VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-28 21:05:44 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14245 10.0.1405 2017-07-27 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 6
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23599 0.97.5 2017-07-27 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 50.497, 50.449, 50.473 5.4.247 2017-07-28 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13580 25.13580 2017-07-28 Found nothing 11
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-25 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-27 Found nothing 6
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-27 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-27 Found nothing 2
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 1
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-07-24 Found nothing 1
tws 17.47.17308 1.0.2.2108 2017-07-27 Found nothing 13
vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-25 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:8b9704924a9db59835ffd3b210fd7feb
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.pyler.youtubebackgroundplayback
最低运行环境:Android 1.6
版权:
关键行为
VirSCANVirSCAN
行为描述: 直接获取CPU时钟
详情信息: EAX = 0x62272984, EDX = 0x000000b4
EAX = 0x622729d0, EDX = 0x000000b4
EAX = 0x64aef959, EDX = 0x000000b4
EAX = 0x64aef9a5, EDX = 0x000000b4
EAX = 0x7c7862c8, EDX = 0x000000b4
EAX = 0x7c786314, EDX = 0x000000b4
EAX = 0x7c786360, EDX = 0x000000b4
EAX = 0x7c7863ac, EDX = 0x000000b4
EAX = 0x96f4cbff, EDX = 0x000000b4
EAX = 0x96f4cc4b, EDX = 0x000000b4
行为描述: 获取TickCount值
详情信息: TickCount = 240051, SleepMilliseconds = 20.
TickCount = 240082, SleepMilliseconds = 20.
TickCount = 240098, SleepMilliseconds = 20.
进程行为
VirSCANVirSCAN
行为描述: 直接获取CPU时钟
详情信息: EAX = 0x62272984, EDX = 0x000000b4
EAX = 0x622729d0, EDX = 0x000000b4
EAX = 0x64aef959, EDX = 0x000000b4
EAX = 0x64aef9a5, EDX = 0x000000b4
EAX = 0x7c7862c8, EDX = 0x000000b4
EAX = 0x7c786314, EDX = 0x000000b4
EAX = 0x7c786360, EDX = 0x000000b4
EAX = 0x7c7863ac, EDX = 0x000000b4
EAX = 0x96f4cbff, EDX = 0x000000b4
EAX = 0x96f4cc4b, EDX = 0x000000b4
行为描述: 获取TickCount值
详情信息: TickCount = 240051, SleepMilliseconds = 20.
TickCount = 240082, SleepMilliseconds = 20.
TickCount = 240098, SleepMilliseconds = 20.
文件行为
VirSCANVirSCAN
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
行为描述: 查找文件
详情信息: FileName = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
FileName = C:\WINDOWS\Microsoft.NET\Framework\\*
FileName = C:\WINDOWS
FileName = C:\WINDOWS\WinSxS
FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
FileName = C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\996E.INI
FileName = C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.INI
FileName = C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.INI
其他行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: IsDebuggerPresent
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
MSCTF.Shared.MUTEX.MFK
行为描述: 创建事件对象
详情信息: EventName = Global\CorDBIPCSetupSyncEvent_2648
EventName = MSCTF.SendReceive.Event.MFK.IC
EventName = MSCTF.SendReceiveConection.Event.MFK.IC
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Global\CLR_CASOFF_MUTEX
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: Global\CLR_PerfMon_StartEnumEvent
\KernelObjects\LowMemoryCondition
HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
MSFT.VSA.COM.DISABLE.2648
MSFT.VSA.IEC.STATUS.6c736db0
行为描述: 获取TickCount值
详情信息: TickCount = 240051, SleepMilliseconds = 20.
TickCount = 240082, SleepMilliseconds = 20.
TickCount = 240098, SleepMilliseconds = 20.
行为描述: 窗口信息
详情信息: Pid = 2648, Hwnd=0x1037c, Text = 汉化, ClassName = WindowsForms10.BUTTON.app.0.33c0d9d.
Pid = 2648, Hwnd=0x10380, Text = 保存文件, ClassName = WindowsForms10.BUTTON.app.0.33c0d9d.
Pid = 2648, Hwnd=0x10382, Text = menuStrip1, ClassName = WindowsForms10.Window.8.app.0.33c0d9d.
Pid = 2648, Hwnd=0x10350, Text = AndroidResEdit 1.5 By 汉化浪子 2010.04.07, ClassName = WindowsForms10.Window.8.app.0.33c0d9d.
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = -1.
[2]: MilliSeconds = 20.
[3]: MilliSeconds = 20.
行为描述: 直接获取CPU时钟
详情信息: EAX = 0x62272984, EDX = 0x000000b4
EAX = 0x622729d0, EDX = 0x000000b4
EAX = 0x64aef959, EDX = 0x000000b4
EAX = 0x64aef9a5, EDX = 0x000000b4
EAX = 0x7c7862c8, EDX = 0x000000b4
EAX = 0x7c786314, EDX = 0x000000b4
EAX = 0x7c786360, EDX = 0x000000b4
EAX = 0x7c7863ac, EDX = 0x000000b4
EAX = 0x96f4cbff, EDX = 0x000000b4
EAX = 0x96f4cc4b, EDX = 0x000000b4
危险函数
VirSCANVirSCAN
函数名称 信息
java/net/URL;->openConnection 连接URL
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0x76d572a1
META-INF/CERT.RSA 0x295588f9
META-INF/CERT.SF 0x3a3a9dce
META-INF/MANIFEST.MF 0x8cd888d3
assets/hooks-1.json 0xaa6460ea
assets/hooks-2.json 0xf2d2de5
assets/hooks-3.json 0x42ba331e
assets/xposed_init 0xe5d767b0
classes.dex 0xa28c5930
res/mipmap-hdpi-v4/ic_launcher.png 0xdbb42c20
res/mipmap-mdpi-v4/ic_launcher.png 0x8d404b54
res/mipmap-xhdpi-v4/ic_launcher.png 0x50b1a6e5
res/mipmap-xxhdpi-v4/ic_launcher.png 0xb4fa996f
res/xml/backupscheme.xml 0x82a8ea34
resources.arsc 0x4ffe3fbb
运行截图
VirSCANVirSCAN
VirSCAN