VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:75
Behavior list
Basic Information
MD5:8b7d9252c35e9c6652ed78255961328b
Package names:com.lidroid.supermount
Minimum operating environment:Android 2.2.x
copyright:lidroid
Key behavior
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
[Window,Class] = [帮助(&H),Button]
[Window,Class] = [,Auto-Suggest Dropdown]
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.MarshalInterface.FileMap.AOJ..IHIFF
MSCTF.MarshalInterface.FileMap.AOJ.B.IHIFF
MSCTF.MarshalInterface.FileMap.AOJ.C.IHIFF
MSCTF.MarshalInterface.FileMap.AOJ.D.IHIFF
MSCTF.MarshalInterface.FileMap.AOJ.E.IHIFF
MSCTF.MarshalInterface.FileMap.AOJ.F.HIIFF
MSCTF.MarshalInterface.FileMap.AOJ.G.HIIFF
MSCTF.Shared.SFM.AOJ
Network behavior
Behavior description:枚举网络共享资源
details:N/A
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\@shell32.dll,-12691
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\BagMRU\MRUListEx
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
Shell.CMruPidlList
MSCTF.Shared.MUTEX.AEH
Global\winlogon: Logon UserProfileMapping Mutex
MSCTF.Shared.MUTEX.AOJ
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
[Window,Class] = [帮助(&H),Button]
[Window,Class] = [,Auto-Suggest Dropdown]
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [,GINA Logon]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:窗口信息
details:Pid = 2524, Hwnd=0x10350, Text = 查找范围(&I):, ClassName = Static.
Pid = 2524, Hwnd=0x10352, Text = 我的文档, ClassName = ComboBox.
Pid = 2524, Hwnd=0x1038a, Text = FolderView, ClassName = SysListView32.
Pid = 2524, Hwnd=0x1035c, Text = 文件名(&N):, ClassName = Static.
Pid = 2524, Hwnd=0x10368, Text = 文件类型(&T):, ClassName = Static.
Pid = 2524, Hwnd=0x1036a, Text = ZBrush, ClassName = ComboBox.
Pid = 2524, Hwnd=0x1036e, Text = 以只读方式打开(&R), ClassName = Button(CheckBox).
Pid = 2524, Hwnd=0x10370, Text = 打开(&O), ClassName = Button.
Pid = 2524, Hwnd=0x10372, Text = 取消, ClassName = Button.
Pid = 2524, Hwnd=0x10374, Text = 帮助(&H), ClassName = Button.
Pid = 2524, Hwnd=0x1034c, Text = 打开, ClassName = #32770.
Pid = 2524, Hwnd=0x10360, Text = 123456, ClassName = ComboBoxEx32.
Behavior description:获取系统权限
details:SE_LOAD_DRIVER_PRIVILEGE
Behavior description:枚举窗口
details:N/A
Dangerous behavior
Behavior description:执行系统命令
details:mount
Dynamic list behavior
Behavior description:调用哈希算法
details:MD5
Behavior description:读取文件
details:path:pipe:[3455] length:105
path:/proc/meminfo length:105
path:/proc/761/cmdline length:105
path:/proc/777/cmdline length:105
path:/proc/789/cmdline length:105
path:/proc/819/cmdline length:105
path:/proc/831/cmdline length:105
Behavior description:对指定数据计算哈希
details:emulator
d3894529ac5a14ec
Behavior description:类加载
details:path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.lidroid.supermount-1.apk
Behavior description:缓冲区读取一行数据
details:## Vold 2.0 Generic fstab
## - San Mehat
##
#######################
## Regular device mount
##
## Format: dev_mount <label> <mount_point> <part> <sysfs_path1...>
## label - Label for the volume
## mount_point - Where the volume will be mounted
## part - Partition # (1
## <sysfs_path> - List of sysfs paths to source devices
######################
## Example of a standard sdcard mount for the emulator / Dream
# Mounts the first usable partition of the specified device
dev_mount sdcard /mnt/sdcard auto /devices/platform/goldfish_mmc.0 /devices/platform/msm_sdcc.2/mmc_host/mmc1
## Example of a dual card setup
# dev_mount left_sdcard /sdcard1 auto /devices/platform/goldfish_mmc.0 /devices/platform/msm_sdcc.2/mmc_host/mmc1
# dev_mount right_sdcard /sdcard2 auto /devices/platform/goldfish_mmc.1 /devices/platform/msm_sdcc.3/mmc_host/mmc1
## Example of specifying a specific partition for mounts
# dev_mount sdcard /sdcard 2 /devices/platform/goldfish_mmc.0 /devices/platform/msm_sdcc.2/mmc_host/mmc1
null
rootfs / rootfs ro 0 0
tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
devpts /dev/pts devpts rw,mode=600 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
none /acct cgroup rw,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,cpu 0 0
/dev/block/mtdblock0 /system yaffs2 ro 0 0
/dev/block/mtdblock1 /data yaffs2 rw,nosuid,nodev 0 0
/dev/block/mtdblock2 /cache yaffs2 rw,nosuid,nodev 0 0
Behavior description:执行系统命令
details:mount
Behavior description:启动服务
details:com.android.musicfx.Compatibility$Service
Behavior description:初始化Intent
details:Landroid/content/Context;=com.lidroid.supermount.MainActivity@41538ee8 | Ljava/lang/Class;=class com.google.ads.AdActivity
Ljava/lang/String;=android.intent.action.VIEW | Landroid/net/Uri;=market://details?id=com.google.ads
Behavior description:写入文件
details:path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
Activity nameTypes of
MainActivityandroid.intent.action.MAIN
MainActivityandroid.intent.category.LAUNCHER
Dangerous function
Function nameinformation
java/net/HttpURLConnection;->connect连接URL
java/net/URL;->openConnection连接URL
ContentResolver;->query读取联系人、短信等数据库
getRuntime获取命令行环境
java/lang/Runtime;->exec执行字符串命令
android/app/NotificationManager;->notify信息通知栏
Advertising information
nameinformation
com.google.adsAdMob
Permission list
License nameinformation
android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.INTERNET连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
File List
file name Check code
META-INF/MANIFEST.MF 0x6ed43c02
META-INF/LIDROID.SF 0xbf2cbe21
META-INF/LIDROID.RSA 0x16f68cc6
res/layout/main.xml 0xebe280ad
res/xml/settings.xml 0xa3401a99
AndroidManifest.xml 0x662a839
resources.arsc 0x66f69973
res/drawable-hdpi/android_sd.png 0x2a935c5
res/drawable-hdpi/ic_settings.png 0x2f2b5652
res/drawable-hdpi/icon.png 0xe38047a6
res/drawable-hdpi/mounted_icon.png 0x2196073a
res/drawable-hdpi/no_dir.png 0x84d7b5c4
res/drawable-hdpi/no_sd.png 0x84d7b5c4
res/drawable-hdpi/sd_mounted.png 0xc24a638e
res/drawable-hdpi/sd_unmounted.png 0x2a935c5
res/layout-land/main.xml 0x8492052b
classes.dex 0xfc8e0570
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号