VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Basic Information

MD5: eaf7d9b922023c4c62f432a2677c19b0
Package names: com.chaoxing
Minimum operating environment: Android 2.1.x
copyright: Android

File behavior

Behavior description: 查找文件
details: FileName = C:\Program Files
FileName = C:\Program Files\Microsoft Office
FileName = C:\Program Files\Microsoft Office\OFFICE11\Normal.dot
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates\Normal.dot
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Normal.dot
FileName = C:\WINDOWS
FileName = C:\WINDOWS\WinSxS
FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
FileName = C:/Documents and Settings/Administrator/Local Settings/Temp/EB93A6/%temp%\****.exe_7zdump\神奇男侠将在手机机领域抗衡苹果为什么航空品牌应该投资聊天机器人,而且就是现在?.doc
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\桌面
FileName = C:\//Documents%20and%20Settings/Administrator/Local%20Settings/Temp/EB93A6/%temp%\****.exe_7zdump/神奇男侠将在手机机领域抗衡苹果为什么航空品牌应该投资聊天机器人,而且就是现在?.doc
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Word\STARTUP\*.*
FileName = C:\Program Files\Microsoft Office\OFFICE11\STARTUP\*.*
Behavior description: 复制文件
details: C:\Program Files\Microsoft Office\OFFICE11\opa11.bak ---> C:\Program Files\Microsoft Office\OFFICE11\opa11.dat

Registry behavior

Behavior description: 修改注册表
details: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\}I
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\M
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTF
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTA
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\=N
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\wO
\REGISTRY\USER\S-*\Software\Microsoft\Office\Common\Assistant\CurrAsstState
Behavior description: 删除注册表键值
details: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\M
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\=N
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\wO
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\}I
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\WordName
Behavior description: 删除注册表键
details: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\

Other behavior

Behavior description: 创建互斥体
details: Local\Mutex_MSOSharedMem
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\Mso97SharedDg19211108221Mutex
Local\Mso97SharedDg20321108221Mutex
MSCTF.GCompartListMUTEX.DefaultS-*
Local\Mso97SharedDg19521108221Mutex
MSCTF.Shared.MUTEX.IOH
Local\Mso97SharedDg19531108221Mutex
Local\Mso97SharedDg19541108221Mutex
OfficeAssistantStateMutex
Behavior description: 创建事件对象
details: EventName = Local\MsoTestEvent_a08c7d05-2046-4191-b1e9-2c8e1958e0cd
EventName = PrimaryWord11Mutex
EventName = MSCTF.SendReceive.Event.AMJ.IC
EventName = MSCTF.SendReceiveConection.Event.AMJ.IC
Behavior description: 查找指定窗口
details: NtUserFindWindowEx: [Class,Window] = [MSOBALLOON,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp10,]
NtUserFindWindowEx: [Class,Window] = [AgentAnim,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp11,]
Behavior description: 窗口信息
details: Pid = 2492, Hwnd=0x1034c, Text = MsoDockTop, ClassName = MsoCommandBarDock.
Pid = 2492, Hwnd=0x10354, Text = 格式, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10352, Text = 常用, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10356, Text = 菜单栏, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x20346, Text = 文档 1, ClassName = _WwB.
Pid = 2492, Hwnd=0x10368, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x1036c, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10362, Text = Microsoft Word 文档, ClassName = _WwG.
Pid = 2492, Hwnd=0x2033e, Text = 文档 1 - Microsoft Word, ClassName = OpusApp.
Behavior description: 调整进程token权限
details: SE_LOAD_DRIVER_PRIVILEGE
Behavior description: 打开事件
details: Global\MsoTestEvent_a08c7d05-2046-4191-b1e9-2c8e1958e0cd
MSFT.VSA.COM.DISABLE.2492
MSFT.VSA.IEC.STATUS.6c736db0
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
_fCanRegisterWithShellService
CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
Behavior description: 隐藏指定窗口
details: [Window,Class] = [,ThunderRT6Main]
Behavior description: 打开互斥体
details: ShimCacheMutex
Local\Mutex_MSOSharedMem
Local\Mso97SharedDg19211108221Mutex
Local\Mso97SharedDg20321108221Mutex
Local\MU_ACBPIDS08
CtfmonInstMutexDefaultS-*
Local\Mso97SharedDg19521108221Mutex
Local\Mso97SharedDg19531108221Mutex
Local\Mso97SharedDg19541108221Mutex
OfficeAssistantStateMutex

Activities

Activity name Types of
.widget.BookShelf android.intent.action.MAIN
.widget.BookShelf com.chaoxing.widget.BookShelf
.widget.BookShelf android.intent.category.LAUNCHER
.widget.BookShelf android.intent.category.DEFAULT
.widget.CWebView com.chaoxing.widget.CWebView
.widget.CWebView android.intent.category.DEFAULT
com.chaoxing.widget.Reader com.chaoxing.widget.Reader
com.chaoxing.widget.Reader android.intent.category.DEFAULT
com.chaoxing.widget.PathRequestActivity com.chaoxing.widget.PathRequestActivity
com.chaoxing.widget.PathRequestActivity android.intent.category.DEFAULT

Dangerous function

Function name information
android/app/NotificationManager;->notify 信息通知栏
HttpClient;->execute 请求远程服务器
ContentResolver;->delete 删除短信、联系人
ContentResolver;->query 读取联系人、短信等数据库
java/net/URL;->openConnection 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令

Permission list

License name information
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态

Service list

name
com.chaoxing.HttpAsyncService
com.chaoxing.BookDownloadManager

Providers

name information
com.chaoxing.dao.BooksProvider

File List

file name Check code
assets/ext-min.css 0x1f55cab8
assets/ext4-compoent-min.js 0x66e480ab
res/anim/fadein.xml 0x234b07db
res/anim/fadeout.xml 0x35b06ba3
res/anim/layout_grid_fade.xml 0xc6fa5f31
res/anim/rotate.xml 0xe3ceb2
res/anim/slide_in_top.xml 0xd13a2b59
res/anim/slide_out_top.xml 0xfad0c194
res/drawable/bk_style_list0.png 0xe9ce2609
res/drawable/bk_style_list1.png 0x9098468
res/drawable/bk_style_shelf0.png 0x63791f7
res/drawable/bk_style_shelf1.png 0xe7c4f9b4
res/drawable/book_dl_complete.png 0xaa9e957a
res/drawable/book_dl_error.png 0x24cce7e1
res/drawable/book_dl_notify.png 0x5bf8fe4e
res/drawable/book_json_dlg_abs_bg.xml 0xb865430d
res/drawable/book_json_dlg_bg.xml 0xb3a9eee1
res/drawable/book_json_dlg_btn.xml 0x619a0e0a
res/drawable/book_json_dlg_btn_bg.9.png 0x55fc8cf1
res/drawable/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable/book_proccess_bg.xml 0xf2073c3e
res/drawable/book_shadow.png 0x21355049
res/drawable/bookmarks_list.png 0x6adf4541
res/drawable/bookshelf_bg.xml 0x5d270d65
res/drawable/bookshelftoolbar_bg.png 0xf7a9f6de
res/drawable/bright_dark.png 0x4d4283d5
res/drawable/bright_wood.xml 0xd1f8346c
res/drawable/bright_wood_pic.png 0x33eb9017
res/drawable/category_all.png 0x93b627fb
res/drawable/default_cover.png 0x65b4219b
res/drawable/delete.png 0xc9beeb7
res/drawable/go_category.png 0x67c55aa6
res/drawable/ico1.png 0x2b016d9b
res/drawable/ico3.png 0xffe490b5
res/drawable/ico4.png 0x65a7ad72
res/drawable/icon.png 0x179eb318
res/drawable/loading_bg.xml 0x2a9f87cc
res/drawable/loading_pic.png 0xa3c41311
res/drawable/onlinelib.png 0x4a6b0efd
res/drawable/onlinelib_btn.xml 0xff596508
res/drawable/onlinelib_selected.png 0x15eb3101
res/drawable/outline_list_collapse.png 0x50e9898
res/drawable/outline_list_expand.png 0x65ada1ec
res/drawable/page_type.png 0xd96bd140
res/drawable/picture_frame.9.png 0x3a5e9b24
res/drawable/popwindow_bg.xml 0x3ade5aa2
res/drawable/progress_horizontal.xml 0xf5dc93e4
res/drawable/progress_horizontal_error.xml 0x6e73ecce
res/drawable/read_back.png 0x3f373a24
res/drawable/reader_bg.png 0xf1481935
res/drawable/recent_view.png 0x336c236d
res/drawable/refresh.png 0x2b199c3d
res/drawable/refresh_btn.xml 0x4edbec41
res/drawable/refresh_selected.png 0x59b50d21
res/drawable/searchbook.9.png 0x83fee13d
res/drawable/tab_bg_selected.xml 0x83d6f1f7
res/drawable/toolbar_back.png 0xb67c9908
res/drawable/web_lib.png 0x535312c
res/drawable/web_lib_btn.xml 0x236be835
res/drawable/web_lib_selected.png 0x86d54a8a
res/drawable/webbottom_bg.xml 0xaff183ba
res/drawable/webtoolbar_bg.xml 0x662e49ce
res/layout/add_bookmarks.xml 0x1d00d12f
res/layout/book.xml 0xe5827fd
res/layout/book_dl_process.xml 0xb49d9e37
res/layout/book_json_dlg.xml 0xad8e7279
res/layout/bookmark_listitem.xml 0x7c26e84c
res/layout/bookshelf.xml 0x7b8fbb07
res/layout/catalog_listitem.xml 0xb162d741
res/layout/classify.xml 0x9b9f6e6e
res/layout/classify_list.xml 0xe5e31561
res/layout/classify_mask.xml 0xe11661fa
res/layout/loading.xml 0xb881b04
res/layout/pagetype_item.xml 0x8a123ea7
res/layout/popup_bookmarks_window.xml 0x71ac25ee
res/layout/popup_cacatalog_window.xml 0xffde965a
res/layout/popup_pagetype_window.xml 0x58818c35
res/layout/reader.xml 0x6acc464a
res/layout/reader_container.xml 0x4eb6ee77
res/layout/web_bottom_tab.xml 0x41924f2f
res/layout/webview.xml 0xfac99200
AndroidManifest.xml 0xd03d5fe2
resources.arsc 0x2b6f9cab
res/drawable-hdpi/book_json_dlg_btn_bg.9.png 0xcc73e4a7
res/drawable-hdpi/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable-hdpi/last_lev_shelf.png 0x6be63bf7
res/drawable-hdpi/recent_view.png 0x336c236d
res/drawable-hdpi/searchbook.9.png 0x83fee13d
res/drawable-ldpi/book_json_dlg_btn_bg.9.png 0xcc73e4a7
res/drawable-ldpi/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable-ldpi/last_lev_shelf.png 0x6be63bf7
res/drawable-ldpi/recent_view.png 0x336c236d
res/drawable-ldpi/searchbook.9.png 0x83fee13d
res/drawable-mdpi/book_json_dlg_btn_bg.9.png 0xcc73e4a7
res/drawable-mdpi/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable-mdpi/last_lev_shelf.png 0x6be63bf7
res/drawable-mdpi/recent_view.png 0x336c236d
res/drawable-mdpi/searchbook.9.png 0x83fee13d
classes.dex 0xb7b0072f
lib/armeabi/libpdgparser.so 0x5ce324ef
lib/armeabi/libSecurity.so 0x789f873b
META-INF/MANIFEST.MF 0x833d28a4
META-INF/CERT.SF 0xba45489b
META-INF/CERT.RSA 0x48ad856d

Run screenshot

VirSCAN