VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:77
behaviorlist
Behavior analysis report:         Threatbook file behavior analysis report
Basic Information
MD5:c66a51ebf91fbb11d9fa371b06359434
file type:EXE
Production company:
version:1.0.0.21---1.0.0.21
Shell or compiler information:COMPILER:Borland C++
Key behavior
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
Behavior description:按名称获取主机地址
details:www.daxia.com
Network behavior
Behavior description:建立到一个指定的套接字连接
details:219.133.40.1:80
Behavior description:按名称获取主机地址
details:www.daxia.com
Other behavior
Behavior description:窗口信息
details:Pid = 1460, Hwnd=0xa03a6, Text = ━, ClassName = TButton.
Pid = 1460, Hwnd=0xb0336, Text = 帮助, ClassName = TButton.
Pid = 1460, Hwnd=0xa039e, Text = 停止, ClassName = TButton.
Pid = 1460, Hwnd=0xb03b0, Text = 扩展, ClassName = TButton.
Pid = 1460, Hwnd=0x9035c, Text = 清除窗口, ClassName = TButton.
Pid = 1460, Hwnd=0xb0332, Text = 保存窗口, ClassName = TButton.
Pid = 1460, Hwnd=0xd038e, Text = 发送文件, ClassName = TButton.
Pid = 1460, Hwnd=0xd01c4, Text = 文件名, ClassName = TEdit.
Pid = 1460, Hwnd=0xb015e, Text = 打开文件, ClassName = TButton.
Pid = 1460, Hwnd=0xd01f6, Text = 发送新行, ClassName = TCheckBox.
Pid = 1460, Hwnd=0xb0200, Text = 发送, ClassName = TButton.
Pid = 1460, Hwnd=0xc01da, Text = HEX显示, ClassName = TCheckBox.
Pid = 1460, Hwnd=0xa01f0, Text = DTR, ClassName = TCheckBox.
Pid = 1460, Hwnd=0xb018a, Text = RTS, ClassName = TCheckBox.
Pid = 1460, Hwnd=0xb01be, Text = COM1, ClassName = TComComboBox.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号