VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Basic Information

MD5: 516c021febede2962c9252df85606c76
file type: EXE
Production company: Adobe Systems Incorporated
version: 1.801.10.4720---1.801.10.4720
Shell or compiler information: COMPILER:Microsoft Visual Studio .NET 2005 -- 2008 -> Microsoft Corporation [Overlay] *

Key behavior

Behavior description: 获取TickCount值
details: TickCount = 216506, SleepMilliseconds = 210.
TickCount = 216522, SleepMilliseconds = 210.
TickCount = 216585, SleepMilliseconds = 210.
TickCount = 216788, SleepMilliseconds = 210.

File behavior

Behavior description: 创建文件
details: C:\Documents and Settings\Administrator\Local Settings\Temp\AdobeARM.log
Behavior description: 修改文件内容
details: C:\Documents and Settings\Administrator\Local Settings\Temp\AdobeARM.log ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\AdobeARM.log ---> Offset = 54
C:\Documents and Settings\Administrator\Local Settings\Temp\AdobeARM.log ---> Offset = 94
Behavior description: 查找文件
details: FileName = C:\Program Files
FileName = C:\Program Files\Common Files
FileName = C:\Program Files\Common Files\Adobe
FileName = C:\Program Files\Common Files\Adobe\ARM
FileName = C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe\*.*

Registry behavior

Behavior description: 修改注册表
details: \REGISTRY\MACHINE\SOFTWARE\Adobe\Adobe ARM\1.0\ARM\iCanExit
Behavior description: 删除注册表键值
details: \REGISTRY\MACHINE\SOFTWARE\Adobe\Adobe ARM\1.0\ARM\iCanExit

Other behavior

Behavior description: 创建互斥体
details: oleacc-msaa-loaded
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Behavior description: 创建事件对象
details: EventName = Global\userenv: User Profile setup event
EventName = Global\crypt32LogoffEvent
Behavior description: 获取TickCount值
details: TickCount = 216506, SleepMilliseconds = 210.
TickCount = 216522, SleepMilliseconds = 210.
TickCount = 216585, SleepMilliseconds = 210.
TickCount = 216788, SleepMilliseconds = 210.
Behavior description: 调整进程token权限
details: SE_LOAD_DRIVER_PRIVILEGE
Behavior description: 打开事件
details: HookSwitchHookEnabledEvent
Global\crypt32LogoffEvent
_fCanRegisterWithShellService
Behavior description: 调用Sleep函数
details: [1]: MilliSeconds = 210.

Run screenshot

VirSCAN