VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:6%Antivirus software(2/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-10-16 22:47:01 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 150725-1 4.7.4 2015-07-25 Found nothing 0
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 0
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 0
clamav 19861 0.97.5 2014-12-31 Found nothing 0
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 0
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 0
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 0
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 0
gdata 25.3894 25.3894 2015-10-16 Android:Agent-GNN 13
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 0
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 52
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 0
kingsoft 2.1 2.1 2013-09-22 Android.RISKWARE.at_iappProgram.a.(kcloud) 12
mcafee 7638 5400.1158 2014-11-30 Found nothing 0
nod32 0920 3.0.21 2014-12-23 Found nothing 0
panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 0
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 0
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
sophos 5.08 3.55.0 2014-12-01 Found nothing 0
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 0
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 17
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 0
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 0
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:3aad10399ec428ca9d444d0eca941b6b
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.iapp
最低运行环境:Android 2.2.x
版权:YouGais
关键行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EOB..KCGGH
MSCTF.MarshalInterface.FileMap.EOB.B.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.C.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.D.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.E.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.F.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.G.JDGGH
MSCTF.Shared.SFM.EOB
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202b4, Text = ADP Screen Ruler, ClassName = TMainForm.
进程行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EOB..KCGGH
MSCTF.MarshalInterface.FileMap.EOB.B.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.C.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.D.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.E.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.F.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.G.JDGGH
MSCTF.Shared.SFM.EOB
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202b4, Text = ADP Screen Ruler, ClassName = TMainForm.
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EOB..KCGGH
MSCTF.MarshalInterface.FileMap.EOB.B.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.C.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.D.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.E.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.F.JDGGH
MSCTF.MarshalInterface.FileMap.EOB.G.JDGGH
MSCTF.Shared.SFM.EOB
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.893129.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.896608.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 22
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.900074.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 32
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.903550.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 43
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.907032.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 55
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.910498.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 75
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.913985.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 83
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.917453.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 100
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.920929.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 108
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.924392.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 121
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.927884.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 136
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.931344.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 152
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.934827.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 166
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1444935159.938290.exe_7zdump\ScreenRuler\ScreenRuler.ini---> Offset = 180
其他行为
VirSCANVirSCAN
行为描述: 枚举窗口
详情信息: N/A
行为描述: 窗口信息
详情信息: Pid = 508, Hwnd=0x202b4, Text = ADP Screen Ruler, ClassName = TMainForm.
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x000202b4, Text = ADP Screen Ruler, ClassName = TMainForm.
行为描述: 创建互斥体
详情信息: oleacc-msaa-loaded
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.EOB
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
动态列表行为
VirSCANVirSCAN
行为描述: 调用哈希算法
详情信息: MD5
行为描述: 获取安装应用列表
详情信息: [u'64']
[u'64']
行为描述: 写入文件
详情信息: path:/mnt/sdcard/iApp/Userimg/icon_iapp.png length:69
path:/mnt/sdcard/iApp/Userimg/icon_iapp.png length:69
path:/mnt/sdcard/iApp/Userimg/icon_iapp.png length:67
path:/mnt/sdcard/iApp/Userimg/icon_iapp.png length:65
行为描述: 执行SQL查询
详情信息: [u"SELECT count(name) as c FROM sqlite_master where type='table' and name='appinfo'", u'null']
[u'SELECT _id,title,icon,versionName,remark,status,packageName from appinfo order by upTime desc', u'null']
行为描述: 窗口信息
详情信息: {"text": "创建", "class": "android.widget.Button"}
{"text": "导入", "class": "android.widget.Button"}
{"text": "请创建一个你的应用项目!", "class": "android.widget.TextView"}
行为描述: 添加View
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@4151e720', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414af700']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41533e10', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414af700']
行为描述: 初始化Intent
详情信息: []
[u'android.os.Parcel@414ad110']
行为描述: 写入sdcard
详情信息: path:/mnt/sdcard/iApp/Userimg/icon_iapp.png
path:/mnt/sdcard/iApp/Userimg/icon_iapp.png
path:/mnt/sdcard/iApp/Userimg/icon_iapp.png
path:/mnt/sdcard/iApp/Userimg/icon_iapp.png
行为描述: 激活Activity
详情信息: {"FLAG":0,"COMPONENT_NAME":"ComponentInfo{com.iapp\/com.yougaile.MakeiApp.Project}"}
行为描述: 获取设备ID
详情信息: 357143040944263
Activities
VirSCANVirSCAN
活动名 类型
com.yougaile.MakeiApp.logoActivity android.intent.action.MAIN
com.yougaile.MakeiApp.logoActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
ActivityManager;->killBackgroundProcesses 中断进程,可用于关闭杀软
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getLine1Number 获取手机号
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
java/net/URL;->openConnection 连接URL
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
android/app/NotificationManager;->notify 信息通知栏
WifiManager;->setWifiEnabled 变更WIFI状态
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.CHANGE_NETWORK_STATE 变更网络状态
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件列表
VirSCANVirSCAN
文件名 校验码
assets/Sonnenblume/res.bin 0xd174f9be
assets/1000.iapp 0xefe7cd6c
assets/1001.iapp 0x6f126db0
assets/1010.iapp 0x41ec9191
assets/1100.iapp 0x57c99b95
assets/1110.iapp 0x6b9569a4
assets/1111.iapp 0x8da8039a
assets/2000.iapp 0x4f21b04
assets/fps_images.png 0x112b3776
assets/help.txt 0x270690fc
assets/iAppulient 0x53dd31f5
assets/ic_launcher.png 0x8d9f198b
assets/icon.png 0xffc8028c
res/drawable/hy_xml_ui_list_icon2titletext_52x52.xml 0x416515b
res/drawable/hy_xml_ui_list_icontext_52x52.xml 0xfc2d926c
res/drawable/hy_xml_ui_user_it32.xml 0x3e76e57b
res/drawable/hy_xml_ui_user_it52.xml 0xa7696d18
res/drawable/hy_xml_ui_user_itt.xml 0x9f26aaf7
res/drawable/hy_xml_ui_user_itt2.xml 0x3f4ed7fc
res/drawable/hy_xml_ui_user_t.xml 0x96c87d8a
res/drawable/list_itemshighlighted_translucent.xml 0x3155b7c4
res/drawable/make_rbn_class.xml 0x6630a2f7
res/drawable/make_rbn_class2.xml 0xbc082c25
res/drawable/simple_list_item_1.xml 0x15f7fd40
res/layout/activity_webview.xml 0xe1e0c491
res/layout/designapp.xml 0xa63a3b5a
res/layout/edittextfull.xml 0xcd158ac7
res/layout/mainactivity.xml 0x34086965
res/layout/project.xml 0x8aeb629c
res/layout/projectinfo.xml 0x95cbaf3d
res/layout/selectdirectory.xml 0xe1e0c491
res/menu/main.xml 0xb3935319
AndroidManifest.xml 0xa4f2d262
resources.arsc 0xfd2d87fb
res/drawable-hdpi/by.png 0xc45b3152
res/drawable-hdpi/ic_arrow_left.png 0xede5ec62
res/drawable-hdpi/ic_launcher.png 0xf248df62
res/drawable-hdpi/icon.png 0xe2826414
res/drawable-hdpi/icon_folder_personal.png 0x7be8acb7
res/drawable-hdpi/loadyzm.png 0x1e2ea9f5
res/drawable-hdpi/logo.png 0xd0bc88b3
res/drawable-hdpi/notice_down_icon.png 0x13e56a9c
res/drawable-hdpi/project_dabao.png 0xcf0eb1f9
res/drawable-hdpi/project_shangchuan.png 0x3f46534
res/drawable-hdpi/project_shibai.png 0x49e0f8dc
res/drawable-hdpi/project_wanchen.png 0x63bd5671
res/drawable-hdpi/project_weichen.png 0xfded4ba0
res/drawable-hdpi/project_weifa.png 0x539275ea
res/drawable-hdpi/project_xiazai.png 0xdbcc2a13
res/drawable-hdpi/project_yifa.png 0xafcb187d
res/drawable-hdpi/texticon.png 0x5cfcbb24
res/drawable-mdpi/icon.png 0xe2826414
res/drawable-xhdpi/icon.png 0xe2826414
classes.dex 0x78a6de72
keys/keystore.ks 0x3d7ea71f
keys/media.pk8 0xb2ff8b4b
keys/media.sbt 0x787af273
keys/media.x509.pem 0xb2b93fdc
keys/platform.pk8 0x7d91e3b8
keys/platform.sbt 0x78fc5c38
keys/platform.x509.pem 0xe2b43571
keys/shared.pk8 0x44b55be
keys/shared.sbt 0xcb0d9b76
keys/shared.x509.pem 0x52234887
keys/testkey.pk8 0x5c6d8836
keys/testkey.sbt 0x197cd57f
keys/testkey.x509.pem 0xc3fc0954
lib/armeabi/libgdx.so 0x39a6b20c
lib/x86/libgdx.so 0x7ec621b5
META-INF/MANIFEST.MF 0x17dcf38
META-INF/CERT.SF 0xb640d7a1
META-INF/CERT.RSA 0xd00477da
运行截图
VirSCANVirSCAN
VirSCAN