VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Basic Information

file name: 00步步惊心
file size: 20992
file type: application/x-dosexec
MD5: 5c71a2e2d20399101c3fc9c97fe8174b
sha1: be67f4cc86decdd4ae325af5354099402244bce4

 CreateProcess

ApplicationName:
CmdLine:
childid: 2068
childname: 1620822604845_5c71a2e2d20399101c3fc9c97fe8174b.exe
childpath: C:\Users\Administrator\AppData\Local\Temp\1620822604845_5c71a2e2d20399101c3fc9c97fe8174b.exe
drop_type:
name:
noNeedLine:
path:
pid: 1696

 Malicious

attck_tactics: 其他恶意行为
level: 1
matchedinfo: 当前运行环境不符合时(如:检测到杀毒软件等),程序会主动退出达到规避检测的目的。恶意行为可能没有完全触发
num: 5
process_id: 2068
process_name: 1620822604845_5c71a2e2d20399101c3fc9c97fe8174b.exe
rulename: 结束自身进程
attck_tactics: 防御逃逸
level: 2
matchedinfo: 检查程序运行时监视鼠标是否移动。一般被恶意软件用于沙盒逃逸
num: 5
process_id: 2068
process_name: 1620822604845_5c71a2e2d20399101c3fc9c97fe8174b.exe
rulename: 获取当前鼠标位置