VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-16 14:45:23 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.3894 25.3894 2015-10-16 Found nothing 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 60
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Found nothing 18
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 8
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
权限列表
许可名称 信息
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:6b0ebd238263e575599bf71f0ac94e79
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.davidliu.phoneoff
最低运行环境:Android 2.0
版权:David
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_416
Global\Cor_Public_IPCBlock_416
Global\NLS_00000804_Exception_Table_3_2
进程行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_416
Global\Cor_Public_IPCBlock_416
Global\NLS_00000804_Exception_Table_3_2
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_416
Global\Cor_Public_IPCBlock_416
Global\NLS_00000804_Exception_Table_3_2
行为描述: 查找文件
详情信息: FileName = C:\WINDOWS
FileName = C:\WINDOWS\WinSxS
FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
FileName = C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935095.473159.exe
FileName = C:\Documents and Settings\ADMINI~1
FileName = C:\Documents and Settings\Administrator\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\996E.INI
FileName = C:/DOCUME~1
FileName = C:/DOCUME~1/ADMINI~1
其他行为
VirSCANVirSCAN
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 1000.
行为描述: 获取TickCount值
详情信息: TickCount = 486906, SleepMilliseconds = 1000.
TickCount = 486953, SleepMilliseconds = 1000.
TickCount = 487062, SleepMilliseconds = 1000.
TickCount = 487078, SleepMilliseconds = 1000.
危险行为
VirSCANVirSCAN
行为描述: 执行系统命令
详情信息: [u'su']
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: {"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.davidliu.phoneoff\/com.davidliu.phoneoff.service.ListenNetStateService}"}
{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.davidliu.phoneoff\/com.davidliu.phoneoff.service.ListenNetStateService}"}
行为描述: 获取安装应用列表
详情信息: [u'8192']
[u'0']
[u'0']
行为描述: 获取加密实例
详情信息: [u'DES/CBC/PKCS5Padding']
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@41547698', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x10302e0}', u'android.view.CompatibilityInfoHolder@414af960']
[u'android.widget.LinearLayout@414ef3c8', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
[u'android.widget.LinearLayout@41548ff0', u'WM.LayoutParams{(0,128)(wrapxwrap) gr=#51 ty=2005 fl=#98 fmt=-3 wanim=0x1030004}']
行为描述: root权限检测
详情信息: /system/bin/su
/system/xbin/su
行为描述: 读取文件
详情信息: path:/mnt/sdcard/Android/data/.class/android length:38
path:/mnt/sdcard/Android/data/.class/android length:5
path:unknown length:5
path:/mnt/sdcard/Android/data/cache/AppPackage.dat length:5
行为描述: 获取root权限
详情信息: su
行为描述: 执行系统命令
详情信息: [u'su']
行为描述: 初始化Intent
详情信息: [u'com.davidliu.phoneoff.activity.MainActivity@41546660', u'class com.davidliu.phoneoff.service.ListenNetStateService']
[u'android.os.Parcel@414ad1b8']
[u'android.os.Parcel@414ad178']
[u'android.os.Parcel@414ad1b8']
[u'android.os.Parcel@414ad1b8']
[u'com.davidliu.phoneoff.service.DownloadService@4155fc38', u'class com.davidliu.phoneoff.service.DownloadService']
[u'android.os.Parcel@414ad1b8']
[u'android.app.ReceiverRestrictedContext@414e4590', u'class com.davidliu.phoneoff.service.ListenNetStateService']
[u'android.os.Parcel@414ad178']
行为描述: 初始化URL
详情信息: [u'http://app.wapx.cn/action/connect/active?app_id=e8a2c1fc5aba24dd0bfd51e98c13353b&udid=357143040944263&imsi=460000043140572&net=wifi&base=wapx.cn&app_version=1.0&sdk_version=2.1.0&device_name=sdk&device_brand=Lenovo&y=d5b3942223e9b4a1e702953c2fbfef5a&device_type=android&os_version=4.1.2&country_code=US&language=en&act=com.davidliu.phoneoff&root=true&channel=baidu&device_width=768&device_height=1184&rec=h9fFLgXL%2BJ3C9bjehErUIxN6wKZIfLn3lAkMFR2ZmZeG4%2F2Cr8lFS3xQG13%2BOSMXwcdnnEgVpzax%0AGmBSo9dIpnDzaqneTHWpZyzbh4CnG7RTbdnFqj8SN%2FXY7wF46qeP6JggAsCDe2eX0bXcPhSfc0g%2B%0AgGVGMzoWLFMJLXFSj8QVj8enZPWgHkMT3E5Pz5tO%0A&at=1439264628336']
[u'http://app.waps.cn/action/user_info']
[u'http://fileserver.iuoooo.com/Jinher.JAP.BaseApp.FileServer.UI/FileManage/GetFile?fileURL=29e54e46-3e17-4ca4-8f03-db71fb8f9659/JHApp/PackageId-1f3fdc01-1102-4dc6-a78a-f33592d5da53_APP20140509234505.apk']
行为描述: 注册广播接收器
详情信息: [u'com.davidliu.phoneoff.service.ListenNetStateService$1@4151e318', u'android.content.IntentFilter@414b14a0']
行为描述: 访问URL
详情信息: http://app.wapx.cn/action/connect/active?app_id=e8a2c1fc5aba24dd0bfd51e98c13353b&udid=357143040944263&imsi=460000043140572&net=wifi&base=wapx.cn&app_version=1.0&sdk_version=2.1.0&device_name=sdk&device_brand=Lenovo&y=d5b3942223e9b4a1e702953c2fbfef5a&device_type=android&os_version=4.1.2&country_code=US&language=en&act=com.davidliu.phoneoff&root=true&channel=baidu&device_width=768&device_height=1184&rec=h9fFLgXL%2BJ3C9bjehErUIxN6wKZIfLn3lAkMFR2ZmZeG4%2F2Cr8lFS3xQG13%2BOSMXwcdnnEgVpzax%0AGmBSo9dIpnDzaqneTHWpZyzbh4CnG7RTbdnFqj8SN%2FXY7wF46qeP6JggAsCDe2eX0bXcPhSfc0g%2B%0AgGVGMzoWLFMJLXFSj8QVj8enZPWgHkMT3E5Pz5tO%0A&at=1439264628336
http://app.waps.cn/action/user_info
http://fileserver.iuoooo.com/Jinher.JAP.BaseApp.FileServer.UI/FileManage/GetFile?fileURL=29e54e46-3e17-4ca4-8f03-db71fb8f9659/JHApp/PackageId-1f3fdc01-1102-4dc6-a78a-f33592d5da53_APP20140509234505.apk
行为描述: 读取sdcard
详情信息: path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/cache/AppPackage.dat
行为描述: 窗口信息
详情信息: {"text": "PhoneOff", "class": "android.widget.TextView"}
{"text": "Error:", "class": "android.widget.TextView"}
{"text": "Obtain Root Not Successful!", "class": "android.widget.TextView"}
{"text": "Exit", "class": "android.widget.Button"}
{"text": "Our Apps", "class": "android.widget.Button"}
{"text": "More Apps", "class": "android.widget.Button"}
行为描述: 写入sdcard
详情信息: path:/mnt/sdcard/Android/data/cache/CacheTime.dat
path:/mnt/sdcard/Android/data/.class/android
path:/mnt/sdcard/Android/data/cache/AppPackage.dat
path:/mnt/sdcard/Android/data/cache/UnPackage.dat
行为描述: 获取设备ID
详情信息: 357143040944263
行为描述: Toast->makeText弹出提示
详情信息: text:正在下载.. duration:1
text:下载失败! duration:0
行为描述: 加载链接库文件
详情信息: /data/data/com.davidliu.phoneoff/lib/libuninstall.so
行为描述: 获取当前连接的Wifi热点信息
详情信息: []
[]
[]
[]
[]
[]
行为描述: 获取用户ID
详情信息: 460000043140572
460000043140572
460000043140572
460000043140572
460000043140572
460000043140572
行为描述: 缓冲区读取一行数据
详情信息: RSZbbUsEdX%2Fd49IujgZPfA%3D%3D%0A
null
RSZbbUsEdX%2Fd49IujgZPfA%3D%3D%0A
null
RSZbbUsEdX%2Fd49IujgZPfA%3D%3D%0A
null
RSZbbUsEdX%2Fd49IujgZPfA%3D%3D%0A
null
RSZbbUsEdX%2Fd49IujgZPfA%3D%3D%0A
null
null
行为描述: 获取网络状态信息[*]
详情信息: NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
行为描述: 写入文件
详情信息: path:/mnt/sdcard/Android/data/cache/CacheTime.dat length:18
path:/data/data/com.davidliu.phoneoff/files/CacheTime.dat length:18
path:/mnt/sdcard/Android/data/.class/android length:38
path:unknown length:15
path:unknown length:10
path:/mnt/sdcard/Android/data/cache/AppPackage.dat length:69
path:/mnt/sdcard/Android/data/cache/UnPackage.dat length:69
Activities
VirSCANVirSCAN
活动名 类型
com.davidliu.phoneoff.activity.MainActivity android.intent.action.MAIN
com.davidliu.phoneoff.activity.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
android/app/NotificationManager;->notify 信息通知栏
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
启动方式
VirSCANVirSCAN
名称 信息
com.davidliu.phoneoff.receiver.BootCompletedReceiver 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
服务列表
VirSCANVirSCAN
名称
com.davidliu.phoneoff.service.DownloadService
com.davidliu.phoneoff.service.ListenNetStateService
文件列表
VirSCANVirSCAN
文件名 校验码
res/drawable/ic_launcher.png 0x7bf31f2f
res/drawable/shareicon.png 0x49177228
res/layout/activity_main.xml 0x1c86dc40
AndroidManifest.xml 0x90a84952
resources.arsc 0x831b692
classes.dex 0xfd7c7876
lib/armeabi/libuninstall.so 0x35b1fbd3
lib/armeabi-v7a/libuninstall.so 0xde4b0d8d
lib/mips/libuninstall.so 0xc067f08b
lib/x86/libuninstall.so 0x9a637ac7
META-INF/MANIFEST.MF 0xf469bff9
META-INF/CERT.SF 0xc11a8e73
META-INF/CERT.RSA 0x505830ed
运行截图
VirSCANVirSCAN
VirSCAN