加入进货单1, You can UPLOAD any files, but there is 20Mb limit per file. 2,
VirSCAN supports Rar/Zip decompression, but it must be less than 20 files. 3, VirSCAN can scan compressed files with password 'infected' or 'virus'.
Portuguese Brazil
Русский
укра?нська
Nederlands
Espa?ol (Latin America)
Server load
File information
File Name :
(File not down)
File Size :1280347 byte
File Type :application/zip
文件行为分析
Scanner results
Scanner results:<font color="#%Scanner(s) (1/32)found malware!
Time: <font color="#15-08-12 14:43:51 (CST)
Engine Ver
Scan result
AVL SDK 3.0
Found nothing
9.0.0.4324
9.0.0.4324
Found nothing
Found nothing
Found nothing
4.1.3.52192
Found nothing
Found nothing
bitdefender
Found nothing
Found nothing
5.0.2.3300
Found nothing
23.345, 23.345
Found nothing
6.5.1.5418
Found nothing
Found nothing
V1.32.31.0
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
9.500-1005
Found nothing
Found nothing
Found nothing
Found nothing
25.76.04.01
25.76.04.01
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
17.47.17308
1.0.2.2108
Found nothing
Found nothing
virusbuster
15.0.985.0
Found nothing
■Heuristic/Suspicious ■Exact
NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
Copy to clipboard
许可名称信息
android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
android.permission.READ_FRAME_BUFFER屏幕截图
android.permission.ACCESS_NETWORK_STATE读取网络状态（2G或3G）
android.permission.CHANGE_NETWORK_STATE变更网络状态
android.permission.BROADCAST_STICKY发送持久广播
android.permission.INTERNET连接网络（2G或3G）
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器（如：SD卡）
android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
android.permission.ACCESS_FINE_LOCATION获取精确的位置（通过GPS）
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
android.permission.ACCESS_MOCK_LOCATION获取模拟定位信息
android.permission.RECEIVE_SMS监控接收短信
android.permission.READ_SMS读取短信
android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
android.permission.READ_PHONE_STATE读取电话状态
android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
android.permission.READ_CONTACTS读取联系人信息
android.permission.WRITE_CONTACTS写入联系人信息
android.permission.SENDTO
android.permission.RECORD_AUDIO录音（使用AudioRecord）
android.permission.ACCESS_WIFI_STATE读取wifi网络状态
android.permission.ACCESS_GPS
android.permission.READ_LOGS读取系统日志
android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
android.permission.GET_TASKS获取有关当前或最近运行的任务信息
android.permission.WRITE_CALL_LOG写入通话记录
android.permission.READ_CALL_LOG读取通话记录
com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
android.permission.WRITE_SETTINGS读写系统设置项
安全评分 :
包名:com.time.service
最低运行环境:Android 2.2.x
版权:cdntx
行为描述:写权限映射文件
详情信息:CiceroSharedMemDefaultS-1-5-21----500
MSCTF.MarshalInterface.FileMap.MBH..GOGIG
MSCTF.MarshalInterface.FileMap.MBH.B.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.C.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.D.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.E.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.F.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.G.FPGIG
MSCTF.Shared.SFM.MBH
\WINDOWS\system32\zh-cn\ieframe.dll.mui
Local\UrlZonesSM_Administrator
Local\!PrivacIE!SharedMem!Counter
MSCTF.MarshalInterface.FileMap.ADP..EDOKG
MSCTF.MarshalInterface.FileMap.ADP.B.EDOKG
\WINDOWS\system32\zh-cn\mshtml.dll.mui
行为描述:在桌面创建快捷方式
详情信息:C:\Documents and Settings\All Users\桌面\MiniShutoff.lnk
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述:隐藏指定窗口
详情信息:[Window,Class] = [,Button]
[Window,Class] = [Nullsoft Install System v2.46.3-Unicode,Static]
[Window,Class] = [Nullsoft Install System v2.46.3-Unicode ,Static]
[Window,Class] = [,Static]
[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [显示细节(&D),Button]
[Window,Class] = [安装完成,Static]
[Window,Class] = [安装已成功完成。,Static]
行为描述:修改注册表_IE首页
详情信息:\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\Main\Start Page
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page
行为描述:创建新文件进程
详情信息:ImagePath = C:\Program Files\MiniShutoff\MiniShutoff.exe, CmdLine = &C:\Program Files\MiniShutoff\MiniShutoff.exe&
行为描述:在系统敏感位置（如开始菜单等)释放链接或快捷方式
详情信息:C:\Documents and Settings\All Users\「开始」菜单\程序\MiniShutoff\MiniShutoff.lnk
C:\Documents and Settings\All Users\「开始」菜单\程序\MiniShutoff\uninst.lnk
行为描述:创建可执行文件
详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\UserInfo.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\System.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\InstallOptions.dll
C:\Program Files\MiniShutoff\autoRun.exe
C:\Program Files\MiniShutoff\autoRunCfg.exe
C:\Program Files\MiniShutoff\MiniShutoff.exe
C:\Program Files\MiniShutoff\uninst.exe
行为描述:在桌面创建快捷方式
详情信息:C:\Documents and Settings\All Users\桌面\MiniShutoff.lnk
行为描述:写权限映射文件
详情信息:CiceroSharedMemDefaultS-1-5-21----500
MSCTF.MarshalInterface.FileMap.MBH..GOGIG
MSCTF.MarshalInterface.FileMap.MBH.B.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.C.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.D.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.E.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.F.GOGIG
MSCTF.MarshalInterface.FileMap.MBH.G.FPGIG
MSCTF.Shared.SFM.MBH
\WINDOWS\system32\zh-cn\ieframe.dll.mui
Local\UrlZonesSM_Administrator
Local\!PrivacIE!SharedMem!Counter
MSCTF.MarshalInterface.FileMap.ADP..EDOKG
MSCTF.MarshalInterface.FileMap.ADP.B.EDOKG
\WINDOWS\system32\zh-cn\mshtml.dll.mui
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述:修改文件内容
详情信息:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 74
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\modern-wizard.bmp---& Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 250
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 68
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 88
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 122
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 556
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 620
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 730
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 746
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 770
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 452
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 668
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\ioSpecial.ini---& Offset = 1076
行为描述:连接指定站点
详情信息:InternetConnectA: ServerName = , PORT = 80
行为描述:建立到一个指定的套接字连接
详情信息:127.0.0.1:1034
行为描述:读取网络文件
详情信息:hFile = 0x0000037c, BytesToRead =63, BytesRead = 63.
行为描述:打开HTTP请求
详情信息:HttpOpenRequestA: :80/shut/ad.htm, hConnect = 0x
HttpOpenRequestA: :80/shut/usagelog.php?ver=8.3&os=5.1, hConnect = 0x
HttpOpenRequestA: :80/shut/ver.php?ver=8.3&trial=0, hConnect = 0x
注册表行为
行为描述:修改注册表
详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiniShutoff\DisplayName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiniShutoff\InstallDirString
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiniShutoff\UninstallString
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiniShutoff\DisplayIcon
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiniShutoff\DisplayVersion
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiniShutoff\URLInfoAbout
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiniShutoff\Publisher
\REGISTRY\MACHINE\SYSTEM\ControlSet002\Control\Session Manager\PendingFileRenameOperations
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
行为描述:修改注册表_IE首页
详情信息:\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\Main\Start Page
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page
行为描述:删除注册表键值_IE连接设置
详情信息:\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
行为描述:创建互斥体
详情信息:CTF.LBES.MutexDefaultS-1-5-21----500
<part.MutexDefaultS-1-5-21----500
CTF.Asm.MutexDefaultS-1-5-21----500
CTF.Layouts.MutexDefaultS-1-5-21----500
CTF.TMD.MutexDefaultS-1-5-21----500
CTF.TimListCache.FMPDefaultS-1-5-21----500MUTEX.DefaultS-1-5-21----500
MiniShutoffMutex
MSCTF.Shared.MUTEX.AEH
MSCTF.Shared.MUTEX.MBH
MiniShutoffMutexOnlyone
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
行为描述:隐藏指定窗口
详情信息:[Window,Class] = [,Button]
[Window,Class] = [Nullsoft Install System v2.46.3-Unicode,Static]
[Window,Class] = [Nullsoft Install System v2.46.3-Unicode ,Static]
[Window,Class] = [,Static]
[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [显示细节(&D),Button]
[Window,Class] = [安装完成,Static]
[Window,Class] = [安装已成功完成。,Static]
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
行为描述:获取系统权限
详情信息:SE_LOAD_DRIVER_PRIVILEGE
SE_SHUTDOWN_PRIVILEGE
行为描述:窗口信息
详情信息:Pid = 1552, Hwnd=0x401ce, Text = 下一步(&N) &, ClassName = Button.
Pid = 1552, Hwnd=0x70196, Text = 取消(&C), ClassName = Button.
Pid = 1552, Hwnd=0x301c6, Text = Nullsoft Install System v2.46.3-Unicode , ClassName = Static.
Pid = 1552, Hwnd=0x301d0, Text = Nullsoft Install System v2.46.3-Unicode, ClassName = Static.
Pid = 1552, Hwnd=0x301c2, Text = 欢迎使用&MiniShutoff 8.3&安装向导, ClassName = Static.
Pid = 1552, Hwnd=0x301c4, Text = 这个向导将指引你完成&MiniShutoff 8.3&的安装进程。
在开始安装之前，建议先关闭其他所有应用程序。这将允许&安装程序&更新指定的, ClassName = Static.
Pid = 1552, Hwnd=0x30236, Text = MiniShutoff 8.3 安装, ClassName = #32770.
Pid = 1552, Hwnd=0x4020e, Text = & 上一步(&P), ClassName = Button.
Pid = 1552, Hwnd=0x401ce, Text = 安装(&I), ClassName = Button.
Pid = 1552, Hwnd=0x30228, Text = 选择安装位置, ClassName = Static.
Pid = 1552, Hwnd=0x301ca, Text = 选择&MiniShutoff 8.3&的安装文件夹。, ClassName = Static.
Pid = 1552, Hwnd=0x401c4, Text = C:\Program Files\MiniShutoff, ClassName = Edit.
Pid = 1552, Hwnd=0x401c2, Text = 浏览(&B)..., ClassName = Button.
Pid = 1552, Hwnd=0x401fc, Text = 可用空间: 5.8GB, ClassName = Static.
Pid = 1552, Hwnd=0x501bc, Text = 所需空间: 516.0KB, ClassName = Static.
行为描述:打开图片文件
详情信息:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsh5.tmp\modern-wizard.bmp
动态列表行为
行为描述:访问网络
详情信息:host:10.0.0.172 port:80
行为描述:创建数据库
详情信息:/mnt/sdcard/baidu/tempdata/ls.db
行为描述:启动服务
详情信息:Intent { act=com.secneo.plugin.action.APP_STARTED flg=0x10 cmp=com.time.service/neo.proxy.FastService }
行为描述:读取文件
详情信息:path:/data/data/com.time.service/app_bangcleplugin/container.apk length:3226
path:/data/data/com.time.service/app_bangcleplugin/container.apk length:7
path:/data/data/com.time.service/app_bangcleplugin/container.apk length:33
path:/data/data/com.time.service/app_bangcleplugin/container.apk length:615
path:/data/data/com.time.service/app_bangcleplugin/container.apk length:5
path:/data/app/com.time.service-1.apk length:7
path:/data/app/com.time.service-1.apk length:26
path:/data/app/com.time.service-1.apk length:826
path:/data/app/com.time.service-1.apk length:271
path:/data/app/com.time.service-1.apk length:5
path:unknown length:129
行为描述:解析通用资源标识符
详情信息:content://call_log/calls
content://call_log/calls/filter
content://sms
行为描述:注册ContentObserver
详情信息:URI=content://call_log/calls
URI=content://sms
行为描述:对指定数据计算哈希
详情信息:PK
 \xEF\xBF\xBD\xEF\xBF\xBDE META-INF/\xEF\xBF\xBD\xEF\xBF\xBDPK
\xEF\xBF\xBD\xEF\xBF\xBDE?\xEF\xBF\xBD\xEF\xBF\xBD\xD2\x86\xEF\xBF\xBDMETA-INF/MANIFEST.MFM\xEF\xBF\xBD=\xEF\xBF\xBD0\xEF\xBF\xBD=\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDQ\xEF\xBF\xBD-*\xEF\xBF\xBDlm\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDOH/!\xEF\xBF\xBD\xEF\xBF\xBD7\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDJ\xEF\xBF\xBDw\xEF\xBF\xBD\xEF\xBF\xBDG6\xEF\xBF\xBD\xEF\xBF\xBDN\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDdL\xEF\xBF\xBDR\xEF\xBF\xBDZ8\xEF\xBF\xBDA
\xEF\xBF\xBD +\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDg\xEF\xBF\xBD\xC7\x93~\xEF\xBF\xBD\xEF\xBF\xBD]2\xEF\xBF\xBD@\xEF\xBF\xBD\xC6\x9Cb\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD{)f\xEF\xBF\xBD]\xEF\xBF\xBDR\xEF\xBF\xBDb\xEF\xBF\xBD.rmF\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDj\xEF\xBF\xBD\xCE\xB7\xEF\xBF\xBD\xEF\xBF\xBDb]\xEF\xBF\xBD)\xEF\xBF\xBD\xEF\xBF\xBDPK
\xEF\xBF\xBD\xEF\xBF\xBDE\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD1\xEF\xBF\xBD\xEF\xBF\xBD8
classes.dex\xEF\xBF\xBD}w|\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDyv\xEF\xBF\xBD!$\xEF\xBF\xBDl(\xEF\xBF\xBD&l\xEF\xBF\xBDEA\xEF\xBF\xBD@(&JP\xEF\xBF\xBD\xEF\xBF\xBDc
;1\xEF\xBF\xBD`\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDJ\xEF\xBF\xBDj\xC3\x82p\xEF\xBF\xBD^b\xEF\xBF\xBD\xEF\xBF\xBDQ\xEF\xBF\xBD\xEF\xBF\xBDko\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD!\xEF\xBF\xBD\xEF\xBF\xBD{\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD/|\xEF\xBF\xBD\xEF\xBF\xBDy\xEF\xBF\xBD\xEF\xBF\xBD3g\xDA\x99\xEF\xBF\xBD\xEF\xBF\xBD'\xEF\xBF\xBD\xEF\xBF\xBDU\xD8\xBD\xEF\xBF\xBD&~\xEF\xBF\xBD\xEF\xBF\xBDH\xEF\xBF\xBD&\xEF\xBF\xBD\xEF\xBF\xBD-\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD&w\xEF\xBF\xBD.}\xC7\xBEq\xEF\xBF\xBD?\xEF\xBF\xBD\xEF\xBF\xBDP\xEF\xBF\xBD}x\xEF\xBF\xBD\xEF\xBF\xBD_6\xEF\xBF\xBD^\xEF\xBF\xBDH\xEF\xBF\xBD_\xEF\xBF\xBD\xEF\xBF\xBD$\xEF\xBF\xBDt\xEF\xBF\xBD\\xEF\xBF\xBD\xEF\xBF\xBDAK;\xEF\xBF\xBDk\xEF\xBF\xBDF\xEF\xBF\xBDA\xEF\xBF\xBD\xEF\xBF\xBDc\xEF\xBF\xBD'\xEF\xBF\xBD\xEF\xBF\xBD{\xEF\xBF\xBD$*\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD
\xEF\xBF\xBDL\xEF\xBF\xBD
K\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDj`p+p;\xEF\xBF\xBDx
xx xx\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDZ
\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD@!\xEF\xBF\xBD\xEF\xBF\xBD
F\xEF\xBF\xBDq\xEF\xBF\xBD \xEF\xBF\xBD)@%ppp!P\xEF\xBF\xBD6
O\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDc\xEF\xBF\xBD\xEF\xBF\xBD@\xEF\xBF\xBD3\xEF\xBF\xBD8T\xEF\xBF\xBD\xEF\xBF\xBD3\xEF\xBF\xBD%\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD;@\xEF\xBF\xBD'D{c\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD+\xEF\xBF\xBDk\xEF\xBF\xBD%\xEF\xBF\xBDz`p/\xEF\xBF\xBD
\xEF\xBF\xBD
\xEF\xBF\xBD
\xEF\xBF\xBD?E\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD`p*p6p
0X,\xEF\xBF\xBD[\xEF\xBF\xBDO\xEF\xBF\xBD3\xEF\xBF\xBD\\xEF\xBF\xBDc\xEF\xBF\xBD\xD3\x81i\xEF\xBF\xBD\`\xEF\xBF\xBD8\xEF\xBF\xBD\xEF\xBF\xBD9\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD9Q{\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBD88\xEF\xBF\xBD\xEF\xBF\xBD\xEF\xBF\xBDX
\xEF\xBF\xBDnn\xEF\xBF\xBD\xEF\xBF\xBD^~&`\xEF\xBF\xBD6@{\xEF\xBF\xBD#\xEF\xBF\xBD
(z[@[Truncated]@]
com.baidu263c5d509c6bdbbf911
263c5d509c6bdbbfbe-d8d0-44a0-8d1e-92421ab4ffc2
行为描述:初始化IntentFilter
详情信息:[u'android.net.wifi.SCAN_RESULTS']
行为描述:查询App共享数据
详情信息:[u'content://call_log/calls', u'[_id]', u'null', u'null', u'date DESC']
[u'content://call_log/calls', u'[_id, number, duration, name, type]', u'_id&?', u'[0]', u'date DESC']
行为描述:窗口信息
详情信息:{&text&: &系统&, &class&: &android.widget.TextView&}
{&text&: &服务开关
_注册购买请联系QQ:手机监控软件&, &class&: &android.widget.TextView&}
{&text&: &开启监控&, &class&: &android.widget.TextView&}
{&text&: &服务未开启&, &class&: &android.widget.TextView&}
{&text&: &接收监控内容邮箱 _注册购买请联系QQ:手机监控软件&, &class&: &android.widget.TextView&}
{&text&: &邮箱帐号&, &class&: &android.widget.TextView&}
{&text&: &&, &class&: &android.widget.TextView&}
{&text&: &邮箱密码&, &class&: &android.widget.TextView&}
{&text&: &发送测试邮件&, &class&: &android.widget.TextView&}
{&text&: &通信监控功能
_注册购买请联系QQ:手机监控软件&, &class&: &android.widget.TextView&}
{&text&: &默认录音音源&, &class&: &android.widget.TextView&}
{&text&: &选双向会比较清楚，如果没录音请改成MIC&, &class&: &android.widget.TextView&}
{&text&: &录音模式&, &class&: &android.widget.TextView&}
{&text&: &短信暗号操控设置&, &class&: &android.widget.TextView&}
{&text&: &点击进入设置&, &class&: &android.widget.TextView&}
{&text&: &Gps监控功能
_注册购买请联系QQ:手机监控软件&, &class&: &android.widget.TextView&}
行为描述:添加悬浮窗口
详情信息:[u'com.android.internal.policy.impl.PhoneWindow$DecorView@414c1e30', u'WM.LayoutParams{(0,0)(fillxfill) sim=#100 ty=1 fl=#8010100 pfl=0x8 wanim=0x1030001}', u'patibilityInfoHolder@414b4258']
行为描述:注册广播接收器
详情信息:[u'com.baidu.location.e$b@', u'android.content.IntentFilter@414eb9b8']
行为描述:发送广播
详情信息:[u'Intent { act=com.secneo.plugin.action.APP_STARTED }']
行为描述:调用哈希算法
详情信息:MD5
行为描述:初始化Intent
详情信息:[u'com.secneo.plugin.action.APP_STARTED']
[u'android.os.Parcel@414b1738']
[u'android.os.Parcel@414b1778']
[u'com.secneo.plugin.action.HOURLY']
[u'com.secneo.plugin.action.DAILY']
[u'com.time.service.ga@', u'class com.baidu.location.f']
[u'android.os.Parcel@414b2968']
[.baidu.location.TIMER.NOTIFY']
行为描述:监听手机SIM卡或者移动网络信息
详情信息:[u'com.time.service.k@', u'32']
[u'com.baidu.location.c$b@', u'272']
行为描述:获取设备ID
详情信息:263
行为描述:类加载
详情信息:path:/data/data/com.time.service/app_bangcleplugin/container.apk
path:/data/data/com.time.service/app_bangcleplugin/device.apk
path:/data/data/com.time.service/app_bangcleplugin/appinfo.apk
行为描述:写入文件
详情信息:path:/data/data/com.time.service/shared_prefs/com.time.service_preferences.xml length:120
path:/data/data/com.time.service/shared_prefs/com.time.service_preferences.xml length:158
path:/data/data/com.time.service/shared_prefs/com.time.service_preferences.xml length:936
path:/data/data/com.time.service/app_bangcleplugin/container.apk length:3226
path:/data/data/com.time.service/shared_prefs/device_id.xml.xml length:140
path:/data/data/com.time.service/app_data/container.pre_global_config length:29
path:/data/data/com.time.service/app_data/container.pre_global_config length:5
path:/data/data/com.time.service/app_data/container.pre_global_config length:1044
path:/data/data/com.time.service/shared_prefs/com.time.service_preferences.xml length:1009
path:/data/data/com.time.service/shared_prefs/com.time.service_preferences.xml length:1051
path:/data/data/com.time.service/shared_prefs/com.time.service_preferences.xml length:1087
path:/data/data/com.time.service/app_bangcleplugin/device.apk length:5045
path:/data/data/com.time.service/app_bangcleplugin/appinfo.apk length:4751
path:/data/data/com.time.service/shared_prefs/bids.xml length:111
path:/data/data/com.time.service/shared_prefs/bids.xml length:153
Activities
活动名类型
.MainActivityandroid.intent.action.MAIN
.MainActivityandroid.intent.category.LAUNCHER
neo.proxy.ToolActivitycom.secneo.proxy.action.CUSTOM
neo.proxy.ToolActivityandroid.intent.category.DEFAULT
函数名称信息
getRuntime获取命令行环境
java/lang/R->exec执行字符串命令
android.app.admin.DeviceAdminReceiver
com.time.service.BootBroadcastReceiver开机启动服务
com.time.service.myReceiver屏幕解锁启动服务
com.time.service.CallBroadcastReceiver
com.time.service.sr监控短信（收到短信）启动服务
com.time.service.PhoneBroadcastReceiver
com.time.service.NetBroadcastReceiver网络连接改变时启动服务
com.time.service.InstallReceive应用卸载时启动服务
neo.proxy.DistributeReceiver网络连接改变时启动服务
com.baidu百度
许可名称信息
android.permission.KILL_BACKGROUND_PROCESSES关闭后台进程
android.permission.READ_FRAME_BUFFER屏幕截图
android.permission.ACCESS_NETWORK_STATE读取网络状态（2G或3G）
android.permission.CHANGE_NETWORK_STATE变更网络状态
android.permission.BROADCAST_STICKY发送持久广播
android.permission.INTERNET连接网络（2G或3G）
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器（如：SD卡）
android.permission.MOUNT_UNMOUNT_FILESYSTEMS挂载、反挂载外部文件系统
android.permission.ACCESS_FINE_LOCATION获取精确的位置（通过GPS）
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS访问额外的定位指令
android.permission.ACCESS_MOCK_LOCATION获取模拟定位信息
android.permission.RECEIVE_SMS监控接收短信
android.permission.READ_SMS读取短信
android.permission.PROCESS_OUTGOING_CALLS监视、修改有关拨出电话
android.permission.READ_PHONE_STATE读取电话状态
android.permission.RECEIVE_BOOT_COMPLETED接收开机启动广播
android.permission.READ_CONTACTS读取联系人信息
android.permission.WRITE_CONTACTS写入联系人信息
android.permission.SENDTO
android.permission.RECORD_AUDIO录音（使用AudioRecord）
android.permission.ACCESS_WIFI_STATE读取wifi网络状态
android.permission.ACCESS_GPS
android.permission.READ_LOGS读取系统日志
android.permission.MODIFY_AUDIO_SETTINGS修改声音设置
android.permission.GET_TASKS获取有关当前或最近运行的任务信息
android.permission.WRITE_CALL_LOG写入通话记录
android.permission.READ_CALL_LOG读取通话记录
com.android.launcher.permission.INSTALL_SHORTCUT创建快捷方式
android.permission.SYSTEM_ALERT_WINDOW显示系统窗口
android.permission.WRITE_SETTINGS读写系统设置项
com.time.service.sb
com.time.service.ga
com.baidu.location.f
neo.proxy.FastService
META-INF/MANIFEST.MF
0x25455b00
META-INF/CDNTX.SF
0x3b55162c
META-INF/CDNTX.RSA
0x58b78a7c
assets/meta-data/manifest.mf
0xb7eba650
assets/meta-data/rsa.pub
0x6370bb78
assets/meta-data/rsa.sig
0x7cae8cb3
AndroidManifest.xml
0x69c28e16
assets/bangcle_classes.jar
0xa54e1911
assets/bangcleplugin/appinfo.apk
0x8fd87df9
assets/bangcleplugin/appstart.apk
0xfbbe308a
assets/bangcleplugin/container.apk
0x7cd93871
assets/bangcleplugin/device.apk
0xdcdfda27
assets/bangcleplugin/dgc
0x9954822e
assets/bangcleplugin/jiffiesinfo.apk
0x47d46287
assets/bangcleplugin/location.apk
0x4204b04d
assets/bangcleplugin/wifiinfo.apk
0x5e1a49d7
assets/com.time.service
0x41cc3bd6
assets/com.time.service.L
0x63509f52
assets/com.time.service.art
assets/com.time.service.x86
0x5f0dcf29
assets/libsecexe.so
0x544c371f
assets/libsecexe.x86.so
assets/libsecmain.so
assets/libsecmain.x86.so
0xfceaa55c
classes.dex
com/sun/mail/dsn/mailcap
0x7605dc17
0x1e4e9355
javamail.charset.map
0xad0dfcee
javamail.default.address.map
javamail.default.providers
0x45ea1b21
javamail.imap.provider
0x8934555a
javamail.pop3.provider
javamail.smtp.address.map
javamail.smtp.provider
0x990c469d
lib/armeabi/liblame.so
0xf2b883cf
lib/armeabi/liblocSDK3.so
0xbbfb08a6
lib/armeabi/libvoix.so
0x95ab3a80
0xd7759e43
mailcap.default
mimetypes.default
0x97dd5cdb
org/apache/harmony/awt/internal/nls/messages.properties
0x5f88eb12
res/drawable-hdpi/ic_action_search.png
0x64275be8
res/drawable-hdpi/ic_launcher.png
res/drawable-ldpi/ic_launcher.png
res/drawable-mdpi/ic_action_search.png
0xb4091fdc
res/drawable-mdpi/ic_launcher.png
0xd99468f7
res/drawable-xhdpi/ic_action_search.png
0x3294aee3
res/drawable-xhdpi/ic_launcher.png
0x7c851ad3
res/drawable/alert_dialog_icon.png
res/drawable/ico.png
0x7c851ad3
res/layout/activity_main.xml
0x6a65da8f
res/layout/alert_dialog_text_entry.xml
0xb422524f
res/layout/car.xml
0x569bfc4d
res/menu/activity_main.xml
0x8d9023f8
res/raw/zlsu
0x15bb5f55
res/xml/deviceadmin.xml
res/xml/settings.xml
0x86d22a1c
res/xml/settings_sms.xml
0xf11f9f8a
resources.arsc
0x3a64e659
File upload
Please not close this windows,
If you do not have to upload response time, make sure you upload files less than 20M
You can view the results of the last scan or rescan}