VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:75
Behavior list
Basic Information
MD5:293752c45d8533009bc349a998a0c598
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Microsoft Visual C++
Subfile information:WININET.DLLdumpFile / 66f1ca970bc5133fa2308a25944474c4 / DLL
WININET.DLL / 66f1ca970bc5133fa2308a25944474c4 / DLL
AboutTime.exedumpFile / a07d6dec61c2886c2a13fe47880a3417 / EXE
AboutTime.exe / a07d6dec61c2886c2a13fe47880a3417 / EXE
AboutTimeHelp.txtdumpFile / 9b7bec108b63635683332c668f35e5e9 / Unknown
AboutTimeHelp.txt / 9b7bec108b63635683332c668f35e5e9 / Unknown
AboutTime.logdumpFile / 5751d5d051eac41e1078f84f3794ddfa / Unknown
AboutTime.log / 5751d5d051eac41e1078f84f3794ddfa / Unknown
请读我.txtdumpFile / 66481938366adb93d69bcd46352267f1 / Unknown
请读我.txt / 66481938366adb93d69bcd46352267f1 / Unknown
AboutTime.inidumpFile / b2aa21ef6e04d5f4f684ebd3b0020856 / Unknown
AboutTime.ini / b2aa21ef6e04d5f4f684ebd3b0020856 / Unknown
Key behavior
Behavior description:隐藏指定窗口
details:[Window,Class] = [帮助,Button]
[Window,Class] = [确定,Button]
[Window,Class] = [取消,Button]
[Window,Class] = [应用(&A),Button]
[Window,Class] = [控制/时间客户端,#32770]
[Window,Class] = [选项,#32770]
[Window,Class] = [时间服务器,#32770]
[Window,Class] = [时间服务端,#32770]
[Window,Class] = [AboutTime 4.8,#32770]
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.MarshalInterface.FileMap.MEK..IALFF
MSCTF.MarshalInterface.FileMap.MEK.B.IALFF
MSCTF.MarshalInterface.FileMap.MEK.C.IALFF
MSCTF.MarshalInterface.FileMap.MEK.D.IALFF
MSCTF.MarshalInterface.FileMap.MEK.E.IALFF
MSCTF.MarshalInterface.FileMap.MEK.F.IALFF
MSCTF.MarshalInterface.FileMap.MEK.G.IALFF
MSCTF.Shared.SFM.MEK
Behavior description:修改文件内容
details:C:\%temp%\1427628934.874790.exe_7zdump\AboutTime.ini---> Offset = 0
C:\%temp%\1427628934.904616.exe_7zdump\AboutTime.log---> Offset = 0
Other behavior
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [,AboutTime 4.8]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:隐藏指定窗口
details:[Window,Class] = [帮助,Button]
[Window,Class] = [确定,Button]
[Window,Class] = [取消,Button]
[Window,Class] = [应用(&A),Button]
[Window,Class] = [控制/时间客户端,#32770]
[Window,Class] = [选项,#32770]
[Window,Class] = [时间服务器,#32770]
[Window,Class] = [时间服务端,#32770]
[Window,Class] = [AboutTime 4.8,#32770]
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.Shared.MUTEX.AEH
MSCTF.Shared.MUTEX.MEK
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号