cf体验服官网一区版本5.33我是4.96怎么弄好?最好不要重下载

来源:蜘蛛抓取(WebSpider) 时间:2015-01-22 16:05 标签: cf体验服下载
1, You can UPLOAD any files, but there is 20Mb limit per file. 2,
VirSCAN supports Rar/Zip decompression, but it must be less than 20 files. 3, VirSCAN can scan compressed files with password 'infected' or 'virus'.
Portuguese Brazil
Русский
укра?нська
Nederlands
Espa?ol (Latin America)
Server load
File information
File Name :
(File not down)
File Size :251813 byte
File Type :application/jar
文件行为分析
Scanner results
Scanner results:<font color="#%Scanner(s) (1/39)found malware!
Time: <font color="#14-10-01 13:31:36 (CST)
Engine Ver
Scan result
Found nothing
7.11.175.178
Found nothing
Found nothing
Found nothing
9.0.0.4324
9.0.0.4324
Found nothing
Found nothing
Found nothing
4.1.3.52192
Found nothing
Found nothing
bitdefender
Found nothing
Found nothing
Found nothing
Found nothing
5.0.2.3300
Found nothing
Found nothing
6.5.1.5418
Found nothing
Found nothing
Found nothing
Found nothing
V1.32.31.0
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
Found nothing
9.500-1005
Found nothing
Found nothing
Found nothing
Found nothing
25.33.06.04
25.33.06.04
Found nothing
Found nothing
3.9.2595.2
3.9.2595.2
Found nothing
Found nothing
Found nothing
Found nothing
17.47.17308
1.0.2.2108
Found nothing
Found nothing
virusbuster
15.0.924.0
Found nothing
■Heuristic/Suspicious ■Exact
NOTICE: Results are not 100% accurate and can be reported as a false positive by some scannerswhen and if malware is found. Please judge these results for yourself.
Copy to clipboard
许可名称信息
android.permission.INTERNET连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
android.permission.WRITE_INTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
android.permission.BLUETOOTH连接蓝牙设备
android.permission.ACCESS_BLUETOOTH_SHARE
android.permission.BLUETOOTH_ADMIN搜寻蓝牙设备
安全评分 :87
包名:coco.mobile
最低运行环境:Android 2.2.x
行为描述:隐藏指定窗口
详情信息:[Window,Class] = [,Afx::5:0]
[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
[Window,Class] = [,AddressDisplay Control]
[Window,Class] = [,CtrlNotifySink]
[Window,Class] = [,tooltips_class32]
[Window,Class] = [,Shell Embedding]
[Window,Class] = [,Internet Explorer_Server]
行为描述:设置消息钩子
详情信息:C:\WINDOWS\system32\IEFRAME.dll
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述:查找指定内核模块
详情信息:lstrcmpiA: ntice.sys &------& ntkrnlpa.exe (ntice.sys)
lstrcmpiA: ntice.sys &------& hal.dll (ntice.sys)
lstrcmpiA: ntice.sys &------& KDCOM.DLL (ntice.sys)
lstrcmpiA: ntice.sys &------& BOOTVID.dll (ntice.sys)
lstrcmpiA: ntice.sys &------& ACPI.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& WMILIB.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& pci.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& isapnp.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& compbatt.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& BATTC.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& intelide.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& PCIIDEX.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& MountMgr.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& ftdisk.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& dmload.sys (ntice.sys)
行为描述:查找反病毒常用工具窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: ]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: ]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: ]
行为描述:按名称获取主机地址
详情信息:wpad
行为描述:创建进程
详情信息:ImagePath = C:\PROGRA~1\INTERN~1\iexplore.exe, CmdLine = &C:\PROGRA~1\INTERN~1\iexplore.exe&
ImagePath = C:\PROGRA~1\INTERN~1\iexplore.exe, CmdLine = &C:\PROGRA~1\INTERN~1\iexplore.exe&
ImagePath = C:\PROGRA~1\INTERN~1\iexplore.exe, CmdLine = &C:\PROGRA~1\INTERN~1\iexplore.exe& SCODEF:2140 CREDAT:79873
ImagePath = C:\PROGRA~1\INTERN~1\iexplore.exe, CmdLine = &C:\PROGRA~1\INTERN~1\iexplore.exe& SCODEF:644 CREDAT:79873
ImagePath = C:\PROGRA~1\INTERN~1\iexplore.exe, CmdLine = &C:\PROGRA~1\INTERN~1\iexplore.exe& SCODEF:644 CREDAT:14358
行为描述:创建新文件进程
详情信息:ImagePath = c:\%temp%\.249544.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验服-[3.5.4.2]-(完美版).exe, CmdLine = c:\%temp%\.249544.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验
ImagePath = c:\%temp%\.291815.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验服-[3.5.4.2]-(完美版).exe, CmdLine = c:\%temp%\.291815.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验
ImagePath = c:\%temp%\.334667.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验服-[3.5.4.2]-(完美版).exe, CmdLine = c:\%temp%\.334667.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验
ImagePath = c:\%temp%\.377258.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验服-[3.5.4.2]-(完美版).exe, CmdLine = c:\%temp%\.377258.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验
ImagePath = c:\%temp%\.421399.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验服-[3.5.4.2]-(完美版).exe, CmdLine = c:\%temp%\.421399.exe_7zdump\完美助手支持体验服-[3.5.4.2]-(完美版)\完美助手支持体验
行为描述:枚举进程
详情信息:N/A
行为描述:写权限映射文件
详情信息:\WINDOWS\system32\zh-cn\ieframe.dll.mui
Local\UrlZonesSM_Administrator
Local\!PrivacIE!SharedMem!Counter
CiceroSharedMemDefaultS-1-5-21----500
\WINDOWS\system32\zh-cn\mshtml.dll.mui
Internet Explorer Immutable Application State (0-)
ie_lcie_LogonMedium
Local\SqmData_IESQM-644_S-1-5-21----500
ie_lcie_main_284
Isolation Process Registry (B0A-11E4-B5D3-000C2938259F)
Isolation Signal Registry (B0A-11E4-B5D3-000C2938259F, 0)
Local\IEFrame!GetAsyncKeyStateSharedMem!644
Internet Explorer Immutable Application State (00-)
Local\SqmData_IESQM-2140_S-1-5-21----500
ie_lcie_main_85c
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述:修改文件内容
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\dnserrordiagoff_webOC[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\errorPageStrings[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\httpErrorPagesScripts[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\background_gradient[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\info_48[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\bullet[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\down[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\dnserrordiagoff[3]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\dnserrordiagoff[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\ErrorPageTemplate[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\errorPageStrings[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\ErrorPageTemplate[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\httpErrorPagesScripts[1]---& Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\noConnect[1]---& Offset = 0
行为描述:下载文件
详情信息:URLDownloadToFileW: /favicon.ico ---& C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{6-472f-A0FF-EE3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{6-472f-A0FF-EE3A}.ico
行为描述:连接指定站点
详情信息:InternetConnectA: ServerName = , PORT = 80
InternetConnectA: ServerName = , PORT = 80
行为描述:建立到一个指定的套接字连接
详情信息:127.0.0.1:1040
127.0.0.1:1041
127.0.0.1:1042
127.0.0.1:1043
127.0.0.1:1046
127.0.0.1:1047
127.0.0.1:1048
127.0.0.1:1049
127.0.0.1:1050
行为描述:读取网络文件
详情信息:hFile = 0x000002cc, BytesToRead =10240, BytesRead = 10240.
hFile = 0x, BytesToRead =10240, BytesRead = 10240.
hFile = 0x, BytesToRead =10240, BytesRead = 10240.
hFile = 0x, BytesToRead =10240, BytesRead = 10240.
行为描述:打开HTTP请求
详情信息:HttpOpenRequestA: :80/x5vip/, hConnect = 0x0000043c
HttpOpenRequestA: :80/x5vip/x5tyf.txt, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x
HttpOpenRequestA: :80/x5vip/, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x000004ec
HttpOpenRequestA: :80/, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x
HttpOpenRequestA: :80/x5vip/x5tyf.txt, hConnect = 0x
HttpOpenRequestA: :80/x5vip/, hConnect = 0x
HttpOpenRequestA: :80/, hConnect = 0x0000069c
HttpOpenRequestA: :80/, hConnect = 0x
行为描述:按名称获取主机地址
详情信息:wpad
注册表行为
行为描述:修改注册表
详情信息:\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\X\BaseClass
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\PROGRA~1\INTERN~1\iexplore.exe
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\SQM\PIDs\PID_644
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\SQM\PIDs\PID_2140
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\Recovery\Active\{B0B37C3D-48D1-11E4-B5D3-000C2938259F}
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c}\LanguageProfile\0x800dac-e7ca-4df9-9a5c-d}\Enable
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\Recovery\Active\{B0A-11E4-B5D3-000C2938259F}
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA.1\0\win32\
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\Main\Window_Placement
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD--FA578C2EBDC3}\iexplore\Count
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD--FA578C2EBDC3}\iexplore\Time
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD--FA578C2EBDC3}\iexplore\LoadTime
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD--FA578C2EBDC3}\iexplore\LoadTimeCount
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\SearchScopes\{6-472f-A0FF-EE3A}\FaviconPath
行为描述:删除注册表键值
详情信息:\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
行为描述:删除注册表键值_IE连接设置
详情信息:\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
行为描述:删除注册表键
详情信息:\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c}\LanguageProfile\0x800dac-e7ca-4df9-9a5c-d}
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c}\LanguageProfile\0x
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c}\LanguageProfile
\REGISTRY\USER\S-1-5-21----500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c}
行为描述:创建互斥体
详情信息:RasPbFile
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
Local\!PrivacIE!SharedMemory!Mutex
CTF.LBES.MutexDefaultS-1-5-21----500
<part.MutexDefaultS-1-5-21----500
CTF.Asm.MutexDefaultS-1-5-21----500
CTF.Layouts.MutexDefaultS-1-5-21----500
CTF.TMD.MutexDefaultS-1-5-21----500
CTF.TimListCache.FMPDefaultS-1-5-21----500MUTEX.DefaultS-1-5-21----500
IESQM-644_S-1-5-21----500
IExplore.Sqm.psenr
Local\!BrowserEmulation!SharedMemory!Mutex
行为描述:内联HOOK
详情信息:C:\WINDOWS\system32\ntdll.dll---&DbgBreakPoint Offset = 0x0
行为描述:设置消息钩子
详情信息:C:\WINDOWS\system32\IEFRAME.dll
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [18467-41,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [Static,]
行为描述:尝试打开调试器或监控软件的驱动设备对象
详情信息:\??\SICE
\??\SIWVID
行为描述:获取系统权限
详情信息:SE_DEBUG_PRIVILEGE
SE_LOAD_DRIVER_PRIVILEGE
行为描述:打开指定IE网页
行为描述:隐藏指定窗口
详情信息:[Window,Class] = [,Afx::5:0]
[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
[Window,Class] = [,AddressDisplay Control]
[Window,Class] = [,CtrlNotifySink]
[Window,Class] = [,tooltips_class32]
[Window,Class] = [,Shell Embedding]
[Window,Class] = [,Internet Explorer_Server]
行为描述:窗口信息
详情信息:Pid = 644, Hwnd=0xa0346, Text = 导航栏, ClassName = WorkerW.
Pid = 644, Hwnd=0xc0340, Text = 地址组合控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x80382, Text = 页面控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x803ec, Text = Live Search, ClassName = Edit.
Pid = 644, Hwnd=0x6033e, Text = 搜索组合控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x50356, Text = 搜索控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0xb037e, Text = 命令栏, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0xa03ea, Text = 收藏夹命令栏, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x903a8, Text = LinksBand, ClassName = LinksBandClass.
Pid = 644, Hwnd=0xa03da, Text = 收藏夹栏, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x903fc, Text = 添加到收藏夹栏, ClassName = ToolbarWindow32.
Pid = 2748, Hwnd=0x90416, Text = ITBarHost, ClassName = InternetToolbarHost.
Pid = 2748, Hwnd=0x80440, Text = 菜单栏, ClassName = WorkerW.
Pid = 2748, Hwnd=0xc0348, Text = Internet Explorer 无法显示该网页 - Windows Internet Explorer, ClassName = TabWindowClass.
Pid = 2748, Hwnd=0x50414, Text = 完成, ClassName = msctls_statusbar32.
行为描述:查找指定内核模块
详情信息:lstrcmpiA: ntice.sys &------& ntkrnlpa.exe (ntice.sys)
lstrcmpiA: ntice.sys &------& hal.dll (ntice.sys)
lstrcmpiA: ntice.sys &------& KDCOM.DLL (ntice.sys)
lstrcmpiA: ntice.sys &------& BOOTVID.dll (ntice.sys)
lstrcmpiA: ntice.sys &------& ACPI.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& WMILIB.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& pci.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& isapnp.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& compbatt.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& BATTC.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& intelide.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& PCIIDEX.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& MountMgr.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& ftdisk.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& dmload.sys (ntice.sys)
行为描述:查找反病毒常用工具窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: ]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: ]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: ]
行为描述:创建互斥体
详情信息:RasPbFile
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
Local\!PrivacIE!SharedMemory!Mutex
CTF.LBES.MutexDefaultS-1-5-21----500
<part.MutexDefaultS-1-5-21----500
CTF.Asm.MutexDefaultS-1-5-21----500
CTF.Layouts.MutexDefaultS-1-5-21----500
CTF.TMD.MutexDefaultS-1-5-21----500
CTF.TimListCache.FMPDefaultS-1-5-21----500MUTEX.DefaultS-1-5-21----500
IESQM-644_S-1-5-21----500
IExplore.Sqm.psenr
Local\!BrowserEmulation!SharedMemory!Mutex
行为描述:内联HOOK
详情信息:C:\WINDOWS\system32\ntdll.dll---&DbgBreakPoint Offset = 0x0
行为描述:设置消息钩子
详情信息:C:\WINDOWS\system32\IEFRAME.dll
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [18467-41,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [Static,]
行为描述:尝试打开调试器或监控软件的驱动设备对象
详情信息:\??\SICE
\??\SIWVID
行为描述:获取系统权限
详情信息:SE_DEBUG_PRIVILEGE
SE_LOAD_DRIVER_PRIVILEGE
行为描述:打开指定IE网页
行为描述:隐藏指定窗口
详情信息:[Window,Class] = [,Afx::5:0]
[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
[Window,Class] = [,AddressDisplay Control]
[Window,Class] = [,CtrlNotifySink]
[Window,Class] = [,tooltips_class32]
[Window,Class] = [,Shell Embedding]
[Window,Class] = [,Internet Explorer_Server]
行为描述:窗口信息
详情信息:Pid = 644, Hwnd=0xa0346, Text = 导航栏, ClassName = WorkerW.
Pid = 644, Hwnd=0xc0340, Text = 地址组合控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x80382, Text = 页面控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x803ec, Text = Live Search, ClassName = Edit.
Pid = 644, Hwnd=0x6033e, Text = 搜索组合控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x50356, Text = 搜索控制, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0xb037e, Text = 命令栏, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0xa03ea, Text = 收藏夹命令栏, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x903a8, Text = LinksBand, ClassName = LinksBandClass.
Pid = 644, Hwnd=0xa03da, Text = 收藏夹栏, ClassName = ToolbarWindow32.
Pid = 644, Hwnd=0x903fc, Text = 添加到收藏夹栏, ClassName = ToolbarWindow32.
Pid = 2748, Hwnd=0x90416, Text = ITBarHost, ClassName = InternetToolbarHost.
Pid = 2748, Hwnd=0x80440, Text = 菜单栏, ClassName = WorkerW.
Pid = 2748, Hwnd=0xc0348, Text = Internet Explorer 无法显示该网页 - Windows Internet Explorer, ClassName = TabWindowClass.
Pid = 2748, Hwnd=0x50414, Text = 完成, ClassName = msctls_statusbar32.
行为描述:查找指定内核模块
详情信息:lstrcmpiA: ntice.sys &------& ntkrnlpa.exe (ntice.sys)
lstrcmpiA: ntice.sys &------& hal.dll (ntice.sys)
lstrcmpiA: ntice.sys &------& KDCOM.DLL (ntice.sys)
lstrcmpiA: ntice.sys &------& BOOTVID.dll (ntice.sys)
lstrcmpiA: ntice.sys &------& ACPI.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& WMILIB.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& pci.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& isapnp.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& compbatt.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& BATTC.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& intelide.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& PCIIDEX.SYS (ntice.sys)
lstrcmpiA: ntice.sys &------& MountMgr.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& ftdisk.sys (ntice.sys)
lstrcmpiA: ntice.sys &------& dmload.sys (ntice.sys)
行为描述:查找反病毒常用工具窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: ]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: ]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: ]
动态列表行为
行为描述:启动服务
详情信息:com.patibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述:读取文件
详情信息:path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/849/cmdline length:105
path:/proc/874/cmdline length:105
行为描述:类加载
详情信息:path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/coco.mobile-1.apk
行为描述:写入文件
详情信息:path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
活动名类型
.LaunchPadandroid.intent.action.MAIN
.LaunchPadandroid.intent.category.LAUNCHER
函数名称信息
java/net/URL;->openConnection连接URL
java/net/HttpURLC->connect连接URL
HttpC->execute请求远程服务器
许可名称信息
android.permission.INTERNET连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE读取网络状态(2G或3G)
android.permission.WRITE_INTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE写外部存储器(如:SD卡)
android.permission.READ_EXTERNAL_STORAGE读外部存储器(如:SD卡)
android.permission.BLUETOOTH连接蓝牙设备
android.permission.ACCESS_BLUETOOTH_SHARE
android.permission.BLUETOOTH_ADMIN搜寻蓝牙设备
coco.mobile.VpnClient
assets/landing.html
0xfe6d3dde
res/drawable/audio.jpg
0xa9521613
res/drawable/border.xml
0x80c63afe
res/drawable/button.xml
res/drawable/button1.xml
0x6dce2a1b
res/drawable/circle.xml
0xd43ea8b9
res/drawable/drawer_shadow.png
0xe7d74c2b
res/drawable/menubutton.png
0xaa084de5
res/layout/activity_main.xml
0xfe4da719
res/layout/addbookmark.xml
0xa9c31e60
res/layout/bluetooth.xml
0xecb88d8f
res/layout/bookmark.xml
0x4797a71e
res/layout/device_list.xml
0xe7d21527
res/layout/device_name.xml
0x8ad2a8ef
res/layout/drawer_list_item.xml
res/layout/history.xml
res/layout/historyitem.xml
0x434d33bd
res/layout/main.xml
0xb0750dae
res/layout/main_tv.xml
0x538b48e6
res/layout/sendsms.xml
0x312b835a
res/layout/toolmenu.xml
0x9f036849
res/layout/videoplayer.xml
res/layout/videoview.xml
0x2e8b01f9
res/xml/preferences.xml
0x26e4ed8a
AndroidManifest.xml
0x8c1791dd
resources.arsc
0xaea70c66
res/drawable-hdpi/ic_menu_back.png
0xef9a1cc5
res/drawable-hdpi/ic_menu_forward.png
0x8c06912b
res/drawable-hdpi/ic_menu_home.png
0x251a47c0
res/drawable-hdpi/ic_menu_refresh.png
0x5b3150dc
res/drawable-hdpi/ic_menu_stop.png
0xda65d2c9
res/drawable-hdpi/icon.png
0xdcb6d5da
res/drawable-ldpi/ic_menu_back.png
res/drawable-ldpi/ic_menu_forward.png
0x336b7200
res/drawable-ldpi/ic_menu_home.png
0xcefbd49b
res/drawable-ldpi/ic_menu_refresh.png
0xa59bfd2f
res/drawable-ldpi/ic_menu_stop.png
0xdd984b73
res/drawable-ldpi/icon.png
0xdcb6d5da
res/drawable-mdpi/ic_menu_back.png
0xaaa00e2d
res/drawable-mdpi/ic_menu_forward.png
0xb57a165d
res/drawable-mdpi/ic_menu_home.png
0x9bf8ea61
res/drawable-mdpi/ic_menu_refresh.png
0x5b3150dc
res/drawable-mdpi/ic_menu_stop.png
0xda65d2c9
res/drawable-mdpi/icon.png
0xdcb6d5da
res/drawable-xhdpi/icon.png
0xdcb6d5da
res/drawable-land/soh.jpg
0xb4beb949
res/drawable-port/soh.jpg
classes.dex
0xa222619f
META-INF/MANIFEST.MF
0xd4b2a746
META-INF/CERT.SF
0x1ab885cc
META-INF/CERT.RSA
0xf987ed0d
File upload
Please not close this windows,
If you do not have to upload response time, make sure you upload files less than 20M
You can view the results of the last scan or rescan

我要回帖

更多关于 cf体验服下载 的文章

 

随机推荐