VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:61
Behavior list
Basic Information
MD5:67766ceb8f827dd4e99af10d416ff893
file type:EXE
Production company:
version:
Shell or compiler information:PACKER:PEX 0.99 -> bart/CrackPl
Subfile information:rlpack_12x_full_lzma_a8974ad7dumpFile / 7820e22797bc443b46b8d14b4f3ac4fe / EXE
Key behavior
Behavior description:检测自身是否被调试
details:N/A
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
Behavior description:查找反病毒常用工具窗口
details:NtUserFindWindowEx: [Class,Window] = [FileMonClass,]
NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
File behavior
Behavior description:写权限映射文件
details:DirectSound Administrator shared thread array
Other behavior
Behavior description:检测自身是否被调试
details:N/A
Behavior description:创建互斥体
details:jiojioio
DirectSound DllMain mutex (0x00000488)
DirectSound Administrator shared thread array (lock)
Behavior description:内联HOOK
details:C:\WINDOWS\system32\ntdll.dll--->DbgUiRemoteBreakin Offset = 0x0
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [18467-41,]
Behavior description:尝试打开调试器或监控软件的驱动设备对象
details:\??\SICE
\??\SIWVID
\??\NTICE
Behavior description:窗口信息
details:Pid = 1160, Hwnd=0xb01de, Text = Button1, ClassName = Button.
Pid = 1160, Hwnd=0xc01d6, Text = Patch Hosts File, ClassName = Button.
Pid = 1160, Hwnd=0xd01c8, Text = Button2, ClassName = Button.
Pid = 1160, Hwnd=0xc01c2, Text = nfo, ClassName = Button.
Pid = 1160, Hwnd=0xb01c6, Text = Choose your version..., ClassName = Edit.
Pid = 1160, Hwnd=0xb0184, Text = tam/CORE, ClassName = Edit.
Pid = 1160, Hwnd=0xa01aa, Text = Name, ClassName = Static.
Pid = 1160, Hwnd=0xb01b0, Text = Serial, ClassName = Static.
Pid = 1160, Hwnd=0xd0180, Text = .::. tam/CORE .::., ClassName = #32770.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
Behavior description:查找反病毒常用工具窗口
details:NtUserFindWindowEx: [Class,Window] = [FileMonClass,]
NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
Abnormal crash
Behavior description:检测自身是否被调试
details:N/A
Behavior description:创建互斥体
details:jiojioio
DirectSound DllMain mutex (0x00000488)
DirectSound Administrator shared thread array (lock)
Behavior description:内联HOOK
details:C:\WINDOWS\system32\ntdll.dll--->DbgUiRemoteBreakin Offset = 0x0
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [18467-41,]
Behavior description:尝试打开调试器或监控软件的驱动设备对象
details:\??\SICE
\??\SIWVID
\??\NTICE
Behavior description:窗口信息
details:Pid = 1160, Hwnd=0xb01de, Text = Button1, ClassName = Button.
Pid = 1160, Hwnd=0xc01d6, Text = Patch Hosts File, ClassName = Button.
Pid = 1160, Hwnd=0xd01c8, Text = Button2, ClassName = Button.
Pid = 1160, Hwnd=0xc01c2, Text = nfo, ClassName = Button.
Pid = 1160, Hwnd=0xb01c6, Text = Choose your version..., ClassName = Edit.
Pid = 1160, Hwnd=0xb0184, Text = tam/CORE, ClassName = Edit.
Pid = 1160, Hwnd=0xa01aa, Text = Name, ClassName = Static.
Pid = 1160, Hwnd=0xb01b0, Text = Serial, ClassName = Static.
Pid = 1160, Hwnd=0xd0180, Text = .::. tam/CORE .::., ClassName = #32770.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
Behavior description:查找反病毒常用工具窗口
details:NtUserFindWindowEx: [Class,Window] = [FileMonClass,]
NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号