VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Basic Information

MD5: 37a4f4c68f350b7dbf1fd4468d1e514e
file type: EXE
Production company:
version: 1.0.0.0---1.0.0.0
Shell or compiler information: PACKER:ASProtect 1.2x - 1.3x [Registered] -> Alexey Solodovnikov

Key behavior

Behavior description: 直接获取CPU时钟
details: EAX = 0x9689f404, EDX = 0x00000039
EAX = 0x9689f450, EDX = 0x00000039

File behavior

Behavior description: 查找文件
details: FileName = C:\Users\Administrator\AppData\Local\%temp%\aspr_keys.ini
FileName = C:\Users\Administrator\AppData\Local\%temp%\log\*-*.log

Other behavior

Behavior description: 检测自身是否被调试
details: IsDebuggerPresent
Behavior description: 打开互斥体
details: Local\MSCTF.Asm.MutexDefault1
Behavior description: 窗口信息
details: Pid = 2524, Hwnd=0x201ba, Text = 查看, ClassName = Button.
Pid = 2524, Hwnd=0x20180, Text = 2017年7月9日, ClassName = SysDateTimePick32.
Pid = 2524, Hwnd=0x20182, Text = 2017年7月9日, ClassName = SysDateTimePick32.
Pid = 2524, Hwnd=0x20184, Text = 2017年7月9日, ClassName = SysDateTimePick32.
Pid = 2524, Hwnd=0x20186, Text = 写入数据, ClassName = Button.
Pid = 2524, Hwnd=0x30188, Text = 程序暂未命名 ver:Alpha 1.11, ClassName = WTWindow.
Behavior description: 搜索kernel32.dll基地址
details: Instruction Address = 0x0051076f
Behavior description: 打开事件
details: HookSwitchHookEnabledEvent
Local\MSCTF.CtfActivated.Default1
Local\MSCTF.AsmCacheReady.Default1
Behavior description: 直接获取CPU时钟
details: EAX = 0x9689f404, EDX = 0x00000039
EAX = 0x9689f450, EDX = 0x00000039

Run screenshot

VirSCAN