VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:80
Behavior list
Basic Information
MD5:7e12a7e84926ef6123c49350a3968bf7
file type:7z
Production company:
version:6.5.3.1210---6, 5, 3, 1210
Shell or compiler information:
Subfile information:360WangpanPlay.exe / big file / EXE
360WangPan.exe / big file / EXE
skin_std.stg / 0d097a8423f44d901c4b262e09fab02e / Compound
360GameMini.exe / 6c651f598fc4e2fd10974f65d44f46df / EXE
360CloudApi.dll / 5759b1d1b143a84e9bc88016f7a8a3b8 / DLL
360CloudSync.dll / 9ea01058cf128b92c0c246a69c824d73 / DLL
360Login.dll / 7d9bf39c6073d652b2822e1dd292eae2 / DLL
Inst.exe / dd264e7ec17211cf417ef855ceabc094 / EXE
ExtAndroid.exe / ebd113c0c10d4f800d19c16481cf4036 / EXE
360Base.dll / e43e7e408bfca335cc4240b7c1bbb8ca / DLL
360P2SP.dll / 96c74f16a2b94f33ce54df012e1a9143 / DLL
skin_green.stg / 9f4e0d8ed33621e791b603eefef21067 / Compound
skin_red.stg / b5453f4fabbab6c3c1f3acbb3f44f6e2 / Compound
skin_purple.stg / 865e2e19a92cddc2e96911510dded2c1 / Compound
skin_black.stg / b6cb8f61a273b9074c2a2334267e06a6 / Compound
skin_pink.stg / 68799a6c399fb8d88c945d0d10f637dd / Compound
360CloudBar64.dll / 50cea5fb84b2f7e833f2c0be87b9112d / DLL
LiveUpd360.dll / 299f4394db122aa9dd9328b4337e1f72 / DLL
360CloudBar.dll / 5430b2a10882c8783b340fb57d0d51a5 / DLL
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.ANM..IEFJH
MSCTF.MarshalInterface.FileMap.ANM.B.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.C.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.D.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.E.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.F.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.G.IEFJH
MSCTF.Shared.SFM.ANM
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Button]
[Window,Class] = [正在安装360云盘...,Static]
[Window,Class] = [,Edit]
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.ANM..IEFJH
MSCTF.MarshalInterface.FileMap.ANM.B.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.C.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.D.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.E.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.F.IEFJH
MSCTF.MarshalInterface.FileMap.ANM.G.IEFJH
MSCTF.Shared.SFM.ANM
Behavior description:重命名文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{0315E7F3-75BA-4cf6-8DED-A9286C6A005E}.tmp\7z.dll ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{80367455-3BB5-410c-9C5E-5595C2FCCBA9}.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\errors.ico ---> C:\Program Files\360\360WangPan\CloudMini\icons\errors.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\ignore.ico ---> C:\Program Files\360\360WangPan\CloudMini\icons\ignore.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\new_desktop.ico ---> C:\Program Files\360\360WangPan\new_desktop.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\new_desktop.ico ---> C:\Program Files\360\360WangPan\CloudMini\icons\new_desktop.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\new_desktop_win7.ico ---> C:\Program Files\360\360WangPan\new_desktop_win7.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\new_desktop_win7.ico ---> C:\Program Files\360\360WangPan\CloudMini\icons\new_desktop_win7.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\pause.ico ---> C:\Program Files\360\360WangPan\CloudMini\icons\pause.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\synced.ico ---> C:\Program Files\360\360WangPan\CloudMini\icons\synced.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\syncing.ico ---> C:\Program Files\360\360WangPan\CloudMini\icons\syncing.ico
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\360CloudIntro.xml ---> C:\Program Files\360\360WangPan\360CloudIntro.xml
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\DumpUper.ini ---> C:\Program Files\360\360WangPan\DumpUper.ini
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\language.ini ---> C:\Program Files\360\360WangPan\language.ini
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\mpsupport.ini ---> C:\Program Files\360\360WangPan\mpsupport.ini
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\NetTest.ini ---> C:\Program Files\360\360WangPan\NetTest.ini
Behavior description:创建可执行文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{0315E7F3-75BA-4cf6-8DED-A9286C6A005E}.tmp\7z.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\360GameMini.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\360WangPan.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\360WangpanPlay.exe
Behavior description:修改文件内容
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{82C62971-33C3-490b-B43D-9083A29B3D6A}.tmp---> Offset = 12288
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{DC98504A-E943-4d84-B8BE-07B4E2112304}.tmp---> Offset = 12288
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\errors.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\ignore.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\new_desktop.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\new_desktop.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\new_desktop_win7.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\new_desktop_win7.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\pause.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\synced.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\syncing.ico---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\360CloudIntro.xml---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\DumpUper.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\language.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\mpsupport.ini---> Offset = 0
Behavior description:查找文件
details:FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{0315E7F3-75BA-4cf6-8DED-A9286C6A005E}.tmp\*.*
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\errors.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\ignore.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\new_desktop.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\new_desktop.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\new_desktop_win7.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\new_desktop_win7.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\pause.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\synced.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\CloudMini\icons\syncing.ico
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\360CloudIntro.xml
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\DumpUper.ini
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{C5C33401-0E41-4513-9C37-82833208ED56}.tmp\language.ini
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1A893393-71A8-4a50-95A1-2B89DE87B24C}\
\REGISTRY\MACHINE\SOFTWARE\360Safe\Liveup\mid
\REGISTRY\MACHINE\SYSTEM\ControlSet002\Control\Session Manager\PendingFileRenameOperations
Behavior description:删除注册表键
details:\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1A893393-71A8-4a50-95A1-2B89DE87B24C}
Other behavior
Behavior description:创建互斥体
details:1830B7BD-F7A3-4c4d-989B-C004DE465EDE 3276
360云盘轻版
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.ANM
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Button]
[Window,Class] = [正在安装360云盘...,Static]
[Window,Class] = [,Edit]
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:直接操作物理设备
details:\??\PhysicalDrive0
Behavior description:窗口信息
details:Pid = 3276, Hwnd=0x202a6, Text = 正在准备中..., ClassName = Button.
Pid = 3276, Hwnd=0x202a8, Text = 安装程序准备中,请稍侯..., ClassName = Static.
Pid = 3276, Hwnd=0x202cc, Text = 安装到:, ClassName = Static.
Pid = 3276, Hwnd=0x202b4, Text = C:\Program Files\360\360WangPan, ClassName = Edit.
Pid = 3276, Hwnd=0x302bc, Text = 已经阅读并同意, ClassName = Button(CheckBox).
Pid = 3276, Hwnd=0x202d8, Text = 使用许可协议, ClassName = Static.
Pid = 3276, Hwnd=0x202c2, Text = 安装完成后打开360云盘, ClassName = Button(CheckBox).
Pid = 3276, Hwnd=0x202c4, Text = 正在安装360云盘..., ClassName = Static.
Pid = 3276, Hwnd=0x202c8, Text = 自定义, ClassName = Static.
Pid = 3276, Hwnd=0x202ca, Text = 开机时自动启动云盘, ClassName = Button(CheckBox).
Pid = 3276, Hwnd=0x202a2, Text = 欢迎使用 360云盘, ClassName = #32770.
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号