VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:75
Behavior list
Basic Information
MD5:a97a70e24ce8a656809f85634fe74bf5
file type:EXE
Production company:文档
version:1.5.0.0---1.5.0.0
Shell or compiler information:
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EMF..FCJHH
MSCTF.MarshalInterface.FileMap.EMF.B.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.C.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.D.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.E.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.F.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.G.FDJHH
Behavior description:隐藏指定窗口
details:[Window,Class] = [,tooltips_class32]
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EMF..FCJHH
MSCTF.MarshalInterface.FileMap.EMF.B.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.C.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.D.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.E.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.F.FDJHH
MSCTF.MarshalInterface.FileMap.EMF.G.FDJHH
Behavior description:查找文件
details:FileName = C:\Documents and Settings\Administrator\Application Data\Tencent\Users\*.*
Other behavior
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
Behavior description:窗口信息
details:Pid = 392, Hwnd=0x202d6, Text = 确定, ClassName = Button.
Pid = 392, Hwnd=0x202d8, Text = 文件已损坏,无法打开!, ClassName = Static.
Pid = 392, Hwnd=0x302dc, Text = 信息:, ClassName = #32770.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,tooltips_class32]
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
Behavior description:获取系统权限
details:SE_DEBUG_PRIVILEGE
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号