1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.
Language
Server load
1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.
| Safety rating:75 |
| Behavior list |
| Basic Information | |
|---|---|
| MD5: | d0f9284c441fda05674e19d544b12465 |
| file type: | Rar |
| Production company: | |
| version: | |
| Shell or compiler information: | PACKER:UPX 0.89.6 - 1.02 / 1.05 - 1.24 -> Markus & Laszlo |
| Subfile information: | YY随缘多开器V9.0.exe / 819afa2f0e268fd9475798883e9eb5c6 / EXE |
| upx_c_3849ddebdumpFile / 4bb99d2a6027413ba95fe65a199a3a3b / EXE | |
| 更新日志.txt / 261c9cc88d4bf454ae9ece19a4c0b023 / Unknown | |
| Key behavior | |
|---|---|
| Behavior description: | 写权限映射文件 |
| details: | CiceroSharedMemDefaultS-* |
| Behavior description: | 隐藏指定窗口 |
| details: | [Window,Class] = [帐号数据库,Button] |
| [Window,Class] = [登录操作,Button] | |
| [Window,Class] = [登录设置,Button] | |
| [Window,Class] = [YY安装路径,Button] | |
| [Window,Class] = [帐号管理,Button] | |
| [Window,Class] = [刷花设置 - 全智能刷花,Button] | |
| [Window,Class] = [,Afx:400000:8:10011:1900015:0] | |
| [Window,Class] = [,Afx:400000:b:10011:0:0] | |
| [Window,Class] = [隐藏歪歪图标,Button] | |
| [Window,Class] = [显示歪歪图标,Button] | |
| [Window,Class] = [统一进入频道,Button] | |
| [Window,Class] = [,Edit] | |
| [Window,Class] = [频道ID;,Afx:400000:b:10011:1900015:0] | |
| [Window,Class] = [退出所有频道,Button] | |
| [Window,Class] = [显示所有频道,Button] | |
| Behavior description: | 按名称获取主机地址 |
| details: | s1.uuwise.com |
| File behavior | |
|---|---|
| Behavior description: | 写权限映射文件 |
| details: | CiceroSharedMemDefaultS-* |
| Behavior description: | 创建可执行文件 |
| details: | C:\Documents and Settings\Administrator\Local Settings\%temp%\1441784472.568908.exe_7zdump\yysl.dll |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\1441784472.572893.exe_7zdump\UUWiseHelper.dll | |
| Behavior description: | 查找文件 |
| details: | FileName = c:\documents and settings\administrator\local settings\%temp%\1441784472.764893.exe_7zdump\UUWiseHelper.dll |
| Network behavior | |
|---|---|
| Behavior description: | 建立到一个指定的套接字连接 |
| details: | 127.0.0.1:1031 |
| Behavior description: | 按名称获取主机地址 |
| details: | s1.uuwise.com |
| Other behavior | |
|---|---|
| Behavior description: | 查找指定窗口 |
| details: | NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,] |
| Behavior description: | 隐藏指定窗口 |
| details: | [Window,Class] = [帐号数据库,Button] |
| [Window,Class] = [登录操作,Button] | |
| [Window,Class] = [登录设置,Button] | |
| [Window,Class] = [YY安装路径,Button] | |
| [Window,Class] = [帐号管理,Button] | |
| [Window,Class] = [刷花设置 - 全智能刷花,Button] | |
| [Window,Class] = [,Afx:400000:8:10011:1900015:0] | |
| [Window,Class] = [,Afx:400000:b:10011:0:0] | |
| [Window,Class] = [隐藏歪歪图标,Button] | |
| [Window,Class] = [显示歪歪图标,Button] | |
| [Window,Class] = [统一进入频道,Button] | |
| [Window,Class] = [,Edit] | |
| [Window,Class] = [频道ID;,Afx:400000:b:10011:1900015:0] | |
| [Window,Class] = [退出所有频道,Button] | |
| [Window,Class] = [显示所有频道,Button] | |
| Behavior description: | 创建互斥体 |
| details: | RasPbFile |
| CTF.LBES.MutexDefaultS-* | |
| CTF.Compart.MutexDefaultS-* | |
| CTF.Asm.MutexDefaultS-* | |
| CTF.Layouts.MutexDefaultS-* | |
| CTF.TMD.MutexDefaultS-* | |
| CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-* | |
| Run screenshot |
|---|
 |
HOME
