VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:76
Behavior list
Basic Information
MD5:f71b4bf3476c85bafe690060cd69ca11
file type:EXE
Production company:Homy
version:5.5.0.1---5.05.0001
Shell or compiler information:PACKER:ASProtect v1.23 RC1 *
Key behavior
Behavior description:获取TickCount值
details:TickCount = 221510, SleepMilliseconds = 10.
TickCount = 221572, SleepMilliseconds = 10.
TickCount = 221588, SleepMilliseconds = 10.
TickCount = 222885, SleepMilliseconds = 10.
TickCount = 222931, SleepMilliseconds = 10.
TickCount = 222947, SleepMilliseconds = 10.
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\MACHINE\SOFTWARE\Classes\.key\
Other behavior
Behavior description:创建互斥体
details:0xa8585, 0xa46, 0xa48, 0x956, 0x814, 0x778, 0x00, 0x21, 0x17, 0x01, 0x06
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.IOH
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
Behavior description:搜索kernel32.dll基地址
details:Instruction Address = 0x00cf13fe
Behavior description:窗口信息
details:Pid = 2632, Hwnd=0x10344, Text = 确定, ClassName = Button.
Pid = 2632, Hwnd=0x10348, Text = Error: 153 , ClassName = Static.
Pid = 2632, Hwnd=0x60340, Text = Protection Error, ClassName = #32770.
Behavior description:调用Sleep函数
details:[1]: MilliSeconds = 10.
[2]: MilliSeconds = 10.
[3]: MilliSeconds = 10.
[4]: MilliSeconds = 10.
[5]: MilliSeconds = 10.
[6]: MilliSeconds = 10.
[7]: MilliSeconds = 1000.
[8]: MilliSeconds = 10.
[9]: MilliSeconds = 10.
[10]: MilliSeconds = 10.
Behavior description:获取TickCount值
details:TickCount = 221510, SleepMilliseconds = 10.
TickCount = 221572, SleepMilliseconds = 10.
TickCount = 221588, SleepMilliseconds = 10.
TickCount = 222885, SleepMilliseconds = 10.
TickCount = 222931, SleepMilliseconds = 10.
TickCount = 222947, SleepMilliseconds = 10.
Behavior description:打开互斥体
details:ShimCacheMutex
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号