VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Scanner(s) (0/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-08 07:37:27 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 4
antivir 1.9.2.0 1.9.159.0 7.11.183.172 Found nothing 15
antiy 112612 AVL141106 2014-11-07 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141106-0 4.7.4 2014-11-06 Found nothing 13
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 3
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57607 7.90123 2014-11-07 Found nothing 6
clamav 19595 0.97.5 2014-11-07 Found nothing 2
comodo 15023 5.1 2014-11-07 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 37
fortinet 23.129, 23.129 5.1.158 2014-11-07 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-07 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 2
gdata 24.4834 24.4834 2014-11-07 Found nothing 8
hauri 2.73 2.73 2014-11-07 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-07 Found nothing 14
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 30
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 21
kingsoft 2.1 2.1 2013-09-22 Found nothing 3
mcafee 7520 5400.1158 2014-08-04 Found nothing 8
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-11-07 Found nothing 7
pcc 11.262.06 9.500-1005 2014-11-07 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-11-08 Found nothing 1
quickheal 14.00 14.00 2014-11-07 Found nothing 3
rising 25.39.03.04 25.39.03.04 2014-11-06 Found nothing 3
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2595.2 3.9.2595.2 2014-11-06 Found nothing 2
symantec 20141104.004 1.3.0.24 2014-11-04 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 4
thehacker 6.8.0.5 6.8.0.5 2014-11-07 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-11-07 Found nothing 7
vba 3.12.26.3 3.12.26.3 2014-11-06 Found nothing 4
virusbuster 15.0.961.0 5.5.2.13 2014-11-07 Found nothing 15
权限列表
许可名称 信息
android.permission.ACCESS_SUPERUSER
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件信息
VirSCANVirSCAN
安全评分 :74
基本信息
VirSCANVirSCAN
MD5:de4f0dc569f96dbcc5668d40fa76040b
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:de.robv.android.xposed.installer
最低运行环境:Android 4.0.3, 4.0.4
版权:
关键行为
VirSCANVirSCAN
行为描述: 设置线程上下文
详情信息: C:\monitor\sample.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Trojan.exe
行为描述: 修改注册表_系统防火墙可信进程列表
详情信息: \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Documents and Settings\Administrator\Local Settings\Temp\Trojan.exe
行为描述: 设置启动项
详情信息: C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\5cd8f17f4086744065eb0992a09e05a2.exe
进程行为
VirSCANVirSCAN
行为描述: 设置线程上下文
详情信息: C:\monitor\sample.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Trojan.exe
行为描述: 修改注册表_系统防火墙可信进程列表
详情信息: \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Documents and Settings\Administrator\Local Settings\Temp\Trojan.exe
行为描述: 设置启动项
详情信息: C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\5cd8f17f4086744065eb0992a09e05a2.exe
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_v4_1460
Global\Cor_SxSPublic_IPCBlock_1460
Global\Cor_Private_IPCBlock_v4_1288
Global\Cor_SxSPublic_IPCBlock_1288
Local\UrlZonesSM_Administrator
Global\Cor_Private_IPCBlock_v4_404
Global\Cor_SxSPublic_IPCBlock_404
Global\Cor_Private_IPCBlock_v4_2840
Global\Cor_SxSPublic_IPCBlock_2840
AtlDebugAllocator_FileMappingNameStatic3_be0
Global\NLS_CodePage_936_3_2_0_0
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\Trojan.exe
C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\5cd8f17f4086744065eb0992a09e05a2.exe
行为描述: 设置启动项
详情信息: C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\5cd8f17f4086744065eb0992a09e05a2.exe
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\X\BaseClass
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Trojan.exe
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\EnableFileTracing
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\EnableConsoleTracing
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\FileTracingMask
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\ConsoleTracingMask
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\MaxFileSize
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\FileDirectory
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\NAP\Netsh\LogSessionName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\NAP\Netsh\Active
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\NAP\Netsh\ControlFlags
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\NAP\Netsh\Napmontr\Guid
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\NAP\Netsh\Napmontr\BitNames
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\qagent\LogSessionName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\qagent\Active
行为描述: 修改注册表_系统防火墙可信进程列表
详情信息: \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Documents and Settings\Administrator\Local Settings\Temp\Trojan.exe
行为描述: 修改注册表_系统环境变量
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Environment\SEE_MASK_NOZONECHECKS
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: 5cd8f17f4086744065eb0992a09e05a2
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
SHIMLIB_LOG_MUTEX
RasPbFile
行为描述: 枚举窗口
详情信息: N/A
行为描述: 获取系统权限
详情信息: SE_DEBUG_PRIVILEGE
SE_LOAD_DRIVER_PRIVILEGE
动态列表行为
VirSCANVirSCAN
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/842/cmdline length:105
path:/proc/852/cmdline length:105
path:/proc/881/cmdline length:105
path:/proc/883/cmdline length:105
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/de.robv.android.xposed.installer-1.apk
行为描述: 缓冲区读取一行数据
详情信息: 54
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/de.robv.android.xposed.installer/shared_prefs/de.robv.android.xposed.installer_preferences.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
.WelcomeActivity android.intent.action.MAIN
.WelcomeActivity android.intent.category.LAUNCHER
.XposedInstallerActivity de.robv.android.xposed.installer.OPEN_SECTION
.XposedInstallerActivity android.intent.category.DEFAULT
.DownloadDetailsActivity de.robv.android.xposed.installer.DOWNLOAD_DETAILS
.DownloadDetailsActivity android.intent.action.VIEW
.DownloadDetailsActivity android.intent.category.DEFAULT
.DownloadDetailsActivity android.intent.category.BROWSABLE
危险函数
VirSCANVirSCAN
函数名称 信息
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
android/app/NotificationManager;->notify 信息通知栏
java/net/URL;->openConnection 连接URL
java/net/URLConnection;->connect 连接URL
启动方式
VirSCANVirSCAN
名称 信息
de.robv.android.xposed.installer.PackageChangeReceiver 应用安装时启动服务
de.robv.android.xposed.installer.PackageChangeReceiver 应用卸载时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.ACCESS_SUPERUSER
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件列表
VirSCANVirSCAN
文件名 校验码
assets/arm/app_process_xposed_sdk15 0xe05ef7f3
assets/arm/app_process_xposed_sdk16 0xc3f70ae1
assets/arm/busybox-xposed 0xbe9e009f
assets/x86/app_process_xposed_sdk15 0x3c6fa8ec
assets/x86/app_process_xposed_sdk16 0x6235058f
assets/x86/busybox-xposed 0x6be45ff5
assets/Xposed-Disabler-Recovery.zip 0xd593d0fb
assets/Xposed-Installer-Recovery.zip 0x82350b65
assets/XposedBridge.jar 0xa6310950
res/anim/slide_in_left.xml 0xe1edaaf4
res/anim/slide_in_right.xml 0xaa584ad3
res/anim/slide_out_left.xml 0x1f7609d3
res/anim/slide_out_right.xml 0xd2e44249
res/drawable/background_card_black.xml 0xf7328da5
res/drawable/background_card_dark.xml 0xb00626c0
res/drawable/background_card_light.xml 0xde390807
res/drawable/background_card_normal_black.xml 0xfaaad30d
res/drawable/background_card_normal_dark.xml 0xa6421023
res/drawable/background_card_normal_light.xml 0x93aa48bd
res/drawable/background_card_pressed_black.xml 0x6303b75a
res/drawable/background_card_pressed_dark.xml 0x1f5ab364
res/drawable/background_card_pressed_light.xml 0x2ab2ebfa
res/layout/activity_download_details.xml 0xd139ded9
res/layout/activity_download_details_not_found.xml 0xa1a4375
res/layout/activity_welcome.xml 0xb5cf4023
res/layout/dialog_install_warning.xml 0xf4bc17c7
res/layout/download_details.xml 0x35cd15f3
res/layout/download_moreinfo.xml 0xa50223f1
res/layout/download_view.xml 0x8e301e9d
res/layout/list_item_download.xml 0x72ec1058
res/layout/list_item_module.xml 0xea61462b
res/layout/list_item_version.xml 0xb0e51d5d
res/layout/list_item_welcome.xml 0xc00daac7
res/layout/list_sticky_header_download.xml 0x6d5f5fa
res/layout/tab_about.xml 0x2a301d06
res/layout/tab_downloader.xml 0xfeb56291
res/layout/tab_installer.xml 0xb0b0d59c
res/layout/tab_logs.xml 0xff26ae5e
res/layout/xposed_not_active_note.xml 0xd3ff2675
res/menu/context_menu_modules.xml 0x23d209a7
res/menu/menu_download.xml 0x37075814
res/menu/menu_download_details.xml 0x2bf584f0
res/menu/menu_logs.xml 0xbf024d8c
res/xml/module_prefs.xml 0x303ad8fc
res/xml/prefs.xml 0x97bbc370
AndroidManifest.xml 0x2eae1ce
resources.arsc 0x5e24629d
res/drawable-hdpi/ic_launcher.png 0xed613f22
res/drawable-hdpi/ic_menu_refresh.png 0xe59f711
res/drawable-hdpi/ic_notification.png 0x478a7188
res/drawable-ldpi/ic_launcher.png 0x7504c829
res/drawable-ldpi/ic_menu_refresh.png 0xa59bfd2f
res/drawable-ldpi/ic_notification.png 0x370e9a69
res/drawable-mdpi/ic_launcher.png 0x73348136
res/drawable-mdpi/ic_menu_refresh.png 0x5b3150dc
res/drawable-mdpi/ic_notification.png 0x8c6dd9d7
res/drawable-xhdpi/ic_launcher.png 0x3001450b
res/drawable-xhdpi/ic_menu_refresh.png 0xfd8b5611
res/drawable-xhdpi/ic_notification.png 0xc05d1b8f
res/drawable-xxhdpi/ic_launcher.png 0x48496aa7
res/drawable-xxhdpi/ic_menu_refresh.png 0x1de37bf2
res/drawable-xxhdpi/ic_notification.png 0x458dc1f2
classes.dex 0xd9b5f03f
NOTICE.txt 0x3745b3d9
META-INF/MANIFEST.MF 0xdc792f3f
META-INF/CERT.SF 0xe82349a7
META-INF/CERT.RSA 0x3c026f2c
运行截图
VirSCANVirSCAN
VirSCAN