VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

   File information

Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis

Basic Information

MD5:a92c4c2ebaf41f15a99f76d8aa54f2a6
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
Package names:cn.zhongkai.jupiter
Minimum operating environment:Android 2.3, 2.3.1, 2.3.2
copyright:

Key behavior

Behavior description: 设置特殊文件夹属性
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Behavior description: 获取窗口截图信息
details: Foreground window Info: HWND = 0x00000000, DC = 0xf60102bb.
Behavior description: 获取TickCount值
details: TickCount = 5496484, SleepMilliseconds = 60000.
TickCount = 5496500, SleepMilliseconds = 60000.
TickCount = 5496515, SleepMilliseconds = 60000.
TickCount = 5496531, SleepMilliseconds = 60000.
TickCount = 5496562, SleepMilliseconds = 60000.
TickCount = 5496593, SleepMilliseconds = 60000.
TickCount = 5436771, SleepMilliseconds = 100.
TickCount = 5436818, SleepMilliseconds = 100.
TickCount = 5436896, SleepMilliseconds = 100.
TickCount = 5496859, SleepMilliseconds = 60000.
TickCount = 5496906, SleepMilliseconds = 60000.
TickCount = 5496968, SleepMilliseconds = 60000.
TickCount = 5497062, SleepMilliseconds = 60000.
TickCount = 5497078, SleepMilliseconds = 60000.
TickCount = 5497265, SleepMilliseconds = 60000.
Behavior description: 在桌面创建文件
details: C:\Documents and Settings\Administrator\桌面\无赦★单职业[激情荡漾].lnk

Process behavior

Behavior description: 创建本地线程
details: TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 280, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 1124, StartAddress = 4AEA7456, Parameter = 00000000
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 1004, StartAddress = 7C947EBB, Parameter = 00000000
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 1952, StartAddress = 7C930230, Parameter = 00000000
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 788, StartAddress = 77E56C7D, Parameter = 0025D2F8
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 1412, StartAddress = 769AE43B, Parameter = 002622C0
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 424, StartAddress = 0196507F, Parameter = 00129520
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 2060, StartAddress = 6359727B, Parameter = 0301CAD8
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 2160, StartAddress = 6359727B, Parameter = 0304BA98
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 2164, StartAddress = 6359727B, Parameter = 0304BB38
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 2256, StartAddress = 00416420, Parameter = 02FBAC08
TargetProcess: %temp%\****.exe, InheritedFromPID = 1944, ProcessID = 896, ThreadID = 2380, StartAddress = 00416420, Parameter = 02FBA820

File behavior

Behavior description: 创建文件
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\tongji[1].html
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1]
C:\Documents and Settings\Administrator\Local Settings\%temp%\MirGomConfig.ini
C:\Documents and Settings\Administrator\Local Settings\%temp%\Zlib.dll
C:\Documents and Settings\Administrator\Local Settings\%temp%\GameOfMir.Skin
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\bg
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\Config.ini
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gbyx1
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gbyx2
Behavior description: 创建可执行文件
details: C:\Documents and Settings\Administrator\Local Settings\%temp%\Zlib.dll
Behavior description: 覆盖已有文件
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1]
Behavior description: 查找文件
details: FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS
FileName = C:\WINDOWS\system32
FileName = C:\WINDOWS\system32\urlmon.dll
FileName = C:\WINDOWS\system32\ieframe.dll
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\222234347\\*.*
FileName = C:\Documents and Settings\Administrator\桌面\无赦★单职业[激情荡漾].lnk
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe
Behavior description: 删除文件
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\tongji[1].html
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\navcancl[2]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\ErrorPageTemplate[2]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\errorPageStrings[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\httpErrorPagesScripts[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\background_gradient[2]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\info_48[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\bullet[1]
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\bg
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\Config.ini
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gbyx1
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gbyx2
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gbyx3
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gfwz1
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gfwz2
Behavior description: 在桌面创建文件
details: C:\Documents and Settings\Administrator\桌面\无赦★单职业[激情荡漾].lnk
Behavior description: 设置特殊文件夹属性
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Behavior description: 修改文件内容
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\navcancl[1] ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1] ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\errorPageStrings[1] ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\httpErrorPagesScripts[1] ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\background_gradient[1] ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\info_48[1] ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\bullet[1] ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\MirGomConfig.ini ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\Zlib.dll ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\GameOfMir.Skin ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\bg ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\bg ---> Offset = 65536
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\bg ---> Offset = 98304
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\Config.ini ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\222234347\gbyx1 ---> Offset = 0

Network behavior

Behavior description: 连接指定站点
details: InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = **.0.0.**, PORT = 99, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000000
Behavior description: 打开HTTP连接
details: InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0), hSession = 0x00cc0010
Behavior description: 建立到一个指定的套接字连接
details: URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000360
URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x00000458
URL: , IP: **.0.0.**:99, SOCKET = 0x000004d4
URL: , IP: **.0.0.**:99, SOCKET = 0x000004d8
URL: , IP: **.0.0.**:99, SOCKET = 0x000004e4
Behavior description: 读取网络文件
details: hFile = 0x00cc000c, BytesToRead =4096, BytesRead = 4096.
hFile = 0x00cc0018, BytesToRead =102400, BytesRead = 102400.
Behavior description: 发送HTTP包
details: GET /tongji.html HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
GET /123.txt HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Accept: */* Host: **.0.0.**:99 Cache-Control: no-cache
Behavior description: 打开HTTP请求
details: HttpOpenRequestA: ww****om:80/tongji.html, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400200
HttpOpenRequestA: ww****om:80/tongji.html, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
HttpOpenRequestA: **.0.0.**:99/123.txt, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x84000000
Behavior description: 按名称获取主机地址
details: GetAddrInfoW: ww****om

Registry behavior

Behavior description: 修改注册表
details: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\USER\S-*\Software\MirGomSoft\mutex\dba0523307a3746b8c63217f8d2448f6
\REGISTRY\USER\S-*\Software\MirGomSoft\ClinetPath
Behavior description: 删除注册表键值
details: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL

Other behavior

Behavior description: 调整进程token权限
details: SE_LOAD_DRIVER_PRIVILEGE
Behavior description: 创建互斥体
details: RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
CritOpMutex
Local\!PrivacIE!SharedMemory!Mutex
无赦★单职业[激情荡漾]
MSCTF.Shared.MUTEX.ELH
Behavior description: 创建事件对象
details: EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
Behavior description: 查找指定窗口
details: NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
Behavior description: 窗口信息
details: Pid = 896, Hwnd=0x30410, Text = 您想运行或保存此文件吗?, ClassName = Static.
Pid = 896, Hwnd=0x30414, Text = 名称:, ClassName = Static.
Pid = 896, Hwnd=0x30416, Text = update.exe, ClassName = SysLink.
Pid = 896, Hwnd=0x30418, Text = 发行者:, ClassName = Static.
Pid = 896, Hwnd=0x3041e, Text = 类型:, ClassName = Static.
Pid = 896, Hwnd=0x30420, Text = 应用程序, 358KB, ClassName = Static.
Pid = 896, Hwnd=0x30422, Text = 从:, ClassName = Static.
Pid = 896, Hwnd=0x30424, Text = www.mirgom.com, ClassName = Static.
Pid = 896, Hwnd=0x30426, Text = 运行(&R), ClassName = Button.
Pid = 896, Hwnd=0x30428, Text = 保存(&S), ClassName = Button.
Pid = 896, Hwnd=0x3042c, Text = 取消, ClassName = Button.
Pid = 896, Hwnd=0x3042e, Text = 打开此类文件前总是询问(&W), ClassName = Button(CheckBox).
Pid = 896, Hwnd=0x3045c, Text = 来自 Internet 的文件可能对您有所帮助,但此文件类型可能危害您的计算机。如果您不信任其来源,请不要运行或保存该软件。<A>有何风险?</A>, ClassName = SysLink.
Pid = 896, Hwnd=0x3040e, Text = 文件下载 - 安全警告, ClassName = #32770.
Pid = 896, Hwnd=0x703b6, Text = 下载完毕, ClassName = Static.
Behavior description: 获取TickCount值
details: TickCount = 5496484, SleepMilliseconds = 60000.
TickCount = 5496500, SleepMilliseconds = 60000.
TickCount = 5496515, SleepMilliseconds = 60000.
TickCount = 5496531, SleepMilliseconds = 60000.
TickCount = 5496562, SleepMilliseconds = 60000.
TickCount = 5496593, SleepMilliseconds = 60000.
TickCount = 5436771, SleepMilliseconds = 100.
TickCount = 5436818, SleepMilliseconds = 100.
TickCount = 5436896, SleepMilliseconds = 100.
TickCount = 5496859, SleepMilliseconds = 60000.
TickCount = 5496906, SleepMilliseconds = 60000.
TickCount = 5496968, SleepMilliseconds = 60000.
TickCount = 5497062, SleepMilliseconds = 60000.
TickCount = 5497078, SleepMilliseconds = 60000.
TickCount = 5497265, SleepMilliseconds = 60000.
Behavior description: 获取光标位置
details: CursorPos = (96,18500), SleepMilliseconds = 60000.
CursorPos = (6389,26533), SleepMilliseconds = 60000.
CursorPos = (19224,15757), SleepMilliseconds = 60000.
CursorPos = (11533,29391), SleepMilliseconds = 60000.
CursorPos = (27017,24497), SleepMilliseconds = 60000.
CursorPos = (5760,28178), SleepMilliseconds = 60000.
CursorPos = (23336,16860), SleepMilliseconds = 60000.
CursorPos = (10016,524), SleepMilliseconds = 60000.
CursorPos = (3050,11975), SleepMilliseconds = 60000.
CursorPos = (4882,5469), SleepMilliseconds = 60000.
CursorPos = (32446,14637), SleepMilliseconds = 60000.
CursorPos = (3957,186), SleepMilliseconds = 60000.
CursorPos = (347,12415), SleepMilliseconds = 60000.
Behavior description: 打开事件
details: HookSwitchHookEnabledEvent
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
MSFT.VSA.COM.DISABLE.896
MSFT.VSA.IEC.STATUS.6c736db0
_fCanRegisterWithShellService
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000052
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000052
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000053
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000053
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
Behavior description: 获取窗口截图信息
details: Foreground window Info: HWND = 0x00000000, DC = 0xf60102bb.
Behavior description: 可执行文件签名信息
details: C:\Documents and Settings\Administrator\Local Settings\%temp%\Zlib.dll(签名验证: 未通过)
Behavior description: 调用Sleep函数
details: [1]: MilliSeconds = 60000.
[2]: MilliSeconds = 100.
[3]: MilliSeconds = 60000.
Behavior description: 隐藏指定窗口
details: [Window,Class] = [,ComboLBox]
[Window,Class] = [,_EL_Timer]
[Window,Class] = [,_EL_ClientSock]
[Window,Class] = [,Afx:400000:8]
[Window,Class] = [,Afx:400000:b:10011:1900010:0]
[Window,Class] = [,SysLink]
[Window,Class] = [,Static]
[Window,Class] = [文件大小未知,Static]
[Window,Class] = [打开此类文件前总是询问(&W),Button]
[Window,Class] = [发行者:,Static]
[Window,Class] = [正在获取远程列表...,ComboBox]
Behavior description: 可执行文件MD5
details: C:\Documents and Settings\Administrator\Local Settings\%temp%\Zlib.dll ---> 4efaa53c545f4ffb1ee0ed1709c15ea7
Behavior description: 打开互斥体
details: RasPbFile
ShimCacheMutex
Local\!IETld!Mutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
CtfmonInstMutexDefaultS-*

Activities

.MainActivity2 android.intent.action.MAIN
.MainActivity2 android.intent.category.LAUNCHER

Dangerous function

ContentResolver;->query 读取联系人、短信等数据库
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
getRuntime 获取命令行环境
java/net/URL;->openConnection 连接URL
HttpClient;->execute 请求远程服务器
java/net/HttpURLConnection;->connect 连接URL
LocationManager;->getLastKnownLocation 获取地址位置
Camera;->open 开启相机

Advertising information

com.baidu 百度

Permission list

android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_COARSE_LOCATION 获取粗略的位置(通过wifi、基站)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_MOCK_LOCATION 获取模拟定位信息
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.CHANGE_WIFI_STATE 改变WIFI连接状态
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_GPS
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.CAMERA 访问照相机设备
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.BROADCAST_STICKY 发送持久广播
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.PROCESS_OUTGOING_CALLS 监视、修改有关拨出电话
android.permission.MODIFY_AUDIO_SETTINGS 修改声音设置
android.permission.VIBRATE 允许设备震动
android.permission.FLASHLIGHT 访问闪光灯

Service list

com.baidu.location.f

File List

assets/faq/faq.html
assets/faq/wapa.css
assets/faq/wapb.css
assets/marker1.png
assets/marker2.png
assets/marker3.png
res/anim/pop_exit.xml
res/anim/pop_show.xml
res/color/date_picker_selector.xml
res/color/date_picker_year_selector.xml
res/color/done_text_color.xml
res/drawable/progress_holo_light.xml
res/drawable/public_checkbox.xml
res/drawable/public_imagebutton_selector.xml
res/drawable/public_item_selector.xml
res/drawable/release_action_frequency_select.xml
res/drawable/signuprecord_checkbox.xml
res/layout/activity_changepass.xml
res/layout/activity_excellent.xml
res/layout/activity_excellent_message.xml
res/layout/activity_faq.xml
res/layout/activity_geometry.xml
res/layout/activity_login.xml
res/layout/activity_main2.xml
res/layout/activity_mapcontrol.xml
res/layout/activity_mapproject.xml
res/layout/activity_mapselect.xml
res/layout/activity_message.xml
res/layout/activity_myactionactivity.xml
res/layout/activity_networkimageview.xml
res/layout/activity_personal.xml
res/layout/activity_privacy.xml
res/layout/activity_qrcodescan.xml
res/layout/activity_qrcodeshow.xml
res/layout/activity_register.xml
res/layout/activity_register_verify.xml
res/layout/activity_release_action.xml
res/layout/activity_signinoff_record.xml
res/layout/activity_signrecord.xml
res/layout/bottom_bar.xml
res/layout/date_picker_dialog.xml
res/layout/date_picker_done_button.xml
res/layout/date_picker_header_view.xml
res/layout/date_picker_selected_date.xml
res/layout/date_picker_view_animator.xml
res/layout/download_notification_layout.xml
res/layout/index_bottom_bar_discovery.xml
res/layout/index_bottom_bar_index.xml
res/layout/index_bottom_bar_mine.xml
res/layout/index_bottom_bar_setttings.xml
res/layout/listitem_excellent.xml
res/layout/listitem_main_tab_01.xml
res/layout/listitem_myaction.xml
res/layout/listitem_mydialog2_multiselect.xml
res/layout/listitem_mydialog_content.xml
res/layout/listitem_public_imageitem.xml
res/layout/listitem_public_lastitem.xml
res/layout/listitem_signinoff_record.xml
res/layout/listitem_signrecord.xml
res/layout/main.xml
res/layout/main_tab_01.xml
res/layout/main_tab_02.xml
res/layout/main_tab_03.xml
res/layout/main_tab_04.xml
res/layout/mydialog.xml
res/layout/mydialog2.xml
res/layout/mydialog3.xml
res/layout/release_action_line.xml
res/layout/time_header_label.xml
res/layout/time_picker_dialog.xml
res/layout/title_bar_0.xml
res/layout/title_bar_1.xml
res/layout/title_bar_2.xml
res/layout/title_bar_3.xml
res/layout/title_bar_4.xml
res/layout/title_bar_5.xml
res/layout/title_bar_6.xml
res/layout/update.xml
res/layout/year_label_text_view.xml
res/raw/beep.ogg
AndroidManifest.xml
resources.arsc
res/drawable-hdpi/bottom_bar_1234.9.png
res/drawable-hdpi/detail_icon_schedule_ball.png
res/drawable-hdpi/discovery_map.png
res/drawable-hdpi/discovery_show.png
res/drawable-hdpi/excellent_photo.jpg
res/drawable-hdpi/ic_action_search.png
res/drawable-hdpi/ic_launcher.png
res/drawable-hdpi/icon.png
res/drawable-hdpi/index_bottom_discovery.png
res/drawable-hdpi/index_bottom_discovery_pressed.png
res/drawable-hdpi/index_bottom_index.png
res/drawable-hdpi/index_bottom_index_pressed.png
res/drawable-hdpi/index_bottom_mine.png
res/drawable-hdpi/index_bottom_mine_pressed.png
res/drawable-hdpi/index_bottom_settings.png
res/drawable-hdpi/index_bottom_settings_pressed.png
res/drawable-hdpi/index_main_search.png
res/drawable-hdpi/index_search_bg.png
res/drawable-hdpi/index_title_add.png
res/drawable-hdpi/index_title_charity_card.png
res/drawable-hdpi/login_introduce_background.png
res/drawable-hdpi/main_tab_03_more_btn.png
res/drawable-hdpi/message_address.png
res/drawable-hdpi/message_applicant.png
res/drawable-hdpi/message_record.png
res/drawable-hdpi/message_tel.png
res/drawable-hdpi/newlogin_bg.png
res/drawable-hdpi/person_upload.png
res/drawable-hdpi/person_upload_fail.png
res/drawable-hdpi/person_uploading.png
res/drawable-hdpi/personal_edit.png
res/drawable-hdpi/public_checkbox_check.png
res/drawable-hdpi/public_checkbox_uncheck.png
res/drawable-hdpi/public_drop_down_btn.png
res/drawable-hdpi/public_input_required.png
res/drawable-hdpi/public_title_back_btn.png
res/drawable-hdpi/qrcode.png
res/drawable-hdpi/release_action_btn.png
res/drawable-hdpi/release_action_continue.png
res/drawable-hdpi/release_action_one_time.png
res/drawable-hdpi/release_action_pick_address_btn.png
res/drawable-hdpi/setting_help.png
res/drawable-hdpi/setting_info.png
res/drawable-hdpi/setting_password.png
res/drawable-hdpi/setting_version.png
res/drawable-hdpi/sign_cancel_button.png
res/drawable-hdpi/sign_in_button.png
res/drawable-hdpi/sign_out_button.png
res/drawable-hdpi/signrecord_authorize_n.png
res/drawable-hdpi/signrecord_authorize_p.png
res/drawable-hdpi/signrecord_man.png
res/drawable-hdpi/signrecord_woman.png
res/drawable-hdpi/tab_address_normal.png
res/drawable-hdpi/tab_address_pressed.png
res/drawable-hdpi/tab_bg2.png
res/drawable-hdpi/tab_find_frd_normal.png
res/drawable-hdpi/tab_find_frd_pressed.png
res/drawable-hdpi/tab_settings_normal.png
res/drawable-hdpi/tab_settings_pressed.png
res/drawable-hdpi/tab_weixin_normal.png
res/drawable-hdpi/tab_weixin_pressed.png
res/drawable-hdpi/title_bar.9.png
res/drawable-hdpi/ucbackground.jpg
res/drawable-hdpi/volumn_bg.9.png
res/drawable-hdpi/volumn_front.9.png
res/drawable-hdpi/volumn_primary.9.png
res/drawable-ldpi/ic_launcher.png
res/drawable-mdpi/ic_action_search.png
res/drawable-mdpi/ic_launcher.png
res/drawable-xhdpi/common_bg_bottom.png
res/drawable-xhdpi/ic_action_search.png
res/drawable-xhdpi/ic_launcher.png
res/drawable-xhdpi/public_button.xml
res/drawable-xhdpi/public_button_e.png
res/drawable-xhdpi/public_button_n.png
res/drawable-xhdpi/public_button_p.png
res/layout-land/date_picker_dialog.xml
res/layout-land/time_picker_dialog.xml
res/layout-w270dp-h560dp/date_picker_dialog.xml
res/layout-sw600dp/date_picker_dialog.xml
res/layout-sw600dp-land/date_picker_dialog.xml
classes.dex
assets/CMRequire.dat
assets/Icon_bus_station.png
assets/Icon_end.png
assets/Icon_line_node.png
assets/Icon_mark1.png
assets/Icon_mark10.png
assets/Icon_mark2.png
assets/Icon_mark3.png
assets/Icon_mark4.png
assets/Icon_mark5.png
assets/Icon_mark6.png
assets/Icon_mark7.png
assets/Icon_mark8.png
assets/Icon_mark9.png
assets/Icon_start.png
assets/Icon_subway_station.png
assets/Icon_walk_route.png
assets/VerDatset.dat
assets/cfg/a/ResPack.cfg
assets/cfg/a/mapstyle.sty
assets/cfg/a/satellitestyle.sty
assets/cfg/a/trafficstyle.sty
assets/cfg/h/DVDirectory.cfg
assets/cfg/h/DVHotMap.cfg
assets/cfg/h/DVHotcity.cfg
assets/cfg/h/DVVersion.cfg
assets/cfg/l/DVDirectory.cfg
assets/cfg/l/DVHotMap.cfg
assets/cfg/l/DVHotcity.cfg
assets/cfg/l/DVVersion.cfg
assets/icon_scale.9.png
assets/logo_h.png
assets/logo_l.png
assets/place/arrow.png
assets/place/iconphone.png
assets/place/star_gray.png
assets/place/star_light.png
assets/sapi_cert.cer
lib/armeabi/libBaiduMapSDK_v3_2_0_15.so
lib/armeabi/liblocSDK3.so
META-INF/MANIFEST.MF
META-INF/CERT.SF
META-INF/CERT.RSA