VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

  Main Menu
VirSCAN  HOME VirSCAN  go Virscan.org VirSCAN  Report VirSCAN  Virus report VirSCAN  Behavior report VirSCAN  Help VirSCAN VirSCAN  Submit Bugs VirSCAN  Contact us VirSCAN  URL detection VirSCAN  API VirSCAN  uploader for windows(test)
  Powered By
a-squared
a-squared
a-squared
 
File information
Safety rating:79
Behavior list
Basic Information
MD5:08fb9f4c4277bbf98379c3751d4635f1
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Microsoft Visual C++ 6.0
Subfile information:upx_c_ca15c13ddumpFile / 39e9df1d0bf1e9baadf70fae5361cd74 / EXE
upx_c_e107b5cadumpFile / 772f736472922a7a015e0e1a238c6b56 / EXE
Win7_OEM_Cert&SLP_Key_Importing_tools_v2.6.exe / 4d11b31079eca3997088ccd619c3889a / 7z
Win7_OEM证书序列号导入工具v2.6.exe / 95b2e67caa87efcd3a55dee3bc1f9dba / 7z
重要说明.txt / 37d2de9c5796c326e238bf2fd1bea71b / Unknown
烈火网下载说明.txt / ddbd0ed4bbaf753f843de364b2e6b060 / Unknown
烈火网下载频道.url / 6c15e525b8a28d19c9c74c7350d098fb / Unknown
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
Process behavior
Behavior description:创建进程
details:ImagePath = C:\WINDOWS\system32\cmd.exe, CmdLine = cmd /c ""C:\Documents and Settings\Administrator\Local Settings\Temp\5.tmp\OEM - en.bat""
Behavior description:创建新文件进程
details:ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM.exe, CmdLine = .\OEM.exe
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
Behavior description:创建可执行文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM.exe
Behavior description:修改文件内容
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\Acer.xrm-ms---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\Advent.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\ALWARE.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\ASUS.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\Benq.xrm-ms---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\DELL.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\FOUNDER.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\FSC.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\FUJITSU.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\GIGABYTE.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\HAIER.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\HASEE.XRM-MS---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\HP.xrm-ms---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\LENOVO.xrm-ms---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\LGE.xrm-ms---> Offset = 0
Behavior description:查找文件
details:FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1446029345.268934.exe_7zdump\Win7_OEMzsdrgj_veryhuo.com\Win7_OEM_Cert&SLP_Key_Importing_tools_v2.6.exe
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\Acer.xrm-ms
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\Advent.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\ALWARE.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\ASUS.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\Benq.xrm-ms
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\DELL.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\FOUNDER.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\FSC.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\FUJITSU.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\GIGABYTE.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\HAIER.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\HASEE.XRM-MS
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS4.tmp\OEM\HP.xrm-ms
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

 pol

京公网安备 11010802020746号