VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

文件信息
安全评分 :82
基本信息
MD5:e433059e263fb6662f1bec28e633e46e
文件类型:Rar
出品公司:
版本:
壳或编译器信息:
子文件信息:pepflashplayer.dll / edabf2c2f7931a91ab23fe7d8a845429 / DLL
data_3 / 10129fdc4ea85d958c220db65f9d1ade / Unknown
libGLESv2.dll / f0636f8d196dbeab1aa6fed95c6cf50e / DLL
data_2 / c8bcdbf7e398d812c6e6efb204e34646 / Unknown
f_00000a~ / 8839ce48042614412123b7a85c06da86 / Unknown
libtransfer.dll / f8b490597f9354920bd838847022d9e9 / DLL
snapshot_blob.bin / 55f5330356ba23486e7374537f8fa33e / Unknown
Gvideo.exe / d8d7e49b7c765fe2c2b32ff75b696513 / EXE
natives_blob.bin / 8f4d6515f4d321313a39a659c3c5ff01 / Unknown
player.exe / 220ae6fe34ce5f567e6f7f45a3d70e9b / EXE
Pepper.exe / 91ffb379f58dc9a7ecb79448387fed9e / EXE
Gvideo视频播放器.exe / 069a08648c09af2c23da0a86ebb3a6f3 / EXE
del.exe / 86cbd07ac899962ece43b670c639313b / EXE
f_000013~ / 12fe79ef54e8b3d03c86580c770e5df4 / Unknown
data_1 / af41abac8124731b9b69bd2b96dd99e2 / Unknown
f_000002~ / eb235b79204460f5e24a7055a7e5ecde / Unknown
widevinecdmadapter.dll / 73349a2b95fee7046f55c157092031a6 / DLL
Installer32.dll / 29a45e2b8e4c3f217555e0f8bef4bd9b / DLL
f_00000a / d186742dd8f7b9cf51bfd5f83dee5d45 / gzip
关键行为
行为描述:获取TickCount值
详情信息:TickCount = 287546, SleepMilliseconds = 60000.
TickCount = 287921, SleepMilliseconds = 60000.
TickCount = 287937, SleepMilliseconds = 60000.
进程行为
行为描述:创建进程
详情信息:[0x00000584]ImagePath = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\Gvideo.exe, CmdLine = "C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\gvideo.exe"
行为描述:创建本地线程
详情信息:TargetProcess: Gvideo.exe, InheritedFromPID = 2020, ProcessID = 1412, ThreadID = 1888, StartAddress = 77DC845A, Parameter = 00000000
TargetProcess: Gvideo.exe, InheritedFromPID = 2020, ProcessID = 1412, ThreadID = 1916, StartAddress = 77C0A341, Parameter = 00A56FB8
TargetProcess: Gvideo.exe, InheritedFromPID = 2020, ProcessID = 1412, ThreadID = 1908, StartAddress = 77E56C7D, Parameter = 001CB1F0
TargetProcess: Gvideo.exe, InheritedFromPID = 2020, ProcessID = 1412, ThreadID = 1800, StartAddress = 769AE43B, Parameter = 001CA0A8
行为描述:枚举进程
详情信息:N/A
文件行为
行为描述:删除文件
详情信息:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\Cookies
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\Cookies-journal
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\data_0
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\data_1
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\data_1_7zdump\data_1~
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\data_2
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\data_2_7zdump\data_2~
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\data_3
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\data_3_7zdump\data_3~
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\File System\Origins\000003.log
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\File System\Origins\CURRENT
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\File System\Origins\LOCK
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\File System\Origins\LOG
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\File System\Origins\MANIFEST-000001
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\f_000001
行为描述:查找文件
详情信息:FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\data_1_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\data_2_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\data_3_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\File System\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\File System\Origins\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_000001_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_000002_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_000003_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_000004_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_000008_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_000009_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_00000a_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_00000c_7zdump\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Gvideo全网VIP视频播放器 支持优酷腾讯爱奇艺等\User Data\\f_00000e_7zdump\*.*
其他行为
行为描述:创建互斥体
详情信息:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
RasPbFile
MSCTF.Shared.MUTEX.IOH
行为描述:创建事件对象
详情信息:EventName = DINPUTWINMM
行为描述:查找指定窗口
详情信息:NtUserFindWindowEx: [Class,Window] = [,Gvideo.exe]
NtUserFindWindowEx: [Class,Window] = [,player.exe]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
行为描述:打开事件
详情信息:HookSwitchHookEnabledEvent
MSFT.VSA.COM.DISABLE.1412
MSFT.VSA.IEC.STATUS.6c736db0
CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
行为描述:获取TickCount值
详情信息:TickCount = 287546, SleepMilliseconds = 60000.
TickCount = 287921, SleepMilliseconds = 60000.
TickCount = 287937, SleepMilliseconds = 60000.
行为描述:窗口信息
详情信息:Pid = 1412, Hwnd=0x2033e, Text = 确定, ClassName = Button.
Pid = 1412, Hwnd=0x20342, Text = 运行时出错! 错误信息:无法找到指定DLL库文件“libtransfer.dll”中的输出命令“elibNewClass” , ClassName = Static.
Pid = 1412, Hwnd=0x2033c, Text = 错误, ClassName = #32770.
行为描述:调用Sleep函数
详情信息:[1]: MilliSeconds = 60000.
行为描述:打开互斥体
详情信息:ShimCacheMutex
RasPbFile
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号