VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

文件信息
安全评分 :79
基本信息
MD5:56dd349f77add4907cd5aa0cb1dff269
文件类型:Compound
出品公司:
版本:
壳或编译器信息:
子文件信息:showdown.js / d87382882b090a6ccc3c0127e2762204 / Unknown
underscore.js / 204ba25fec0dca0dc4bad4397b4c55a3 / Unknown
index.js / c66b095a337a7898c86c044589ae788f / Unknown
wxParse.wxml / 5ff599fc7f294d102664b787f64d9714 / Unknown
vdo_play.png / 5ff4ba583c23d24684651c3318d3e17a / Unknown
page.js / d9753d278e52c566ea2573957ca35d01 / Unknown
weui.wxss / 180612f1e96eb51eadb0616f2b0176c4 / Unknown
util.js / a3ba1a5294a6fb2eb8f818b0b83d26bd / Unknown
page.js / ea5fcd002f70c60246944a5de85f3552 / Unknown
app.wxss / 090c8b0ff9d571c6c04040fafab65458 / Unknown
userinfoUtil.js / d826eab1411e743aa83ece896230c81d / Unknown
index.wxss / 503edcc512de2e61c0d2a5bf0c7e79c4 / Unknown
bass.wxss / c96e517dd9e9b273942b91df697b99bc / Unknown
tmpl_vdo_list.wxml / 6c83a8d54fa4756fd1988deda4f7323d / Unknown
htmlToWxml.js / 6a9014e4ec0a36c1674fa3eb89fa295c / Unknown
g_edit.png / 1ca2526e7061b668cf2051f332bf436a / Unknown
page.wxml / b488e2eb18399babda920986edf3baa0 / Unknown
html2json.js / 82eca8d3dd38e18563f7076f1726de57 / Unknown
Thumbs.db / 63bd0cc5c38c7c3708905bb0554083dd / Compound
进程行为
行为描述:创建本地线程
详情信息:TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 3480, ThreadID = 3492, StartAddress = 01002FD4, Parameter = 008E44C0
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 3480, ThreadID = 3496, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: wscript.exe, InheritedFromPID = 2000, ProcessID = 3480, ThreadID = 3500, StartAddress = 765E964D, Parameter = 001BD6E0
文件行为
行为描述:查找文件
详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\xgc_video\wxapp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\xgc_video\wxapp\app.js
其他行为
行为描述:创建互斥体
详情信息:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
行为描述:创建事件对象
详情信息:EventName = Global\crypt32LogoffEvent
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述:打开事件
详情信息:MSFT.VSA.COM.DISABLE.3480
MSFT.VSA.IEC.STATUS.6c736db0
Global\crypt32LogoffEvent
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
行为描述:窗口信息
详情信息:Pid = 3480, Hwnd=0x1034c, Text = 确定, ClassName = Button.
Pid = 3480, Hwnd=0x20346, Text = 脚本: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\xgc_video\wxapp\app.js 行: 41 字符: 26 错误: 未结束的字符串常量 代码: 800A03F7 源: Microsoft JScript 编译错误 , ClassName = Static.
Pid = 3480, Hwnd=0x10348, Text = Windows Script Host, ClassName = #32770.
行为描述:打开互斥体
详情信息:ShimCacheMutex
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号