VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:
Behavior list
Basic Information
MD5:a28d44c9e773369ee841e85bd0a49336
Package names:com.madgag.agit
Minimum operating environment:Android 2.1.x
copyright:Android
Key behavior
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
Behavior description:获取TickCount值
details:TickCount = 5362671, SleepMilliseconds = 250.
Process behavior
Behavior description:创建进程
details:ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:3216 CREDAT:79873
ImagePath = C:\Program Files\Internet Explorer\iexplore.exe, CmdLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:3356 CREDAT:79873
Behavior description:创建本地线程
details:TargetProcess: NecroBot.exe, InheritedFromPID = 1944, ProcessID = 3152, ThreadID = 3212, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3224, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3240, StartAddress = 7C947EBB, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3244, StartAddress = 7C930230, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3248, StartAddress = 7C949B6F, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3252, StartAddress = 77E56C7D, Parameter = 001960E8
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3256, StartAddress = 5DE05ABD, Parameter = 00198138
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3260, StartAddress = 5DE05BC0, Parameter = 001961C8
TargetProcess: iexplore.exe, InheritedFromPID = 3152, ProcessID = 3216, ThreadID = 3264, StartAddress = 0122F74F, Parameter = 0000020C
TargetProcess: iexplore.exe, InheritedFromPID = 3216, ProcessID = 3268, ThreadID = 3276, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3216, ProcessID = 3268, ThreadID = 3284, StartAddress = 7C947EBB, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3216, ProcessID = 3268, ThreadID = 3288, StartAddress = 7C930230, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3216, ProcessID = 3268, ThreadID = 3292, StartAddress = 7C949B6F, Parameter = 00000000
TargetProcess: iexplore.exe, InheritedFromPID = 3216, ProcessID = 3268, ThreadID = 3296, StartAddress = 77E56C7D, Parameter = 0018FE48
TargetProcess: iexplore.exe, InheritedFromPID = 3216, ProcessID = 3268, ThreadID = 3300, StartAddress = 5DE05ABD, Parameter = 00191D20
File behavior
Behavior description:创建文件
details:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E619010A-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5EED.tmp
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ECE575AA-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF9486.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\fwlink[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\favicon[1].ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\dnserrordiagoff[1]
Behavior description:创建可执行文件
details:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
Behavior description:覆盖已有文件
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\dnserrordiagoff[1]
Behavior description:查找文件
details:FileName = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
FileName = C:\WINDOWS\Microsoft.NET\Framework\\*
FileName = C:\Program Files\Internet Explorer\iexplore.exe
FileName = C:\Program Files\Common Files\Adobe
FileName = C:\Program Files\Common Files\Adobe\Acrobat
FileName = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX
FileName = C:\Program Files\Java
FileName = C:\Program Files\Java\jre7
FileName = C:\Program Files\Java\jre7\bin
FileName = C:\Program Files\Java\jre7\bin\jp2ssv.dll
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
Behavior description:删除文件
details:C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5EED.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF9486.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\fwlink[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\favicon[1].ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\dnserrordiagoff[2]
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
Behavior description:修改文件内容
details:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 512
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp ---> Offset = 16383
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp ---> Offset = 12288
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 3072
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 1536
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 512
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp ---> Offset = 16383
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp ---> Offset = 12288
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 3072
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 1536
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E619010A-6709-11E6-91BE-7B****28}.dat ---> Offset = 512
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E619010A-6709-11E6-91BE-7B****28}.dat ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5EED.tmp ---> Offset = 16383
Network behavior
Behavior description:联网打开网址
details:InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0004, Flags = 0x80000010
InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x00000010
Behavior description:下载文件
details:URLDownloadToFileW: http://ww****om/favicon.ico ---> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
Behavior description:打开指定IE网页
details:http://go****om/fwlink/?LinkID=134774&rClrVer=v4.0
Behavior description:连接指定站点
details:InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x80000010
InternetConnectA: ServerName = go****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000010
InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = ur****om, PORT = 443, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000200
Behavior description:打开HTTP连接
details:InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
InternetOpenA: UserAgent: VCSoapClient, hSession = 0x00cc0010
Behavior description:建立到一个指定的套接字连接
details:URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000004b8
URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000004b4
URL: wpad, IP: **.133.40.**:128, SOCKET = 0x00000530
URL: go****om, IP: **.133.40.**:80, SOCKET = 0x0000053c
URL: go****om, IP: **.133.40.**:80, SOCKET = 0x00000570
URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x000005dc
URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x000005f8
Behavior description:读取网络文件
details:hFile = 0x00cc000c, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc000c, BytesToRead =4096, BytesRead = 4096.
Behavior description:发送HTTP包
details:GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128 Cache-Control: no-cache
GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128
GET /fwlink/?LinkID=134774&rClrVer=v4.0 HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Accept-Encoding: gzip, deflate Host: go****om Connection: Keep-Alive
GET /fwlink/?LinkID=134774&rClrVer=v4.0 HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: go****om Connection: Keep-Alive
GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
Behavior description:打开HTTP请求
details:HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x80000010
HttpOpenRequestA: go****om:80/fwlink/?linkid=134774&rclrver=v4.0, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400000
HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x00000010
HttpOpenRequestA: ww****om:80/favicon.ico, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00600010
HttpOpenRequestA: go****om:80/fwlink/?linkid=134774&rclrver=v4.0, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
HttpOpenRequestA: ur****om:443/urs.asmx?msurs-client-key=spz2lusutbpyh4td4vf5hq%3d%3d&msurs-patented-lock=xhadhvse%2bh4%3d, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: POST, Referer: , Flags = 0x04880300
Behavior description:按名称获取主机地址
details:GetAddrInfoW: computer
GetAddrInfoW: wpad
GetAddrInfoW: go****om
GetAddrInfoW: ww****om
GetAddrInfoW: ur****om
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A2-6709-11E6-91BE-7B****28}
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\Enable
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32\
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{E619010A-6709-11E6-91BE-7B****28}
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTimeCount
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\ThreadingModel
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
Behavior description:删除注册表键值
details:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
Behavior description:删除注册表键
details:\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\
\REGISTRY\USER\S-*_CLASSES\JavaPlugin.1000\CLSID\
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
Local\!BrowserEmulation!SharedMemory!Mutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
RasPbFile
ConnHashTable<3216>_HashTable_Mutex
Local\ZonesCounterMutex
oleacc-msaa-loaded
Behavior description:创建事件对象
details:EventName = Isolation Signal Registry Event (E27BF09F-6709-11E6-91BE-7B****28, 0)
EventName = IE_EarlyTabStart_0xc94
EventName = Isolation Signal Registry Event (E27BF0A0-6709-11E6-91BE-7B****28, 0)
EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
EventName = Global\crypt32LogoffEvent
EventName = Local\IEDDEExecuteEvent
EventName = Isolation Signal Registry Event (E6190107-6709-11E6-91BE-7B****28, 0)
EventName = Local\RSS Eventing Event Event 00000c90
EventName = IE_EarlyTabStart_0xd20
EventName = Isolation Signal Registry Event (E6190108-6709-11E6-91BE-7B****28, 0)
EventName = MSCTF.SendReceive.Event.EJM.IC
EventName = MSCTF.SendReceiveConection.Event.EJM.IC
EventName = Local\RSS Eventing Event Event 00000d1c
EventName = Local\cc4_29
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [IEFrame,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [Static,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Isolation Signal Registry Event (E27BF09F-6709-11E6-91BE-7B****28, 0)
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
Isolation Signal Registry Event (E27BF0A0-6709-11E6-91BE-7B****28, 0)
IE_EarlyTabStart_0xc94
_fCanRegisterWithShellService
MSFT.VSA.COM.DISABLE.3216
MSFT.VSA.IEC.STATUS.6c736db0
Global\crypt32LogoffEvent
Behavior description:获取TickCount值
details:TickCount = 5362671, SleepMilliseconds = 250.
Behavior description:调整进程token权限
details:SE_LOAD_DRIVER_PRIVILEGE
Behavior description:窗口信息
details:Pid = 3152, Hwnd=0x1002c8, Text = 是(&Y), ClassName = Button.
Pid = 3152, Hwnd=0x1802fe, Text = 否(&N), ClassName = Button.
Pid = 3152, Hwnd=0x503b0, Text = To run this application, you first must install one of the following versions of the .NET Framework: .NETFramework,Version=v4., ClassName = Static.
Pid = 3152, Hwnd=0xa0358, Text = NecroBot.exe - .NET Framework Initialization Error, ClassName = #32770.
Behavior description:可执行文件签名信息
details:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico(签名验证: 未通过)
Behavior description:隐藏指定窗口
details:[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
[Window,Class] = [,SysLink]
[Window,Class] = [,Static]
[Window,Class] = [文件大小未知,Static]
[Window,Class] = [打开此类文件前总是询问(&W),Button]
[Window,Class] = [发行者:,Static]
[Window,Class] = [Windows Internet Explorer,IEFrame]
[Window,Class] = [,UniversalSearchBand]
[Window,Class] = [,TravelBand]
[Window,Class] = [,CommandBarClass]
[Window,Class] = [,ReBarWindow32]
[Window,Class] = [,TabBandClass]
Behavior description:可执行文件MD5
details:C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> fe1d0ee5901dd167ee9b28eece31786c
Behavior description:打开互斥体
details:ShimCacheMutex
Local\!IETld!Mutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
Local\!BrowserEmulation!SharedMemory!Mutex
RasPbFile
CtfmonInstMutexDefaultS-*
Local\RSS Eventing Connection Database Mutex 00000c90
Local\c:!documents and settings!administrator!local settings!application data!microsoft!feeds cache!
Local\RSS Eventing Connection Database Mutex 00000d1c
Activities
Activity nameTypes of
DashboardActivityandroid.intent.action.MAIN
DashboardActivityandroid.intent.category.LAUNCHER
AboutActivityandroid.intent.category.DEFAULT
.AboutUsingSshActivityandroid.intent.category.DEFAULT
RepositoryViewerActivityorg.openintents.git.repo.VIEW
RepositoryViewerActivityandroid.intent.action.VIEW
RepositoryViewerActivityandroid.intent.category.DEFAULT
RDTypeListActivityorg.openintents.git.remote.LIST
RDTypeListActivityorg.openintents.git.tag.LIST
RDTypeListActivityandroid.intent.category.DEFAULT
RDTBranchListActivityorg.openintents.git.branch.LIST
RDTBranchListActivityandroid.intent.category.DEFAULT
BranchViewerorg.openintents.git.branch.VIEW
BranchViewerandroid.intent.category.DEFAULT
TagViewerorg.openintents.git.tag.VIEW
TagViewerandroid.intent.category.DEFAULT
CommitViewerActivityorg.openintents.git.commit.VIEW
CommitViewerActivityandroid.intent.category.DEFAULT
CloneLauncherActivityorg.openintents.git.clone.PREPARE
CloneLauncherActivityandroid.intent.category.DEFAULT
SuggestRepoActivityorg.openintents.git.repo.SUGGEST
SuggestRepoActivityandroid.intent.category.DEFAULT
.weblaunchers.GitProtocolLaunchActivityandroid.intent.action.VIEW
.weblaunchers.GitProtocolLaunchActivityandroid.intent.category.DEFAULT
.weblaunchers.GitProtocolLaunchActivityandroid.intent.category.BROWSABLE
.weblaunchers.GitHubWebLaunchActivityandroid.intent.action.VIEW
.weblaunchers.GitHubWebLaunchActivityandroid.intent.category.DEFAULT
.weblaunchers.GitHubWebLaunchActivityandroid.intent.category.BROWSABLE
.weblaunchers.GitoriousWebLaunchActivityandroid.intent.action.VIEW
.weblaunchers.GitoriousWebLaunchActivityandroid.intent.category.DEFAULT
.weblaunchers.GitoriousWebLaunchActivityandroid.intent.category.BROWSABLE
.weblaunchers.GoogleCodeWebLaunchActivityandroid.intent.action.VIEW
.weblaunchers.GoogleCodeWebLaunchActivityandroid.intent.category.DEFAULT
.weblaunchers.GoogleCodeWebLaunchActivityandroid.intent.category.BROWSABLE
.weblaunchers.BitBucketWebLaunchActivityandroid.intent.action.VIEW
.weblaunchers.BitBucketWebLaunchActivityandroid.intent.category.DEFAULT
.weblaunchers.BitBucketWebLaunchActivityandroid.intent.category.BROWSABLE
Dangerous function
Function nameinformation
android/app/NotificationManager;->notify信息通知栏
java/net/URL;->openConnection连接URL
java/net/HttpURLConnection;->connect连接URL
getRuntime获取命令行环境
java/lang/Runtime;->exec执行字符串命令
Permission list
License nameinformation
android.permission.VIBRATE允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.INTERNET连接网络(2G或3G)
org.openintents.ssh.permission.ACCESS_SSH_AGENT
android.permission.GET_ACCOUNTS访问账户列表
android.permission.MANAGE_ACCOUNTS管理账户
android.permission.AUTHENTICATE_ACCOUNTS验证账户
android.permission.READ_SYNC_SETTINGS读取同步设置
android.permission.READ_SYNC_STATS读取同步状态
android.permission.WRITE_SYNC_SETTINGS写入同步设置
Service list
name
com.madgag.agit.GitOperationsService
com.madgag.agit.sync.AccountAuthenticatorService
com.madgag.agit.sync.AgitSyncAdapterService
Providers
nameinformation
com.madgag.agit.sync.DummyProvider
com.madgag.agit.GitInfoProvider
File List
file name Check code
META-INF/MANIFEST.MF 0x754513b7
META-INF/CERT.SF 0x27f2cc0d
META-INF/CERT.RSA 0xe1667b8e
AndroidManifest.xml 0x24af4122
about.html 0x4c3391d3
assets/CREDITS.markdown 0xcec4ab82
assets/Using-SSH.markdown 0xc58ab5d0
classes.dex 0xc948d95d
org/eclipse/jgit/JGitText.properties 0xe8a73974
org/eclipse/jgit/storage/dfs/DfsText.properties 0x5d0e5704
plugin.properties 0x668dab7e
res/anim/pull_child_in.xml 0xaa9ce82f
res/anim/pull_parent_in.xml 0x5519cef9
res/anim/push_child_out.xml 0x83b9875e
res/anim/push_parent_out.xml 0x31262d0c
res/anim/slide_in_from_bottom.xml 0xc9e47785
res/anim/slide_in_from_top.xml 0xcff16914
res/anim/slide_out_to_bottom.xml 0xd77c2bb8
res/anim/slide_out_to_top.xml 0x4fc7d2ee
res/color/abs__primary_text_disable_only_holo_dark.xml 0xe68f0370
res/color/abs__primary_text_disable_only_holo_light.xml 0x75907c0a
res/color/abs__primary_text_holo_dark.xml 0xdb84cf25
res/color/abs__primary_text_holo_light.xml 0x27e52d1
res/drawable-hdpi/abs__ab_bottom_solid_dark_holo.9.png 0x2a5170de
res/drawable-hdpi/abs__ab_bottom_solid_inverse_holo.9.png 0xbd09653b
res/drawable-hdpi/abs__ab_bottom_solid_light_holo.9.png 0x29355cf7
res/drawable-hdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x18c6edaa
res/drawable-hdpi/abs__ab_bottom_transparent_light_holo.9.png 0xe9136d
res/drawable-hdpi/abs__ab_share_pack_holo_dark.9.png 0xe504decd
res/drawable-hdpi/abs__ab_share_pack_holo_light.9.png 0x1c3ac42
res/drawable-hdpi/abs__ab_solid_dark_holo.9.png 0xa39d484f
res/drawable-hdpi/abs__ab_solid_light_holo.9.png 0xb6e03b91
res/drawable-hdpi/abs__ab_solid_shadow_holo.9.png 0x8663aad3
res/drawable-hdpi/abs__ab_stacked_solid_dark_holo.9.png 0x909db13
res/drawable-hdpi/abs__ab_stacked_solid_light_holo.9.png 0xde0e075f
res/drawable-hdpi/abs__ab_stacked_transparent_dark_holo.9.png 0x2eb3885a
res/drawable-hdpi/abs__ab_stacked_transparent_light_holo.9.png 0x5e205a10
res/drawable-hdpi/abs__ab_transparent_dark_holo.9.png 0xfca261e7
res/drawable-hdpi/abs__ab_transparent_light_holo.9.png 0xe7ff01af
res/drawable-hdpi/abs__btn_cab_done_default_holo_dark.9.png 0x4fe60e82
res/drawable-hdpi/abs__btn_cab_done_default_holo_light.9.png 0x95037a54
res/drawable-hdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x41ae12a8
res/drawable-hdpi/abs__btn_cab_done_focused_holo_light.9.png 0x1bdcb021
res/drawable-hdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0xe68cf03e
res/drawable-hdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xa437f1eb
res/drawable-hdpi/abs__cab_background_bottom_holo_dark.9.png 0x6f320319
res/drawable-hdpi/abs__cab_background_bottom_holo_light.9.png 0x178e620c
res/drawable-hdpi/abs__cab_background_top_holo_dark.9.png 0x5cfcf75c
res/drawable-hdpi/abs__cab_background_top_holo_light.9.png 0xffd6c088
res/drawable-hdpi/abs__dialog_full_holo_dark.9.png 0x9aa304b6
res/drawable-hdpi/abs__dialog_full_holo_light.9.png 0x97d9f6dc
res/drawable-hdpi/abs__ic_ab_back_holo_dark.png 0x174488a8
res/drawable-hdpi/abs__ic_ab_back_holo_light.png 0x4dcc2ed8
res/drawable-hdpi/abs__ic_cab_done_holo_dark.png 0x32a65180
res/drawable-hdpi/abs__ic_cab_done_holo_light.png 0x91f0698a
res/drawable-hdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x13804a99
res/drawable-hdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0x3a4b4477
res/drawable-hdpi/abs__ic_menu_share_holo_dark.png 0x2a6c5116
res/drawable-hdpi/abs__ic_menu_share_holo_light.png 0x3e081d60
res/drawable-hdpi/abs__list_activated_holo.9.png 0x9ee3dd42
res/drawable-hdpi/abs__list_divider_holo_dark.9.png 0xe4823600
res/drawable-hdpi/abs__list_divider_holo_light.9.png 0xb0dc2b05
res/drawable-hdpi/abs__list_focused_holo.9.png 0x4706c1df
res/drawable-hdpi/abs__list_longpressed_holo.9.png 0x9ee3dd42
res/drawable-hdpi/abs__list_pressed_holo_dark.9.png 0x816ffde7
res/drawable-hdpi/abs__list_pressed_holo_light.9.png 0x816ffde7
res/drawable-hdpi/abs__list_selector_disabled_holo_dark.9.png 0x5f501b8d
res/drawable-hdpi/abs__list_selector_disabled_holo_light.9.png 0x63f15616
res/drawable-hdpi/abs__menu_dropdown_panel_holo_dark.9.png 0xa9304852
res/drawable-hdpi/abs__menu_dropdown_panel_holo_light.9.png 0x780099d8
res/drawable-hdpi/abs__progress_bg_holo_dark.9.png 0x7b6f1c96
res/drawable-hdpi/abs__progress_bg_holo_light.9.png 0xf5f73187
res/drawable-hdpi/abs__progress_primary_holo_dark.9.png 0x3f8a1a53
res/drawable-hdpi/abs__progress_primary_holo_light.9.png 0x3f8a1a53
res/drawable-hdpi/abs__progress_secondary_holo_dark.9.png 0xd86939a
res/drawable-hdpi/abs__progress_secondary_holo_light.9.png 0xd86939a
res/drawable-hdpi/abs__spinner_48_inner_holo.png 0xd4056310
res/drawable-hdpi/abs__spinner_48_outer_holo.png 0xd3f129c3
res/drawable-hdpi/abs__spinner_ab_default_holo_dark.9.png 0xf06791f5
res/drawable-hdpi/abs__spinner_ab_default_holo_light.9.png 0xa673dd59
res/drawable-hdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x6b43deb3
res/drawable-hdpi/abs__spinner_ab_disabled_holo_light.9.png 0xc5e8f706
res/drawable-hdpi/abs__spinner_ab_focused_holo_dark.9.png 0xb5ea16c1
res/drawable-hdpi/abs__spinner_ab_focused_holo_light.9.png 0x45d13548
res/drawable-hdpi/abs__spinner_ab_pressed_holo_dark.9.png 0xfedc1188
res/drawable-hdpi/abs__spinner_ab_pressed_holo_light.9.png 0x7c7c4bb4
res/drawable-hdpi/abs__tab_selected_focused_holo.9.png 0x18146f4e
res/drawable-hdpi/abs__tab_selected_holo.9.png 0xc88b0629
res/drawable-hdpi/abs__tab_selected_pressed_holo.9.png 0x3461add3
res/drawable-hdpi/abs__tab_unselected_pressed_holo.9.png 0x3f9a3680
res/drawable-hdpi/actionbar_back_indicator.png 0xd211a9c0
res/drawable-hdpi/actionbar_stripe.png 0x2d9892ce
res/drawable-hdpi/agit_dashboard_logo.png 0x885db67e
res/drawable-hdpi/agit_notification_icon.png 0x262a7e57
res/drawable-hdpi/blob_icon.png 0x5e02e3e4
res/drawable-hdpi/branch_icon.png 0x9c8ff17a
res/drawable-hdpi/clone_picture.png 0x9356eb03
res/drawable-hdpi/commit_icon.png 0x7e7545f9
res/drawable-hdpi/commit_icon_small.png 0x4c69e39c
res/drawable-hdpi/default_ptr_drawable.png 0x5fa75c23
res/drawable-hdpi/ic_pulltorefresh_arrow.png 0x32192a53
res/drawable-hdpi/ic_refresh.png 0x1d97bbe0
res/drawable-hdpi/icon.png 0xa5b6f8c0
res/drawable-hdpi/loading_34.png 0x29305d3c
res/drawable-hdpi/minitab_default.9.png 0x2bea42eb
res/drawable-hdpi/minitab_pressed.9.png 0x432c1584
res/drawable-hdpi/minitab_selected.9.png 0x7c18ca60
res/drawable-hdpi/minitab_unselected.9.png 0xaed57451
res/drawable-hdpi/remote_icon.png 0x26928e2c
res/drawable-hdpi/repo_icon.png 0x5b9c1916
res/drawable-hdpi/tag_icon.png 0x4cfcf6c5
res/drawable-hdpi/tree_icon.png 0xe41b4efe
res/drawable-ldpi/agit_dashboard_logo.png 0x8e6412bb
res/drawable-ldpi/agit_notification_icon.png 0xfe4027e4
res/drawable-ldpi/blob_icon.png 0xa130ae76
res/drawable-ldpi/branch_icon.png 0xe422c90
res/drawable-ldpi/clone_picture.png 0xebbcfe97
res/drawable-ldpi/commit_icon.png 0x4c69e39c
res/drawable-ldpi/commit_icon_small.png 0x4e102621
res/drawable-ldpi/ic_pulltorefresh_arrow.png 0xb4d35c35
res/drawable-ldpi/icon.png 0x620c837b
res/drawable-ldpi/loading_34.png 0x6cb6c71c
res/drawable-ldpi/remote_icon.png 0x724052bf
res/drawable-ldpi/repo_icon.png 0xdc134b14
res/drawable-ldpi/tag_icon.png 0x7ec492aa
res/drawable-ldpi/tree_icon.png 0x61023606
res/drawable-mdpi/abs__ab_bottom_solid_dark_holo.9.png 0x7b47c4fe
res/drawable-mdpi/abs__ab_bottom_solid_inverse_holo.9.png 0x8aedf99a
res/drawable-mdpi/abs__ab_bottom_solid_light_holo.9.png 0x8a943208
res/drawable-mdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x897aedcb
res/drawable-mdpi/abs__ab_bottom_transparent_light_holo.9.png 0xf44d2d39
res/drawable-mdpi/abs__ab_share_pack_holo_dark.9.png 0x63478378
res/drawable-mdpi/abs__ab_share_pack_holo_light.9.png 0xb749488d
res/drawable-mdpi/abs__ab_solid_dark_holo.9.png 0xbc71f7a7
res/drawable-mdpi/abs__ab_solid_light_holo.9.png 0xd8cd9429
res/drawable-mdpi/abs__ab_solid_shadow_holo.9.png 0x9d505404
res/drawable-mdpi/abs__ab_stacked_solid_dark_holo.9.png 0xeacbecce
res/drawable-mdpi/abs__ab_stacked_solid_light_holo.9.png 0xde0f77d5
res/drawable-mdpi/abs__ab_stacked_transparent_dark_holo.9.png 0x14d06f11
res/drawable-mdpi/abs__ab_stacked_transparent_light_holo.9.png 0xc4c6064f
res/drawable-mdpi/abs__ab_transparent_dark_holo.9.png 0x659932db
res/drawable-mdpi/abs__ab_transparent_light_holo.9.png 0x77592f84
res/drawable-mdpi/abs__btn_cab_done_default_holo_dark.9.png 0x67d6a12b
res/drawable-mdpi/abs__btn_cab_done_default_holo_light.9.png 0xaddfa3f4
res/drawable-mdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x8ca91c4c
res/drawable-mdpi/abs__btn_cab_done_focused_holo_light.9.png 0x6f46a285
res/drawable-mdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0xcd15c524
res/drawable-mdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xb8819bcf
res/drawable-mdpi/abs__cab_background_bottom_holo_dark.9.png 0xa8873073
res/drawable-mdpi/abs__cab_background_bottom_holo_light.9.png 0x23b67c99
res/drawable-mdpi/abs__cab_background_top_holo_dark.9.png 0xfb2e5f57
res/drawable-mdpi/abs__cab_background_top_holo_light.9.png 0x5818ab75
res/drawable-mdpi/abs__dialog_full_holo_dark.9.png 0x79dbb2d3
res/drawable-mdpi/abs__dialog_full_holo_light.9.png 0xfdb061df
res/drawable-mdpi/abs__ic_ab_back_holo_dark.png 0xfcab22b6
res/drawable-mdpi/abs__ic_ab_back_holo_light.png 0x8b88c538
res/drawable-mdpi/abs__ic_cab_done_holo_dark.png 0x73c5de5f
res/drawable-mdpi/abs__ic_cab_done_holo_light.png 0x8e10da0a
res/drawable-mdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x46183a6
res/drawable-mdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0xe0a776a7
res/drawable-mdpi/abs__ic_menu_share_holo_dark.png 0x7f93973c
res/drawable-mdpi/abs__ic_menu_share_holo_light.png 0xe576f47
res/drawable-mdpi/abs__list_activated_holo.9.png 0xc09562f2
res/drawable-mdpi/abs__list_divider_holo_dark.9.png 0xe4823600
res/drawable-mdpi/abs__list_divider_holo_light.9.png 0xb0dc2b05
res/drawable-mdpi/abs__list_focused_holo.9.png 0x77cc9de1
res/drawable-mdpi/abs__list_longpressed_holo.9.png 0xc09562f2
res/drawable-mdpi/abs__list_pressed_holo_dark.9.png 0x449401f4
res/drawable-mdpi/abs__list_pressed_holo_light.9.png 0x449401f4
res/drawable-mdpi/abs__list_selector_disabled_holo_dark.9.png 0x9d81afe3
res/drawable-mdpi/abs__list_selector_disabled_holo_light.9.png 0xa481684d
res/drawable-mdpi/abs__menu_dropdown_panel_holo_dark.9.png 0xfd12b60b
res/drawable-mdpi/abs__menu_dropdown_panel_holo_light.9.png 0x91b31d69
res/drawable-mdpi/abs__progress_bg_holo_dark.9.png 0x7b7862a3
res/drawable-mdpi/abs__progress_bg_holo_light.9.png 0xf1ed1112
res/drawable-mdpi/abs__progress_primary_holo_dark.9.png 0x4e645825
res/drawable-mdpi/abs__progress_primary_holo_light.9.png 0x4e645825
res/drawable-mdpi/abs__progress_secondary_holo_dark.9.png 0x61da65aa
res/drawable-mdpi/abs__progress_secondary_holo_light.9.png 0x61da65aa
res/drawable-mdpi/abs__spinner_48_inner_holo.png 0xc28e776
res/drawable-mdpi/abs__spinner_48_outer_holo.png 0xffe6b371
res/drawable-mdpi/abs__spinner_ab_default_holo_dark.9.png 0xddcdb41
res/drawable-mdpi/abs__spinner_ab_default_holo_light.9.png 0x6f5deb99
res/drawable-mdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x46b2d154
res/drawable-mdpi/abs__spinner_ab_disabled_holo_light.9.png 0xf5f84309
res/drawable-mdpi/abs__spinner_ab_focused_holo_dark.9.png 0xec027107
res/drawable-mdpi/abs__spinner_ab_focused_holo_light.9.png 0xbea22dc0
res/drawable-mdpi/abs__spinner_ab_pressed_holo_dark.9.png 0x7a0d1968
res/drawable-mdpi/abs__spinner_ab_pressed_holo_light.9.png 0x4e6034a7
res/drawable-mdpi/abs__tab_selected_focused_holo.9.png 0x6f51e593
res/drawable-mdpi/abs__tab_selected_holo.9.png 0x2ab487a
res/drawable-mdpi/abs__tab_selected_pressed_holo.9.png 0xc0728d80
res/drawable-mdpi/abs__tab_unselected_pressed_holo.9.png 0xd59cc9e6
res/drawable-mdpi/actionbar_stripe.png 0x385ac879
res/drawable-mdpi/agit_dashboard_logo.png 0xf284d0f7
res/drawable-mdpi/agit_notification_icon.png 0xfb81a85f
res/drawable-mdpi/blob_icon.png 0xaecbd5fd
res/drawable-mdpi/branch_icon.png 0xe7f6e377
res/drawable-mdpi/clone_picture.png 0x1f1f93ac
res/drawable-mdpi/commit_icon.png 0x7b02bb4
res/drawable-mdpi/commit_icon_small.png 0x22b84f1f
res/drawable-mdpi/ic_pulltorefresh_arrow.png 0xeb532964
res/drawable-mdpi/ic_refresh.png 0xcc8b64f4
res/drawable-mdpi/icon.png 0x760741cd
res/drawable-mdpi/loading_34.png 0xc8e1e9fe
res/drawable-mdpi/minitab_default.9.png 0xb6b7bdeb
res/drawable-mdpi/minitab_pressed.9.png 0x98b69585
res/drawable-mdpi/minitab_selected.9.png 0xae20c2fc
res/drawable-mdpi/minitab_unselected.9.png 0xcef30e84
res/drawable-mdpi/remote_icon.png 0xde9e3663
res/drawable-mdpi/repo_icon.png 0x472d0239
res/drawable-mdpi/tag_icon.png 0x7d68eb7a
res/drawable-mdpi/tree_icon.png 0x35a79d3e
res/drawable-v11/abs__progress_medium_holo.xml 0x78cf6501
res/drawable-xhdpi/abs__ab_bottom_solid_dark_holo.9.png 0x89c634b3
res/drawable-xhdpi/abs__ab_bottom_solid_inverse_holo.9.png 0xb1418c5c
res/drawable-xhdpi/abs__ab_bottom_solid_light_holo.9.png 0x1053168
res/drawable-xhdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x5a6affd1
res/drawable-xhdpi/abs__ab_bottom_transparent_light_holo.9.png 0x8dc2ee5f
res/drawable-xhdpi/abs__ab_share_pack_holo_dark.9.png 0x283c19cc
res/drawable-xhdpi/abs__ab_share_pack_holo_light.9.png 0xd59220f0
res/drawable-xhdpi/abs__ab_solid_dark_holo.9.png 0x5b0c1e70
res/drawable-xhdpi/abs__ab_solid_light_holo.9.png 0x86f0155a
res/drawable-xhdpi/abs__ab_solid_shadow_holo.9.png 0xe3f746fa
res/drawable-xhdpi/abs__ab_stacked_solid_dark_holo.9.png 0x45995026
res/drawable-xhdpi/abs__ab_stacked_solid_light_holo.9.png 0x4fa1423
res/drawable-xhdpi/abs__ab_stacked_transparent_dark_holo.9.png 0xf3c72c9b
res/drawable-xhdpi/abs__ab_stacked_transparent_light_holo.9.png 0xed5a755d
res/drawable-xhdpi/abs__ab_transparent_dark_holo.9.png 0xe5266da1
res/drawable-xhdpi/abs__ab_transparent_light_holo.9.png 0xa2a434df
res/drawable-xhdpi/abs__btn_cab_done_default_holo_dark.9.png 0xa1d76dbb
res/drawable-xhdpi/abs__btn_cab_done_default_holo_light.9.png 0xdcd1843b
res/drawable-xhdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x2e24d381
res/drawable-xhdpi/abs__btn_cab_done_focused_holo_light.9.png 0x8fe910b5
res/drawable-xhdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0x35c763a
res/drawable-xhdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xd601a063
res/drawable-xhdpi/abs__cab_background_bottom_holo_dark.9.png 0xc9ae8fde
res/drawable-xhdpi/abs__cab_background_bottom_holo_light.9.png 0xaf26e5ea
res/drawable-xhdpi/abs__cab_background_top_holo_dark.9.png 0xc6079444
res/drawable-xhdpi/abs__cab_background_top_holo_light.9.png 0x3396b7e2
res/drawable-xhdpi/abs__dialog_full_holo_dark.9.png 0x24a74876
res/drawable-xhdpi/abs__dialog_full_holo_light.9.png 0x1481309e
res/drawable-xhdpi/abs__ic_ab_back_holo_dark.png 0xfda7dde0
res/drawable-xhdpi/abs__ic_ab_back_holo_light.png 0xbffc39b3
res/drawable-xhdpi/abs__ic_cab_done_holo_dark.png 0x72b10371
res/drawable-xhdpi/abs__ic_cab_done_holo_light.png 0x8791c4c4
res/drawable-xhdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x3201d039
res/drawable-xhdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0xc2a9ad8e
res/drawable-xhdpi/abs__ic_menu_share_holo_dark.png 0x94b0462d
res/drawable-xhdpi/abs__ic_menu_share_holo_light.png 0x93f40272
res/drawable-xhdpi/abs__list_activated_holo.9.png 0xf31ffc88
res/drawable-xhdpi/abs__list_divider_holo_dark.9.png 0xde176f71
res/drawable-xhdpi/abs__list_divider_holo_light.9.png 0x3cad70fb
res/drawable-xhdpi/abs__list_focused_holo.9.png 0xfbeaf70c
res/drawable-xhdpi/abs__list_longpressed_holo.9.png 0xf31ffc88
res/drawable-xhdpi/abs__list_pressed_holo_dark.9.png 0xb9cef664
res/drawable-xhdpi/abs__list_pressed_holo_light.9.png 0xb9cef664
res/drawable-xhdpi/abs__list_selector_disabled_holo_dark.9.png 0xbd51fa51
res/drawable-xhdpi/abs__list_selector_disabled_holo_light.9.png 0x819deaae
res/drawable-xhdpi/abs__menu_dropdown_panel_holo_dark.9.png 0x66b89807
res/drawable-xhdpi/abs__menu_dropdown_panel_holo_light.9.png 0xea3a3f5
res/drawable-xhdpi/abs__progress_bg_holo_dark.9.png 0x41ee9e52
res/drawable-xhdpi/abs__progress_bg_holo_light.9.png 0x1f61ce1f
res/drawable-xhdpi/abs__progress_primary_holo_dark.9.png 0xd67380c5
res/drawable-xhdpi/abs__progress_primary_holo_light.9.png 0xd67380c5
res/drawable-xhdpi/abs__progress_secondary_holo_dark.9.png 0x955f18c2
res/drawable-xhdpi/abs__progress_secondary_holo_light.9.png 0x955f18c2
res/drawable-xhdpi/abs__spinner_48_inner_holo.png 0x28386199
res/drawable-xhdpi/abs__spinner_48_outer_holo.png 0x6cceb634
res/drawable-xhdpi/abs__spinner_ab_default_holo_dark.9.png 0xf5c94e84
res/drawable-xhdpi/abs__spinner_ab_default_holo_light.9.png 0x89892045
res/drawable-xhdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x11b0dbfa
res/drawable-xhdpi/abs__spinner_ab_disabled_holo_light.9.png 0xbdcae3a1
res/drawable-xhdpi/abs__spinner_ab_focused_holo_dark.9.png 0x72b0dfd8
res/drawable-xhdpi/abs__spinner_ab_focused_holo_light.9.png 0x982777a1
res/drawable-xhdpi/abs__spinner_ab_pressed_holo_dark.9.png 0xa0f38fda
res/drawable-xhdpi/abs__spinner_ab_pressed_holo_light.9.png 0x27bb37be
res/drawable-xhdpi/abs__tab_selected_focused_holo.9.png 0x7c3f77bc
res/drawable-xhdpi/abs__tab_selected_holo.9.png 0x20fb759a
res/drawable-xhdpi/abs__tab_selected_pressed_holo.9.png 0xbb04ca93
res/drawable-xhdpi/abs__tab_unselected_pressed_holo.9.png 0x313d81a3
res/drawable-xhdpi/actionbar_stripe.png 0xb758cb0b
res/drawable-xhdpi/arrow_down.png 0xe7b725d4
res/drawable-xhdpi/arrow_up.png 0xdb9b4dc4
res/drawable-xhdpi/default_ptr_drawable.png 0x4083ff09
res/drawable-xhdpi/ic_refresh.png 0xf9228473
res/drawable/abs__activated_background_holo_dark.xml 0x2dd8443
res/drawable/abs__activated_background_holo_light.xml 0x2dd8443
res/drawable/abs__btn_cab_done_holo_dark.xml 0xc24c9042
res/drawable/abs__btn_cab_done_holo_light.xml 0xe97abee3
res/drawable/abs__ic_menu_moreoverflow_holo_dark.xml 0xcfe33d0a
res/drawable/abs__ic_menu_moreoverflow_holo_light.xml 0x41a18c34
res/drawable/abs__item_background_holo_dark.xml 0xc3a1fe38
res/drawable/abs__item_background_holo_light.xml 0xa72e6a08
res/drawable/abs__list_selector_background_transition_holo_dark.xml 0x943bb84b
res/drawable/abs__list_selector_background_transition_holo_light.xml 0xb3ddea87
res/drawable/abs__list_selector_holo_dark.xml 0x45d09c8b
res/drawable/abs__list_selector_holo_light.xml 0xe5130271
res/drawable/abs__progress_horizontal_holo_dark.xml 0x9a3a855a
res/drawable/abs__progress_horizontal_holo_light.xml 0x8cd17179
res/drawable/abs__progress_medium_holo.xml 0x48960fa9
res/drawable/abs__spinner_ab_holo_dark.xml 0xcc8a96c
res/drawable/abs__spinner_ab_holo_light.xml 0xb01ea010
res/drawable/abs__tab_indicator_ab_holo.xml 0xa34b4a80
res/drawable/actionbar_agit_logo.png 0xfb0b3aab
res/drawable/actionbar_background.xml 0xb9d3356e
res/drawable/btn_blue_matte.9.png 0xecd346b9
res/drawable/btn_green_matte.9.png 0xf8418277
res/drawable/clone.png 0x99a57f47
res/drawable/database_grey.png 0x856c5e3d
res/drawable/database_purple.png 0xd9001d14
res/drawable/diff_changetype_add.png 0x94592340
res/drawable/diff_changetype_delete.png 0x11362feb
res/drawable/diff_changetype_modify.png 0xd5729496
res/drawable/diff_changetype_rename.png 0xa0cbbb5a
res/drawable/diff_seekbar.xml 0x20cdcc92
res/drawable/executionbar_background.xml 0x51b6b271
res/drawable/friendly_button.xml 0x3a07452e
res/drawable/gravatar_border.xml 0x730cab6c
res/drawable/indicator_bg_bottom.xml 0x5afaaa4
res/drawable/indicator_bg_top.xml 0xf9c2ce11
res/drawable/label_background.xml 0x1de11e1d
res/drawable/loading_34_centred.xml 0x35712281
res/drawable/minitab.xml 0x55afaabc
res/drawable/pull_to_refresh_header_background.xml 0xc1d4da3
res/drawable/shadow.xml 0xd9e45e04
res/drawable/single_line_frame.xml 0xf839957f
res/drawable/top_bar.xml 0x64719171
res/layout-large/abs__action_mode_close_item.xml 0xca9e72e7
res/layout-v14/sherlock_spinner_dropdown_item.xml 0x9df42bed
res/layout-v14/sherlock_spinner_item.xml 0x6ec8ef23
res/layout-xlarge/abs__screen_action_bar.xml 0xe7bc982c
res/layout-xlarge/abs__screen_action_bar_overlay.xml 0x4e00d09b
res/layout/about_activity.xml 0x26529ee1
res/layout/abs__action_bar_home.xml 0xd1c970d2
res/layout/abs__action_bar_tab.xml 0x62b90cc
res/layout/abs__action_bar_tab_bar_view.xml 0xc8aed199
res/layout/abs__action_bar_title_item.xml 0xa50efb8c
res/layout/abs__action_menu_item_layout.xml 0xbbde7acf
res/layout/abs__action_menu_layout.xml 0xead6e790
res/layout/abs__action_mode_bar.xml 0x8870161b
res/layout/abs__action_mode_close_item.xml 0x369666db
res/layout/abs__activity_chooser_view.xml 0x7281b1e8
res/layout/abs__activity_chooser_view_list_item.xml 0x7f7e30a8
res/layout/abs__dialog_title_holo.xml 0xfc2b0a3a
res/layout/abs__list_menu_item_checkbox.xml 0x6cf56fa3
res/layout/abs__list_menu_item_icon.xml 0x623c3ba2
res/layout/abs__list_menu_item_layout.xml 0x68e23c83
res/layout/abs__list_menu_item_radio.xml 0xc8cfe430
res/layout/abs__popup_menu_item_layout.xml 0xa8cbc3c6
res/layout/abs__screen_action_bar.xml 0xb0e56524
res/layout/abs__screen_action_bar_overlay.xml 0xd1b17700
res/layout/abs__screen_simple.xml 0xa2bb1ad4
res/layout/abs__screen_simple_overlay_action_mode.xml 0x64ad14d5
res/layout/actionbar_custom_title.xml 0x77276b52
res/layout/branch_list_item.xml 0x9efa1508
res/layout/branch_view.xml 0x2239fcb1
res/layout/clone_launcher.xml 0x1085369a
res/layout/commit_detail_view.xml 0x6538009e
res/layout/commit_navigation_animation_layout.xml 0x912489dd
res/layout/commit_navigation_view.xml 0x8b91e42b
res/layout/commit_summary_view.xml 0x88326d81
res/layout/commit_view.xml 0xfa3bce9e
res/layout/create_tag_dialog.xml 0x358f31da
res/layout/dashboard_activity.xml 0x90e4e92a
res/layout/dashboard_repo_list_header.xml 0x50e8a46d
res/layout/diff_player_view.xml 0x3fe8ebe9
res/layout/diff_seekbar_view.xml 0x7493e232
res/layout/diff_view.xml 0xb27963e5
res/layout/file_change_header_expanded_view.xml 0xc9a8a529
res/layout/file_change_header_view.xml 0x9cdb2e5e
res/layout/latest_commit_view.xml 0xceb86e2d
res/layout/list_activity_layout.xml 0xfffe3c9e
res/layout/object_summary_view.xml 0x344d545f
res/layout/operation_progress.xml 0xf7084297
res/layout/osv_blob_summary_view.xml 0xf1bfd76f
res/layout/osv_commit_summary_view.xml 0xf650f14c
res/layout/osv_tag_summary_view.xml 0x3a7369dd
res/layout/osv_tree_summary_view.xml 0x3ec683f
res/layout/person_ident_detail_view.xml 0x92ea23e
res/layout/person_ident_view.xml 0x69ce16c8
res/layout/pull_to_refresh_header.xml 0x423e7e40
res/layout/related_commit_button.xml 0x7d5557ab
res/layout/remote_view.xml 0x43232f9b
res/layout/remotes_summary_view.xml 0x1079cfa8
res/layout/repo_list_item.xml 0x60615f3c
res/layout/repo_management_activity.xml 0xf387c1b0
res/layout/rev_commit_list_item.xml 0xf9aaa3c6
res/layout/rev_commit_view.xml 0x17e6f17f
res/layout/rev_commit_view_header.xml 0x5a327286
res/layout/sherlock_spinner_dropdown_item.xml 0x12174eb8
res/layout/sherlock_spinner_item.xml 0x5033f0ed
res/layout/simple_summary_list_item.xml 0xa7c79be4
res/layout/tab_indicator.xml 0xd1294ebb
res/layout/tag_viewer_activity.xml 0x63b6a3c1
res/layout/text_entry.xml 0x2a7607c0
res/layout/top_bar.xml 0x67388dab
res/menu/dashboard.xml 0x13d517d8
res/menu/repo.xml 0x4758f7f5
res/xml/authenticator.xml 0xedcebc93
res/xml/sync_adapter.xml 0xab5dd88c
resources.arsc 0xd540298
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号