VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:76
Behavior list
Basic Information
MD5:02982af0f38b32e73a41db4c9d8e7e42
file type:EXE
Production company:
version:
Shell or compiler information:COMPILER:Microsoft Visual Studio .NET 2005 -- 2008 -> Microsoft Corporation *
Key behavior
Behavior description:直接获取CPU时钟
details:EAX = 0xd9c6e88e, EDX = 0x00000075
EAX = 0xf41820ee, EDX = 0x00000075
EAX = 0xf6cb206a, EDX = 0x00000075
Network behavior
Behavior description:建立到一个指定的套接字连接
details:URL: fu****id, IP: **.133.40.**:128, SOCKET = 0x00000148
Behavior description:发送HTTP包
details:GET http://fun.losscook.bid/h_redir.php?offer_id=4&aff_id=2998&source=3490&aff_sub=sosh4&aff_sub2=&aff_sub3=&aff_sub4=xht_unc&aff_sub5=1022650707&url=http%3A%2F%2Ffun.losscook.bid/offer.php%3FaffId%3D{aff_id}%26trackingId%3D274377142%26instId%3D3490%26ho_trackingid%3D{transaction_id}%26cc%3D{country_code}%26cc_typ%3Dho%26sb%3Dx86%26net%3D4.6.01590%26ie%3D8%2e0%2e7601%2e17514%26wv%3D7sp1%26db%3DInternetExplorer%26uac%3D1%26cid%3Ddc1d2bf3bccd61107844328b86cdb1d3%26v%3D3 HTTP/1.1 Host: fu****id Connection: close Accept: */* User-Agent: InstallCapital
Behavior description:按名称获取主机地址
details:GetAddrInfoW: fu****id
Other behavior
Behavior description:检测自身是否被调试
details:IsDebuggerPresent
Behavior description:打开互斥体
details:Local\MSCTF.Asm.MutexDefault1
Behavior description:窗口信息
details:Pid = 1936, Hwnd=0x80152, Text = Preparing setup..., ClassName = Preparing setup....
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Local\MSCTF.CtfActivated.Default1
Local\MSCTF.AsmCacheReady.Default1
Behavior description:直接获取CPU时钟
details:EAX = 0xd9c6e88e, EDX = 0x00000075
EAX = 0xf41820ee, EDX = 0x00000075
EAX = 0xf6cb206a, EDX = 0x00000075
Behavior description:解密数据
details:[CryptDecrypt] Data: 0x00260698, CipherTextLen: 3256, PlainTextLen: 3254, Flags: 0x00000000
Behavior description:导入密钥
details:[CryptImportKey] Algorithm: CALG_3DES (0x00006603), Data: 0x0191F16C, DataLen: 36, Flags: 0x00000001
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号