VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Basic Information

file name: 00大红包
file size: 167248
file type: application/x-dosexec
MD5: 2c67b495a6f8e0cc51f09e6120cb744b
sha1: 562336e6dfca0f4094d76cd1176a8e964d635321

 CreateProcess

ApplicationName:
CmdLine:
childid: 804
childname: 1621027803409_2c67b495a6f8e0cc51f09e6120cb744b.exe
childpath: C:\Users\Administrator\AppData\Local\Temp\1621027803409_2c67b495a6f8e0cc51f09e6120cb744b.exe
drop_type:
name:
noNeedLine:
path:
pid: 1468

 Malicious

attck_tactics: 防御逃逸
level: 2
matchedinfo: 恶意程序通过拷贝文件到系统目录的方式,以达到隐藏恶意文件的目的
num: 9
process_id: 804
process_name: 1621027803409_2c67b495a6f8e0cc51f09e6120cb744b.exe
rulename: 拷贝文件到系统目录
attck_tactics: 其他恶意行为
level: 1
matchedinfo: 恶意程序通过创建网络连接的方式,以达到通过网络连接进行通信的目的
num: 203
process_id: 804
process_name: 1621027803409_2c67b495a6f8e0cc51f09e6120cb744b.exe
rulename: 创建网络套接字连接
attck_tactics: 命令与控制
level: 2
matchedinfo: 恶意程序可能连接非常规端口网络连接进行数据偷取操作
num: 203
process_id: 804
process_name: 1621027803409_2c67b495a6f8e0cc51f09e6120cb744b.exe
rulename: 连接非常规端口