VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

文件信息
安全评分 :75
基本信息
MD5:617a375e9c981f32c3b547bb9c2f40ed
文件类型:EXE
出品公司:
版本:1.0.0.1---1.0.0.1
壳或编译器信息:PACKER:UPX 0.89.6 - 1.02 / 1.05 - 1.24 -> Markus & Laszlo [Overlay]
子文件信息:upx_c_a8da687fdumpFile / 545d5069b7ef4064efdf6a5449793622 / 7z
download_engine.dll / f439fadefab179b17e5c209172276ce1 / DLL
7ZdumpFile / ca41d56630191e61565a343c59695ca1 / DLL
msvcp71.dll / de82259d0c8be5ff233745d86f239ae1 / DLL
msvcr71.dll / 7d6a8ee05741a4e4ca14df1693cf7df3 / DLL
xldl.dll / 28bb497c63825acc53b3d04ae3103100 / DLL
MiniThunderPlatform.exe / ce1bce923f0e40c41db11682939a88c7 / EXE
XLBugReport.exe / 67c767470d0893c4a2e46be84c9afcbb / EXE
XLBugHandler.dll / 92154e720998acb6fa0f7bad63309470 / DLL
atl71.dll / 6192f556aac4d398df3feca9e1f6eed2 / DLL
dl_peer_id.dll / dba9a19752b52943a0850a7e19ac600a / DLL
ThunderFW.exe / f0372ff8a6148498b19e04203dbb9e69 / EXE
zlib1.dll / 3a59742a3e230b30a0a04432c99b8098 / DLL
MiniTPFw.exe / 58bb62e88687791ad2ea5d8d6e3fe18b / EXE
minizip.dll / 98783733baeab3f800901f02e9b149cd / DLL
id.dat / c54bfbc4e876ca2602961d24701694da / Unknown
关键行为
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
文件行为
行为描述:写权限映射文件
详情信息:\WINDOWS\system32\zh-cn\ieframe.dll.mui
Local\UrlZonesSM_Administrator
\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
行为描述:设置特殊文件夹属性
详情信息:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
网络行为
行为描述:联网打开网址
详情信息:InternetOpenUrlA: http://360.888rj.com/config_c:\monitor\sample.xml hInternet = 0x000005b8
行为描述:读取网络文件
详情信息:hFile = 0x000005b8, BytesToRead =1024, BytesRead = 1024.
注册表行为
行为描述:修改注册表
详情信息:\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\GDIPlus\FontCachePath
其他行为
行为描述:枚举窗口
详情信息:N/A
行为描述:窗口信息
详情信息:Pid = 172, Hwnd=0xa01aa, Text = 确定, ClassName = Button.
Pid = 172, Hwnd=0xa018c, Text = 获取配置信息失败!, ClassName = Static.
Pid = 172, Hwnd=0xb0184, Text = 错误, ClassName = #32770.
行为描述:创建互斥体
详情信息:DownHelper_sample.exe
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号