VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:
Behavior list
Basic Information
MD5:d88f8ed77575a059d7c466ccaaf810e6
Package names:com.alan.asianmeinv7
Minimum operating environment:Android 2.1.x
copyright:
Key behavior
Behavior description:直接获取CPU时钟
details:EAX = 0x5a4a8158, EDX = 0x000000bc
EAX = 0xe7a97716, EDX = 0x000000bc
EAX = 0x70a58e26, EDX = 0x000000bd
Behavior description:创建系统服务
details:[服务创建成功]: Internetsx, C:\Program Files\Server.exe -k
Behavior description:获取TickCount值
details:TickCount = 225203, SleepMilliseconds = 1000.
TickCount = 226359, SleepMilliseconds = 1000.
TickCount = 227390, SleepMilliseconds = 500.
TickCount = 231890, SleepMilliseconds = 500.
TickCount = 281546, SleepMilliseconds = 50000.
Process behavior
Behavior description:创建本地线程
details:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2664, ThreadID = 2676, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: Server.exe, InheritedFromPID = 2664, ProcessID = 2748, ThreadID = 2796, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: Server.exe, InheritedFromPID = 2664, ProcessID = 2748, ThreadID = 2812, StartAddress = 00499120, Parameter = 00000000
TargetProcess: Server.exe, InheritedFromPID = 2664, ProcessID = 2748, ThreadID = 2936, StartAddress = 004648AC, Parameter = 011E28DC
TargetProcess: Server.exe, InheritedFromPID = 2664, ProcessID = 2748, ThreadID = 2940, StartAddress = 004648BC, Parameter = 011E28DC
Behavior description:创建新文件进程
details:[0x00000abc]ImagePath = C:\Program Files\Server.exe, CmdLine = "C:\Program Files\Server.exe" -k
File behavior
Behavior description:创建文件
details:C:\Program Files\Server.exe
Behavior description:创建可执行文件
details:C:\Program Files\Server.exe
Behavior description:修改文件内容
details:C:\Program Files\Server.exe ---> Offset = 0
C:\Program Files\Server.exe ---> Offset = 65536
C:\Program Files\Server.exe ---> Offset = 131072
C:\Program Files\Server.exe ---> Offset = 196608
C:\Program Files\Server.exe ---> Offset = 262144
Behavior description:查找文件
details:FileName = C:\Program Files\Server.exe
Behavior description:复制文件
details:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe ---> C:\Program Files\Server.exe
Network behavior
Behavior description:建立到一个指定的套接字连接
details:IP: **.168.1.**:2018, SOCKET = 0x0000021c
Behavior description:按名称获取主机地址
details:gethostbyname: computer
DnsQuery_W: 0.110.110.110.in-addr.arpa.
Registry behavior
Behavior description:删除注册表键
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\
Behavior description:删除注册表键值
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
Other behavior
Behavior description:获取光标位置
details:CursorPos = (80,18468), SleepMilliseconds = 1000.
Behavior description:创建互斥体
details:AMResourceMutex2
VideoRenderer
RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Server.exe
YUTIJXJTWEX@PCZNO@@VRPQALQAG@UQL
eed3bd3a-a1ad-4e99-987b-d7cb3fcfa7f0
Behavior description:创建事件对象
details:EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
Behavior description:打开互斥体
details:RasPbFile
ShimCacheMutex
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [MS_WINHELP,]
Behavior description:获取TickCount值
details:TickCount = 225203, SleepMilliseconds = 1000.
TickCount = 226359, SleepMilliseconds = 1000.
TickCount = 227390, SleepMilliseconds = 500.
TickCount = 231890, SleepMilliseconds = 500.
TickCount = 281546, SleepMilliseconds = 50000.
Behavior description:调整进程token权限
details:SE_INC_BASE_PRIORITY_PRIVILEGE
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
Global\SvcctrlStartEvent_A3752DX
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Behavior description:调用Sleep函数
details:[1]: MilliSeconds = 1000.
[1]: MilliSeconds = 10.
[2]: MilliSeconds = 500.
[3]: MilliSeconds = 10.
[4]: MilliSeconds = 500.
[5]: MilliSeconds = 50000.
[6]: MilliSeconds = 50000.
[7]: MilliSeconds = 50000.
[8]: MilliSeconds = 50000.
[9]: MilliSeconds = 50000.
[10]: MilliSeconds = 50000.
Behavior description:可执行文件MD5
details:C:\Program Files\Server.exe ---> d13f7b775987d8835d3e5371a5a27b9d
Behavior description:直接获取CPU时钟
details:EAX = 0x5a4a8158, EDX = 0x000000bc
EAX = 0xe7a97716, EDX = 0x000000bc
EAX = 0x70a58e26, EDX = 0x000000bd
Behavior description:创建系统服务
details:[服务创建成功]: Internetsx, C:\Program Files\Server.exe -k
Activities
Activity nameTypes of
.PictureGridandroid.intent.action.MAIN
.PictureGridandroid.intent.category.LAUNCHER
Dangerous function
Function nameinformation
java/net/URL;->openConnection连接URL
java/net/HttpURLConnection;->connect连接URL
TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
HttpClient;->execute请求远程服务器
LocationManager;->getLastKnownLocation获取地址位置
TelephonyManager;->getLine1Number获取手机号
TelephonyManager;->getSimSerialNumber获取SIM序列号
android/app/NotificationManager;->notify信息通知栏
DefaultHttpClient;->execute发送HTTP请求
WifiManager;->setWifiEnabled变更WIFI状态
getRuntime获取命令行环境
java/lang/Runtime;->exec执行字符串命令
ContentResolver;->query读取联系人、短信等数据库
java/net/URLConnection;->connect连接URL
Startup mode
nameinformation
com.google.update.Receiver
com.google.update.Receiver
com.google.update.Receiver开机启动服务
Advertising information
nameinformation
com.google.adsAdMob
com.vpon.adonVpon
com.adwo.adsdk安沃
Permission list
License nameinformation
android.permission.CHANGE_CONFIGURATION修改当前设置(如:本地化)
android.permission.INTERNET连接网络(2G或3G)
android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE读取电话状态
android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
android.permission.ACCESS_FINE_LOCATION获取精确的位置(通过GPS)
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.ACCESS_WIFI_STATE读取wifi网络状态
android.permission.CHANGE_WIFI_STATE改变WIFI连接状态
android.permission.INSTALL_PACKAGES安装应用
android.permission.READ_SMS读取短信
android.permission.WRITE_SMS写短信
android.permission.SET_WALLPAPER设置桌面壁纸
android.permission.GET_TASKS获取有关当前或最近运行的任务信息
Service list
name
com.google.update.UpdateService
File List
file name Check code
assets/picture01.jpg 0xecf63c15
assets/picture02.jpg 0x21f0448f
assets/picture03.jpg 0xf2ba9bf7
assets/picture04.jpg 0x252d6912
assets/picture05.jpg 0xcb2f89d5
assets/picture06.jpg 0xbd3205c3
assets/picture07.jpg 0x29912e20
assets/picture08.jpg 0xaecc4c4
assets/picture09.jpg 0x5d863e2b
assets/picture10.jpg 0x16e6fd1f
assets/picture11.jpg 0x205f7410
assets/picture12.jpg 0x319b21fe
assets/picture13.jpg 0x1dec89dc
assets/picture14.jpg 0x15550d23
assets/picture15.jpg 0x364a1eb5
assets/picture16.jpg 0x9579ea53
assets/picture17.jpg 0x6fce2f9c
assets/picture18.jpg 0xda4ea33c
assets/picture19.jpg 0xa0f5a728
assets/picture20.jpg 0x3aaee240
assets/picture21.jpg 0x93c8d8fc
assets/picture22.jpg 0xe91998e0
assets/picture23.jpg 0x590bb399
assets/picture24.jpg 0x939aaa91
assets/picture25.jpg 0x81eb2f1d
assets/picture26.jpg 0x86d3267d
assets/picture27.jpg 0xbe71b530
assets/picture28.jpg 0xffb5fda4
assets/picture29.jpg 0xdc2e4b55
assets/picture30.jpg 0xb5f4d2fa
assets/picture31.jpg 0x466922fd
assets/picture32.jpg 0x2b40bcde
assets/picture33.jpg 0xc28329a
assets/picture34.jpg 0x2a3d4fdd
assets/picture35.jpg 0x4a156ab0
assets/picture36.jpg 0xe8df8e85
assets/picture37.jpg 0x10ced17f
assets/picture38.jpg 0x886030d9
assets/picture39.jpg 0xd98c8b42
assets/picture40.jpg 0x10ced17f
assets/picture41.jpg 0xa91ab0d8
assets/picture42.jpg 0x7dc674b4
assets/picture43.jpg 0x8cdfb648
assets/picture44.jpg 0x6b6fef9c
assets/picture45.jpg 0xd68ba45a
assets/picture46.jpg 0x8df5ecb9
assets/picture47.jpg 0xe70f6ad2
assets/picture48.jpg 0xd2d29350
assets/picture49.jpg 0xbcd88d8d
assets/picture50.jpg 0x1978db4d
assets/picture51.jpg 0x60c4545e
assets/picture52.jpg 0x6527a615
assets/picture53.jpg 0x75bfe724
assets/picture54.jpg 0x269b5b77
assets/picture55.jpg 0xa1b59df1
assets/picture56.jpg 0x33a52983
assets/picture57.jpg 0x11180517
assets/picture58.jpg 0x4d50b0e9
assets/picture59.jpg 0x2f6051f2
assets/picture60.jpg 0x8f83a90
assets/picture61.jpg 0x766e7670
assets/picture62.jpg 0xc12b825
assets/picture63.jpg 0xaee0a514
assets/picture64.jpg 0x94faf7
assets/picture65.jpg 0xea85cd5e
assets/picture66.jpg 0x8aeb1268
assets/picture67.jpg 0x134496c0
assets/picture68.jpg 0x3a0d7ca9
assets/picture69.jpg 0x4189b08e
assets/picture70.jpg 0x6a7033b4
assets/picture71.jpg 0xec865866
assets/picture72.jpg 0x6726acbb
assets/picture73.jpg 0xbfe94177
assets/picture74.jpg 0x42aab3b8
assets/picture75.jpg 0xcff247df
assets/picture76.jpg 0x539b15f6
assets/picture77.jpg 0x54993d86
assets/picture78.jpg 0x54f86db1
assets/picture79.jpg 0x31101e33
assets/picture80.jpg 0x16375359
assets/picture81.jpg 0xdce3c4c5
assets/picture82.jpg 0x1f3ab966
assets/picture83.jpg 0x3d00fa88
assets/picture84.jpg 0x6fa4b086
assets/picture85.jpg 0x6aa8ab6a
assets/picture86.jpg 0x5541e541
assets/picture87.jpg 0x3def917b
assets/picture88.jpg 0x5a2a1d7
assets/picture89.jpg 0xac352d80
assets/picture90.jpg 0xcf5d79ed
assets/picture91.jpg 0xc440c11d
assets/picture92.jpg 0x653241ea
assets/picture93.jpg 0x6578bae1
assets/picture94.jpg 0x6e14b9a
assets/picture95.jpg 0xe2ff2865
assets/picture96.jpg 0xc90676f
assets/picture97.jpg 0x20148f
assets/picture98.jpg 0x30ba0061
assets/picture99.jpg 0x46da5dad
res/drawable/myicon.jpg 0xa0bdc569
res/layout/main.xml 0x157e055e
res/layout/picture_grid.xml 0xfd3cd834
res/layout/picture_grid_item.xml 0x39538108
res/raw/left.png 0xb79ddd3
res/raw/right.png 0xd0057adc
AndroidManifest.xml 0x36a39333
resources.arsc 0xfd148610
res/drawable-hdpi/icon.png 0x3c13576b
res/drawable-ldpi/icon.png 0x8ef78580
res/drawable-mdpi/icon.png 0x99a4f90b
classes.dex 0xd267d017
assets/ad_320.html 0x689ab8d8
assets/ad_480.html 0x2d2a80eb
assets/adimg_320.html 0xe4332672
assets/adimg_480.html 0x8737ca08
javadoc/allclasses-frame.html 0xef5ca145
javadoc/allclasses-noframe.html 0x334ca5ee
javadoc/com/vpon/adon/android/AdDisplay.html 0x161b3cc4
javadoc/com/vpon/adon/android/AdListener.html 0x48a11d09
javadoc/com/vpon/adon/android/AdManager.html 0x5e0391b8
javadoc/com/vpon/adon/android/AdView.html 0xfdb1fbb5
javadoc/com/vpon/adon/android/WebInApp.html 0xeb88e8b5
javadoc/com/vpon/adon/android/class-use/AdDisplay.html 0xbe7d3c07
javadoc/com/vpon/adon/android/class-use/AdListener.html 0xe3aa1cdc
javadoc/com/vpon/adon/android/class-use/AdManager.html 0xcff932e8
javadoc/com/vpon/adon/android/class-use/AdView.html 0xe98e7643
javadoc/com/vpon/adon/android/class-use/WebInApp.html 0x52367fac
javadoc/com/vpon/adon/android/package-frame.html 0x19903bc1
javadoc/com/vpon/adon/android/package-summary.html 0xe06860ef
javadoc/com/vpon/adon/android/package-tree.html 0x670d1e00
javadoc/com/vpon/adon/android/package-use.html 0x20ccdc99
javadoc/constant-values.html 0x5cd0e00b
javadoc/deprecated-list.html 0x26f43700
javadoc/help-doc.html 0x9e3e95a
javadoc/index-files/index-1.html 0xfb986d8c
javadoc/index-files/index-10.html 0x6c734d3
javadoc/index-files/index-11.html 0xbd7dea6b
javadoc/index-files/index-12.html 0x8fb52cea
javadoc/index-files/index-2.html 0x67523159
javadoc/index-files/index-3.html 0x93cf1d31
javadoc/index-files/index-4.html 0x997d9d86
javadoc/index-files/index-5.html 0xa48a0c9b
javadoc/index-files/index-6.html 0xb2593593
javadoc/index-files/index-7.html 0x93dd7381
javadoc/index-files/index-8.html 0x1eb0fb81
javadoc/index-files/index-9.html 0x57bc8f67
javadoc/index.html 0xad2aec5b
javadoc/overview-tree.html 0x84ef9bff
javadoc/package-list 0xc611c2c5
javadoc/resources/inherit.gif 0x83fc4d1b
javadoc/stylesheet.css 0x4df7f23f
close50.png 0x99a32a65
close75.png 0x2396627
server.properties 0x98409eca
properties/Debug_FW/server.properties 0xd1df8f80
properties/Debug_RC/server.properties 0xf6a6e969
properties/Release/server.properties 0x98409eca
com/admogo/assets/ad_frame.gif 0x6315d212
com/admogo/assets/close_btn.png 0x69ff6ace
assets/adwo_left_arrow.png 0x54827195
assets/adwo_logo.png 0x220dc9de
assets/adwo_right_arrow.png 0xb16b8854
assets/adwo_x.png 0x14e293ba
assets/t1.png 0x84341ac5
assets/t10.png 0xe9251ca8
assets/t12.png 0xc9111b9e
assets/t13.png 0x523b0a20
assets/t3.png 0x175c3378
assets/t8.png 0x7bbc78fa
assets/t9.png 0x86363427
assembly-descriptor.xml 0xd2a3e682
I/I.gif 0xce4fd68b
assets/db.init 0x92c96d6d
assets/myicon 0xaaa6e076
assets/secbino 0xb94f88d5
assets/starter 0x5fcc6fc6
lib/armeabi/libnative.so 0xb84e347f
META-INF/MANIFEST.MF 0x70593d0c
META-INF/CERT.SF 0x5a1fbbaa
META-INF/CERT.RSA 0xda4c72f6
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号