VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Basic Information

file name: web2chm.exe
file size: 49152
file type: application/x-dosexec
MD5: e18689f164f2752f7c4d5ea6462e0234
sha1: d403fc3da4385feec1336f56d5a590ba14a6b8fa

 CreateProcess

ApplicationName:
CmdLine:
childid: 2452
childname: 1620610203428_e18689f164f2752f7c4d5ea6462e0234.exe
childpath: C:\Users\Administrator\AppData\Local\Temp\1620610203428_e18689f164f2752f7c4d5ea6462e0234.exe
drop_type:
name:
noNeedLine:
path:
pid: 2332

 Malicious

attck_tactics: 防御逃逸
level: 2
matchedinfo: 恶意程序通过从资源段释放文件并运行的方式,以达到隐藏恶意代码的目的
num: 115
process_id: 2452
process_name: 1620610203428_e18689f164f2752f7c4d5ea6462e0234.exe
rulename: 从资源段释放文件并运行
attck_tactics: 其他恶意行为
level: 1
matchedinfo: 一般被用于文件的加密、数据的加密传输或可能被用于勒索者病毒中
num: 205
process_id: 2452
process_name: 1620610203428_e18689f164f2752f7c4d5ea6462e0234.exe
rulename: 调用加密算法库