VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:86
Behavior list
Basic Information
MD5:75c618c16d4307fbd7b38550db03cae2
file type:zip
Production company:
version:
Shell or compiler information:COMPILER:不是有效的PE文件
Subfile information:QuickHash-Windows-x64-v2.6.9.2.exe / b60014c088e80036eb3e7d429d39b23f / EXE
QuickHash-Windows-x64-v2.6.9.2.exedumpFile / b60014c088e80036eb3e7d429d39b23f / EXE
QuickHash-Windows-x86-v2.6.9.2.exe / 26a938c0e3feb02c4372a324ab9f2849 / EXE
QuickHash-Windows-x86-v2.6.9.2.exedumpFile / 26a938c0e3feb02c4372a324ab9f2849 / EXE
PDF-STREAM-33dumpFile / dac14cf46a80b035eaebb4199764728c / Unknown
PDF-STREAM-15dumpFile / 214eb1c8342f8258c876a2aab3a4095c / Unknown
PDF-STREAM-14dumpFile / 7ca58d65f37aa8d41ee27e87e3f744de / Unknown
UserManual.pdfdumpFile / b1ad58cf116fa6062d051df3ad74484e / Unknown
UserManual.pdf / b1ad58cf116fa6062d051df3ad74484e / Unknown
PDF-STREAM-20dumpFile / bfc7c2153cf7eb00b0edc275025529ca / Unknown
PDF-STREAM-46dumpFile / 3c1fbe7d7542e972963b2480fdc425a6 / Unknown
PDF-STREAM-49dumpFile / 25e42e0b3fed61dd941fde14a669b5cd / Unknown
PDF-STREAM-23dumpFile / 1110d56d88247e277e66535b9308dc45 / Unknown
PDF-STREAM-43dumpFile / 2024c49fca52f18fa5a40520a7e83ec2 / Unknown
PDF-STREAM-7dumpFile / b5a064b848bb1a7f6ecd6ba6a8f53e70 / Unknown
PDF-STREAM-26dumpFile / 52bb1b4c071886d66cda39b67d3bb53d / Unknown
PDF-STREAM-27dumpFile / 13c97fb702984b532783fe48351aeeb8 / Unknown
PDF-STREAM-28dumpFile / 41aa49234fb436343f114ff593c964fa / Unknown
PDF-STREAM-38dumpFile / b2462dc94bc96f709456d92c2b2be71b / Unknown
Key behavior
Behavior description:获取窗口截图信息
details:Foreground window Info: HWND = 0x00000000, DC = 0x91010558.
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.AEM
Behavior description:创建事件对象
details:EventName = MSCTF.SendReceive.Event.AEM.IC
EventName = MSCTF.SendReceiveConection.Event.AEM.IC
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000053
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000053
MSCTF.SendReceive.Event.ELH.IC
MSCTF.SendReceiveConection.Event.ELH.IC
Behavior description:窗口信息
details:Pid = 3132, Hwnd=0x40382, Text = System RAM, ClassName = Button(GroupBox).
Pid = 3132, Hwnd=0x15030c, Text = Hash Algorithm, ClassName = Button(GroupBox).
Pid = 3132, Hwnd=0xb03ba, Text = SHA512, ClassName = Button(RadioButton).
Pid = 3132, Hwnd=0x40394, Text = SHA256, ClassName = Button(RadioButton).
Pid = 3132, Hwnd=0x6037e, Text = SHA-1, ClassName = Button(RadioButton).
Pid = 3132, Hwnd=0x503ca, Text = MD5, ClassName = Button(RadioButton).
Pid = 3132, Hwnd=0x140306, Text = Text Hashing, ClassName = Button(GroupBox).
Pid = 3132, Hwnd=0x16032e, Text = Additional Text Hashing Functions, ClassName = Button(GroupBox).
Pid = 3132, Hwnd=0xc038a, Text = Source text included in output, ClassName = Button(CheckBox).
Pid = 3132, Hwnd=0x603c6, Text = Clear Text Area, ClassName = Button.
Pid = 3132, Hwnd=0xf034a, Text = TEXT Line-By-Line, ClassName = Button.
Pid = 3132, Hwnd=0x100320, Text = Txt FILE Line-By-Line, ClassName = Button.
Pid = 3132, Hwnd=0x2102bc, Text = ..., ClassName = Edit.
Pid = 3132, Hwnd=0x303dc, Text = ...hash value , ClassName = Edit.
Pid = 3132, Hwnd=0xa03b0, Text = Type or paste text here - hash will update as you type , ClassName = Edit.
Behavior description:获取窗口截图信息
details:Foreground window Info: HWND = 0x00000000, DC = 0x91010558.
Behavior description:隐藏指定窗口
details:[Window,Class] = [Quick Hash,Window]
Behavior description:打开互斥体
details:ShimCacheMutex
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号