VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Basic Information

MD5: 2a291c1e811c487faa708c300f1d6117
file type: EXE
Production company:
version: 6.5.5.13---6.5.5.13
Shell or compiler information: COMPILER:Microsoft Visual Studio .NET 2005 -- 2008 -> Microsoft Corporation [Overlay] *

Key behavior

Behavior description: 写权限映射文件
details: CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
qjwmwponkeysetupMap_sample.exe
MSCTF.MarshalInterface.FileMap.AOJ..PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.B.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.C.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.D.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.E.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.F.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.G.PNJFF
MSCTF.Shared.SFM.AOJ
Behavior description: 按名称获取主机地址
details: down.360safe.com

File behavior

Behavior description: 写权限映射文件
details: CiceroSharedMemDefaultS-1-5-21-1482476501-1645522239-1417001333-500
qjwmwponkeysetupMap_sample.exe
MSCTF.MarshalInterface.FileMap.AOJ..PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.B.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.C.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.D.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.E.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.F.PNJFF
MSCTF.MarshalInterface.FileMap.AOJ.G.PNJFF
MSCTF.Shared.SFM.AOJ

Network behavior

Behavior description: 发送一个已连接的套接字数据
details: SOCKET = 0x000006bc, TotalSize = 191, Offset = 0, ReadSize = 191.
Behavior description: 建立到一个指定的套接字连接
details: 219.133.40.1:80
Behavior description: 按名称获取主机地址
details: down.360safe.com

Other behavior

Behavior description: 创建互斥体
details: QJWMONKEYMUTEX_sample.exe
CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Asm.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.Layouts.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TMD.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500
CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500
MSCTF.Shared.MUTEX.AEH
MSCTF.Shared.MUTEX.AOJ
Behavior description: 窗口信息
details: Pid = 2524, Hwnd=0x10352, Text = 下载加速器:360安全卫士, ClassName = DownLoadFrame_7958a.
Behavior description: 查找指定窗口
details: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]

Run screenshot

VirSCAN