VirSCAN VirSCAN

1, Você pode enviar qualquer arquivo, porém com um limite de 20Mb por arquivo.
2, VirSCAN suporta arquivos Rar/Zip, porém ele deve conter menos que 20 arquivos.
3, VirSCAN consegue verificar arquivos compactados com senha 'infected' ou 'virus'.

Idioma
Carga do sistema
Server Load

Informação de arquivo
Classificação de segurança:74
Lista de comportamento
Informação básica
MD5:263825c8f8c0455e766160155b02d748
Tipo de arquivo:EXE
Empresa de produção:这殇丶流星雨
Versão:2.4.0.0---2.4.0.0
Informações sobre shell ou compilador:
Comportamento chave
Descrição do comportamento:隐藏指定窗口
Detalhes:[Window,Class] = [<,AfxWnd42s]
[Window,Class] = [>,AfxWnd42s]
[Window,Class] = [,ComboLBox]
[Window,Class] = [标签,Afx:400000:b:10011:1900015:0]
[Window,Class] = [行会阵营,Afx:400000:b:10011:1900015:0]
[Window,Class] = [行会名称,Afx:400000:b:10011:1900015:0]
[Window,Class] = [行会会长,Afx:400000:b:10011:1900015:0]
[Window,Class] = [,Button]
[Window,Class] = [,CPageControl]
[Window,Class] = [,SysListView32]
[Window,Class] = [添加道具,Afx:400000:b:10011:1900015:0]
[Window,Class] = [为,Afx:400000:b:10011:1900015:0]
[Window,Class] = [,Afx:400000:8]
[Window,Class] = [,Afx:400000:8:10011:1900015:0]
[Window,Class] = [账号商城点数,Afx:400000:b:10011:1900015:0]
Comportamento do registro
Descrição do comportamento:修改注册表
Detalhes:\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Multimedia\DrawDib\vga.drv 1676x885x32(BGR 0)
Outro comportamento
Descrição do comportamento:创建互斥体
Detalhes:RasPbFile
Descrição do comportamento:内联HOOK
Detalhes:C:\WINDOWS\system32\GDI32.dll--->ExtTextOutA Offset = 0x0
C:\WINDOWS\system32\GDI32.dll--->ExtTextOutW Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetWindowLongA Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->SetWindowLongA Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->SetWindowLongW Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetWindowLongW Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->BeginPaint Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->EndPaint Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetWindowDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->ReleaseDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->WindowFromDC Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetScrollInfo Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetScrollPos Offset = 0x0
C:\WINDOWS\system32\USER32.dll--->GetScrollRange Offset = 0x0
Descrição do comportamento:查找指定窗口
Detalhes:NtUserFindWindowEx: [Class,Window] = [,]
Descrição do comportamento:隐藏指定窗口
Detalhes:[Window,Class] = [<,AfxWnd42s]
[Window,Class] = [>,AfxWnd42s]
[Window,Class] = [,ComboLBox]
[Window,Class] = [标签,Afx:400000:b:10011:1900015:0]
[Window,Class] = [行会阵营,Afx:400000:b:10011:1900015:0]
[Window,Class] = [行会名称,Afx:400000:b:10011:1900015:0]
[Window,Class] = [行会会长,Afx:400000:b:10011:1900015:0]
[Window,Class] = [,Button]
[Window,Class] = [,CPageControl]
[Window,Class] = [,SysListView32]
[Window,Class] = [添加道具,Afx:400000:b:10011:1900015:0]
[Window,Class] = [为,Afx:400000:b:10011:1900015:0]
[Window,Class] = [,Afx:400000:8]
[Window,Class] = [,Afx:400000:8:10011:1900015:0]
[Window,Class] = [账号商城点数,Afx:400000:b:10011:1900015:0]
Descrição do comportamento:窗口信息
Detalhes:Pid = 1460, Hwnd=0x107d2, Text = 标签, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x107d0, Text = 标签, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x107b2, Text = 踢出行会, ClassName = Button.
Pid = 1460, Hwnd=0x107b0, Text = 修改, ClassName = Button.
Pid = 1460, Hwnd=0x107ac, Text = 行会成员等级, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x10710, Text = 使用效果2, ClassName = Button(GroupBox).
Pid = 1460, Hwnd=0x10774, Text = 确定修改, ClassName = Button.
Pid = 1460, Hwnd=0x1076c, Text = 能力类型1, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x10766, Text = 能力3值, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x10762, Text = 能力类型3, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x1075e, Text = 能力2值, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x1075a, Text = 能力类型2, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x10756, Text = 能力1值, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x10754, Text = 回HP, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 1460, Hwnd=0x10750, Text = 回SP, ClassName = Afx:400000:b:10011:1900015:0.
Executar captura de tela
VirSCAN

Sobre o VirSCAN | Política de Privacidade | Contate-nos | Link amigável | Ajude o VirSCAN
Traduzido por Luis A S C Junior, (Brasil)
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号