VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Scanner(s) (0/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-10-31 14:21:47 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.182.106 Found nothing 15
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Found nothing 1
avast 141030-1 4.7.4 2014-10-30 Found nothing 28
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57450 7.90123 2014-10-31 Found nothing 6
clamav 19554 0.97.5 2014-10-30 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 39
fortinet Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-10-30 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 6
gdata 24.3819 24.3819 2014-08-29 Found nothing 7
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-10-30 Found nothing 14
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 14
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 21
kingsoft 2.1 2.1 2013-09-22 Found nothing 5
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 3
pcc 11.242.06 9.500-1005 2014-10-29 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-10-31 Found nothing 1
quickheal 14.00 14.00 2014-06-14 Found nothing 2
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 2
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 2
symantec 20141028.001 1.3.0.24 2014-10-28 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-10-30 Found nothing 4
virusbuster 15.0.952.0 5.5.2.13 2014-10-28 Found nothing 14
权限列表
许可名称 信息
com.android.vending.BILLING
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.VIBRATE 允许设备震动
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CALL_PHONE 拨打电话
文件信息
VirSCANVirSCAN
安全评分 :73
基本信息
VirSCANVirSCAN
MD5:9a7f69ff8311c9a2ce401598139942ff
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.schiztech.swapps
最低运行环境:Android 2.3, 2.3.1, 2.3.2
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,AE06F0938B33419DAAC29EDA91E1E62E]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
行为描述: 按名称获取主机地址
详情信息: api.opencandy.com
进程行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,AE06F0938B33419DAAC29EDA91E1E62E]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
行为描述: 按名称获取主机地址
详情信息: api.opencandy.com
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: 7446776DCC004E3A94B39A89EAE1B097
85426876-4F81-491C-848D-C7BA755E6DFA
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-R7UFS.tmp\sample.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-ITV5S.tmp\_isetup\_shfoldr.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-ITV5S.tmp\OCSetupHlp.dll
行为描述: 修改文件内容
详情信息: C:\WINDOWS\system32\wbem\Logs\wbemprox.log---> Offset = 0
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
网络行为
VirSCANVirSCAN
行为描述: 建立到一个指定的套接字连接
详情信息: 127.0.0.1:1040
127.0.0.1:1041
127.0.0.1:1042
127.0.0.1:1043
127.0.0.1:1044
127.0.0.1:1045
127.0.0.1:1046
127.0.0.1:1047
127.0.0.1:1048
127.0.0.1:1049
127.0.0.1:1050
127.0.0.1:1051
127.0.0.1:1052
127.0.0.1:1053
127.0.0.1:1054
行为描述: 按名称获取主机地址
详情信息: api.opencandy.com
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\X\BaseClass
行为描述: 删除注册表键值
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: DEFINED_LoadSDKDLL
CRemoteProcApiCalls::m_bShowLoadingScreen
CRemoteProcApiCalls::m_nMaxLoadingScreenOffers
Global\426F00E8-A1B3-4EB2-8FF8-0950920F5D6E
SHIMLIB_LOG_MUTEX
CSDKApi::m_bSkipAllOffersTriggered
CSDKApi::m_bDeclineOfferTriggered
CSDKApi::m_bShowSkipAllButton
CSDKApi::m_bShowDeclineButton
Global\223CEB62-A2BC-4E33-BA9B-FCAC6DAAB1BE
m_wndDummyAPIMsgWindow
CTrackingCalls::m_bIsRunningFromReboot
CSDKApi::GetTimeMSFromStartup
CSDKApi::DevModeMessage
CSDKApi::m_strClientSessionID
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,AE06F0938B33419DAAC29EDA91E1E62E]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [AE06F0938B33419DAAC29EDA91E1E62E,]
NtUserFindWindowEx: [Class,Window] = [995D92B2-4ED9-43A7-9338-8CC7D1746F96,]
行为描述: 窗口信息
详情信息: Pid = 772, Hwnd=0xb015e, Text = Welcome to the Batch Compiler Setup Wizard , ClassName = TNewStaticText.
Pid = 772, Hwnd=0xc017a, Text = This will install Batch Compiler version 15.4 on your computer. It is recommended that you close all other applications before, ClassName = TNewStaticText.
Pid = 772, Hwnd=0xb0170, Text = A. Batch Compiler?End User License Agreement (EULA) B. OpenCandy End User License Agreement (EULA) ============================, ClassName = TRichEditViewer.
Pid = 772, Hwnd=0xd01ac, Text = ========================== What is Batch Compiler?? ========================== Batch Compiler?is an intergrated scripting en, ClassName = TRichEditViewer.
Pid = 772, Hwnd=0xb018c, Text = C:\Program Files\Batch Compiler, ClassName = TEdit.
Pid = 772, Hwnd=0xb0200, Text = &Next >, ClassName = TNewButton.
Pid = 772, Hwnd=0xc01a6, Text = Cancel, ClassName = TNewButton.
Pid = 772, Hwnd=0xd01c2, Text = Setup - Batch Compiler, ClassName = TWizardForm.
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
异常崩溃
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: DEFINED_LoadSDKDLL
CRemoteProcApiCalls::m_bShowLoadingScreen
CRemoteProcApiCalls::m_nMaxLoadingScreenOffers
Global\426F00E8-A1B3-4EB2-8FF8-0950920F5D6E
SHIMLIB_LOG_MUTEX
CSDKApi::m_bSkipAllOffersTriggered
CSDKApi::m_bDeclineOfferTriggered
CSDKApi::m_bShowSkipAllButton
CSDKApi::m_bShowDeclineButton
Global\223CEB62-A2BC-4E33-BA9B-FCAC6DAAB1BE
m_wndDummyAPIMsgWindow
CTrackingCalls::m_bIsRunningFromReboot
CSDKApi::GetTimeMSFromStartup
CSDKApi::DevModeMessage
CSDKApi::m_strClientSessionID
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,AE06F0938B33419DAAC29EDA91E1E62E]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [AE06F0938B33419DAAC29EDA91E1E62E,]
NtUserFindWindowEx: [Class,Window] = [995D92B2-4ED9-43A7-9338-8CC7D1746F96,]
行为描述: 窗口信息
详情信息: Pid = 772, Hwnd=0xb015e, Text = Welcome to the Batch Compiler Setup Wizard , ClassName = TNewStaticText.
Pid = 772, Hwnd=0xc017a, Text = This will install Batch Compiler version 15.4 on your computer. It is recommended that you close all other applications before, ClassName = TNewStaticText.
Pid = 772, Hwnd=0xb0170, Text = A. Batch Compiler?End User License Agreement (EULA) B. OpenCandy End User License Agreement (EULA) ============================, ClassName = TRichEditViewer.
Pid = 772, Hwnd=0xd01ac, Text = ========================== What is Batch Compiler?? ========================== Batch Compiler?is an intergrated scripting en, ClassName = TRichEditViewer.
Pid = 772, Hwnd=0xb018c, Text = C:\Program Files\Batch Compiler, ClassName = TEdit.
Pid = 772, Hwnd=0xb0200, Text = &Next >, ClassName = TNewButton.
Pid = 772, Hwnd=0xc01a6, Text = Cancel, ClassName = TNewButton.
Pid = 772, Hwnd=0xd01c2, Text = Setup - Batch Compiler, ClassName = TWizardForm.
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
动态列表行为
VirSCANVirSCAN
行为描述: 传递附加信息
详情信息: Ljava/lang/String;=MESSENGER | Landroid/os/Parcelable;=android.os.Messenger@4153bdb8
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.appbrain.AppBrainService
com.schiztech.swapps.SwappsService
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/dev/urandom length:16
path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/854/cmdline length:105
path:/data/data/com.schiztech.swapps/files/com.appbrain.ping length:105
path:/proc/904/cmdline length:105
path:/proc/906/cmdline length:105
行为描述: 对指定数据计算哈希
详情信息: 00 4a 00 02 00 75 00 70 00 52 ff ff ff 81 00 02 00 0a ff ff ff fc 00 01 00 08 ff ff ff ed ff ff ff b2 00 23 00 10 ff ff ff 99 ff ff ff c0 ff ff ff 96 ff ff ff 90 ff ff ff db 00 28 00 1a 00 10 00 64 00 33 00 38 00 39 00 34 00 35 00 32 00 39 00 61 00 63 00 35 00 61 00 31 00 34 00 65 00 63 00 22 00 14 00 63 00 6f 00 6d 00 2e 00 73 00 63 00 68 00 69 00 7a 00 74 00 65 00 63 00 68 00 2e 00 73 00 77 00 61 00 70 00 70 00 73 00 2a 00 02 00 33 00 34 00 32 00 02 00 65 00 6e 00 3a 00 05 00 34 00 2e 00 31 00 2e 00 31 00 42 00 0b 00 74 00 59 00 70 00 75 00 7a 00 30 00 54 00 75 00 4f 00 49 00 63 00 4a 00 06 00 31 00 5a 00 36 00 4e 00 68 00 77 00 50 ff ff ff 8a ff ff ff 8c ff ff ff 83 ff ff ff 9b 00 05 00 58 00 40 00 72 00 02 00 75 00 73 00 7a 00 02 00 75 00 73 ff ff ff 82 00 01 00 0f 00 41 00 6e 00 64 00 72 00 6f 00 69 00 64 00 20 00 67 00 65 00 6e 00 65 00 72 00 69 00 63 ff ff ff a2 00 01 00 07 00 75 00 6e 00 6b 00 6e 00 6f 00 77 00 6e ff ff ff aa 00 01 00 18 00 46 00 75 00 6c 00 6c 00 20 00 41 00 6e 00 64 00 72 00 6f 00 69 00 64 00 20 00 6f 00 6e 00 20 00 45 00 6d 00 75 00 6c 00 61 00 74 00 6f 00 72 ff ff ff b2 00 01 00 04 00 66 00 75 00 6c 00 6c ff ff ff b8 00 01 00 45 ff ff ff d0 00 01 00 00 ff ff ff d8 00 01 00 01 ff ff ff e0 00 01 ff ff ff f6 ff ff ff 8b ff ff ff 83 ff ff ff 9b 00 05 ff ff ff e8 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 01 ff ff ff f0 00 01 ff ff ff 8c ff ff ff c1 00 0b ff ff ff f8 00 01 ff ff ff c0 00 02 ff ff ff 80 00 02 00 01 ff ff ff 88 00 02 00 00 ff ff ff 90 00 02 00 00 ff ff ff 98 00 02 00 00 ff ff ff a2 00 02 00 06 00 33 00 31 00 30 00 32 00 36 00 30 ff ff ff a8 00 02 ff ff ff 80 00 03 ff ff ff ba 00 02 00 02 00 05 00 00 ff ff ff c2 00 02 00 01 00 00 ff ff ff c8 00 02 00 00 ff ff ff d0 00 02 00 10 ff ff ff d8 00 02 ff ff ff 80 ff ff ff 8c ff ff ff 83 ff ff ff 9b 00 05 ff ff ff fa 00 02 00 00 00 20 00 01
00 4a 00 02 00 75 00 70 00 52 ff ff ff 81 00 02 00 0a ff ff ff fc 00 01 00 08 ff ff ff a6 ff ff ff 8a 00 27 00 10 ff ff ff d2 ff ff ff 97 ff ff ff 9a ff ff ff 90 ff ff ff db 00 28 00 1a 00 10 00 64 00 33 00 38 00 39 00 34 00 35 00 32 00 39 00 61 00 63 00 35 00 61 00 31 00 34 00 65 00 63 00 22 00 14 00 63 00 6f 00 6d 00 2e 00 73 00 63 00 68 00 69 00 7a 00 74 00 65 00 63 00 68 00 2e 00 73 00 77 00 61 00 70 00 70 00 73 00 2a 00 02 00 33 00 34 00 32 00 02 00 65 00 6e 00 3a 00 05 00 34 00 2e 00 31 00 2e 00 31 00 42 00 0b 00 74 00 59 00 70 00 75 00 7a 00 30 00 54 00 75 00 4f 00 49 00 63 00 4a 00 06 00 31 00 5a 00 36 00 4e 00 68 00 77 00 50 ff ff ff 8a ff ff ff 8c ff ff ff 83 ff ff ff 9b 00 05 00 58 00 40 00 72 00 02 00 75 00 73 00 7a 00 02 00 75 00 73 ff ff ff 82 00 01 00 0f 00 41 00 6e 00 64 00 72 00 6f 00 69 00 64 00 20 00 67 00 65 00 6e 00 65 00 72 00 69 00 63 ff ff ff a2 00 01 00 07 00 75 00 6e 00 6b 00 6e 00 6f 00 77 00 6e ff ff ff aa 00 01 00 18 00 46 00 75 00 6c 00 6c 00 20 00 41 00 6e 00 64 00 72 00 6f 00 69 00 64 00 20 00 6f 00 6e 00 20 00 45 00 6d 00 75 00 6c 00 61 00 74 00 6f 00 72 ff ff ff b2 00 01 00 04 00 66 00 75 00 6c 00 6c ff ff ff b8 00 01 00 45 ff ff ff d0 00 01 00 00 ff ff ff d8 00 01 00 01 ff ff ff e0 00 01 ff ff ff f6 ff ff ff 8b ff ff ff 83 ff ff ff 9b 00 05 ff ff ff e8 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 01 ff ff ff f0 00 01 ff ff ff 8c ff ff ff c1 00 0b ff ff ff f8 00 01 ff ff ff c0 00 02 ff ff ff 80 00 02 00 01 ff ff ff 88 00 02 00 00 ff ff ff 90 00 02 00 00 ff ff ff 98 00 02 00 00 ff ff ff a2 00 02 00 06 00 33 00 31 00 30 00 32 00 36 00 30 ff ff ff a8 00 02 ff ff ff 80 00 03 ff ff ff ba 00 02 00 02 00 05 00 00 ff ff ff c2 00 02 00 01 00 00 ff ff ff c8 00 02 00 00 ff ff ff d0 00 02 00 10 ff ff ff d8 00 02 ff ff ff 80 ff ff ff 8c ff ff ff 83 ff ff ff 9b 00 05 ff ff ff fa 00 02 00 00 00 20 00 01
行为描述: 访问URL
详情信息: libcore.net.http.HttpsURLConnectionImpl$HttpUrlConnectionDelegate:https://ws.bast.io/a/1.0/s/538C9B1C7F79463FAF7E4C5D9958F7
行为描述: 数据加密
详情信息: {u'operation': u'keyalgo', u'algorithm': u'AES', u'key': u'70, 75, 118, 66, 70, 102, 57, 109, 98, 83, 119, 98, 117, 83, 114, 112'}
{u'operation': u'encryption', u'data': u'0.2', u'algorithm': u'AES/ECB/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'2a391518-6829-41fa-9f2b-bab0177a89e4', u'algorithm': u'AES/ECB/PKCS5Padding'}
{u'operation': u'encryption', u'data': u'1398851072108', u'algorithm': u'AES/ECB/PKCS5Padding'}
{u'operation': u'decryption', u'data': u'33rM', u'algorithm': u'AES/ECB/PKCS5Padding'}
{u'operation': u'keyalgo', u'algorithm': u'AES', u'key': u'119, 103, 72, 68, 51, 51, 114, 77, 49, 104, 88, 120, 117, 76, 77, 111'}
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.schiztech.swapps-1.apk
行为描述: 调用哈希算法
详情信息: MD5
SHA-1
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.schiztech.swapps/shared_prefs/bastion_kv.xml length:105
path:/data/data/com.schiztech.swapps/shared_prefs/bastion_kv.xml length:105
path:/data/data/com.schiztech.swapps/shared_prefs/ab_sdk_pref.xml length:105
path:/data/data/com.schiztech.swapps/files/com.appbrain.ping length:7
path:/data/data/com.schiztech.swapps/shared_prefs/com.schiztech.swapps.appirater.xml length:105
path:/data/data/com.schiztech.swapps/shared_prefs/ab_sdk_pref.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.schiztech.swapps/shared_prefs/com.schiztech.swapps_preferences.xml length:105
行为描述: 初始化Intent
详情信息: Landroid/content/Context;=android.app.Application@41544698 | Ljava/lang/Class;=class com.appbrain.AppBrainService
Landroid/content/Context;=com.schiztech.swapps.SettingsActivity@41545070 | Ljava/lang/Class;=class com.schiztech.swapps.SwappsService
Ljava/lang/String;=com.bastionsdk.android.executor.finished
Landroid/content/Context;=com.schiztech.swapps.SwappsService@41606428 | Ljava/lang/Class;=class com.schiztech.swapps.SettingsActivity
Landroid/content/Intent;=Intent { flg=0x10000000 cmp=com.schiztech.swapps/.SettingsActivity }
Ljava/lang/String;=android.intent.action.MAIN | Landroid/net/Uri;=null
Activities
VirSCANVirSCAN
活动名 类型
com.schiztech.swapps.SettingsActivity android.intent.action.MAIN
com.schiztech.swapps.SettingsActivity android.intent.category.LAUNCHER
com.schiztech.swapps.AppBrainInitiatorActivity .activities.AppBrainActivity
com.schiztech.swapps.AppBrainInitiatorActivity android.intent.category.DEFAULT
com.schiztech.swapps.CreditsActivity .activities.CreditsActivity
com.schiztech.swapps.CreditsActivity android.intent.category.DEFAULT
com.schiztech.swapps.UnlockActivity .activities.DonateAction
com.schiztech.swapps.UnlockActivity android.intent.category.DEFAULT
com.schiztech.swapps.CoffeeActivity .activities.CoffeeAction
com.schiztech.swapps.CoffeeActivity android.intent.category.DEFAULT
com.schiztech.swapps.AppearenceSettingsActivity .activities.AppearenceSettingsActivity
com.schiztech.swapps.AppearenceSettingsActivity android.intent.category.DEFAULT
com.schiztech.swapps.GeneralSettingsActivity .activities.GeneralSettingsActivity
com.schiztech.swapps.GeneralSettingsActivity android.intent.category.DEFAULT
com.schiztech.swapps.ActiveSpotSettingsActivity .activities.ActiveSpotSettingsActivity
com.schiztech.swapps.ActiveSpotSettingsActivity android.intent.category.DEFAULT
com.schiztech.swapps.HiddenAppsActivity .activities.HiddenAppsActivity
com.schiztech.swapps.HiddenAppsActivity android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
android/app/NotificationManager;->notify 信息通知栏
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getSimSerialNumber 获取SIM序列号
ActivityManager;->killBackgroundProcesses 中断进程,可用于关闭杀软
启动方式
VirSCANVirSCAN
名称 信息
com.schiztech.swapps.ServiceStarter 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
com.android.vending.BILLING
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.VIBRATE 允许设备震动
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.CALL_PHONE 拨打电话
服务列表
VirSCANVirSCAN
名称
com.schiztech.swapps.SwappsService
com.appbrain.AppBrainService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0xa4bbb730
META-INF/CERT.SF 0xaf02e10
META-INF/CERT.RSA 0xd1e26a6d
res/drawable/ic_apps.png 0x331c0936
res/xml/pref_text_customization.xml 0xf2bc861f
res/xml/pref_active_spot.xml 0x9139b9af
res/anim/grow_from_top.xml 0x4b001222
res/drawable-hdpi/ic_market.png 0x2946febd
res/drawable/ic_shortcut.png 0xeb6be758
res/anim/shrink_from_topleft_to_bottomright.xml 0x5818849e
res/drawable-hdpi-v11/ic_notif.PNG 0xec9464fd
res/drawable-hdpi/ic_promotion.png 0x7b387777
res/drawable/trans.png 0x314a3aa
res/drawable/arrow_up.png 0x354eca5e
res/drawable/action_item_selected.9.png 0x72fc33cd
res/drawable-hdpi/ic_thumbup.png 0x3293996e
res/anim/grow_from_bottom.xml 0x2b45a0fb
res/layout-land/dialog_color_picker.xml 0xabddd57
res/layout/overlay.xml 0xbefc4466
res/anim/shrink_from_topright_to_bottomleft.xml 0xe89af743
res/drawable/popup.9.png 0xdf6cc436
res/layout/activity_starred_reorder.xml 0xe203ff80
res/menu/activity_selection.xml 0xf5441e48
res/layout/popup_vertical.xml 0x4def2ad9
res/anim/pump_top.xml 0x393a29e5
res/drawable-hdpi/ic_star.png 0x85cf19e5
res/layout/list_item_handle_left.xml 0x36cf58bb
res/drawable-hdpi/ic_launcher.png 0xd87767c
res/drawable-mdpi-v11/ic_notif.PNG 0x3c501361
res/anim/shrink_from_bottom.xml 0x6d14c255
res/anim/shrink_from_top.xml 0xd51708c
res/xml/pref_customization.xml 0x3259034f
res/anim/grow_from_topleft_to_bottomright.xml 0xaecb95ed
resources.arsc 0x8232b220
res/drawable-hdpi/ic_group.png 0xd7827cfd
res/drawable/menu_search.png 0xe2818e8a
res/menu/activity_hidden_apps.xml 0xf5441e48
res/menu/starred_reorder.xml 0xefdf6c1
res/layout/item_hiddenapp.xml 0x4a4bff6f
AndroidManifest.xml 0x86f30f8a
res/layout/pad_actionbar.xml 0xe166f514
res/xml/pref_general.xml 0x2c7f21f9
res/xml/pref_main.xml 0x1105ebb4
res/drawable/menu_cancel.png 0xbc8e959f
res/anim/grow_from_bottomright_to_topleft.xml 0x9b0d95c1
res/drawable-mdpi/ic_notif.png 0x55d92714
classes.dex 0x51c14ba
res/layout/activity_purchase.xml 0x6871a6c
res/layout/swapps_pad.xml 0x51bbf482
res/layout/action_item_vertical.xml 0x9068f943
res/drawable-hdpi/ic_appearance.png 0xf35ab423
res/drawable/icon.png 0x8ef78580
res/anim/grow_from_topright_to_bottomleft.xml 0x1e49e630
res/layout/activity_app_selection.xml 0x4bf541b8
res/drawable/container_dropshadow_left.xml 0x16f46223
res/drawable/container_dropshadow_right.xml 0xafd8159c
res/layout/activity_hidden_apps.xml 0xfb901cb3
res/layout/list_header_row.xml 0x26f1def5
res/drawable-xhdpi/ic_launcher.png 0x99e6351c
res/drawable-hdpi/ic_details.png 0xff6591e
res/anim/grow_from_bottomleft_to_topright.xml 0x2b8fe61c
res/layout/widget_display.xml 0xfadb248c
res/drawable-hdpi/ic_facebook.png 0x88e33c62
res/anim/disappear.xml 0x2ac7a374
res/xml/pref_pad_customization.xml 0x183c6645
res/drawable-ldpi/icon.png 0x8ef78580
res/drawable/ic_widget.png 0x21e4e512
res/drawable-mdpi/icon.png 0x99a4f90b
res/anim/pump_bottom.xml 0x597f9b3c
res/drawable/bg_handle.xml 0xa8ed4ab4
res/menu/activity_sction_bar_settings.xml 0xf5441e48
res/drawable-hdpi/ic_notif.png 0xf0031886
res/drawable/arrow_down.png 0x38493935
res/menu/activity_general_settings.xml 0xf5441e48
res/xml/settings.xml 0xe52a3bcd
res/layout/appirater.xml 0x280b3da1
res/xml/pref_love_swapps.xml 0xdb7977e3
res/layout/main.xml 0xa4a82a1b
res/drawable/action_item_btn.xml 0x9cfe563b
res/drawable/ic_folder.png 0x1da05087
res/layout/horiz_separator.xml 0xb1f59f7
res/xml/pref_headers.xml 0x119683c4
res/drawable-hdpi/ic_gear.png 0x1bd2be1b
res/drawable/list_item_selector.xml 0x534c9202
res/drawable/menu_ok.png 0xadf016ce
res/drawable/menu_down_arrow.png 0x861ad995
res/drawable/menu_up_arrow.png 0x91e51e06
res/drawable/button_appirator.xml 0xaaba2893
res/anim/rail.xml 0x10146682
res/drawable-hdpi/ic_twitter.png 0xe7fee5d3
res/layout/action_item_horizontal.xml 0xec212755
res/menu/activity_key_support.xml 0xf5441e48
res/anim/shrink_from_bottomleft_to_topright.xml 0x385d3647
res/xml/pref_unlock.xml 0xc582bcca
res/drawable/drag.9.png 0xbb9f5ac5
res/drawable-xhdpi/ic_notif.PNG 0x9063aba7
res/drawable/menu_eraser.png 0x98417428
res/layout/list_item_row.xml 0x5a683b8e
res/drawable-hdpi/ic_globe.png 0x9b17b4bd
res/anim/shrink_from_bottomright_to_topleft.xml 0x88df459a
res/xml/pref_general_sections.xml 0x47d47d00
res/drawable-hdpi/ic_email.png 0x53ed16f9
res/layout/activity_credits.xml 0xa793f55a
res/layout/activity_sction_bar_settings.xml 0x9916468f
res/layout/dialog_color_picker.xml 0x93c2caad
res/xml/pref_schiztech.xml 0xdf3caa66
res/drawable/menu_info.png 0x941bfed8
res/drawable-mdpi/ic_launcher.png 0x8d1bbf77
res/layout/appbrain_layout.xml 0x3357da2a
res/drawable-hdpi/ic_coffee.png 0x660bc386
res/drawable-hdpi/ic_key.png 0x8034ce1f
res/xml/pref_more.xml 0x1ce9991b
res/layout/popup_horizontal.xml 0xa910cbc9
res/layout/activity_selection.xml 0xda64e0b0
res/drawable-hdpi/icon.png 0x3c13576b
运行截图
VirSCANVirSCAN
VirSCAN