VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:79
Behavior list
Basic Information
MD5:7718ec96916267e5591fe25e270bff82
file type:ELF64
Production company:
version:
Shell or compiler information:
Process behavior
Behavior description:装载新程序
details:execve: /tmp/bin/****.elf
execve:
execve: -c cd / && run-parts --report /etc/cron.hourly
Behavior description:进程结束
details:procexit status=0
procexit status=9
Behavior description:clone系统调用
details:clone: nil (PID=2499)
clone: nil (PID=2500)
File behavior
Behavior description:读取文件
details:read: path=/lib/x86_64-linux-gnu/libc.so.6, size=832
read: path=/etc/pam.d/cron, size=527
read: path=/etc/pam.d/common-auth, size=1249
read: path=/lib/x86_64-linux-gnu/security/pam_unix.so, size=832
read: path=/lib/x86_64-linux-gnu/libcrypt.so.1, size=832
read: path=/lib/x86_64-linux-gnu/security/pam_deny.so, size=832
read: path=/lib/x86_64-linux-gnu/security/pam_permit.so, size=832
read: path=/lib/x86_64-linux-gnu/security/pam_cap.so, size=832
read: path=/lib/x86_64-linux-gnu/libcap.so.2, size=832
read: path=/etc/pam.d/common-auth, size=0
read: path=/lib/x86_64-linux-gnu/security/pam_env.so, size=832
read: path=/etc/pam.d/common-account, size=1208
read: path=/etc/pam.d/common-account, size=0
read: path=/etc/pam.d/common-session-noninteractive, size=1435
read: path=/lib/x86_64-linux-gnu/security/pam_umask.so, size=832
Behavior description:打开文件
details:open: path=/etc/ld.so.cache, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libc.so.6, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/tmp/tmpf3QyeL2, flags=O_EXCL|O_CREAT|O_RDWR, mode=0
open: path=/etc/pam.d/cron, flags=O_RDONLY, mode=0
open: path=/etc/pam.d/common-auth, flags=O_RDONLY, mode=0
open: path=/lib/x86_64-linux-gnu/security/pam_unix.so, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libcrypt.so.1, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/security/pam_deny.so, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/security/pam_permit.so, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/security/pam_cap.so, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/libcap.so.2, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/lib/x86_64-linux-gnu/security/pam_env.so, flags=O_RDONLY|O_CLOEXEC, mode=0
open: path=/etc/pam.d/common-account, flags=O_RDONLY, mode=0
open: path=/etc/pam.d/common-session-noninteractive, flags=O_RDONLY, mode=0
open: path=/lib/x86_64-linux-gnu/security/pam_umask.so, flags=O_RDONLY|O_CLOEXEC, mode=0
Network behavior
Behavior description:connect
details:connect: ffff880079444a80->ffff880063123c00 /dev/log
connect: 0->ffff88006335a000 /var/run/nscd/socket
Behavior description:创建套接字
details:socket: domain=16(AF_ROUTE) type=3 proto=9
socket: domain=1(AF_LOCAL) type=524290 proto=0
socket: domain=1(AF_LOCAL) type=526337 proto=0
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号