VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:78
Behavior list
Basic Information
MD5:00278997aa307b62719c4d0a2f4e9f70
file type:EXE
Production company:
version:
Shell or compiler information:PACKER:UPX 0.89.6 - 1.02 / 1.05 - 1.24 -> Markus & Laszlo
Subfile information:upx_c_92b6e06adumpFile / 3e49d7e0e2f5159b065f05702e811609 / EXE
Key behavior
Behavior description:按名称获取主机地址
details:twitter.com
www.virustotal.com
Process behavior
Behavior description:枚举进程
details:N/A
Network behavior
Behavior description:发送一个已连接的套接字数据
details:SOCKET = 0x00000720, TotalSize = 290, Offset = 0, ReadSize = 290.
SOCKET = 0x00000720, TotalSize = 5478, Offset = 0, ReadSize = 2048.
SOCKET = 0x00000720, TotalSize = 5478, Offset = 2048, ReadSize = 2048.
SOCKET = 0x00000720, TotalSize = 5478, Offset = 4096, ReadSize = 1382.
SOCKET = 0x00000728, TotalSize = 183, Offset = 0, ReadSize = 183.
SOCKET = 0x00000774, TotalSize = 290, Offset = 0, ReadSize = 290.
SOCKET = 0x00000774, TotalSize = 5478, Offset = 0, ReadSize = 2048.
SOCKET = 0x00000774, TotalSize = 5478, Offset = 2048, ReadSize = 2048.
SOCKET = 0x00000774, TotalSize = 5478, Offset = 4096, ReadSize = 1382.
Behavior description:建立到一个指定的套接字连接
details:110.110.110.110:80
Behavior description:按名称获取主机地址
details:twitter.com
www.virustotal.com
Other behavior
Behavior description:打开HTTP连接
details:Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14
Behavior description:获取TickCount值
details:TickCount = 484725, SleepMilliseconds = 100.
TickCount = 484740, SleepMilliseconds = 100.
TickCount = 484834, SleepMilliseconds = 100.
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号