VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

文件信息
安全评分 :78
基本信息
MD5:0a70b01117a162e989be2cebf335404d
文件类型:zip
出品公司:
版本:
壳或编译器信息:
子文件信息:谷歌访问助手_v2.3.0.crx / 8f36ddaa32b7ad7b3c31613d9428c406 / zip
bg.js / 2bea3595353181a4baffbdee12eaaee7 / Unknown
sea.js / 2aa6d075395b81d6e1dad7636af4891c / Unknown
options.js / 2d3a140a01f96e6c96f97d336e32c169 / Unknown
messages.json / 069460dbeafdde453ecf90e375473363 / Unknown
messages.json / 069460dbeafdde453ecf90e375473363 / Unknown
icon-128.png / 49188f07cd4e07c2acb7d143ff76f01c / Unknown
google.png / 32b72a7fe6fe75e5d5502e6d23f9ee33 / Unknown
first.html / 557caed06b17e159bbb7fa3babec83aa / Unknown
abs-icon-big.png / 1b3d7cba77a48f580ae2ac4706aef2f8 / Unknown
chrome.png / b731889d4da7f0d572abbd67d3e50728 / Unknown
popup.html / b33d5230e939cba5f4e4098fdd4a65bc / Unknown
options.html / 43ca51bbd1687aff92f0552f402d9a5a / Unknown
verified_contents.json / 0785dab304b9109f083cda3c786e83ce / Unknown
gmail.png / e31b9f3f3cf5fe60ec999395d722cdad / Unknown
googleplus.png / 88004c33a452380975d4fe00b503ac83 / Unknown
warming.html / 0365ac75e171a6503ea9e905c70c5da3 / Unknown
popup.js / 836fc4fa107bf2fcec5deef06552ded2 / Unknown
icon-40.png / 3edade45af57300b2decd9849bc0cc12 / Unknown
进程行为
行为描述:创建本地线程
详情信息:TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 3060, ThreadID = 3072, StartAddress = 01002FD4, Parameter = 008E44E8
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 3060, ThreadID = 3076, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 3060, ThreadID = 3080, StartAddress = 765E964D, Parameter = 001DBDA8
文件行为
行为描述:查找文件
详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\谷歌访问助手chrome版\谷歌访问助手_v2.3.0.crx_7zdump\bg.js
其他行为
行为描述:创建互斥体
详情信息:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
行为描述:创建事件对象
详情信息:EventName = Global\crypt32LogoffEvent
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述:打开事件
详情信息:MSFT.VSA.COM.DISABLE.3060
MSFT.VSA.IEC.STATUS.6c736db0
Global\crypt32LogoffEvent
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
行为描述:窗口信息
详情信息:Pid = 3060, Hwnd=0x1034c, Text = 确定, ClassName = Button.
Pid = 3060, Hwnd=0x10350, Text = 脚本: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\谷歌访问助手chrome版\谷歌访问助手_v2.3.0.crx_7zdump\bg.js 行: 1 字符: 828 错误: 缺少标识符、字符串或数字 代码: 800A0404 源: Microsoft JScript 编译错误 , ClassName = Static.
Pid = 3060, Hwnd=0x10348, Text = Windows Script Host, ClassName = #32770.
行为描述:打开互斥体
详情信息:ShimCacheMutex
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号