VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

文件信息
安全评分 :79
基本信息
MD5:2477910a40949fe00bad2409c2260627
文件类型:zip
出品公司:
版本:
壳或编译器信息:
子文件信息:icon.wxss / b571964e5c793fca766fa498568af702 / Unknown
showdown.js / d87382882b090a6ccc3c0127e2762204 / Unknown
buy-instration.png / 8040f5b372ef15eb5d055204f27c48f5 / Unknown
underscore.js / 633c3ea7fae000adaa9398c07ef947b8 / Unknown
wxParse.wxml / 5ff599fc7f294d102664b787f64d9714 / Unknown
css.wxss / a4b49897eac93276851356b87deb2f47 / Unknown
weui.wxss / 81d7de7d835eeace874e36e71d9d58de / Unknown
util.js / aaaaeb827837391762efe9b4a8c74220 / Unknown
35.gif / 031c26b11a497939e939561320eb991d / Unknown
42.gif / 9c73d0b842dfddee4c706c95bd42ae13 / Unknown
htmlToWxml.js / ad2ee2f8d3a392d76937fce7e628dfcc / Unknown
icon.jpg / 353780fd14e62556497eff281befc5ba / Unknown
html2json.js / 3a9fde95c01a8870cc64b49efec04c81 / Unknown
40.gif / cb7215ac93ad0cf19134ff218dc74113 / Unknown
index.js / a5380c1a716ce69407b9e65c62b4040b / Unknown
18.gif / 344433f16e4c7458abbefe625ea5cf79 / Unknown
19.gif / eb39770196b407c146213fbd83c97300 / Unknown
11.gif / ae2bb1ad58cd2a251279992be3129798 / Unknown
md5.js / 5cbaa9b6b05ba522b45c0f61b02d67cb / Unknown
进程行为
行为描述:创建本地线程
详情信息:TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 2796, ThreadID = 2816, StartAddress = 01002FD4, Parameter = 008E44C0
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 2796, ThreadID = 2860, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 2796, ThreadID = 2856, StartAddress = 765E964D, Parameter = 001BD018
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 2796, ThreadID = 2884, StartAddress = 77E56C7D, Parameter = 001B7248
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 2796, ThreadID = 2888, StartAddress = 769AE43B, Parameter = 001C12F0
文件行为
行为描述:查找文件
详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\zb_wk
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\zb_wk\wxapp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\zb_wk\wxapp\siteinfo.js
其他行为
行为描述:创建互斥体
详情信息:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
行为描述:创建事件对象
详情信息:EventName = Global\crypt32LogoffEvent
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述:打开事件
详情信息:MSFT.VSA.COM.DISABLE.2796
MSFT.VSA.IEC.STATUS.6c736db0
Global\crypt32LogoffEvent
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
行为描述:窗口信息
详情信息:Pid = 2796, Hwnd=0x1034a, Text = 确定, ClassName = Button.
Pid = 2796, Hwnd=0x1034e, Text = 脚本: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\zb_wk\wxapp\siteinfo.js 行: 8 字符: 1 错误: "module" 未定义 代码: 800A1391 源: Microsoft JScript 运行时错误 , ClassName = Static.
Pid = 2796, Hwnd=0x30342, Text = Windows Script Host, ClassName = #32770.
行为描述:打开互斥体
详情信息:ShimCacheMutex
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号