VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-09-28 02:12:25 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.3625 25.3625 2015-09-27 Found nothing 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 47
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Found nothing 41
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 10
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Found nothing 3
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 3
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 13
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.VIBRATE 允许设备震动
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:7b015a0065c589c0a31465f783a8132c
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.jrummy.busybox.installer
最低运行环境:Android 1.6
版权:JRummy Apps
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.AFH..CNBHH
MSCTF.MarshalInterface.FileMap.AFH.B.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.C.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.D.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.E.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.F.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.G.COBHH
MSCTF.Shared.SFM.AFH
MSCTF.MarshalInterface.FileMap.AFH.H.APFLH
MSCTF.MarshalInterface.FileMap.AFH.I.APFLH
MSCTF.MarshalInterface.FileMap.AFH.J.APFLH
MSCTF.MarshalInterface.FileMap.AFH.K.APFLH
MSCTF.MarshalInterface.FileMap.AFH.L.APFLH
MSCTF.MarshalInterface.FileMap.AFH.M.APFLH
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202a2, Text = Game Trainer by www.CheatPain.com, ClassName = TApplication.
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378136.975761.exe_7zdump\backgrounds
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [One Piece Pirate Warriors 3 +22 CODEX 1.01.0 cheatpain.com (147 FPS),TTrainer]
进程行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.AFH..CNBHH
MSCTF.MarshalInterface.FileMap.AFH.B.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.C.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.D.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.E.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.F.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.G.COBHH
MSCTF.Shared.SFM.AFH
MSCTF.MarshalInterface.FileMap.AFH.H.APFLH
MSCTF.MarshalInterface.FileMap.AFH.I.APFLH
MSCTF.MarshalInterface.FileMap.AFH.J.APFLH
MSCTF.MarshalInterface.FileMap.AFH.K.APFLH
MSCTF.MarshalInterface.FileMap.AFH.L.APFLH
MSCTF.MarshalInterface.FileMap.AFH.M.APFLH
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202a2, Text = Game Trainer by www.CheatPain.com, ClassName = TApplication.
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378136.975761.exe_7zdump\backgrounds
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [One Piece Pirate Warriors 3 +22 CODEX 1.01.0 cheatpain.com (147 FPS),TTrainer]
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.AFH..CNBHH
MSCTF.MarshalInterface.FileMap.AFH.B.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.C.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.D.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.E.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.F.CNBHH
MSCTF.MarshalInterface.FileMap.AFH.G.COBHH
MSCTF.Shared.SFM.AFH
MSCTF.MarshalInterface.FileMap.AFH.H.APFLH
MSCTF.MarshalInterface.FileMap.AFH.I.APFLH
MSCTF.MarshalInterface.FileMap.AFH.J.APFLH
MSCTF.MarshalInterface.FileMap.AFH.K.APFLH
MSCTF.MarshalInterface.FileMap.AFH.L.APFLH
MSCTF.MarshalInterface.FileMap.AFH.M.APFLH
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378136.833024.exe_7zdump\dll\CheatPain.dll
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378136.836544.exe_7zdump\win32\dbghelp.dll
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.052796.exe_7zdump\backgrounds\game.bmp---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.056328.exe_7zdump\sounds\Trainer_Activated.wav---> Offset = 0
C:\WINDOWS\Trainer\on.wav---> Offset = 0
C:\WINDOWS\Trainer\off.wav---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.066811.exe_7zdump\CheatPainConfig.ini---> Offset = 24
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.070348.exe_7zdump\CheatPainConfig.ini---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.073869.exe_7zdump\CheatPainConfig.ini---> Offset = 143
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.077406.exe_7zdump\CheatPainConfig.ini---> Offset = 182
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.080928.exe_7zdump\CheatPainConfig.ini---> Offset = 202
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.084473.exe_7zdump\CheatPainConfig.ini---> Offset = 240
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.088004.exe_7zdump\CheatPainConfig.ini---> Offset = 66
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.091550.exe_7zdump\CheatPainConfig.ini---> Offset = 285
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.095078.exe_7zdump\CheatPainConfig.ini---> Offset = 295
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.098624.exe_7zdump\CheatPainConfig.ini---> Offset = 306
C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.102154.exe_7zdump\CheatPainConfig.ini---> Offset = 318
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378136.975761.exe_7zdump\backgrounds
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.151495.exe_7zdump\aspr_keys.ini
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.155071.exe_7zdump\CPGameTrainer.exe
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.176379.exe_7zdump
FileName = c:\Skins\Garnet (internal).asz
FileName = c:\Skins\Garnet (internal)\Options.dat
FileName = .\backgrounds\*
FileName = C:\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.194058.exe_7zdump\sounds
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\1443378137.197639.exe_7zdump\sounds\*.*
FileName = C:\WINDOWS\Trainer
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.AFH
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [One Piece Pirate Warriors 3 +22 CODEX 1.01.0 cheatpain.com (147 FPS),TTrainer]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [,chr($64)+chr($65)+chr($64)+chr($65)]
NtUserFindWindowEx: [Class,Window] = [,ProcDump32 (C) 1998, 1999, 2000 G-RoM, Lorian & Stone]
NtUserFindWindowEx: [Class,Window] = [,Cheat Engine 5.5]
NtUserFindWindowEx: [Class,Window] = [,Cheat Engine 5.6.1]
NtUserFindWindowEx: [Class,Window] = [,Cheat Engine 6.0]
NtUserFindWindowEx: [Class,Window] = [,Cheat Engine 6.1]
NtUserFindWindowEx: [Class,Window] = [,Cheat Engine 6.2]
NtUserFindWindowEx: [Class,Window] = [,Cheat Engine 6.3]
NtUserFindWindowEx: [Class,Window] = [,Cheat Engine 6.4]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MS_WINHELP,]
行为描述: 窗口信息
详情信息: Pid = 416, Hwnd=0x202ae, Text = &No, ClassName = TButton.
Pid = 416, Hwnd=0x202b0, Text = &Yes, ClassName = TButton.
Pid = 416, Hwnd=0x302b8, Text = Confirm, ClassName = TMessageForm.
Pid = 416, Hwnd=0x202c8, Text = ComboBox1, ClassName = TComboBox.
Pid = 416, Hwnd=0x202c6, Text = ComboBox1, ClassName = Edit.
Pid = 416, Hwnd=0x302ae, Text = panel, ClassName = TPanel.
Pid = 416, Hwnd=0x202c2, Text = One Piece Pirate Warriors 3 +22 CODEX 1.01.0 cheatpain.com (153 FPS), ClassName = TTrainer.
Pid = 416, Hwnd=0x202c2, Text = One Piece Pirate Warriors 3 +22 CODEX 1.01.0 cheatpain.com (150 FPS), ClassName = TTrainer.
Pid = 416, Hwnd=0x202c2, Text = One Piece Pirate Warriors 3 +22 CODEX 1.01.0 cheatpain.com (160 FPS), ClassName = TTrainer.
Pid = 416, Hwnd=0x202c2, Text = One Piece Pirate Warriors 3 +22 CODEX 1.01.0 cheatpain.com (147 FPS), ClassName = TTrainer.
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
SE_DEBUG_PRIVILEGE
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202a2, Text = Game Trainer by www.CheatPain.com, ClassName = TApplication.
行为描述: 枚举窗口
详情信息: N/A
行为描述: 打开图片文件
详情信息: \Documents and Settings\Administrator\Local Settings\%temp%\1443378137.017827.exe_7zdump\backgrounds\game.bmp
危险行为
VirSCANVirSCAN
行为描述: 执行系统命令
详情信息: [u'su']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
动态列表行为
VirSCANVirSCAN
行为描述: 缓冲区读取一行数据
详情信息: rootfs / rootfs rw 0 0
tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
devpts /dev/pts devpts rw,mode=600 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
none /acct cgroup rw,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,cpu 0 0
/dev/block/mtdblock0 /system yaffs2 rw 0 0
rootfs / rootfs rw 0 0
tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
devpts /dev/pts devpts rw,mode=600 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
none /acct cgroup rw,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,cpu 0 0
/dev/block/mtdblock0 /system yaffs2 rw 0 0
行为描述: 读取文件
详情信息: path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:unknown length:6
path:/proc/mounts length:69
path:/data/data/com.jrummy.busybox.installer/shared_prefs/com.jrummy.busybox.installer_preferences.xml length:261
行为描述: 启动服务
详情信息: {"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.jrummy.busybox.installer\/com.jrummy.busybox.installer.service.BootService}"}
行为描述: 初始化URL
详情信息: [u'http://jrummy16.com/jrummy/busyboxinstaller/ads.js']
[u'http://jrummy16.com/jrummy/misc/busybox/busybox.js']
[u'http://jrummy16.com/jrummy/misc/scripts/scripts.js']
行为描述: 执行系统命令
详情信息: [u'su']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
[u'sh']
行为描述: 获取root权限
详情信息: su
行为描述: 数据库查询
详情信息: [u'scripts', u'[_id, name, commands, last_runtime, set_on_boot]', u'null', u'null', u'null', u'null', u'null']
[u'scripts', u'[_id, name, commands, last_runtime, set_on_boot]', u'null', u'null', u'null', u'null', u'null']
[u'scripts', u'[_id, name, commands, last_runtime, set_on_boot]', u'null', u'null', u'null', u'null', u'null']
行为描述: 窗口信息
详情信息: {"text": "Welcome!", "class": "android.widget.TextView"}
{"text": "Welcome to Busybox Installer!
Busybox Installer is the fastest and easiest way to install the latest version of busybox.
Please consider helping development by getting the pro version today.", "class": "android.widget.TextView"}
{"text": "Continue", "class": "android.widget.Button"}
{"text": "Go Pro", "class": "android.widget.Button"}
行为描述: 读取URL数据
详情信息: []
[]
[]
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414fb278', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x103028f}', u'android.view.CompatibilityInfoHolder@414afac0']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414f5330', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#8020002 pfl=0x8 fmt=-2 wanim=0x1030290}', u'android.view.CompatibilityInfoHolder@414afac0']
行为描述: 初始化Intent
详情信息: [u'android.app.Application@41519d68', u'class com.jrummy.busybox.installer.service.NewsReceiver']
[u'android.os.Parcel@414ad1e8']
[u'android.app.Application@41519d68', u'class com.jrummy.busybox.installer.service.UpdateReceiver']
[u'android.os.Parcel@414ad1a8']
[u'android.app.ReceiverRestrictedContext@41676ab0', u'class com.jrummy.busybox.installer.service.NewsReceiver']
[u'android.app.ReceiverRestrictedContext@41676ab0', u'class com.jrummy.busybox.installer.service.BootService']
[u'android.os.Parcel@414ad1a8']
[u'android.app.Application@41519d68', u'class com.jrummy.busybox.installer.service.UpdateReceiver']
[u'android.os.Parcel@414adfa8']
行为描述: 调用Intent的setAction
详情信息: [u'com.jrummy.busybox.installer.UPDATE_CHECKER']
[u'com.jrummy.busybox.installer.UPDATE_CHECKER']
行为描述: 获取网络状态信息[*]
详情信息: [NetworkInfo: type: mobile[UMTS], state: DISCONNECTED/DISCONNECTED, reason: dataDisabled, extra: epc.tmobile.com, roaming: false, failover: false, isAvailable: true, NetworkInfo: type: wifi[], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: false, NetworkInfo: type: mobile_mms[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_supl[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_hipri[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_fota[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_ims[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_cbs[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: wifi_p2p[], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: false]
[NetworkInfo: type: mobile[UMTS], state: DISCONNECTED/DISCONNECTED, reason: dataDisabled, extra: epc.tmobile.com, roaming: false, failover: false, isAvailable: true, NetworkInfo: type: wifi[], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: false, NetworkInfo: type: mobile_mms[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_supl[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_hipri[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_fota[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_ims[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_cbs[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: wifi_p2p[], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: false]
[NetworkInfo: type: mobile[UMTS], state: DISCONNECTED/DISCONNECTED, reason: dataDisabled, extra: epc.tmobile.com, roaming: false, failover: false, isAvailable: true, NetworkInfo: type: wifi[], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: false, NetworkInfo: type: mobile_mms[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_supl[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_hipri[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_fota[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_ims[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: mobile_cbs[UMTS], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: true, NetworkInfo: type: wifi_p2p[], state: UNKNOWN/IDLE, reason: (unspecified), extra: (none), roaming: false, failover: false, isAvailable: false]
行为描述: 循环任务
详情信息: [u'0', u'1439351028939', u'86400000', u'PendingIntent{414cc3a8: android.os.BinderProxy@414cc338}']
[u'0', u'1439351061942', u'86400000', u'PendingIntent{41649b30: android.os.BinderProxy@415132a0}']
行为描述: 写入文件
详情信息: path:/data/data/com.jrummy.busybox.installer/shared_prefs/com.jrummy.busybox.installer_preferences.xml length:165
path:/data/data/com.jrummy.busybox.installer/shared_prefs/com.jrummy.busybox.installer_preferences.xml length:248
path:/data/data/com.jrummy.busybox.installer/files/chmod length:69
path:unknown length:69
path:unknown length:25
path:unknown length:18
path:/data/data/com.jrummy.busybox.installer/shared_prefs/com.jrummy.busybox.installer_preferences.xml length:261
path:unknown length:32
path:unknown length:34
path:unknown length:33
path:unknown length:32
Activities
VirSCANVirSCAN
活动名 类型
.BusyboxActivity android.intent.action.MAIN
.BusyboxActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
java/net/URLConnection;->connect 连接URL
android/app/NotificationManager;->notify 信息通知栏
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
启动方式
VirSCANVirSCAN
名称 信息
com.jrummy.busybox.installer.service.BootReceiver 开机启动服务
广告信息
VirSCANVirSCAN
名称 信息
com.google.ads AdMob
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.VIBRATE 允许设备震动
服务列表
VirSCANVirSCAN
名称
com.jrummy.busybox.installer.service.BootService
文件列表
VirSCANVirSCAN
文件名 校验码
assets/fonts/default.ttf 0x2c38f7c2
assets/fonts/sonysketch.ttf 0x2e356ff3
assets/chmod 0xbd8dd47c
res/anim/alertbar_in.xml 0xe2e57e2d
res/anim/appear.xml 0xc6ed3d0e
res/anim/disappear.xml 0x2d62abbf
res/anim/shrink_from_bottom.xml 0x3069a213
res/color/text_button.xml 0xb3308568
res/drawable/btn_cancel.xml 0xc11e0c8b
res/drawable/btn_checkbox_holo.xml 0x49e610ce
res/drawable/btn_dropdown.xml 0x57c19156
res/drawable/btn_main.xml 0xe75b3cab
res/drawable/home_bg.xml 0x4b18a1f
res/drawable/progress_horizontal_holo.xml 0xf0f84ebe
res/drawable/progress_spin.xml 0x57258398
res/drawable/swipey_tab_indicator.xml 0x6a6fa434
res/drawable/textfield_main_holo.xml 0x156bfe5e
res/layout/adv_install.xml 0x469b747e
res/layout/dialog_main.xml 0x33038717
res/layout/dialog_manage_script.xml 0x51eabe2e
res/layout/dialog_schedule_week.xml 0x536abe33
res/layout/dialog_script_details.xml 0xe8d901cb
res/layout/edit_script.xml 0xd9410bac
res/layout/edittext_dialog.xml 0xd5ca78c7
res/layout/installer.xml 0xaafbf9ba
res/layout/list_adv_applet.xml 0xefaf51c7
res/layout/list_applet.xml 0x5cb60722
res/layout/list_item_item.xml 0x3eae7d80
res/layout/listview.xml 0xb1309751
res/layout/main.xml 0x316271fc
res/layout/script_item.xml 0xc46a778c
res/layout/swipey_tab_indicator.xml 0xb3d81963
res/layout/titlebar.xml 0x255d7162
res/layout/titlebar_progress.xml 0xe63b19b1
res/xml/busybox_prefs.xml 0x8cb0c549
AndroidManifest.xml 0xfbb67904
resources.arsc 0x83071b5b
res/drawable-hdpi/bg.png 0x904128a4
res/drawable-hdpi/bottom_bar.9.png 0xc6b9a7b
res/drawable-hdpi/btn_cancel_default.png 0xff7be0ae
res/drawable-hdpi/btn_cancel_disabled.png 0x3b2007e7
res/drawable-hdpi/btn_cancel_pressed.png 0x836cbfdf
res/drawable-hdpi/btn_cancel_selected.png 0xa0e4071a
res/drawable-hdpi/btn_check_off_holo.png 0xa7ec858b
res/drawable-hdpi/btn_check_off_pressed_holo.png 0x4efe05dc
res/drawable-hdpi/btn_check_off_selected_holo.png 0x6fb7fe13
res/drawable-hdpi/btn_check_on_holo.png 0x7391db5b
res/drawable-hdpi/btn_check_on_pressed_holo.png 0x97646593
res/drawable-hdpi/btn_check_on_selected_holo.png 0x236f86a4
res/drawable-hdpi/btn_dropdown_disabled.9.png 0x1d4f4bed
res/drawable-hdpi/btn_dropdown_normal.9.png 0x65f34e6e
res/drawable-hdpi/btn_dropdown_pressed.9.png 0xed7ab98e
res/drawable-hdpi/btn_dropdown_selected.9.png 0x2c308448
res/drawable-hdpi/btn_main_enabled.9.png 0x57c05c59
res/drawable-hdpi/btn_main_focused.9.png 0x776967d0
res/drawable-hdpi/btn_main_pressed.9.png 0xfc5d842
res/drawable-hdpi/color_overlay.9.png 0x348bd5b7
res/drawable-hdpi/default_ad.png 0x3ee8e0a2
res/drawable-hdpi/dialog_bg.9.png 0xdc0c3980
res/drawable-hdpi/dialog_bg_dark.9.png 0x8ec2cee7
res/drawable-hdpi/guide_line.png 0xff6bc433
res/drawable-hdpi/ic_actionbar_add.png 0xcabce386
res/drawable-hdpi/ic_actionbar_back.png 0x73658632
res/drawable-hdpi/ic_actionbar_edit.png 0x5ac12ce0
res/drawable-hdpi/ic_actionbar_info.png 0x2325a8d
res/drawable-hdpi/ic_actionbar_loading.png 0x680b88c6
res/drawable-hdpi/ic_actionbar_search.png 0x5d1ef020
res/drawable-hdpi/ic_actionbar_share.png 0xfa864ab6
res/drawable-hdpi/ic_launcher.png 0x37fbc0f1
res/drawable-hdpi/ic_menu_more.png 0x6009a43
res/drawable-hdpi/ic_menu_preferences.png 0x6657d677
res/drawable-hdpi/ic_quickaction_terminal.png 0x3686ad16
res/drawable-hdpi/ic_quickaction_uninstall.png 0x21b950a6
res/drawable-hdpi/item_focused.9.png 0xf53fc94f
res/drawable-hdpi/item_pressed.9.png 0xfc70ad9b
res/drawable-hdpi/pbar_tab.9.png 0xf3ef323a
res/drawable-hdpi/prog_spin.png 0xebb445c2
res/drawable-hdpi/progress_bg_holo.9.png 0x915d8a1f
res/drawable-hdpi/progress_pri_holo.9.png 0x89178e95
res/drawable-hdpi/refresh.png 0xb4e22f5f
res/drawable-hdpi/script_file.png 0x294db556
res/drawable-hdpi/scrollbar_handle_vertical.9.png 0x7c0041cb
res/drawable-hdpi/separator.png 0x1e065737
res/drawable-hdpi/text_bracket.9.png 0x93d261cb
res/drawable-hdpi/text_bracket_full.9.png 0x31e85a0a
res/drawable-hdpi/text_bracket_right.9.png 0xe9d3948e
res/drawable-hdpi/textfield_activated_holo.9.png 0xc888644c
res/drawable-hdpi/textfield_default_holo.9.png 0x63b42ace
res/drawable-hdpi/textfield_disabled_focused_holo.9.png 0x1d1ee16f
res/drawable-hdpi/textfield_disabled_holo.9.png 0x38b861b3
res/drawable-hdpi/textfield_focused_holo.9.png 0xcba0255a
res/drawable-hdpi/textfield_multiline_activated_holo.9.png 0xc888644c
res/drawable-hdpi/textfield_multiline_default_holo.9.png 0x86375ce9
res/drawable-hdpi/textfield_multiline_disabled_focused_holo.9.png 0x1d1ee16f
res/drawable-hdpi/textfield_multiline_disabled_holo.9.png 0x9c36632c
res/drawable-hdpi/textfield_multiline_focused_holo.9.png 0x293e507
res/drawable-hdpi/titlebar_icon.png 0xf5c83cea
res/drawable-hdpi/transparent_overlay.9.png 0xe7916ca4
res/drawable-mdpi/bg.png 0x5a4f550e
classes.dex 0xaddaffb8
META-INF/MANIFEST.MF 0x641b9e85
META-INF/CERT.SF 0x1a580ba8
META-INF/CERT.RSA 0xc9ab980c
运行截图
VirSCANVirSCAN
VirSCAN