VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
UClient.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:UClient.exe
file type:EXEx86
Submission time:2018-11-09 10:30:56
MD5:29615d91b9e1370baf21bb5850087ea9
sha256:0f6b60c1b13024beb0c4977220a7e9f2b4addb97b4e53977dc23a6f08f983877
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Abnormal flow detection system:0
Hunting system:0
DGA domain name recognition system:0
Network behavior report
No behavioral characteristics detected
Document release report
file name:UClient.db-journal
file type:data
file size:512
MD5:7ed68c1339a5ed098505268eaa366944
file name:UClient.db-journal
file type:data
file size:4616
MD5:10f640877b712352d6ce7f58ae9c5393
file name:UClient.db-journal
file type:data
file size:4616
MD5:998ab3aa3b26fb64912a22769e17f701
file name:UClient.db-journal
file type:data
file size:4616
MD5:3d2827cb4aa715979bf9cb26e595020a
file name:UClient.db-journal
file type:data
file size:12824
MD5:9e890e1653906536e82859e9d8aa3433
file name:UClient.db-journal
file type:data
file size:12824
MD5:422fb5adc6b1dcdb69743edcb321feff
file name:uclient.lnk
file type:MS Windows shortcut
file size:502
MD5:11cfa428668e10694b739da98f6ef47c
file name:apporder.xml
file type:XML document, UTF-8 Unicode (with BOM) text
file size:79
MD5:bac02ebf3111d51121a9d094e148a690
file name:bindingui.jar
file type:Zip archive data, at least v2.0 to extract
file size:32660
MD5:d3540a14821c41113c51467f8920046e
file name:client.esc
file type:XML document, UTF-8 Unicode (with BOM) text
file size:811
MD5:3c0f58194e91aebddcef9bb5efc0072a
file name:app.esc
file type:XML document text
file size:1078
MD5:84a0d5af0962836d94f664e3798c35c9
file name:inceptor.jar
file type:Zip archive data, at least v2.0 to extract
file size:745099
MD5:541af6fb6097d70769895b9b15b7e758
file name:procid
file type:ASCII text, with no line terminators
file size:4
MD5:630b7d8dd49a0bab667498f287d68c16
file name:ubrowser.zip
file type:Zip archive data, at least v2.0 to extract
file size:10096640
MD5:96af22715398b1c1d145f0c9f1797170
file name:agent.zip.dg
file type:ASCII text, with no line terminators
file size:32
MD5:d782fefc63d9c85a5d11ca2105095745
file name:ubrowser.zip
file type:Zip archive data, at least v2.0 to extract
file size:12619776
MD5:3aced25be9c9df3e531d1c6311b4378f
file name:main.log
file type:ASCII text, with CRLF line terminators
file size:14599
MD5:99de078ea78c882ca7296491bb68c876
file name:ubrowser.zip
file type:Zip archive data, at least v2.0 to extract
file size:15040512
MD5:d53d57ad6f78ebf098565cc24bec051e
file name:main.log
file type:ASCII text, with CRLF line terminators
file size:15135
MD5:8a0ee340e59a683247847da3d9145583
file name:ubrowser.zip
file type:Zip archive data, at least v2.0 to extract
file size:18268160
MD5:831d84e930563a48251b701037de9903
file name:uclient.db
file type:SQLite 3.x database, user version 1
file size:28672
MD5:29d59df1994e1e780c623adde18183b9
File process number report
Process details:0
Document behavior signature report
category:IP
ioc:Scanf 52.84.*.* for 12 times
type:ioc
category:registry
ioc:HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSecurityDisableSecuritySettingsCheck
type:ioc
category:registry
ioc:HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSecurityDisableSecuritySettingsCheck
type:ioc
api:NtCreateFile
category:file
type:call
api:NtCreateFile
category:file
type:call
api:NtCreateFile
category:file
type:call
api:NtCreateFile
category:file
type:call
api:NtCreateFile
category:file
type:call
api:NtCreateFile
category:file
type:call
api:NtCreateFile
category:file
type:call
api:NtCreateFile
category:file
type:call
category:url
ioc:http://cdp.geotrust.com/GeoTrustRSACA2018.crl0L
type:ioc
category:url
ioc:http://status.geotrust.com0=
type:ioc
category:url
ioc:http://cacerts.geotrust.com/GeoTrustRSACA2018.crt0
type:ioc
category:url
ioc:http://gn.symcb.com/gn.crl0
type:ioc
category:url
ioc:https://www.geotrust.com/resources/repository/legal0A
type:ioc
category:url
ioc:https://www.geotrust.com/resources/repository/legal0
type:ioc
category:url
ioc:http://gn.symcd.com0&
type:ioc
category:url
ioc:http://gn.symcb.com/gn.crt0
type:ioc
category:url
ioc:http://g1.symcb.com/crls/gtglobal.crl0/
type:ioc
category:url
ioc:http://g2.symcb.com0L
type:ioc
category:url
ioc:http://www.geotrust.com/resources/cps0
type:ioc
category:url
ioc:http://www.w3.org/1999/02/22-rdf-syntax-ns#
type:ioc
category:url
ioc:http://ns.adobe.com/tiff/1.0/
type:ioc
category:url
ioc:http://ns.adobe.com/xap/1.0/
type:ioc
category:url
ioc:http://ns.adobe.com/exif/1.0/
type:ioc
category:url
ioc:http://ns.adobe.com/xap/1.0/mm/
type:ioc
category:url
ioc:http://ns.adobe.com/xap/1.0/sType/ResourceEvent#
type:ioc
category:url
ioc:http://purl.org/dc/elements/1.1/
type:ioc
category:url
ioc:http://ns.adobe.com/photoshop/1.0/
type:ioc
api:GetUserNameW
category:misc
type:call
api:GetUserNameW
category:misc
type:call
api:GetUserNameW
category:misc
type:call
category:request
ioc:POST https://uclient.yonyoucloud.com//api/uclient/connectusurl.rest
type:ioc
category:request
ioc:POST https://uclient.yonyou.com//api/update/check.rest?time=&sessionid=
type:ioc
category:request
ioc:POST https://uclient.yonyou.com//api/uclient/uclientcustomize.rest?version=2.0.0-build%2B201809201535
type:ioc
category:request
ioc:POST https://uclient.yonyou.com//api/message/myreceivemessages.rest
type:ioc
category:request
ioc:POST https://uclient.yonyou.com//api/update/check.rest?time=1541730804227&sessionid=
type:ioc
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetDiskFreeSpaceExW
category:misc
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:GetKeyState
category:system
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
api:FindWindowW
category:ui
type:call
Static information
No static information detected

| | | |
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号