VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:9%Antivirus software(3/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-04-27 19:01:23 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Android.Adware.Adwo.A 2
avast 150725-1 4.7.4 2015-07-25 Found nothing 21
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 6
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
clamav 19861 0.97.5 2014-12-31 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 43
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 2
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 30
gdata 25.6363 25.6363 2016-04-27 Android.Adware.Adwo.A 9
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 6
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 42
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 25
kingsoft 2.1 2.1 2013-09-22 Found nothing 3
mcafee 7638 5400.1158 2014-11-30 Found nothing 29
nod32 0920 3.0.21 2014-12-23 Found nothing 1
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 2
qh360 1.0.1 1.0.1 1.0.1 Found nothing 2
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 1
sophos 5.08 3.55.0 2014-12-01 Found nothing 5
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Android.Adware.AdsWo.B.wcln 14
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 14
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 6
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:2bc041df285605e4dab83338c51e9dbf
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.cnvcs.junqi
最低运行环境:Android 1.6
版权:
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x00020000, Size = 0x00000744
TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x7ffdc010, Size = 0x00000004
TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x7ffdc1e8, Size = 0x00000004
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x0e010495.
行为描述: 获取TickCount值
详情信息: TickCount = 485525, SleepMilliseconds = 25.
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x00010000, Size = 0x000007c2
TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x00020000, Size = 0x00000744
TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x7ffdc010, Size = 0x00000004
TargetProcess = C:\WINDOWS\system32\cmd.exe, WriteAddress = 0x7ffdc1e8, Size = 0x00000004
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x0e010495.
行为描述: 获取TickCount值
详情信息: TickCount = 485525, SleepMilliseconds = 25.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp\Fifa Street 2.bat
行为描述: 修改BAT脚本文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp\Fifa Street 2.bat ---> Offset = 0
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp\Fifa Street 2.bat
行为描述: 查找文件
详情信息: FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\My Documents
FileName = C:\Documents and Settings\All Users
FileName = C:\Documents and Settings\All Users\Documents
FileName = C:\Documents and Settings\Administrator\桌面
FileName = C:\Documents and Settings\All Users\桌面
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp\Fifa Street 2.bat
其他行为
VirSCANVirSCAN
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
行为描述: 创建事件对象
详情信息: EventName = Global\crypt32LogoffEvent
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x0e010495.
行为描述: 获取TickCount值
详情信息: TickCount = 485525, SleepMilliseconds = 25.
Activities
VirSCANVirSCAN
活动名 类型
com.cnvcs.App android.intent.action.MAIN
com.cnvcs.App android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
android/app/NotificationManager;->notify 信息通知栏
java/net/URL;->openConnection 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
java/net/HttpURLConnection;->connect 连接URL
java/net/URLConnection;->connect 连接URL
LocationManager;->getLastKnownLocation 获取地址位置
TelephonyManager;->getLine1Number 获取手机号
TelephonyManager;->getSimSerialNumber 获取SIM序列号
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
广告信息
VirSCANVirSCAN
名称 信息
net.youmi 有米广告
cn.domob.android 多盟
com.adwo.adsdk 安沃
com.umengAd 友盟
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
文件列表
VirSCANVirSCAN
文件名 校验码
assets/data.pak 0xc1285e8d
res/drawable/uyun_baidu.png 0x126a90fd
res/drawable/uyun_banner_bg.png 0x2039cb23
res/drawable/uyun_cancel.png 0xb1386e8f
res/drawable/uyun_detail_bg.png 0x627a89ce
res/drawable/uyun_icon_default.png 0x4f8a3329
res/drawable/uyun_jump.png 0xa772cb52
res/drawable/uyun_jump_apk.png 0x568907ac
res/drawable/uyun_jump_list.png 0x80291724
res/drawable/uyun_jump_url.png 0x22673547
res/drawable/uyun_loading.png 0x480048a6
res/drawable/uyun_next.png 0x1ade4532
res/drawable/uyun_next_no.png 0x6a474754
res/drawable/uyun_pre.png 0xdb58fb2c
res/drawable/uyun_pre_no.png 0x4c2f759
res/drawable/uyun_progressbar.xml 0x6623d26e
res/layout/uyun_download_notification.xml 0x8c9a51c6
res/layout/uyun_web_progress.xml 0x3cb7a042
res/layout/uyun_webview.xml 0x4c3ebd3c
AndroidManifest.xml 0x29dc64c4
resources.arsc 0xb0a03f44
res/drawable-hdpi/icon.png 0xb3815a86
res/drawable-ldpi/icon.png 0x21fe752e
res/drawable-mdpi/icon.png 0x81519cc7
classes.dex 0xd8163c95
assets/banner.png 0x2d824ee
assets/close.png 0xc60adaed
assets/def_0.png 0xd0e1aafa
assets/def_0_32000048.png 0x5a7f9d1e
assets/exit.png 0x6e628d21
assets/loading.png 0x48342286
assets/next.png 0xc667afa3
assets/next_off.png 0x72b7a470
assets/out.png 0x75b3379b
assets/preview.png 0xe1ad2a0e
assets/preview_off.png 0x2949548e
assets/refresh.png 0x16696e6a
assets/adwo_close.png 0xa08e1be
assets/adwo_left_arrow.png 0x54827195
assets/adwo_logo.png 0x220dc9de
assets/adwo_right_arrow.png 0xb16b8854
assets/t1.png 0x84341ac5
assets/t10.png 0xe9251ca8
assets/t12.png 0xc9111b9e
assets/t13.png 0x523b0a20
assets/t3.png 0x175c3378
assets/t8.png 0x7bbc78fa
assets/t9.png 0x86363427
lib/armeabi/libjunqi.so 0xc93fbd44
META-INF/MANIFEST.MF 0xc736aa25
META-INF/CERT.SF 0x3dd726a2
META-INF/CERT.RSA 0x791110dc
运行截图
VirSCANVirSCAN
VirSCAN