VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:77
Behavior list
Basic Information
MD5:66eb475c6dafb6b6772bfa5e4e17224b
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Microsoft Visual C++ v7.1 DLL
Subfile information:imgctl.dlldumpFile / b685d3c9cc35ace4665e10f5e8022581 / DLL
imgctl.dll / b685d3c9cc35ace4665e10f5e8022581 / DLL
UGO TOOL.exedumpFile / 33f8c154ca9556874dc41402d44267be / EXE
UGO TOOL.exe / 33f8c154ca9556874dc41402d44267be / EXE
UgoFlower.gif / bbcc7fd310ad398f159abc30e565abaf / Unknown
UgoFlower.gifdumpFile / bbcc7fd310ad398f159abc30e565abaf / Unknown
gimp.icodumpFile / f3a3e7cd8c52308939aae2808ae5df16 / Unknown
gimp.ico / f3a3e7cd8c52308939aae2808ae5df16 / Unknown
Scr1.gif / 0926054c8c5d33e2cd58f7c83cee4d3a / Unknown
Scr1.gifdumpFile / 0926054c8c5d33e2cd58f7c83cee4d3a / Unknown
Nayami.gifdumpFile / 205aa55a22272eb91545676256fe6aea / Unknown
Nayami.gif / 205aa55a22272eb91545676256fe6aea / Unknown
Ugo.gif / 7bbe278b3f6e0979868d548541b3ff67 / Unknown
Ugo.gifdumpFile / 7bbe278b3f6e0979868d548541b3ff67 / Unknown
Sample3.ugm / 445cee5847022452404c5028b747ca9f / Unknown
Sample3.ugmdumpFile / 445cee5847022452404c5028b747ca9f / Unknown
Sample5.ugm / 693b32329334a94ccd8adbaf5b58ab85 / Unknown
Sample5.ugmdumpFile / 693b32329334a94ccd8adbaf5b58ab85 / Unknown
Sample2.ugm / 148ee93baf9ebb376a9b62315fea82d7 / Unknown
File behavior
Behavior description:创建文件
details:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\ugo_tool-v1.39\Config.dat
Behavior description:修改文件内容
details:C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\ugo_tool-v1.39\Config.dat ---> Offset = 0
Other behavior
Behavior description:创建互斥体
details:僂僑僣乕儖
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.AJM
Behavior description:隐藏指定窗口
details:[Window,Class] = [,msctls_progress32]
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
Behavior description:窗口信息
details:Pid = 3212, Hwnd=0x503b0, Text = 节点数目:0, ClassName = msctls_statusbar32.
Pid = 3212, Hwnd=0xf02ba, Text = ugo tool 1.39涂鸦版 - [ 无题 ], ClassName = UgoToolWindow.
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000040
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000040
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
Behavior description:创建事件对象
details:EventName = DINPUTWINMM
EventName = MSCTF.SendReceive.Event.AJM.IC
EventName = MSCTF.SendReceiveConection.Event.AJM.IC
Behavior description:打开互斥体
details:ShimCacheMutex
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号