VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

  Main Menu
VirSCAN  HOME VirSCAN  go Virscan.org VirSCAN  Report VirSCAN  Virus report VirSCAN  Behavior report VirSCAN  Help VirSCAN VirSCAN  Submit Bugs VirSCAN  Contact us VirSCAN  URL detection VirSCAN  API VirSCAN  uploader for windows(test)
  Powered By
a-squared
a-squared
a-squared
 
File information
Safety rating:76
Behavior list
Basic Information
MD5:94de7721a3566d92b948a6e45b6237de
file type:EXE
Production company:Safengine
version:2.3.0.0---2.3.0.0
Shell or compiler information:
Key behavior
Behavior description:探测 Virtual PC 是否存在
details:N/A
Behavior description:设置线程上下文
details:C:\%temp%\1411800974.636971.exe
C:\%temp%\1411800974.719721.exe
C:\%temp%\1411800974.802410.exe
Process behavior
Behavior description:创建新文件进程
details:ImagePath = C:\%temp%\1411800974.595472.exe, CmdLine = "C:\%temp%\1411800974.595472.exe"
Behavior description:设置线程上下文
details:C:\%temp%\1411800974.636971.exe
C:\%temp%\1411800974.719721.exe
C:\%temp%\1411800974.802410.exe
Other behavior
Behavior description:探测 Virtual PC 是否存在
details:N/A
Behavior description:窗口信息
details:Pid = 1748, Hwnd=0xb016a, Text = 确定, ClassName = Button.
Pid = 1748, Hwnd=0xb01de, Text = 1+LKtQAIAgDCBgIAAAECAwQFBgc4mIr0VEXf/Q==, ClassName = Static.
Pid = 1748, Hwnd=0xd0180, Text = Hardware ID, ClassName = #32770.
Behavior description:内联HOOK
details:C:\WINDOWS\system32\ntdll.dll--->RtlCaptureContext Offset = 0xe6
C:\WINDOWS\system32\kernel32.dll--->WaitForSingleObjectEx Offset = 0xdc
Behavior description:直接操作物理设备
details:\??\PhysicalDrive0
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

 pol

京公网安备 11010802020746号