VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:87
Behavior list
Basic Information
MD5:63f12a7ad93912a70fa6ce3e135b6ffa
file type:Rar
Production company:
version:
Shell or compiler information:PACKER:不是有效的PE文件
Subfile information:witcher3v131+13tr.exedumpFile / 807c6e4aaf6704db40242b29cccecbe6 / EXE
witcher3v131+13tr.exe / 807c6e4aaf6704db40242b29cccecbe6 / EXE
下载说明.txt / e482b095724215caf987b58977ad0162 / Unknown
游民星空 Gamersky.com.url / 1e2afd10cc59022d1a1e5e5955785cda / Unknown
Key behavior
Behavior description:获取窗口截图信息
details:Foreground window Info: HWND = 0x00000000, DC = 0xa60106f1.
Foreground window Info: HWND = 0x00000000, DC = 0x11010798.
File behavior
Behavior description:查找文件
details:FileName = C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\witcher3v131tr13hog\witcher3v131+13tr.zh-CN
FileName = C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\witcher3v131tr13hog\witcher3v131+13tr.zh-Hans
FileName = C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\witcher3v131tr13hog\witcher3v131+13tr.zh
FileName = C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\witcher3v131tr13hog\witcher3v131+13tr.en-US
FileName = C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\witcher3v131tr13hog\witcher3v131+13tr.en
FileName = C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\witcher3v131tr13hog\witcher3v131+13tr.CHS
FileName = C:\Users\Administrator\AppData\Local\%temp%\****.exe_7zdump\witcher3v131tr13hog\witcher3v131+13tr.CH
Other behavior
Behavior description:检测自身是否被调试
details:N/A
Behavior description:创建互斥体
details:Local\SessionImmersiveColorMutex
Behavior description:隐藏指定窗口
details:[Window,Class] = [The Witcher 3 v1.31 +13 Trainer,TForm1]
[Window,Class] = [,TJvControlForm]
Behavior description:查找指定窗口
details:FindWindowExW: [Class,Window] = [OleMainThreadWndClass,]
Behavior description:窗口信息
details:Pid = 3160, Hwnd=0x80176, Text = The Witcher 3 v1.31 +13 Trainer, ClassName = TForm1.
Behavior description:打开事件
details:Global\TermSrvReadyEvent
Behavior description:枚举窗口
details:N/A
Behavior description:获取窗口截图信息
details:Foreground window Info: HWND = 0x00000000, DC = 0xa60106f1.
Foreground window Info: HWND = 0x00000000, DC = 0x11010798.
Behavior description:打开互斥体
details:Local\ShimViewer
Local\MSCTF.Asm.MutexDefault1S-1-5-21-1170589654-2814428265-349930785-500
CicLoadWinStaWinSta0
Local\MSCTF.CtfMonitorInstMutexDefault1
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号