VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:91
Behavior list
Basic Information
MD5:4505947bd114147695c4d62d422b213d
file type:EXE
Production company:360.cn
version:1.1.0.3208---1.1.0.3208
Shell or compiler information:COMPILER:Microsoft Visual Studio .NET 2005 -- 2008 -> Microsoft Corporation [Overlay] *
Subfile information:了解详情bg.png / e16e20f110f55f07ecc719b947c4fcf3 / Unknown
feedback.png / 20d0e4d53ff539625dc5fc9448b263cb / Unknown
repair.png / 85adf8d3d051c1efb32fa9a56bb2f271 / Unknown
立即安装.png / 303f5eef4526416fe6083587430f8c3d / Unknown
FixView.xml / 919d95cf6d31a13f601eddd33f72da9c / Unknown
MainView.xml / 7e18f738d5ed7cdf4bf8801420e8d9b4 / Unknown
了解详情.png / 24fbc3e3e9cd4a15b7d3749e2cb8482d / Unknown
AccView.xml / 3bbd2e58cc06fa687b09cde62377336c / Unknown
main_computer.png / 50fd82c58bc5a5e84f0a5af3ed04aaf8 / Unknown
立即安装bg.png / a196141698a05fda3a0e3008d0f1ff49 / Unknown
more_options.png / a03bb64759f8f52d55bcd2f3676b5897 / Unknown
DNSFixTip.xml / d1ee87efb44e96f3deaf55c0e63de2dd / Unknown
expert.png / b8c1efc28ca074d0da66b2c6199c8d46 / Unknown
engineer.png / 71b6da0ed7f7bcd2b96a21d5a2fba36a / Unknown
Apploading_Loading_green.gif / f6c0df88a114e0dd6e0a6328e05f0fae / Unknown
GNFixTip.xml / e82fcee581447e493a92f38faa4eb53f / Unknown
accelerate_ori.png / 3a2719b5a6df415016ef15ed931ee0e0 / Unknown
accelerate_green.png / 31f88c51ff9ae4e6b70cdb70706af7f0 / Unknown
accelerate_red.png / 39b4a93b104baf940f9cf26e4ebc5c27 / Unknown
Key behavior
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x00010340, Text = Dialog, ClassName = #32770.
Process behavior
Behavior description:创建本地线程
details:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2888, ThreadID = 2924, StartAddress = 77DC845A, Parameter = 00000000
Other behavior
Behavior description:创建互斥体
details:1830B7BD-F7A3-4c4d-989B-C004DE465EDE 2888
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
_360_MUTEXT_DOCTOR_EXE_%temp%\****.EXE_66_1001
MSCTF.Shared.MUTEX.IOH
MSCTF.Shared.MUTEX.MEL
Behavior description:创建事件对象
details:EventName = Global\crypt32LogoffEvent
EventName = MSCTF.SendReceive.Event.MEL.IC
EventName = MSCTF.SendReceiveConection.Event.MEL.IC
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
Global\crypt32LogoffEvent
93515648-19BC-FC4A-6C97-4C8FC975250E
CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
MSCTF.SendReceive.Event.IOH.IC
MSCTF.SendReceiveConection.Event.IOH.IC
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x00010340, Text = Dialog, ClassName = #32770.
Behavior description:窗口信息
details:Pid = 2888, Hwnd=0x10340, Text = Dialog, ClassName = #32770.
Behavior description:打开互斥体
details:ShimCacheMutex
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号