1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.
Language
Server load
1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.
| Safety rating:77 |
| Behavior list |
| Basic Information | |
|---|---|
| MD5: | 002fa2cfb94b292a55d246aa4377c789 |
| file type: | EXE |
| Production company: | NirSoft |
| version: | 2.1.5.0---2.15 |
| Shell or compiler information: | PACKER:UPX 0.89.6 - 1.02 / 1.05 - 1.24 -> Markus & Laszlo [Overlay] |
| Subfile information: | upx_c_7b99533edumpFile / 694654ce9b94e150a307eada6d82b5ca / EXE |
| File behavior | |
|---|---|
| Behavior description: | 写权限映射文件 |
| details: | CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500 |
| MSCTF.MarshalInterface.FileMap.IPJ..HJIFF | |
| MSCTF.MarshalInterface.FileMap.IPJ.B.HJIFF | |
| MSCTF.MarshalInterface.FileMap.IPJ.C.HJIFF | |
| MSCTF.MarshalInterface.FileMap.IPJ.D.HJIFF | |
| MSCTF.MarshalInterface.FileMap.IPJ.E.HKIFF | |
| MSCTF.MarshalInterface.FileMap.IPJ.F.HKIFF | |
| MSCTF.MarshalInterface.FileMap.IPJ.G.HKIFF | |
| MSCTF.Shared.SFM.IPJ | |
| Other behavior | |
|---|---|
| Behavior description: | 创建互斥体 |
| details: | CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500 |
| CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500 | |
| CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500 | |
| CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500 | |
| CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500 | |
| CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500 | |
| MSCTF.Shared.MUTEX.AEH | |
| MSCTF.Shared.MUTEX.IPJ | |
| Behavior description: | 枚举窗口 |
| details: | N/A |
| Behavior description: | 查找指定窗口 |
| details: | NtUserFindWindowEx: [Class,Window] = [CurrPorts,] |
| NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,] | |
| NtUserFindWindowEx: [Class,Window] = [NirSoft_IPNetInfo,] | |
| NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,] | |
| Behavior description: | 窗口信息 |
| details: | Pid = 2548, Hwnd=0x10350, Text = 11 Total Ports, No Remote Connections, 1 Selected, ClassName = msctls_statusbar32. |
| Pid = 2548, Hwnd=0x1034c, Text = CurrPorts, ClassName = CurrPorts. | |
| Behavior description: | 获取系统权限 |
| details: | SE_DEBUG_PRIVILEGE |
| Run screenshot |
|---|
 |
HOME
