VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:75
Behavior list
Basic Information
MD5:617a375e9c981f32c3b547bb9c2f40ed
file type:EXE
Production company:
version:1.0.0.1---1.0.0.1
Shell or compiler information:PACKER:UPX 0.89.6 - 1.02 / 1.05 - 1.24 -> Markus & Laszlo [Overlay]
Subfile information:upx_c_a8da687fdumpFile / 545d5069b7ef4064efdf6a5449793622 / 7z
download_engine.dll / f439fadefab179b17e5c209172276ce1 / DLL
7ZdumpFile / ca41d56630191e61565a343c59695ca1 / DLL
msvcp71.dll / de82259d0c8be5ff233745d86f239ae1 / DLL
msvcr71.dll / 7d6a8ee05741a4e4ca14df1693cf7df3 / DLL
xldl.dll / 28bb497c63825acc53b3d04ae3103100 / DLL
MiniThunderPlatform.exe / ce1bce923f0e40c41db11682939a88c7 / EXE
XLBugReport.exe / 67c767470d0893c4a2e46be84c9afcbb / EXE
XLBugHandler.dll / 92154e720998acb6fa0f7bad63309470 / DLL
atl71.dll / 6192f556aac4d398df3feca9e1f6eed2 / DLL
dl_peer_id.dll / dba9a19752b52943a0850a7e19ac600a / DLL
ThunderFW.exe / f0372ff8a6148498b19e04203dbb9e69 / EXE
zlib1.dll / 3a59742a3e230b30a0a04432c99b8098 / DLL
MiniTPFw.exe / 58bb62e88687791ad2ea5d8d6e3fe18b / EXE
minizip.dll / 98783733baeab3f800901f02e9b149cd / DLL
id.dat / c54bfbc4e876ca2602961d24701694da / Unknown
Key behavior
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
File behavior
Behavior description:写权限映射文件
details:\WINDOWS\system32\zh-cn\ieframe.dll.mui
Local\UrlZonesSM_Administrator
\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Network behavior
Behavior description:联网打开网址
details:InternetOpenUrlA: http://360.888rj.com/config_c:\monitor\sample.xml hInternet = 0x000005b8
Behavior description:读取网络文件
details:hFile = 0x000005b8, BytesToRead =1024, BytesRead = 1024.
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\GDIPlus\FontCachePath
Other behavior
Behavior description:枚举窗口
details:N/A
Behavior description:窗口信息
details:Pid = 172, Hwnd=0xa01aa, Text = 确定, ClassName = Button.
Pid = 172, Hwnd=0xa018c, Text = 获取配置信息失败!, ClassName = Static.
Pid = 172, Hwnd=0xb0184, Text = 错误, ClassName = #32770.
Behavior description:创建互斥体
details:DownHelper_sample.exe
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号