VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Basic Information

MD5: 8b78c28acc565e1247a3664a8396d630
file type: Rar
Production company:
version:
Shell or compiler information: COMPILER:PE+(64)
{$lang.habo.subfile_info}>: Call of Duty Infinite Warfare v1.0-Update.2016.11.17 Plus 10 Trainer.exedumpFile / bc63c32e1062f56c953c7b6334932456 / EXE
Call of Duty Infinite Warfare v1.0-Update.2016.11.17 Plus 10 Trainer.exedumpFile / bc63c32e1062f56c953c7b6334932456 / EXE

File behavior

Behavior description: 创建文件
details: C:\Users\Administrator\Documents\FLiNGTrainer\TrainerSettings.ini
C:\Users\Administrator\Documents\FLiNGTrainer\TrainerBGM.mid
Behavior description: 修改文件内容
details: C:\Users\Administrator\Documents\FLiNGTrainer\TrainerSettings.ini ---> Offset = 0
C:\Users\Administrator\Documents\FLiNGTrainer\TrainerSettings.ini ---> Offset = 40
C:\Users\Administrator\Documents\FLiNGTrainer\TrainerSettings.ini ---> Offset = 57
C:\Users\Administrator\Documents\FLiNGTrainer\TrainerSettings.ini ---> Offset = 75
C:\Users\Administrator\Documents\FLiNGTrainer\TrainerSettings.ini ---> Offset = 20

Registry behavior

Behavior description: 删除注册表键值
details: \REGISTRY\USER\S-1-5-21-1170589654-2814428265-349930785-500\SOFTWARE\Microsoft\Multimedia\ActiveMovie\Filter Cache64\1

Other behavior

Behavior description: 检测自身是否被调试
details: IsDebuggerPresent
Behavior description: 创建互斥体
details: Local\SessionImmersiveColorMutex
AMResourceMutex3
eed3bd3a-a1ad-4e99-987b-d7cb3fcfa7f0 - S-1-5-21-1170589654-2814428265-349930785-500
Local\MidiMapper_modLongMessage_RefCnt
Behavior description: 打开事件
details: \KernelObjects\MaximumCommitCondition
Global\SvcctrlStartEvent_A3752DX
DINPUTWINMM
Behavior description: 调整进程token权限
details: SE_DEBUG_PRIVILEGE
Behavior description: 窗口信息
details: Pid = 4084, Hwnd=0x10298, Text = 是(&Y), ClassName = Button.
Pid = 4084, Hwnd=0x1029a, Text = 否(&N), ClassName = Button.
Pid = 4084, Hwnd=0x1029c, Text = 修改器检测到360和谐卫士 "360Tray.exe" 正在运行。 避免修改器失效,建议你在彻底关闭360和谐卫士后再运行修改器,谢谢合作! 如果你坚持要运行修改器,修改器有可能不能正常运作,或者完全失效。 你无论如何也要启动修改器吗? (如果坚持要启动,请把修改器加入白名单), ClassName = Static.
Pid = 4084, Hwnd=0x40246, Text = Fuck360, ClassName = #32770.
Pid = 4084, Hwnd=0x2026e, Text = FLiNG"s Trainer, ClassName = FLiNGTrainerMainWnd.
Behavior description: 打开互斥体
details: Local\ShimViewer
Local\MSCTF.Asm.MutexDefault1S-1-5-21-1170589654-2814428265-349930785-500
CicLoadWinStaWinSta0
Local\MSCTF.CtfMonitorInstMutexDefault1

Run screenshot

VirSCAN