VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:7%Scanner(s) (3/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-06 11:24:49 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.183.62 Found nothing 15
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Found nothing 1
avast 141105-0 4.7.4 2014-11-05 Found nothing 22
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57568 7.90123 2014-11-05 Found nothing 8
clamav 19588 0.97.5 2014-11-05 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 47
fortinet 23.123, 23.123 5.1.158 2014-11-06 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-05 Found nothing 2
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 2
gdata 24.3819 24.3819 2014-08-29 Found nothing 8
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-05 PUA.AndroidOS.AppOffer 15
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 14
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 21
kingsoft 2.1 2.1 2013-09-22 Found nothing 2
mcafee 7520 5400.1158 2014-08-04 Found nothing 10
nod32 0436 3.0.21 2014-09-18 a variant of Android/AdDisplay.AppOffer.A application 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 3
pcc 11.258.05 9.500-1005 2014-11-05 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
qqphone 1.0.0.0 1.0.0.0 2014-11-06 托品(a.notifyad.tpwap) 1
quickheal 14.00 14.00 2014-06-14 Found nothing 2
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 1
symantec 20141104.004 1.3.0.24 2014-11-04 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-11-05 Found nothing 4
virusbuster 15.0.959.0 5.5.2.13 2014-11-05 Found nothing 17
权限列表
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.INTERNET 连接网络(2G或3G)
com.android.browser.permission.READ_HISTORY_BOOKMARKS 读取浏览器书签
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS 写浏览器书签
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.READ_LOGS 读取系统日志
文件信息
VirSCANVirSCAN
安全评分 :71
基本信息
VirSCANVirSCAN
MD5:8da0765e9149c45b2b087e1550872c9c
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:wabao.ETWeb
最低运行环境:Android 1.6
版权:wabao
其他行为
VirSCANVirSCAN
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
SE_DEBUG_PRIVILEGE
危险行为
VirSCANVirSCAN
行为描述: 执行系统命令
详情信息: {logcat, -d, -v, raw, -s, AndroidRuntime:E, -p, wabao.ETWeb}
logcat -c
行为描述: 获取已安装应用列表
详情信息: android
com.android.backupconfirm
com.android.bluetooth
com.android.browser
com.android.calculator2
com.android.calendar
com.android.certinstaller
com.android.contacts
com.android.defcontainer
com.android.deskclock
com.android.development
com.android.email
com.android.exchange
com.android.galaxy4
com.android.gallery3d
com.android.gesture.builder
com.android.htmlviewer
com.android.inputdevices
com.android.inputmethod.latin
com.android.inputmethod.pinyin
com.android.keychain
com.android.launcher
com.android.magicsmoke
com.android.mms
com.android.music
com.android.musicfx
com.android.musicvis
com.android.noisefield
com.android.packageinstaller
com.android.phasebeam
com.android.phone
com.android.providers.applications
com.android.providers.calendar
com.android.providers.contacts
com.android.providers.downloads
com.android.providers.downloads.ui
com.android.providers.drm
com.android.providers.media
com.android.providers.settings
com.android.providers.telephony
com.android.providers.userdictionary
com.android.provision
com.android.quicksearchbox
com.android.settings
com.android.sharedstoragebackup
com.android.smoketest
com.android.smoketest.tests
com.android.smspush
com.android.soundrecorder
com.android.speechrecorder
com.android.systemui
com.android.videoeditor
com.android.voicedialer
com.android.vpndialogs
com.android.wallpaper
com.android.wallpaper.holospiral
com.android.wallpaper.livepicker
com.android.widgetpreview
com.example.android.apis
com.example.android.livecubes
com.example.android.softkeyboard
com.svox.pico
jp.co.omronsoft.openwnn
wabao.ETWeb
动态列表行为
VirSCANVirSCAN
行为描述: 传递附加信息
详情信息: Ljava/lang/String;=RetrieveReplyBroadcast | I=-1
行为描述: 数据加密
详情信息: {u'operation': u'keyalgo', u'algorithm': u'AES', u'key': u'21, -66, 21, 100, -88, 127, -64, 104, 74, 37, -70, -122, 8, -71, 60, 118'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/usereg.jsp?pos=', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/advertise.jsp?pos=%s&type=%s&adVer=%d&spos=%s', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/sms_push_status.jsp?cid=', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/sms_push_list.jsp?id=', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/push_down_test.jsp?pos=', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/push_list.jsp?cid=', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/ad_activate.jsp?type=1&adId=', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'http://www.baidu.com/json/ad_activate.jsp?type=2&pushId=', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'az.etwap.com', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'az.zerosj.cn', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'az.dwapk.cn', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'az.xzapk.cn', u'algorithm': u'AES'}
{u'operation': u'decryption', u'data': u'az.apksj.cn', u'algorithm': u'AES'}
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 读取文件
详情信息: path:pipe:[3515] length:105
path:/proc/792/cmdline length:105
path:/proc/807/cmdline length:105
path:/proc/819/cmdline length:105
path:/proc/850/cmdline length:105
path:/proc/860/cmdline length:105
path:/proc/878/cmdline length:105
path:/proc/cpuinfo length:105
path:/proc/929/cmdline length:105
path:/proc/931/cmdline length:105
path:/proc/967/cmdline length:105
path:/proc/969/cmdline length:105
行为描述: 注册ContentObserver
详情信息: URI=content://telephony/carriers
行为描述: 对指定数据计算哈希
详情信息: 357242043237511
行为描述: 数据泄露
详情信息: sink:File operation:write data:data:<?xml version='1.0' encoding='utf-8' standalone='yes' ?> <map> <string name="header">{&quot;os&quot;
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/wabao.ETWeb-1.apk
path:/system/app/Browser.apk
行为描述: 缓冲区读取一行数据
详情信息: null
Processor : ARMv7 Processor rev 0
行为描述: 执行系统命令
详情信息: {logcat, -d, -v, raw, -s, AndroidRuntime:E, -p, wabao.ETWeb}
logcat -c
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/wabao.ETWeb/shared_prefs/applist_wabao.ETWeb.xml length:105
path:/data/data/com.android.browser/shared_prefs/com.android.browser_preferences.xml length:105
path:/data/data/wabao.ETWeb/shared_prefs/AdConfig.xml length:105
path:/data/data/wabao.ETWeb/shared_prefs/ET.xml length:105
path:/data/data/wabao.ETWeb/shared_prefs/mobclick_agent_state_wabao.ETWeb.xml length:105
path:/data/data/wabao.ETWeb/files/mobclick_agent_cached_wabao.ETWeb length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/wabao.ETWeb/shared_prefs/AdConfig.xml length:105
行为描述: 初始化Intent
详情信息: Landroid/content/Context;=wabao.ETWeb.MainActivity@41546368 | Ljava/lang/Class;=class android.bupdggswwraf.appoffer.CommonAOActivity
Landroid/content/Context;=wabao.ETWeb.MainActivity@41546368 | Ljava/lang/Class;=class android.bupdggswwraf.appoffer.CommonPActivity
Landroid/content/Context;=wabao.ETWeb.MainActivity@41546368 | Ljava/lang/Class;=class android.bupdggswwraf.CommonPService
行为描述: 获取已安装应用列表
详情信息: android
com.android.backupconfirm
com.android.bluetooth
com.android.browser
com.android.calculator2
com.android.calendar
com.android.certinstaller
com.android.contacts
com.android.defcontainer
com.android.deskclock
com.android.development
com.android.email
com.android.exchange
com.android.galaxy4
com.android.gallery3d
com.android.gesture.builder
com.android.htmlviewer
com.android.inputdevices
com.android.inputmethod.latin
com.android.inputmethod.pinyin
com.android.keychain
com.android.launcher
com.android.magicsmoke
com.android.mms
com.android.music
com.android.musicfx
com.android.musicvis
com.android.noisefield
com.android.packageinstaller
com.android.phasebeam
com.android.phone
com.android.providers.applications
com.android.providers.calendar
com.android.providers.contacts
com.android.providers.downloads
com.android.providers.downloads.ui
com.android.providers.drm
com.android.providers.media
com.android.providers.settings
com.android.providers.telephony
com.android.providers.userdictionary
com.android.provision
com.android.quicksearchbox
com.android.settings
com.android.sharedstoragebackup
com.android.smoketest
com.android.smoketest.tests
com.android.smspush
com.android.soundrecorder
com.android.speechrecorder
com.android.systemui
com.android.videoeditor
com.android.voicedialer
com.android.vpndialogs
com.android.wallpaper
com.android.wallpaper.holospiral
com.android.wallpaper.livepicker
com.android.widgetpreview
com.example.android.apis
com.example.android.livecubes
com.example.android.softkeyboard
com.svox.pico
jp.co.omronsoft.openwnn
wabao.ETWeb
行为描述: 获取设备ID
详情信息: 357242043237511
Activities
VirSCANVirSCAN
活动名 类型
.MainActivity android.intent.action.MAIN
.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
android/app/NotificationManager;->notify 信息通知栏
ContentResolver;->query 读取联系人、短信等数据库
HttpClient;->execute 请求远程服务器
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
LocationManager;->getLastKnownLocation 获取地址位置
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
DefaultHttpClient;->execute 发送HTTP请求
ContentResolver;->delete 删除短信、联系人
启动方式
VirSCANVirSCAN
名称 信息
android.bupdggswwraf.CommonInstallReceiver 应用安装时启动服务
android.bupdggswwraf.CommonInstallReceiver 应用卸载时启动服务
android.bupdggswwraf.CommonInstallReceiver 网络连接改变时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.WRITE_APN_SETTINGS 改写APN设置(如:cmwap)
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.INTERNET 连接网络(2G或3G)
com.android.browser.permission.READ_HISTORY_BOOKMARKS 读取浏览器书签
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS 写浏览器书签
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.READ_LOGS 读取系统日志
服务列表
VirSCANVirSCAN
名称
wabao.ETWeb.Service.ApnChangeServer
android.bupdggswwraf.CommonPService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xbfe9d675
META-INF/ETWAP.SF 0x5607e233
META-INF/ETWAP.RSA 0xff9f13b3
assets/help.html 0x81b60cf
assets/url.properties 0x676cc2be
res/drawable-hdpi/a0_bgtopbar_normal.png 0x5c75b57d
res/drawable-hdpi/a0_bgtopbar_press.png 0x1ced53b5
res/drawable-hdpi/a0_btnpopwindowedit_normal.png 0xc364895d
res/drawable-hdpi/android_ad_back.xml 0x8eb64404
res/drawable-hdpi/android_ad_bg.png 0x3626ca5a
res/drawable-hdpi/android_ad_blue_bt_selector.xml 0x8eb64404
res/drawable-hdpi/android_ad_bt.xml 0x68e85a1
res/drawable-hdpi/android_ad_button.xml 0x45b343ed
res/drawable-hdpi/android_ad_button2.xml 0x4b3ac31
res/drawable-hdpi/android_ad_button2_n.9.png 0x3d9fb6d7
res/drawable-hdpi/android_ad_button2_p.9.png 0x5d48c294
res/drawable-hdpi/android_ad_button_n.9.png 0xf6aacc
res/drawable-hdpi/android_ad_button_p.9.png 0x388a61a5
res/drawable-hdpi/android_ad_divider.png 0x53d39bec
res/drawable-hdpi/android_ad_free.png 0x85b20b3a
res/drawable-hdpi/android_ad_head_bg.9.png 0x50862103
res/drawable-hdpi/android_ad_hide.png 0xc124568c
res/drawable-hdpi/android_ad_loading.png 0x905b2cc5
res/drawable-hdpi/android_ad_progress.png 0xb1d3ce8d
res/drawable-hdpi/android_ad_progress_bg.9.png 0x9bbaee29
res/drawable-hdpi/android_ad_progressbitmap.png 0x9c4c5a2b
res/drawable-hdpi/android_ad_progressdrawable.xml 0x9848e9e7
res/drawable-hdpi/android_ad_push0 0x654e82a6
res/drawable-hdpi/android_ad_push1 0x6d7cf5a0
res/drawable-hdpi/android_ad_push2 0xd363b743
res/drawable-hdpi/android_ad_push3 0xa79d7ee8
res/drawable-hdpi/android_ad_scroll_bg.9.png 0xbfefa5b7
res/drawable-hdpi/apn_off.png 0xbd908872
res/drawable-hdpi/apn_on.png 0x77b191b3
res/drawable-hdpi/background.png 0xb9ab9103
res/drawable-hdpi/btn_normal.9.png 0x443b88f8
res/drawable-hdpi/btn_pressed.9.png 0x59d5f7f2
res/drawable-hdpi/button_drawable.xml 0x5aa7af2b
res/drawable-hdpi/buttonbg.xml 0xb2ec2c11
res/drawable-hdpi/guide.png 0x1b4405de
res/drawable-hdpi/help_img.png 0x481483de
res/drawable-hdpi/ic_menu_about.png 0xa264187a
res/drawable-hdpi/ic_menu_callback.png 0xc36700f9
res/drawable-hdpi/ic_menu_delete_ad.png 0xf973ffca
res/drawable-hdpi/ic_menu_help.png 0x94a1da0a
res/drawable-hdpi/ic_menu_point.png 0x4644a03
res/drawable-hdpi/ic_menu_settings.png 0x88421ab2
res/drawable-hdpi/ic_menu_update.png 0xb4124ea6
res/drawable-hdpi/icon.png 0x7f7089b5
res/drawable-hdpi/line.png 0x258ce33f
res/drawable-hdpi/net_on.png 0x2219144d
res/drawable-hdpi/net_wap_off.png 0x632baebf
res/drawable-hdpi/noad.png 0xd9802818
res/drawable-hdpi/old_umeng_analyse_write_feedback_normal.png 0x3ae69034
res/drawable-hdpi/old_umeng_analyse_write_feedback_pressed.png 0x157cf9b6
res/drawable-hdpi/recommend_normal.png 0xf9095fd2
res/drawable-hdpi/settings_title_background.9.png 0xeac92184
res/drawable-hdpi/spinner_background_normal.png 0x339d926b
res/drawable-hdpi/spinner_background_pressed.png 0xc2f00849
res/drawable-hdpi/spinner_drawable.xml 0x71180cdd
res/drawable-hdpi/umeng_analyse_blank_selector.xml 0x2363eea2
res/drawable-hdpi/umeng_analyse_bottom_banner.xml 0xff3ae220
res/drawable-hdpi/umeng_analyse_dev_bubble.9.png 0x8493510f
res/drawable-hdpi/umeng_analyse_feedback_bar_bg.9.png 0x382879f2
res/drawable-hdpi/umeng_analyse_feedback_list_item.9.png 0x1dd77523
res/drawable-hdpi/umeng_analyse_feedback_list_item_pressed.9.png 0xdcc0e0d
res/drawable-hdpi/umeng_analyse_feedback_list_item_selector.xml 0xfe1452f3
res/drawable-hdpi/umeng_analyse_gradient_green.xml 0xf20a5f8e
res/drawable-hdpi/umeng_analyse_gradient_orange.xml 0xb1318c6f
res/drawable-hdpi/umeng_analyse_gray_frame.xml 0x66be4391
res/drawable-hdpi/umeng_analyse_point_new.xml 0xbe6555ba
res/drawable-hdpi/umeng_analyse_point_normal.xml 0xdb9cc3ec
res/drawable-hdpi/umeng_analyse_see_list_normal.png 0x6d9ee2f3
res/drawable-hdpi/umeng_analyse_see_list_pressed.png 0x3ff6d161
res/drawable-hdpi/umeng_analyse_see_list_selector.xml 0x308f9d88
res/drawable-hdpi/umeng_analyse_submit_selector.xml 0x308e1654
res/drawable-hdpi/umeng_analyse_top_banner.xml 0xe6ffcfd6
res/drawable-hdpi/umeng_analyse_user_bubble.9.png 0x23cfe9b2
res/drawable-hdpi/umeng_analyse_write_feedback_normal.png 0xf3083af7
res/drawable-hdpi/umeng_analyse_write_feedback_pressed.png 0x10dae61
res/drawable-hdpi/umeng_analyse_write_feedback_selector.xml 0xb0b7845c
res/drawable-hdpi/wap_on.png 0x92a109da
res/drawable-ldpi/icon.png 0x7f7089b5
res/drawable-mdpi/btn_return.9.png 0x9033268b
res/drawable-mdpi/icon.png 0x7f7089b5
res/layout/about_layout.xml 0x31c9b19f
res/layout/android_ad_appoffer_item.xml 0xb855263
res/layout/android_ad_appoffer_layout.xml 0x2137aed0
res/layout/android_ad_push_layout.xml 0x3e14803c
res/layout/android_ad_push_recommend_item.xml 0x2d249608
res/layout/android_ad_recommend_item.xml 0x9f35dfb0
res/layout/android_ad_sign_item.xml 0xb3cf3d7f
res/layout/gprs_widget_layout.xml 0x2ec76a27
res/layout/main.xml 0x3d0822c5
res/layout/set_app_tishi_layout.xml 0xce3ed7d3
res/layout/settings_layout.xml 0x2baa68be
res/layout/sidebutton.xml 0x5b6b54d8
res/layout/umeng_analyse_download_notification.xml 0xa9bb793
res/layout/umeng_analyse_feedback_atom.xml 0x756dcc98
res/layout/umeng_analyse_feedback_conversation.xml 0x81fce811
res/layout/umeng_analyse_feedback_conversation_item.xml 0x60e98c69
res/layout/umeng_analyse_feedback_conversations.xml 0x8c716e60
res/layout/umeng_analyse_feedback_conversations_item.xml 0x2cc36826
res/layout/umeng_analyse_feedback_list_item.xml 0x51d008a9
res/layout/umeng_analyse_new_reply_alert_dialog.xml 0x580c19d2
res/layout/umeng_analyse_send_feedback.xml 0x1c9a352d
res/layout/web_layout.xml 0x3f637db2
res/xml/gprs_widget_provider.xml 0x62c7fde7
AndroidManifest.xml 0xb5ff8991
classes.dex 0x84fab0ac
resources.arsc 0xf802ae65
运行截图
VirSCANVirSCAN
VirSCAN