VirSCANVirSCAN
安全评分 :77
基本信息
VirSCANVirSCAN
MD5:84865247b7b8ace919f220b3d3a45c92
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.agrj.koukouj
最低运行环境:Android 2.2.x
版权:Unknown
关键行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
其他行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
动态列表行为
VirSCANVirSCAN
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/797/cmdline length:105
path:/proc/809/cmdline length:105
path:/proc/839/cmdline length:105
path:/proc/850/cmdline length:105
path:/proc/889/cmdline length:105
path:/proc/891/cmdline length:105
path:/proc/1036/cmdline length:105
path:/proc/1038/cmdline length:105
行为描述: 对指定数据计算哈希
详情信息: kingxiaoguang@gmail.com35724204323751179fcc56f8258c708805012971d25d70e
357242043237511kingxiaoguang@gmail.com
行为描述: 访问URL
详情信息: libcore.net.http.HttpURLConnectionImpl:http://img.ninebox.cn/dat/p/2.1.3/11.dat
libcore.net.http.HttpURLConnectionImpl:http://img.ninebox.cn/dat/c/1.0.9/10.dat
行为描述: 数据泄露
详情信息: sink:File operation:write data:data:<?xml version='1.0' encoding='utf-8' standalone='yes' ?> <map> <string name="i">%157%154%165%156%171
行为描述: 获取用户ID
详情信息: 310260000000000
行为描述: 执行SQL查询
详情信息: select
SELECT * FROM ciku
SELECT * FROM qq order by time desc
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.agrj.koukouj-1.apk
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.agrj.koukouj/files/CacheTime.dat length:18
path:/data/data/com.agrj.koukouj/shared_prefs/Start_Tag.xml length:70
path:/data/data/com.agrj.koukouj/shared_prefs/AppSettings.xml length:105
path:/data/data/com.agrj.koukouj/files/UnPackage.dat length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.agrj.koukouj/shared_prefs/j-id.xml length:105
path:/data/data/com.agrj.koukouj/shared_prefs/running_app_name.xml length:105
path:/data/data/com.agrj.koukouj/shared_prefs/xy.xml length:104
行为描述: 初始化Intent
详情信息: Ljava/lang/String;=android.intent.action.MAIN
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
com.agrj.koukou.MainActivity android.intent.action.MAIN
com.agrj.koukou.MainActivity android.intent.category.LAUNCHER
com.agrj.koukou.b.Uni android.intent.action.CREATE_SHORTCUT
com.agrj.koukou.b.Uni android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
java/net/URL;->openConnection 连接URL
android/app/NotificationManager;->notify 信息通知栏
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
java/net/HttpURLConnection;->connect 连接URL
java/net/URLConnection;->connect 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
启动方式
VirSCANVirSCAN
名称 信息
com.agrj.koukou.s.Lkdc 应用安装时启动服务
com.agrj.koukou.s.Lkdc 网络连接改变时启动服务
com.agrj.koukou.s.Lkdc 屏幕解锁启动服务
com.agrj.koukou.f.Xt 应用安装时启动服务
com.agrj.koukou.f.Xt 网络连接改变时启动服务
com.agrj.koukou.f.Xt 屏幕解锁启动服务
com.agrj.koukou.b.Md 应用安装时启动服务
com.agrj.koukou.b.Md 屏幕解锁启动服务
com.agrj.koukou.b.Md 网络连接改变时启动服务
com.agrj.koukou.x.Oa 网络连接改变时启动服务
com.agrj.koukou.x.Oa 屏幕解锁启动服务
com.agrj.koukou.x.Oa 应用安装时启动服务
com.agrj.koukou.x.Oa 应用卸载时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
服务列表
VirSCANVirSCAN
名称
com.agrj.koukou.s.Ovaa
com.agrj.koukou.f.Rcr
com.agrj.koukou.b.Tlus
com.agrj.koukou.x.Zo
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x1b0294cc
META-INF/CERT.SF 0xb037658a
META-INF/CERT.RSA 0xc739580e
assets/ciku 0x7799c548
res/drawable-hdpi/android32.png 0x9b4728c3
res/drawable-hdpi/back32.png 0x11500f6f
res/drawable-hdpi/btn_add_login.png 0xa571d5d7
res/drawable-hdpi/btn_add_login_2.png 0x16fc81ae
res/drawable-hdpi/btn_back.png 0xcd05e890
res/drawable-hdpi/btn_get_points.png 0xde4fc844
res/drawable-hdpi/btn_menu.png 0x272f5f26
res/drawable-hdpi/btn_menu_2.png 0x383f34ab
res/drawable-hdpi/btn_start.png 0xfcea3e11
res/drawable-hdpi/btn_stop.png 0x6c8528ae
res/drawable-hdpi/btn_view.png 0x10d31cd
res/drawable-hdpi/btn_view2.png 0x7dff1c26
res/drawable-hdpi/clean.png 0x7c93764
res/drawable-hdpi/close.png 0x7c74234d
res/drawable-hdpi/doc.png 0x3ce135cf
res/drawable-hdpi/exit.png 0x2fdfd9b6
res/drawable-hdpi/exitapp.png 0xc3b5dfba
res/drawable-hdpi/first_step.png 0x4b951a2f
res/drawable-hdpi/folder.png 0x4b511e19
res/drawable-hdpi/folder_icon.png 0x3bc27171
res/drawable-hdpi/gif32.png 0x9c787d5b
res/drawable-hdpi/head1.png 0xaa82e18d
res/drawable-hdpi/help.png 0xa7382780
res/drawable-hdpi/ic_launcher.png 0xb0dbc49d
res/drawable-hdpi/icon.png 0x4ec8fc9
res/drawable-hdpi/imports.png 0xd7af610a
res/drawable-hdpi/jpg32.png 0x58a73f87
res/drawable-hdpi/pdf.png 0xe3b95d45
res/drawable-hdpi/png32.png 0xad806aea
res/drawable-hdpi/ppt.png 0x9ccfffcb
res/drawable-hdpi/rtf32.png 0x34164880
res/drawable-hdpi/selector_add_login.xml 0x72232e9
res/drawable-hdpi/selector_menu.xml 0xe0a43be7
res/drawable-hdpi/setting.png 0xdafa01c3
res/drawable-hdpi/shape_add_login.xml 0x805546ec
res/drawable-hdpi/shape_dotted_line.xml 0x7f47bd64
res/drawable-hdpi/shape_input.xml 0x12dda5e4
res/drawable-hdpi/shape_login_dialog.xml 0x805546ec
res/drawable-hdpi/shape_login_dialog_wait.xml 0xe38ac642
res/drawable-hdpi/shape_login_dialogtitle.xml 0x6a1586ac
res/drawable-hdpi/shape_qq_list.xml 0xc8838556
res/drawable-hdpi/shape_qq_list_bottom.xml 0x8dce83a9
res/drawable-hdpi/shape_qq_list_mid.xml 0x3b728154
res/drawable-hdpi/shape_qq_list_top.xml 0x67ef070d
res/drawable-hdpi/txt32.png 0x9f955fe9
res/drawable-hdpi/update.png 0xf004e63
res/drawable-hdpi/vcode.png 0x48832d73
res/drawable-hdpi/vcode_loading.png 0xe6886680
res/drawable-hdpi/whitepage32.png 0x35384a8d
res/drawable-hdpi/xls.png 0xeeb0d963
res/drawable-hdpi/zip32.png 0x467dcba3
res/drawable-ldpi/ic_launcher.png 0xb0dbc49d
res/drawable-ldpi/icon.png 0xab2b47f7
res/drawable-mdpi/ic_launcher.png 0xb0dbc49d
res/drawable-mdpi/icon.png 0xb0dbc49d
res/drawable-xhdpi/ic_launcher.png 0xb0dbc49d
res/drawable-xhdpi/icon.png 0x9a8bc70
res/drawable-xxhdpi/ic_launcher.png 0xb0dbc49d
res/drawable-xxhdpi/icon.png 0x9a8bc70
res/layout/activity_filechooser.xml 0x7f1b9129
res/layout/activity_main.xml 0xad0283f4
res/layout/activity_setting.xml 0x751e0e34
res/layout/activity_web.xml 0x5e09e7fd
res/layout/dialog_import.xml 0x1c1fd11e
res/layout/dialog_login.xml 0x3fcce1cb
res/layout/dialog_setting.xml 0x78c642b9
res/layout/file_view.xml 0xcdf0b482
res/layout/qqlist_layout.xml 0xf9f0adcd
res/menu/main.xml 0x4915fd0e
res/menu/setting.xml 0x5a986f93
AndroidManifest.xml 0xba5611b8
classes.dex 0x5adee4b6
resources.arsc 0x27836087
运行截图
VirSCANVirSCAN
VirSCAN