VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:
Behavior list
Basic Information
MD5:ffd2b50d2f145224b728181d45312de4
Package names:com.tv1024
Minimum operating environment:Android 4.1, 4.1.1
copyright:Android
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.AEF..MHFHH
MSCTF.MarshalInterface.FileMap.AEF.B.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.C.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.D.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.E.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.F.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.G.MHFHH
MSCTF.Shared.SFM.AEF
Behavior description:隐藏指定窗口
details:[Window,Class] = [,CoreForms20.Label]
[Window,Class] = [,CoreForms20.Control]
[Window,Class] = [Settings,CoreForms20.Button]
[Window,Class] = [Save Log,CoreForms20.Label]
Behavior description:设置线程上下文
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.067360.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.074382.exe
Behavior description:按名称获取主机地址
details:wpad.
219.133.40.1
files.surfright.nl
Process behavior
Behavior description:设置线程上下文
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.067360.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445710455.074382.exe
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.AEF..MHFHH
MSCTF.MarshalInterface.FileMap.AEF.B.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.C.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.D.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.E.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.F.MHFHH
MSCTF.MarshalInterface.FileMap.AEF.G.MHFHH
MSCTF.Shared.SFM.AEF
Behavior description:查找文件
details:FileName = C:\Documents and Settings\All Users\Application Data\HitmanPro\Customize.bin
FileName = C:\Documents and Settings\All Users\Application Data\HitmanPro\Quarantine\quarantine.xml
FileName = C:\Documents and Settings\All Users\Application Data\HitmanPro\HitmanPro.lic
Network behavior
Behavior description:发送一个已连接的套接字数据
details:SOCKET = 0x00000614, TotalSize = 83, Offset = 0, ReadSize = 83.
SOCKET = 0x000005ec, TotalSize = 1, Offset = 0, ReadSize = 1.
Behavior description:建立到一个指定的套接字连接
details:110.110.110.110:80
127.0.0.1:1032
127.0.0.1:1033
127.0.0.1:1034
127.0.0.1:1035
127.0.0.1:1036
127.0.0.1:1038
Behavior description:按名称获取主机地址
details:wpad.
219.133.40.1
files.surfright.nl
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\MACHINE\SOFTWARE\HitmanPro\UID
\REGISTRY\MACHINE\SOFTWARE\HitmanPro\EULA36
Behavior description:删除注册表键值
details:\REGISTRY\MACHINE\SOFTWARE\HitmanPro\BannerID
\REGISTRY\MACHINE\SOFTWARE\HitmanPro\BannerURL
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
RasPbFile
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.AEF
Behavior description:内联HOOK
details:C:\WINDOWS\system32\WS2_32.dll--->GetAddrInfoW Offset = 0x0
C:\WINDOWS\system32\kernel32.dll--->LoadLibraryW Offset = 0x0
Behavior description:样本控制台输出内容
details:N/A
Behavior description:窗口信息
details:Pid = 1476, Hwnd=0x202a6, Text = Next , ClassName = CoreForms20.Button.
Pid = 1476, Hwnd=0x202a8, Text = Close, ClassName = CoreForms20.Button.
Pid = 1476, Hwnd=0x202cc, Text = Buy Now, ClassName = CoreForms20.Button.
Pid = 1476, Hwnd=0x202b4, Text = Settings, ClassName = CoreForms20.Button.
Pid = 1476, Hwnd=0x302bc, Text = Save Log, ClassName = CoreForms20.Label.
Pid = 1476, Hwnd=0x202c8, Text = Automatic update, ClassName = CoreForms20.Label.
Pid = 1476, Hwnd=0x202c6, Text = Failed to see whether a new version is available., ClassName = CoreForms20.Label.
Pid = 1476, Hwnd=0x202a2, Text = HitmanPro 3.7.7 - Build 205, ClassName = CoreForms20.Control.
Pid = 1476, Hwnd=0x202a6, Text = Next, ClassName = CoreForms20.Button.
Pid = 1476, Hwnd=0x702c0, Text = End user license agreement, ClassName = CoreForms20.Label.
Pid = 1476, Hwnd=0x502ce, Text = You must accept the end user license agreement in order to run this program., ClassName = CoreForms20.Label.
Pid = 1476, Hwnd=0x302b6, Text = I accept the terms of the license agreement, ClassName = CoreForms20.Button.
Pid = 1476, Hwnd=0x202d0, Text = SURFRIGHT SOFTWARE LICENSE TERMS 1.1 HitmanPro These license terms are an agreement between SurfRight B.V. (or based on where y, ClassName = CoreForms20.RichTextBox.
Pid = 1476, Hwnd=0x160142, Text = Setup, ClassName = CoreForms20.Label.
Pid = 1476, Hwnd=0x3015a, Text = Would you like to store a copy of the HitmanPro program file on this computer?, ClassName = CoreForms20.Label.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,CoreForms20.Label]
[Window,Class] = [,CoreForms20.Control]
[Window,Class] = [Settings,CoreForms20.Button]
[Window,Class] = [Save Log,CoreForms20.Label]
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Dynamic list behavior
Behavior description:窗口信息
details:{"text": "系统", "class": "android.widget.TextView"}
{"text": "网路未连接", "class": "android.widget.TextView"}
{"text": "确认", "class": "android.widget.Button"}
Behavior description:添加View
details:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41551d08', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#1820002 pfl=0x8 fmt=-2 wanim=0x1030290}', u'android.view.CompatibilityInfoHolder@414af8a0']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414ee028', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#1810100 pfl=0x8 wanim=0x103028f}', u'android.view.CompatibilityInfoHolder@414af8a0']
[u'com.android.internal.policy.impl.PhoneWindow$DecorView@41c52a98', u'WM.LayoutParams{(0,0)(wrapxwrap) gr=#11 sim=#120 ty=2 fl=#1820002 pfl=0x8 fmt=-2 wanim=0x1030290}', u'android.view.CompatibilityInfoHolder@414af8a0']
Behavior description:获取网络状态信息[*]
details:NetworkInfo: type: WIFI[], state: CONNECTED/CONNECTED, reason: (unspecified), extra: freewifi, roaming: false, failover: false, isAvailable: true
Behavior description:写入文件
details:path:/data/data/com.tv1024/shared_prefs/firm.xml length:135
Activities
Activity nameTypes of
com.uicity.activity.MainActivityandroid.intent.action.MAIN
com.uicity.activity.MainActivityandroid.intent.category.LAUNCHER
Dangerous function
Function nameinformation
android/app/NotificationManager;->notify信息通知栏
ContentResolver;->query读取联系人、短信等数据库
java/net/URL;->openConnection连接URL
java/net/HttpURLConnection;->connect连接URL
HttpClient;->execute请求远程服务器
getRuntime获取命令行环境
java/lang/Runtime;->exec执行字符串命令
Permission list
License nameinformation
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.STORAGE
android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
android.permission.READ_PHONE_STATE读取电话状态
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
com.google.android.c2dm.permission.RECEIVE
android.permission.INTERNET连接网络(2G或3G)
android.permission.GET_ACCOUNTS访问账户列表
android.permission.WAKE_LOCK手机屏幕关闭后后台进程仍运行
android.permission.VIBRATE允许设备震动
File List
file name Check code
res/layout/activity_main.xml 0xf860f6a3
AndroidManifest.xml 0x2f65d731
resources.arsc 0xe330890b
res/drawable-hdpi/android_12bg.png 0x3515a0ff
res/drawable-hdpi/android_13bg.png 0x540e5d12
res/drawable-hdpi/android_bar.png 0xa0f5534a
res/drawable-hdpi/android_bg01.jpg 0xa5f3f0b9
res/drawable-hdpi/android_bg02.jpg 0xa5f3f0b9
res/drawable-hdpi/android_bg02_1.jpg 0xedd1764d
res/drawable-hdpi/android_bg02_15.jpg 0xb9d07bf2
res/drawable-hdpi/android_bg02_18.jpg 0xbeb56710
res/drawable-hdpi/android_bg03_s.png 0x9b0cd5f8
res/drawable-hdpi/android_bg04.png 0xe7c44eec
res/drawable-hdpi/android_bg05.png 0x47604703
res/drawable-hdpi/android_bg06.png 0x7600aa97
res/drawable-hdpi/android_bg07.png 0x260a20a2
res/drawable-hdpi/android_bg08_s.png 0x5546bd8b
res/drawable-hdpi/android_bg09_s.png 0x8939ede8
res/drawable-hdpi/android_bg10.png 0xcd33a740
res/drawable-hdpi/android_bg11.png 0x7d927dd9
res/drawable-hdpi/android_bg11_s.png 0xafc49666
res/drawable-hdpi/android_bg12.png 0x38849fc0
res/drawable-hdpi/android_bg12_s.png 0x1d904056
res/drawable-hdpi/android_button01.png 0x4bf3b75d
res/drawable-hdpi/android_button01_press.png 0x982fe53d
res/drawable-hdpi/android_button02.png 0x8653b9aa
res/drawable-hdpi/android_button02_press.png 0x3987510c
res/drawable-hdpi/android_button03.png 0x87b32633
res/drawable-hdpi/android_button03_prerss.png 0x7a56e064
res/drawable-hdpi/android_button04.png 0x69d1021f
res/drawable-hdpi/android_button04_prerss.png 0xcadcada1
res/drawable-hdpi/android_button05.png 0x8346d186
res/drawable-hdpi/android_button05_prerss.png 0x7f6cf8f
res/drawable-hdpi/android_button06.png 0x243a767
res/drawable-hdpi/android_button06_prerss.png 0x15a76266
res/drawable-hdpi/android_button07.png 0x4e9f7c34
res/drawable-hdpi/android_button07_press.png 0xf2d4715e
res/drawable-hdpi/android_button08.png 0x95e5de13
res/drawable-hdpi/android_button08_press.png 0x915ca6c6
res/drawable-hdpi/android_button09.png 0x200cc5a3
res/drawable-hdpi/android_button09_press.png 0xcc38bb19
res/drawable-hdpi/android_button10.png 0x9139b02d
res/drawable-hdpi/android_button10_off.png 0x4bb8d408
res/drawable-hdpi/android_button10_on.png 0x7ee82b03
res/drawable-hdpi/android_button10_press.png 0x7e59da5f
res/drawable-hdpi/android_button15.png 0x6623a32f
res/drawable-hdpi/android_button16.png 0xd4b7bcd0
res/drawable-hdpi/android_button16_press.png 0x50975050
res/drawable-hdpi/android_button17.png 0xa27d2b25
res/drawable-hdpi/android_button17_press.png 0x182392fb
res/drawable-hdpi/android_button18.png 0xe795e6dd
res/drawable-hdpi/android_button18_press.png 0xf1f4b91d
res/drawable-hdpi/android_button_home.jpg 0xa855e396
res/drawable-hdpi/android_button_home_press.jpg 0x22acd84c
res/drawable-hdpi/android_cell01.png 0x84ffed57
res/drawable-hdpi/android_cell02.png 0x16d91f8c
res/drawable-hdpi/android_cell03.png 0x84ffed57
res/drawable-hdpi/android_cell04.png 0x84ffed57
res/drawable-hdpi/android_cell05.png 0x84ffed57
res/drawable-hdpi/android_cell06.png 0x8ae358f6
res/drawable-hdpi/android_cell08_1.png 0x7fc65dfa
res/drawable-hdpi/android_cell08_2.png 0x7fc65dfa
res/drawable-hdpi/android_cell08_3.png 0x7fc65dfa
res/drawable-hdpi/android_cell09_1.png 0xd62fe901
res/drawable-hdpi/android_cell09_2.png 0xd62fe901
res/drawable-hdpi/android_cell09_3.png 0xd62fe901
res/drawable-hdpi/android_channel.jpg 0x9c842cf3
res/drawable-hdpi/android_channel_press.jpg 0xe68a1473
res/drawable-hdpi/android_check_box.png 0xc2d5e7bd
res/drawable-hdpi/android_check_box2.png 0x69c68920
res/drawable-hdpi/android_check_box2_ok.png 0x9e607022
res/drawable-hdpi/android_check_box_ok.png 0xfc6341c
res/drawable-hdpi/android_favorite.png 0xc3bd3ebe
res/drawable-hdpi/android_favorite_press.png 0x53c44cea
res/drawable-hdpi/android_icon01.png 0xb7ce7c0a
res/drawable-hdpi/android_icon02.png 0xa422eee
res/drawable-hdpi/android_icon02_press.png 0xa422eee
res/drawable-hdpi/android_icon03.png 0x9e7ce36c
res/drawable-hdpi/android_icon03_press.png 0x2f849ec4
res/drawable-hdpi/android_icon04.png 0x80d5919a
res/drawable-hdpi/android_icon04_press.png 0x10a907b9
res/drawable-hdpi/android_icon05.png 0xc9467b7a
res/drawable-hdpi/android_icon05_press.png 0x5f11229
res/drawable-hdpi/android_icon06.png 0xbb4fc65a
res/drawable-hdpi/android_icon06_press.png 0x6eedcf7c
res/drawable-hdpi/android_icon07.png 0x7ebf3de9
res/drawable-hdpi/android_icon07_press.png 0xf07c9989
res/drawable-hdpi/android_icon08.png 0xc405e83b
res/drawable-hdpi/android_icon08_press.png 0x92d60bb7
res/drawable-hdpi/android_icon09.png 0xd7561465
res/drawable-hdpi/android_icon10.png 0xa37ce01f
res/drawable-hdpi/android_icon11.png 0x32f68a6a
res/drawable-hdpi/android_icon_press.png 0xbdb094d4
res/drawable-hdpi/android_logo.png 0x8b1a8419
res/drawable-hdpi/android_menubutton.png 0xc58598fe
res/drawable-hdpi/android_menubutton_press.png 0x1f88e63a
res/drawable-hdpi/android_menuicon13.png 0x46b4aac5
res/drawable-hdpi/android_play_button.png 0x1953a66a
res/drawable-hdpi/android_searchbar.jpg 0x4697ce57
res/drawable-hdpi/android_vedio_bg.jpg 0x5333d9b9
res/drawable-hdpi/bg_5341_andriod_tabbar.jpg 0x1c3d6459
res/drawable-hdpi/bg_5341_angriod_navigationbar.jpg 0xad093734
res/drawable-hdpi/game_05.png 0x4634f81f
res/drawable-hdpi/game_icon.png 0xda3899b1
res/drawable-hdpi/ic_launcher.png 0xf248df62
res/drawable-hdpi/icon_512x512r.png 0xe1aef3db
res/drawable-hdpi/playicon.png 0x88084c44
res/drawable-hdpi/search_bg_input.png 0xefed8f4f
res/drawable-mdpi/ic_launcher.png 0x6a84dfd9
res/drawable-xhdpi/ic_launcher.png 0xa227fc8a
res/drawable-xxhdpi/ic_launcher.png 0x2a4a99d1
classes.dex 0xc908074
META-INF/MANIFEST.MF 0x5174afe
META-INF/CERT.SF 0x43d89229
META-INF/CERT.RSA 0xcfbc9eb6
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号