VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
文件信息
安全评分 :72
基本信息
MD5:c578b6820bda5689940560147c6e5ffc
文件类型:DLL
出品公司:Microsoft Corporation
版本:3.1233.0.0---3, 1233, 0, 0
壳或编译器信息:PACKER:UPX 0.80 - 1.24 DLL -> Markus & Laszlo
子文件信息:upx_c_712095eddumpFile / d77df67da926ffd99883cd7f3b379eb8 / DLL
8000dumpFile / 0dea32625c218321c3febfe0686f34a0 / DLL
1007dumpFile / f77ecc25d6fa1fd6fec03a5b3889f370 / DLL
8001dumpFile / 7665a88d9ce5c28f7e38b24469728218 / SYS
8003dumpFile / 06bbd57e8aa406ff155bd1209bc791b5 / SYS
8004dumpFile / 98583e02daa03a16d692168d7f89ab7a / SYS
8002dumpFile / dd80dda74d4f36e672a6fb7e71df49f8 / SYS
进程行为
行为描述:创建进程
详情信息:ImagePath = C:\WINDOWS\system32\Regsvr32.exe, CmdLine = Regsvr32.exe c:\%temp%\1411528686.690908.exe.dll
注册表行为
行为描述:修改注册表
详情信息:\REGISTRY\MACHINE\SOFTWARE\Classes\dm.dmsoft\
\REGISTRY\MACHINE\SOFTWARE\Classes\dm.dmsoft\CLSID\
\REGISTRY\MACHINE\SOFTWARE\Classes\dm.dmsoft\CurVer\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{26037A0E-7CBD-4FFF-9C63-56F2D0770214}\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{26037A0E-7CBD-4FFF-9C63-56F2D0770214}\ProgID\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{26037A0E-7CBD-4FFF-9C63-56F2D0770214}\InprocServer32\
\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{26037A0E-7CBD-4FFF-9C63-56F2D0770214}\InprocServer32\ThreadingModel
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{84288AAD-BA02-4EF2-85EC-3FAD4D11354D}\1.0\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{84288AAD-BA02-4EF2-85EC-3FAD4D11354D}\1.0\FLAGS\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{84288AAD-BA02-4EF2-85EC-3FAD4D11354D}\1.0\0\win32\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{84288AAD-BA02-4EF2-85EC-3FAD4D11354D}\1.0\HELPDIR\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F3F54BC2-D6D1-4A85-B943-16287ECEA64C}\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F3F54BC2-D6D1-4A85-B943-16287ECEA64C}\ProxyStubClsid\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F3F54BC2-D6D1-4A85-B943-16287ECEA64C}\ProxyStubClsid32\
\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F3F54BC2-D6D1-4A85-B943-16287ECEA64C}\TypeLib\
其他行为
行为描述:创建互斥体
详情信息:SHIMLIB_LOG_MUTEX
行为描述:获取系统权限
详情信息:SE_LOAD_DRIVER_PRIVILEGE
SE_DEBUG_PRIVILEGE
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号