VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:71
Behavior list
Basic Information
MD5:40b646632e0532b57b2ea5c44c3d650b
Package names:com.wy.pcinputassistant
Minimum operating environment:Android 1.6
copyright:
Key behavior
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:在系统敏感位置(如开始菜单等)释放链接或快捷方式
details:C:\Documents and Settings\Administrator\「开始」菜单\程序\1241041\uninst.lnk
Behavior description:创建可执行文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\System.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\Inetc.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\NsProcess.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\NSISdl.dll
C:\Program Files\1241041\Uninstall.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\Base64.dll
Behavior description:修改文件内容
details:C:\Documents and Settings\Administrator\「开始」菜单\程序\1241041\uninst.lnk---> Offset = 0
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Network behavior
Behavior description:连接指定站点
details:InternetConnectA: ServerName = cn.xn--420ar66b.xn--55qx5d, PORT = 27
Behavior description:打开远程FTP文件
details:FtpOpenFileA: 1.ico, hConnect = 0x00000680
Behavior description:下载文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsy4.tmp\1.ico
Behavior description:读取网络文件
details:hFile = 0x00000680, BytesToRead =8192, BytesRead = 8192.
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\X\BaseClass
Behavior description:修改注册表_延迟重命名项
details:\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Session Manager\PendingFileRenameOperations
Other behavior
Behavior description:创建互斥体
details:1241041
Behavior description:获取系统权限
details:SE_LOAD_DRIVER_PRIVILEGE
Dynamic list behavior
Behavior description:调用哈希算法
details:MD5
Behavior description:读取文件
details:path:/proc/792/cmdline length:105
path:/proc/806/cmdline length:105
path:/proc/818/cmdline length:105
path:/proc/848/cmdline length:105
path:/proc/859/cmdline length:105
path:/proc/meminfo length:105
path:/proc/meminfo length:105
path:/proc/meminfo length:105
Behavior description:缓冲区读取一行数据
details:f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851073640&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
null
f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851094365&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851114804&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
f=jsonp&e=UTF-8&pb%5Bidentifier%5D=com.wy.pcinputassistant&ts=1398851135795&c=gif%2Cltx%2Cla%2Chv%2Cexpd%2Ciad%2Cspi&so=v&idv=357242043237511%2C310260000000000%2Cd3894529ac5a14ec&pb%5Bversion%5D=3.5&sd=2.0&l=zh&d%5Bcoord_status%5D=0&sh=1184&cid=&network=unknown&dim=320x50&v=20120611-android-20120321&ipb=56OJydPouMXy1jfdu2&pt=1&sv=030003&ua=android%2C%2C4.1.1%2C%2CFull+Android+on+Emulator%2CAndroid%2C%2C%2C&rt=1&pb%5Bname%5D=%E6%97%A0%E7%BA%BF%E6%89%8B%E5%86%99%E6%9D%BF%E9%BC%A0%E6%A0%87%EF%BC%88%E6%89%8B%E6%9C%BA%E7%AB%AF%EF%BC%89&sdk=1&apn=epc.tmobile.com&sw=768
Behavior description:对指定数据计算哈希
details:kingxiaoguang@gmail.com357242043237511c8ab8094f9188ee8e540170eaff497bf
357242043237511kingxiaoguang@gmail.com
Behavior description:访问URL
details:libcore.net.http.HttpURLConnectionImpl:http://r.domob.cn/a/
Behavior description:获取用户ID
details:310260000000000
Behavior description:类加载
details:path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.wy.pcinputassistant-1.apk
Behavior description:启动服务
details:com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
Behavior description:写入文件
details:path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/PushFlag.xml length:70
path:/data/data/com.wy.pcinputassistant/shared_prefs/Start_Tag.xml length:70
path:/data/data/com.wy.pcinputassistant/shared_prefs/PushFlag.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/AppSettings.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/com.wy.pcinputassistant_preferences.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/com.wy.pcinputassistant_preferences.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.wy.pcinputassistant/shared_prefs/PushFlag.xml length:105
path:/data/data/com.wy.pcinputassistant/files/UnPackage.dat length:105
Behavior description:获取设备ID
details:357242043237511
Activities
Activity nameTypes of
.RHWPMainandroid.intent.action.MAIN
.RHWPMainandroid.intent.category.LAUNCHER
Dangerous function
Function nameinformation
android/app/NotificationManager;->notify信息通知栏
java/net/URL;->openConnection连接URL
getRuntime获取命令行环境
java/lang/Runtime;->exec执行字符串命令
ContentResolver;->query读取联系人、短信等数据库
TelephonyManager;->getDeviceId搜集用户手机IMEI码、电话号码、系统版本号等信息
java/net/HttpURLConnection;->connect连接URL
LocationManager;->getLastKnownLocation获取地址位置
HttpClient;->execute请求远程服务器
DefaultHttpClient;->execute发送HTTP请求
TelephonyManager;->getLine1Number获取手机号
ContentResolver;->delete删除短信、联系人
Advertising information
nameinformation
cn.domob.android多盟
Permission list
License nameinformation
android.permission.ACCESS_WIFI_STATE读取wifi网络状态
android.permission.INTERNET连接网络(2G或3G)
android.permission.READ_PHONE_STATE读取电话状态
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.ACCESS_COARSE_LOCATION获取粗略的位置(通过wifi、基站)
android.permission.GET_TASKS获取有关当前或最近运行的任务信息
File List
file name Check code
res/layout/alert.xml 0xf0e47fe9
res/layout/main.xml 0xc32b7d62
res/layout/note.xml 0xa2ca2d71
res/layout/push_layout.xml 0xa0f2d4ca
res/layout/seekbardialogpreference.xml 0x9c49d196
res/menu/menu.xml 0x66b65d00
res/xml/settings.xml 0xe550ab02
res/xml/settings_short.xml 0x2464556d
AndroidManifest.xml 0x85a53080
resources.arsc 0xec494fa3
res/drawable-hdpi/icon.png 0xcbb4c1d9
res/drawable-hdpi/market.png 0x52b3eaaa
res/drawable-ldpi/icon.png 0x4b6eda5
res/drawable-ldpi/market.png 0x52b3eaaa
res/drawable-mdpi/icon.png 0x4b6eda5
res/drawable-mdpi/market.png 0x52b3eaaa
classes.dex 0xb452149d
assets/domob.js 0x87ad5d91
assets/domob_banner.png 0x2d824ee
assets/domob_close.png 0xc60adaed
assets/domob_exit.png 0x6e628d21
assets/domob_loading.png 0x48342286
assets/domob_next.png 0xc667afa3
assets/domob_next_off.png 0x72b7a470
assets/domob_out.png 0x75b3379b
assets/domob_preview.png 0xe1ad2a0e
assets/domob_preview_off.png 0x2949548e
assets/domob_refresh.png 0x16696e6a
META-INF/MANIFEST.MF 0x42c3e9c9
META-INF/CERT.SF 0x6c9576d6
META-INF/CERT.RSA 0x6878a0c9
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号