VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

文件信息
安全评分 :78
基本信息
MD5:ed5f6384856a4a6cfe6de667f9292a07
文件类型:EXE
出品公司:
版本:1.0.0.0---1.0.0.0
壳或编译器信息:COMPILER:Microsoft Visual C++ 6.0 [Overlay]
关键行为
行为描述:直接获取CPU时钟
详情信息:EAX = 0x042809b5, EDX = 0x000000b4
EAX = 0x04280a01, EDX = 0x000000b4
EAX = 0x04280a4d, EDX = 0x000000b4
EAX = 0x04280a99, EDX = 0x000000b4
EAX = 0x04280ae5, EDX = 0x000000b4
EAX = 0x04280b31, EDX = 0x000000b4
EAX = 0x04280b7d, EDX = 0x000000b4
EAX = 0x04280bc9, EDX = 0x000000b4
EAX = 0x04280c15, EDX = 0x000000b4
EAX = 0x04280c61, EDX = 0x000000b4
进程行为
行为描述:创建本地线程
详情信息:TargetProcess: %temp%\****.exe, InheritedFromPID = 2000, ProcessID = 2676, ThreadID = 2712, StartAddress = 77DC845A, Parameter = 00000000
行为描述:枚举进程
详情信息:N/A
其他行为
行为描述:创建互斥体
详情信息:RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
行为描述:隐藏指定窗口
详情信息:[Window,Class] = [70?146?213?11?232?46?234?174?194?20?207?64?65?208?65?200?~156?45?103?204?87?45?244?99?149?186?155?91?102?138?149?203?114?36?236?129?155?215?42?161?167?134?99?241?58?114?29?123?3?132?132?34?226?223?107?178?61?135?97?154?21?55?159?203?122?101?
[Window,Class] = [.dat >>>>---例子----->> http://down.xiaobenniao.com/biaotixiugai.html 万能软件标题修改替换软件 官方网站:www.xiaobenniao.com QQ:861666370 \niao.log Software\360\niao\log \niao2.log Software\360\niao\log2 万能软件标题修改替换软件 可以换软件标题 加启动网址 启动图片 启动对话框 官方网站:www.x
[Window,Class] = [,Edit]
行为描述:打开互斥体
详情信息:RasPbFile
ShimCacheMutex
行为描述:打开事件
详情信息:HookSwitchHookEnabledEvent
行为描述:创建事件对象
详情信息:EventName = DINPUTWINMM
行为描述:直接获取CPU时钟
详情信息:EAX = 0x042809b5, EDX = 0x000000b4
EAX = 0x04280a01, EDX = 0x000000b4
EAX = 0x04280a4d, EDX = 0x000000b4
EAX = 0x04280a99, EDX = 0x000000b4
EAX = 0x04280ae5, EDX = 0x000000b4
EAX = 0x04280b31, EDX = 0x000000b4
EAX = 0x04280b7d, EDX = 0x000000b4
EAX = 0x04280bc9, EDX = 0x000000b4
EAX = 0x04280c15, EDX = 0x000000b4
EAX = 0x04280c61, EDX = 0x000000b4
运行截图
VirSCAN

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号