VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:77
Behavior list
Basic Information
MD5:9e6eaff54277370273ccd962c838b5f8
file type:EXE
Production company:
version:
Shell or compiler information:COMPILER:Microsoft Visual Studio .NET 2005 -- 2008 -> Microsoft Corporation *
Key behavior
Behavior description:直接获取CPU时钟
details:EAX = 0x11e16f9b, EDX = 0x00000075
EAX = 0x887a1c34, EDX = 0x00000075
EAX = 0x8b2d1bb0, EDX = 0x00000075
Network behavior
Behavior description:建立到一个指定的套接字连接
details:URL: fu****id, IP: **.133.40.**:128, SOCKET = 0x0000016c
Behavior description:发送HTTP包
details:GET http://fun.losscook.bid/h_redir.php?offer_id=4&aff_id=1887&source=1679&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=xht_unc&aff_sub5=1023338988&url=http%3A%2F%2Ffun.losscook.bid/offer.php%3FaffId%3D{aff_id}%26trackingId%3D268030310%26instId%3D1679%26ho_trackingid%3D{transaction_id}%26cc%3D{country_code}%26cc_typ%3Dho%26sb%3Dx86%26net%3D4.6.01590%26ie%3D8%2e0%2e7601%2e17514%26wv%3D7sp1%26db%3DInternetExplorer%26uac%3D1%26cid%3Ddc1d2bf3bccd61107844328b86cdb1d3%26v%3D3 HTTP/1.1 Host: fu****id Connection: close Accept: */* User-Agent: InstallCapital
Behavior description:按名称获取主机地址
details:GetAddrInfoW: fu****id
Other behavior
Behavior description:检测自身是否被调试
details:IsDebuggerPresent
Behavior description:打开互斥体
details:Local\MSCTF.Asm.MutexDefault1
Behavior description:窗口信息
details:Pid = 2288, Hwnd=0xb0154, Text = Preparing setup..., ClassName = Preparing setup....
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Local\MSCTF.CtfActivated.Default1
Local\MSCTF.AsmCacheReady.Default1
Behavior description:直接获取CPU时钟
details:EAX = 0x11e16f9b, EDX = 0x00000075
EAX = 0x887a1c34, EDX = 0x00000075
EAX = 0x8b2d1bb0, EDX = 0x00000075
Behavior description:解密数据
details:[CryptDecrypt] Data: 0x003FE7C8, CipherTextLen: 3256, PlainTextLen: 3254, Flags: 0x00000000
Behavior description:导入密钥
details:[CryptImportKey] Algorithm: CALG_3DES (0x00006603), Data: 0x00F0F154, DataLen: 36, Flags: 0x00000001
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号