VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:78
Behavior list
Basic Information
MD5:a9f6c5e9e687c671b840bfd1e463bdce
file type:zip
Production company:
version:
Shell or compiler information:COMPILER:Microsoft Visual Studio .NET 2005 -- 2008 -> Microsoft Corporation *
Subfile information:24da76960c4ae518b6009453cad7addf / 41332c12ac683759369e4213a7d0c854 / Unknown
360AblumViewer.ini / 134da29f5b50197e3a9fb596bb72b107 / Unknown
StringBundle.xml / 6bb5a6660683c3b688a3f2be2fbd6fba / Unknown
群发白最新软件3.44.exe / 1d97f98fc40bc7e09eaf3ed1f885b595 / EXE
Key behavior
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Behavior description:修改文件内容
details:C:\Program Files\AppPatch\4.dll---> Offset = 0
Behavior description:修改新生成的可执行文件
details:C:\Program Files\AppPatch\4.dll---> Offset = 4096
Network behavior
Behavior description:联网打开网址
details:InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x000006bc
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x000006c0
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x000005b0
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x000004a4
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000398
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x0000028c
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000180
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000058
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x000008bc
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x000009c8
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000ad4
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000be0
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000cec
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000df8
InternetOpenUrlA: http://115.29.136.222/4.dat hInternet = 0x00000f04
Behavior description:下载文件
details:C:\Program Files\AppPatch\4.dll
Behavior description:读取网络文件
details:hFile = 0x000006bc, BytesToRead =1024, BytesRead = 1024.
hFile = 0x000006c0, BytesToRead =1024, BytesRead = 1024.
hFile = 0x000005b0, BytesToRead =1024, BytesRead = 1024.
hFile = 0x000004a4, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000398, BytesToRead =1024, BytesRead = 1024.
hFile = 0x0000028c, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000180, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000058, BytesToRead =1024, BytesRead = 1024.
hFile = 0x000008bc, BytesToRead =1024, BytesRead = 1024.
hFile = 0x000009c8, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000ad4, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000be0, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000cec, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000df8, BytesToRead =1024, BytesRead = 1024.
hFile = 0x00000f04, BytesToRead =1024, BytesRead = 1024.
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号