VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:
Behavior list
Basic Information
MD5:44eebb9bff268fd85f9ec282ea1984c4
Package names:com.rgbmobile.app.onetouchreboot
Minimum operating environment:Android 2.1.x
copyright:beijing
Dangerous behavior
Behavior description:执行系统命令
details:[u'su']
Dynamic list behavior
Behavior description:调用哈希算法
details:MD5
Behavior description:读取文件
details:path:/proc/cpuinfo length:69
Behavior description:模拟器驱动文件初始化
details:/proc/cpuinfo
Behavior description:获取当前连接的Wifi热点信息
details:[]
Behavior description:读取系统设置
details:[u'android.app.ContextImpl$ApplicationContentResolver@4154bb58', u'font_scale']
[u'android.app.ContextImpl$ApplicationContentResolver@4154bb58', u'font_scale']
[u'android.app.ContextImpl$ApplicationContentResolver@4154d2a8', u'sound_effects_enabled']
Behavior description:执行系统命令
details:[u'su']
Behavior description:获取root权限
details:su
Behavior description:查询上次位置信息
details:[u'gps']
[u'network']
Behavior description:窗口信息
details:{"text": "INFO", "class": "android.widget.TextView"}
{"text": "Need to get root to perform operations at a later prompt always allowed", "class": "android.widget.TextView"}
{"text": "ok", "class": "android.widget.Button"}
{"text": "Presentation", "class": "android.widget.TextView"}
{"text": "Do you want to Reboot or Shutdown?", "class": "android.widget.TextView"}
{"text": "Reboot", "class": "android.widget.Button"}
{"text": "Shutdown", "class": "android.widget.Button"}
Behavior description:缓冲区读取一行数据
details:Processor : ARMv7 Processor rev 0 (v7l)
Behavior description:添加View
details:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414bdde8', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#8020002 pfl=0x8 fmt=-2 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414afb60']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@4154df98', u'WM.LayoutParams{(0,0)(wrapxwrap) sim=#110 ty=1 fl=#8000002 pfl=0x8 fmt=-3 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414afb60']
Behavior description:写入文件
details:path:/data/data/com.rgbmobile.app.onetouchreboot/files/rgbshell.jni length:69
path:/data/data/com.rgbmobile.app.onetouchreboot/shared_prefs/mobclick_agent_state_com.rgbmobile.app.onetouchreboot.xml length:232
path:/data/data/com.rgbmobile.app.onetouchreboot/files/mobclick_agent_cached_com.rgbmobile.app.onetouchreboot length:69
path:/data/data/com.rgbmobile.app.onetouchreboot/shared_prefs/first.xml length:106
path:/mnt/sdcard/phone/com.phone.safe.system.apk length:68
path:unknown length:69
path:unknown length:10
Behavior description:写入sdcard
details:path:/mnt/sdcard/phone/com.phone.safe.system.apk
Behavior description:初始化Intent
details:[u'android.os.Parcel@414ad200']
[u'android.os.Parcel@414ad1c0']
Behavior description:获取网络状态信息[*]
details:NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
Behavior description:获取设备ID
details:357143040944263
357143040944263
357143040944263
Activities
Activity nameTypes of
com.rgbmobile.app.easytouch.ui.RstarActDiaandroid.intent.action.MAIN
com.rgbmobile.app.easytouch.ui.RstarActDiaandroid.intent.category.LAUNCHER
Dangerous function
Function nameinformation
ContentResolver;->query读取联系人、短信等数据库
HttpClient;->execute请求远程服务器
TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
LocationManager;->getLastKnownLocation获取地址位置
getRuntime获取命令行环境
java/lang/Runtime;->exec执行字符串命令
android/app/NotificationManager;->notify信息通知栏
ContentResolver;->delete删除短信、联系人
java/net/URL;->openConnection连接URL
Startup mode
nameinformation
com.rgbmobile.app.easytouch.MyReceiver开机启动服务
com.rgbmobile.app.easytouch.MyReceiver屏幕解锁启动服务
com.rgbmobile.app.easytouch.server.UIeaReceiver应用安装时启动服务
com.rgbmobile.app.easytouch.server.UIeaReceiver应用卸载时启动服务
com.rgbmobile.app.easytouch.server.UIeaReceiver屏幕解锁启动服务
Permission list
License nameinformation
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
android.permission.WRITE_SETTINGS读写系统设置项
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE读取wifi网络状态
android.permission.CHANGE_NETWORK_STATE变更网络状态
android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
android.permission.READ_PHONE_STATE读取电话状态
android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
android.permission.INTERNET连接网络(2G或3G)
android.permission.GET_TASKS获取有关当前或最近运行的任务信息
android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
android.permission.RESTART_PACKAGES重启其他程序
android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
Service list
name
com.rgbmobile.app.easytouch.server.UIeaService
File List
file name Check code
assets/sound/click.wav 0x1495f30c
assets/data.bin 0x220ba1f1
res/anim/anim_dialog_enter.xml 0x961b8785
res/anim/anim_dialog_exit.xml 0x1d26bf1b
res/anim/left_in.xml 0xbd47881c
res/anim/left_out.xml 0x869cb1c
res/anim/right_in.xml 0xf6f2683b
res/anim/right_out.xml 0xc5fb8086
res/anim/zoom_enter.xml 0xb5108e34
res/anim/zoom_exit.xml 0x374d8f16
res/color/checkbox_textcolor_selector.xml 0x232211c5
res/color/desk_sms_textcolor_selector.xml 0x6833c707
res/color/dialog_listcolor_selector.xml 0xc282bdc5
res/color/function_button_textcolor_selector.xml 0x5b0094ac
res/color/function_greenbutton_textcolor_selector.xml 0x4cfda737
res/color/function_whitebutton_textcolor_selector.xml 0x751cdc3f
res/color/k_primary_text_dark.xml 0x806b30ff
res/color/k_secondary_text_dark.xml 0xca32bcf
res/color/main_function_button_textcolor_selector.xml 0xb86629af
res/color/main_small_textcolor_selector.xml 0x63071b6c
res/color/main_textcolor_selector.xml 0xc5d63256
res/color/main_textcolor_selector_2.xml 0xd95f060e
res/color/menu_item_text_color.xml 0x2e5e408a
res/color/risk_dangerous.xml 0x8b712f47
res/color/risk_high.xml 0x5339e79
res/color/risk_low.xml 0x3839279a
res/color/risk_safe.xml 0xb67b96a4
res/color/setitem_textcolor_selector.xml 0xc5d63256
res/color/tab_textcolor_selector.xml 0x1332172c
res/color/traffic_check_button_selector.xml 0xf134d10d
res/drawable/bg_main.xml 0x2879b550
res/drawable/board1_bg.xml 0x20e74002
res/drawable/dialog_button_bg.xml 0xc12ce859
res/drawable/ic_launcher.png 0x7e220380
res/drawable/main_slider_item_1.xml 0x1a3be118
res/layout/applist_item.xml 0xef2c339f
res/layout/dialog_2.xml 0xbc88ff59
res/layout/help.xml 0x17ecdf4
res/layout/lunch.xml 0x8cc55a93
res/layout/setlist_item.xml 0x30403d36
res/layout/viewpager.xml 0x8257d3c7
res/raw/click.wav 0x1495f30c
res/raw/gsnap 0x76e72338
res/raw/key.so 0xca415200
res/raw/shell.so 0x1c168dfc
res/xml/lock_screen.xml 0x39eeaa74
AndroidManifest.xml 0xdd80ce7d
resources.arsc 0x9141d559
res/drawable-hdpi/dialog_title_bg.9.png 0x51c5cafc
res/drawable-hdpi/edit_title_icon.png 0xa1c9e74a
res/drawable-hdpi/ks_but_normal.9.png 0xcfbfadc2
res/drawable-hdpi/ks_but_pressed.9.png 0x15579766
res/drawable-hdpi/ks_but_selected.9.png 0x169b4b3b
res/drawable-hdpi/launch.jpg 0x2c8e8af5
res/drawable-ldpi/main_float1.png 0xe2f1ddf6
res/drawable-ldpi/main_float2.png 0xb67e915d
res/layout-ldpi/viewpager.xml 0x131f9d73
classes.dex 0x33f63277
assets/dd_mnb/zxc.dat 0x42710cf0
META-INF/MANIFEST.MF 0xe5867a2f
META-INF/CERT.SF 0xb6e747b4
META-INF/CERT.RSA 0x4c73ffe1
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号