VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2015-06-23 13:42:24 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 1
avast 141231-0 4.7.4 2014-12-31 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 38
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 5
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 1
clamav 19745 0.97.5 2014-12-07 Found nothing 7
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 59
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 24
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 10
gdata 25.2163 25.2163 2015-06-23 Found nothing 10
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 29
jiangmin 16.0.100 1.0.0.0 2014-08-20 Found nothing 60
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 45
kingsoft 2.1 2.1 2013-09-22 Found nothing 34
mcafee 7638 5400.1158 2014-11-30 Found nothing 59
nod32 0920 3.0.21 2014-12-23 Found nothing 4
panda 9.05.01 9.05.01 2014-12-31 Found nothing 22
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 11
qh360 1.0.1 1.0.1 1.0.1 Found nothing 10
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 1
quickheal 14.00 14.00 2014-12-31 Found nothing 60
rising 25.46.06.04 25.46.06.04 2014-12-28 Found nothing 5
sophos 5.08 3.55.0 2014-12-01 Found nothing 33
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 2
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 18
thehacker 6.8.0.5 6.8.0.5 2014-12-29 Found nothing 7
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 12
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:d1cf0c0b537cce31e164adaec0437b3e
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:air.com.digicharaworks.TDPCarmine
最低运行环境:Android 2.2.x
版权:dcw
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = sample.exe, WriteAddress = 0x00400000, Size = 17920
TargetProcess = sample.exe, WriteAddress = 0x7ffdf008, Size = 4
行为描述: 跨进程写代码段数据
详情信息: C:\WINDOWS\explorer.exe, WriteAddress = 0x0101A55F, EntryPoint = 0x0101A55F
行为描述: 设置线程上下文
详情信息: C:\%temp%\1434999675.395520.exe
行为描述: 按名称获取主机地址
详情信息: f02783mat0i5r1t.cc
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = sample.exe, WriteAddress = 0x00400000, Size = 17920
TargetProcess = sample.exe, WriteAddress = 0x7ffdf008, Size = 4
行为描述: 跨进程写代码段数据
详情信息: C:\WINDOWS\explorer.exe, WriteAddress = 0x0101A55F, EntryPoint = 0x0101A55F
行为描述: 设置线程上下文
详情信息: C:\%temp%\1434999675.395520.exe
行为描述: 按名称获取主机地址
详情信息: f02783mat0i5r1t.cc
网络行为
VirSCANVirSCAN
行为描述: 发送一个已连接的套接字数据
详情信息: SOCKET = 0x00000148, TotalSize = 107, Offset = 0, ReadSize = 107.
SOCKET = 0x00000148, TotalSize = 133, Offset = 0, ReadSize = 133.
行为描述: 建立到一个指定的套接字连接
详情信息: 219.133.40.1:80
行为描述: 按名称获取主机地址
详情信息: f02783mat0i5r1t.cc
注册表行为
VirSCANVirSCAN
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
行为描述: 删除注册表键值
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: SHIMLIB_LOG_MUTEX
A8441CED
A8441CEDN
行为描述: 内联HOOK
详情信息: C:\WINDOWS\system32\ntdll.dll--->NtCreateProcessEx Offset = 0x0
C:\WINDOWS\system32\ntdll.dll--->ZwCreateThread Offset = 0x0
C:\WINDOWS\system32\ntdll.dll--->NtResumeThread Offset = 0x0
C:\WINDOWS\system32\ntdll.dll--->NtEnumerateValueKey Offset = 0x0
C:\WINDOWS\system32\ntdll.dll--->NtQueryDirectoryFile Offset = 0x0
动态列表行为
VirSCANVirSCAN
行为描述: 解析通用资源标识符
详情信息: market://details?id=com.adobe.air
行为描述: 添加悬浮窗口
详情信息: [u'com.android.internal.policy.impl.PhoneWindow$DecorView@414c1e80', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#8020002 pfl=0x8 fmt=-2 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414b4418']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414cad40', u'WM.LayoutParams{(0,0)(fillxfill) sim=#112 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414b4418']
行为描述: 窗口信息
详情信息: {"text": "Adobe® AIR®", "class": "android.widget.TextView"}
{"text": "This application requires Adobe AIR.
Install Adobe AIR now?", "class": "android.widget.TextView"}
{"text": "Install", "class": "android.widget.Button"}
{"text": "Cancel", "class": "android.widget.Button"}
行为描述: 初始化Intent
详情信息: [u'android.intent.action.VIEW', u'market://details?id=com.adobe.air']
行为描述: 调用Intent的setAction
详情信息: [u'android.intent.action.VIEW']
行为描述: 激活Activity
详情信息: Intent { act=android.intent.action.VIEW dat=market://details?id=com.adobe.air flg=0x10000000 }
Activities
VirSCANVirSCAN
活动名 类型
.AppEntry android.intent.action.MAIN
.AppEntry android.intent.category.LAUNCHER
文件列表
VirSCANVirSCAN
文件名 校验码
assets/META-INF/AIR/application.xml 0x936e3937
res/drawable-ldpi/icon.png 0x471c2757
res/drawable-mdpi/icon.png 0xa18ca687
res/drawable-hdpi/icon.png 0xf737d5d0
resources.arsc 0xd9ade76c
AndroidManifest.xml 0x210907f7
classes.dex 0x469ef57d
lib/armeabi-v7a/libNativeABI.so 0xd251bf7e
assets/icon36.png 0x471c2757
assets/icon48.png 0xa18ca687
assets/icon72.png 0xf737d5d0
assets/TDP_Carmine.swf 0xab883b82
META-INF/MANIFEST.MF 0x3892605f
META-INF/CERT.SF 0xf92485dc
META-INF/CERT.RSA 0x9ce96b24
运行截图
VirSCANVirSCAN
VirSCAN