VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:
Behavior list
Basic Information
MD5:39138651685ad30ef279f3b3d734faee
Package names:test.app
Minimum operating environment:Android 1.6
copyright:
Key behavior
Behavior description:写权限映射文件
details:Global\Cor_Private_IPCBlock_416
Global\Cor_Public_IPCBlock_416
Global\NLS_00000804_Exception_Table_3_2
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:Global\Cor_Private_IPCBlock_416
Global\Cor_Public_IPCBlock_416
Global\NLS_00000804_Exception_Table_3_2
Behavior description:查找文件
details:FileName = C:\WINDOWS
FileName = C:\WINDOWS\WinSxS
FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
FileName = C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445626131.366159.exe
FileName = C:\Documents and Settings\ADMINI~1
FileName = C:\Documents and Settings\Administrator\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\996E.INI
FileName = C:/DOCUME~1
FileName = C:/DOCUME~1/ADMINI~1
Other behavior
Behavior description:调用Sleep函数
details:[1]: MilliSeconds = 1000.
Behavior description:获取TickCount值
details:TickCount = 486734, SleepMilliseconds = 1000.
TickCount = 486796, SleepMilliseconds = 1000.
TickCount = 486906, SleepMilliseconds = 1000.
TickCount = 486921, SleepMilliseconds = 1000.
Dynamic list behavior
Behavior description:传递附加信息
details:android.app.extra.DEVICE_ADMIN:ComponentInfo{test.app/delete.off.AdminReceiver}
android.app.extra.ADD_EXPLANATION:В связи с обновлением прошивки, установщику требуется повышение прав. С Вашего согласия мы начинаем процедуру обновления. Это не навредит Вашему устройству, а наоборот добавит следующие преимущества: - повышение быстродействия - более экономный расход ресурсов - устранение уязвимостей Процедура обновления не займет более 1 минуты и будет выполняться в фоне.
Behavior description:初始化IntentFilter
details:[u'android.intent.action.PACKAGE_ADDED']
Behavior description:webview加载网页
details:file:///android_asset/html/index.html
javascript:androidVersion('4.1.2')
Behavior description:隐藏桌面快捷图标
details:[u'ComponentInfo{test.app/test.app.MainActivity}', u'2', u'1']
Behavior description:解析通用资源标识符
details:html/index.html
html/css/styles.css
html/js/api.js
Behavior description:注册广播接收器
details:[u'android.webkit.WebViewClassic$PackageListener@415c8f38', u'android.content.IntentFilter@415c6888']
[u'android.webkit.WebViewClassic$ProxyReceiver@414d23a8', u'android.content.IntentFilter@414e1ca8']
[u'android.webkit.WebViewClassic$TrustStorageListener@4152be50', u'android.content.IntentFilter@4152bc40']
Behavior description:读取系统设置
details:[u'android.app.ContextImpl$ApplicationContentResolver@414da518', u'show_password']
Behavior description:设置组件属性
details:[u'ComponentInfo{test.app/test.app.MainActivity}', u'2', u'1']
Behavior description:获得当前运行的程序列表
details:[u'1']
[u'1']
[u'1']
[u'1']
[u'1']
[u'1']
[u'1']
[u'1']
[u'1']
Behavior description:数据库查询
details:[u'b', u'[_id, a, b, c, d, e, f, g, h, i, k, j]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'e', u'[_id, a, b, c, d, e, f, g]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'formurl', u'null', u'null', u'null', u'null', u'null', u'null']
[u'b', u'[_id, a, b, c, d, e, f, g, h, i, k, j]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'e', u'[_id, a, b, c, d, e, f, g]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'b', u'[_id, a, b, c, d, e, f, g, h, i, k, j]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'e', u'[_id, a, b, c, d, e, f, g]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'f', u'[_id, a, b, c, d, i]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'b', u'[_id, a, b, c, d, e, f, g, h, i, k, j]', u'null', u'null', u'null', u'null', u'_id ASC']
[u'e', u'[_id, a, b, c, d, e, f, g]', u'null', u'null', u'null', u'null', u'_id ASC']
Behavior description:激活ActivityForResult
details:{"ACTION":"android.app.action.ADD_DEVICE_ADMIN","FLAG":67108864,"EXTRAS":{"android.app.extra.DEVICE_ADMIN":"ComponentInfo{test.app\/delete.off.AdminReceiver}","android.app.extra.ADD_EXPLANATION":"В связи с обновлением прошивки, установщику требуется повышение прав. С Вашего согласия мы начинаем процедуру обновления. Это не навредит Вашему устройству, а наоборот добавит следующие преимущества: - повышение быстродействия - более экономный расход ресурсов - устранение уязвимостей Процедура обновления не займет более 1 минуты и будет выполняться в фоне."}}
Behavior description:窗口信息
details:{"text": "Android ROOT", "class": "android.widget.TextView"}
Behavior description:启动服务
details:{"FLAG":0,"COMPONENT_NAME":"ComponentInfo{test.app\/delete.off.AdminService}"}
Behavior description:添加View
details:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414cf3c8', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#1820002 pfl=0x8 fmt=-2 wanim=0x1030002}', u'android.view.CompatibilityInfoHolder@414af780']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@4151be28', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x1030001}', u'android.view.CompatibilityInfoHolder@414af780']
Behavior description:初始化Intent
details:[u'test.app.MainActivity@414c0210', u'class test.app.MainReceiver']
[u'test.app.MainActivity@414c0210', u'class test.app.MainReceiver']
[u'android.os.Parcel@414ad110']
[u'android.app.action.ADD_DEVICE_ADMIN']
[u'delete.off.AdminActivity@415d4590', u'class delete.off.AdminService']
[u'android.os.Parcel@414ad150']
[u'android.os.Parcel@414ad150']
[u'android.os.Parcel@414ad110']
[u'android.app.ReceiverRestrictedContext@4150fb70', u'class test.app.MainReceiver']
[u'android.app.ReceiverRestrictedContext@4150fb70', u'class test.app.MainReceiver']
[u'android.os.Parcel@414ad150']
[u'android.os.Parcel@414ad110']
[u'android.os.Parcel@414ad150']
[u'android.app.ReceiverRestrictedContext@4150fb70', u'class test.app.MainReceiver']
[u'android.app.ReceiverRestrictedContext@4150fb70', u'class test.app.MainReceiver']
[u'android.os.Parcel@414ad150']
[u'android.os.Parcel@414ad110']
[u'android.os.Parcel@414ad150']
[u'android.os.Parcel@414ad110']
[u'android.os.Parcel@414ad150']
[u'android.app.ReceiverRestrictedContext@4150fb70', u'class test.app.MainReceiver']
[u'android.app.ReceiverRestrictedContext@4150fb70', u'class test.app.MainReceiver']
Behavior description:调用Intent的setAction
details:[u'connect']
[u'check']
[u'connect']
[u'check']
[u'connect']
[u'check']
[u'connect']
[u'check']
Behavior description:读取文件
details:path:/proc/meminfo length:69
Behavior description:唤醒锁屏
details:[u'1', u'admin']
[u'1', u'']
[u'1', u'install']
[u'1', u'admin']
Behavior description:定时任务
details:[u'0', u'1439264927373', u'PendingIntent{414fc5e0: android.os.BinderProxy@414fc570}']
[u'0', u'1439264927373', u'PendingIntent{415d11a8: android.os.BinderProxy@415d1138}']
[u'0', u'1439264927373', u'PendingIntent{414bd330: android.os.BinderProxy@414bd2c0}']
[u'0', u'1439264927373', u'PendingIntent{415da568: android.os.BinderProxy@415da4f8}']
Behavior description:循环任务
details:[u'0', u'1439264687444', u'60000', u'PendingIntent{4152ae88: android.os.BinderProxy@4152ae18}']
[u'0', u'1439264712344', u'60000', u'PendingIntent{41605360: android.os.BinderProxy@416052f0}']
[u'0', u'1439264720331', u'60000', u'PendingIntent{41539e88: android.os.BinderProxy@416052f0}']
[u'0', u'1439264730405', u'60000', u'PendingIntent{41545c40: android.os.BinderProxy@415e46d8}']
Behavior description:写入文件
details:path:/data/data/test.app/shared_prefs/s.xml length:112
path:/data/data/test.app/shared_prefs/s.xml length:161
path:/data/data/test.app/shared_prefs/s.xml length:195
path:/data/data/test.app/shared_prefs/s.xml length:235
path:/data/data/test.app/shared_prefs/s.xml length:261
Activities
Activity nameTypes of
test.app.MainActivityandroid.intent.action.MAIN
test.app.MainActivityandroid.intent.category.LAUNCHER
Dangerous function
Function nameinformation
java/net/URL;->openConnection连接URL
java/net/HttpURLConnection;->connect连接URL
HttpClient;->execute请求远程服务器
TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getLine1Number获取手机号
SmsManager;->sendMultipartTextMessage发送彩信
Startup mode
nameinformation
test.app.MainReceiver监控短信(收到短信)启动服务
test.app.MainReceiver屏幕解锁启动服务
test.app.MainReceiver开机启动服务
Permission list
License nameinformation
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
android.permission.READ_PHONE_STATE读取电话状态
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
android.permission.INTERNET连接网络(2G或3G)
android.permission.RECEIVE_SMS监控接收短信
android.permission.SEND_SMS发送短信
android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
android.permission.GET_TASKS获取有关当前或最近运行的任务信息
android.permission.CALL_PHONE拨打电话
android.permission.CALL_PRIVILEGED通话权限
android.permission.INSTALL_PACKAGES安装应用
Service list
name
test.app.MainService
delete.off.AdminService
test.app.USSDService
test.app.InstallService
File List
file name Check code
META-INF/MANIFEST.MF 0x25b04731
META-INF/APP.SF 0x5333eb41
META-INF/APP.RSA 0xaceb6739
AndroidManifest.xml 0x724fe91e
assets/html/css/styles.css 0x29fa00a4
assets/html/empty 0x0
assets/html/end.html 0x474da827
assets/html/garbage.bin 0xa09b8cc
assets/html/images/logo.png 0x9ee4b9ab
assets/html/index.html 0xf1053b95
assets/html/js/api.js 0x3124b8da
classes.dex 0x8da940b3
res/drawable/icon.png 0x1f4f3bc5
res/xml/policies.xml 0x9410c2b3
resources.arsc 0x5510b50a
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号