VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:72
Behavior list
Basic Information
MD5:f0481c260a1bb3de38638e1384acaccd
file type:EXE
Production company:
version:
Shell or compiler information:PACKER:UPX 0.89.6 - 1.02 / 1.05 - 1.24 -> Markus & Laszlo
Subfile information:upx_c_3bdc805edumpFile / 8e2e85413b646b16343e63a04b343500 / EXE
Key behavior
Behavior description:直接获取CPU时钟
details:EAX = 0x392cde6e, EDX = 0x00000078
EAX = 0x392cdeba, EDX = 0x00000078
EAX = 0x392cdf06, EDX = 0x00000078
EAX = 0x392cdf52, EDX = 0x00000078
EAX = 0x28d12a6c, EDX = 0x00000079
EAX = 0x28d12ab8, EDX = 0x00000079
EAX = 0x28d12b04, EDX = 0x00000079
Other behavior
Behavior description:直接获取CPU时钟
details:EAX = 0x392cde6e, EDX = 0x00000078
EAX = 0x392cdeba, EDX = 0x00000078
EAX = 0x392cdf06, EDX = 0x00000078
EAX = 0x392cdf52, EDX = 0x00000078
EAX = 0x28d12a6c, EDX = 0x00000079
EAX = 0x28d12ab8, EDX = 0x00000079
EAX = 0x28d12b04, EDX = 0x00000079
Behavior description:检测自身是否被调试
details:IsDebuggerPresent
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
Local\MSCTF.CtfActivated.Default1
Local\MSCTF.AsmCacheReady.Default1
Behavior description:打开互斥体
details:Local\MSCTF.Asm.MutexDefault1
Behavior description:窗口信息
details:Pid = 3272, Hwnd=0xa0154, Text = #102, ClassName = Static.
Pid = 3272, Hwnd=0x80152, Text = License Key, ClassName = Button(GroupBox).
Pid = 3272, Hwnd=0xa0186, Text = CC51K-2JE8M-H8E6Y-R6W7E-Q6R80, ClassName = Edit.
Pid = 3272, Hwnd=0x40180, Text = Generate, ClassName = Button.
Pid = 3272, Hwnd=0x40192, Text = © 2017 OnLyOnE, ClassName = Static.
Pid = 3272, Hwnd=0xb015c, Text = VMware Workstation Pro v14.x [KeyGen], ClassName = #32770.
Pid = 3272, Hwnd=0xa0186, Text = YA51K-FAG92-H8ELQ-55ZNV-P7UWD, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = FG582-FZYE5-488KP-PYM5C-MYKX0, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = FF3T2-2HF1P-081PP-VPMZV-MKHAF, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = FC15R-0ZG11-481XQ-05QGZ-W72WF, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = FF308-AKW81-H8EDY-2YWEV-NZ8F2, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = UA34K-DWWEH-H84EP-MYZZG-NK8A6, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = CF5XA-8CDEP-0854Q-T4XGG-NKUYD, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = FZ34K-FTY05-0802Z-H5YE9-ZAUC2, ClassName = Edit.
Pid = 3272, Hwnd=0xa0186, Text = AZ10H-6UW4K-M89NZ-ADXZG-NG2F4, ClassName = Edit.
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号