VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:79
Behavior list
Basic Information
MD5:1a07eadc22d83a545405e5087c17ae12
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:PE+(64)
Subfile information:Qt5Gui.dll / 9a543d6b67e3b0d31bcac3ca3c1dac77 / DLL
Qt5Core.dll / 08cf0d89d829e07f7e174ae2e72289b9 / DLL
Qt5Widgets.dll / f5084ed19c77687e4cff48d892a908a2 / DLL
DiskSpeedTest.exe / 788f39f1af8e3c4d825e371fcf60c0e8 / EXE
Disk Speed Test Manual.pdfdumpFile / 8e83de92625ca6fb84c8def6e5631455 / Unknown
Disk Speed Test Manual.pdf / 8e83de92625ca6fb84c8def6e5631455 / Unknown
qwindows.dll / 95cbe5f06140c36def93346d07b06232 / DLL
投稿送现金.url / 58a4a103e89dd7f1abbddc07ee2e287c / Unknown
进入小高教学网学习技术.url / 70eca675a7cf40b4ab125b9379a8fc73 / Unknown
淘宝天猫内部优惠券领取.url / 56777cd7e45fb296dff60d67b52cd2ec / Unknown
DiskSpeedTest.visualelementsmanifest.xml / 54679868777451a3f4a9b92956bb5ed3 / Unknown
qt.conf / 417bba66c41f5d0300eabfea557472fa / Unknown
Process behavior
Behavior description:创建本地线程
details:ProcessId = 3068, ThreadId = 2928.
ProcessId = 3068, ThreadId = 2212.
ProcessId = 3068, ThreadId = 3256.
File behavior
Behavior description:创建文件
details:C:\Users\Administrator\DiskSpeedTestTemp
Behavior description:删除文件
details:C:\Users\Administrator\DiskSpeedTestTemp
Behavior description:查找文件
details:FileName = \\?\C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\Disk+Speed+Test\Disk Speed Test\plugins\platforms\*
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\USER\S-1-5-21-1170589654-2814428265-349930785-500\SOFTWARE\Blackmagic Design\DiskSpeedTest\test\seconds
Other behavior
Behavior description:检测自身是否被调试
details:IsDebuggerPresent
Behavior description:创建互斥体
details:DISK_SPEED_TEST_AD628AD7-812E-4039-8742-C8D2029331FE
Behavior description:隐藏指定窗口
details:[Window,Class] = [Blackmagic Design Disk Speed Test,Qt5QWindowIcon]
Behavior description:查找指定窗口
details:FindWindowW: [Class,Window] = [ApplicationManager_DesktopShellWindow,]
Behavior description:打开事件
details:MSFT.VSA.COM.DISABLE.3068
MSFT.VSA.IEC.STATUS.6c736db0
\KernelObjects\MaximumCommitCondition
Behavior description:窗口信息
details:Pid = 3068, Hwnd=0x1028a, Text = Blackmagic Design Disk Speed Test, ClassName = Qt5QWindowIcon.
Behavior description:调用Sleep函数
details:[1]: MilliSeconds = 0.
[2]: MilliSeconds = 50.
Behavior description:打开互斥体
details:Local\ShimViewer
Local\MSCTF.Asm.MutexDefault1S-1-5-21-1170589654-2814428265-349930785-500
CicLoadWinStaWinSta0
Local\MSCTF.CtfMonitorInstMutexDefault1
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号