VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
文件信息
安全评分 :60
基本信息
MD5:e2df49a5886f1d26723b09175fdaae58
文件类型:EXE
出品公司:
版本:
壳或编译器信息:COMPILER:Borland Delphi 6.0 - 7.0
关键行为
行为描述:跨进程写入数据
详情信息:TargetProcess = sample.exe, WriteAddress = 0x00400000, Size = 90112
TargetProcess = sample.exe, WriteAddress = 0x7ffde008, Size = 4
行为描述:设置线程上下文
详情信息:C:\%temp%\1439520356.290202.exe
进程行为
行为描述:跨进程写入数据
详情信息:TargetProcess = sample.exe, WriteAddress = 0x00400000, Size = 90112
TargetProcess = sample.exe, WriteAddress = 0x7ffde008, Size = 4
行为描述:创建新文件进程
详情信息:ImagePath = c:\%temp%\1439520356.324424.exe, CmdLine = c:\%temp%\1439520356.324424.exe
行为描述:设置线程上下文
详情信息:C:\%temp%\1439520356.290202.exe
行为描述:枚举进程
详情信息:N/A
文件行为
行为描述:查找文件
详情信息:FileName = C:\monitor
FileName = C:\%temp%\1439520356.271879.exe
网络行为
行为描述:建立到一个指定的套接字连接
详情信息:222.248.198.133:139
注册表行为
行为描述:删除注册表键
详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
行为描述:删除注册表键值
详情信息:\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号