VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Basic Information

file name: 00南方公园
file size: 842293
file type: application/x-dosexec
MD5: 360c6853df5b0fe6cae6b6d3acd877dc
sha1: e475a5fa780bf9f4ea3d87c1d5fbe9f503c7b92e

 CreateProcess

ApplicationName:
CmdLine:
childid: 2596
childname: 1620720020477_360c6853df5b0fe6cae6b6d3acd877dc.exe
childpath: C:\Users\Administrator\AppData\Local\Temp\1620720020477_360c6853df5b0fe6cae6b6d3acd877dc.exe
drop_type:
name:
noNeedLine:
path:
pid: 2932

 Summary

buffer: Explorer.exe sIRC4.exe
processid: 2596
szSubkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
type: REG_SZ
valuename: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\shell

 Malicious

attck_tactics: 防御逃逸
level: 2
matchedinfo: 恶意程序通过拷贝文件到系统目录的方式,以达到隐藏恶意文件的目的
num: 4
process_id: 2596
process_name: 1620720020477_360c6853df5b0fe6cae6b6d3acd877dc.exe
rulename: 拷贝文件到系统目录
attck_tactics: 基础信息获取
level: 1
matchedinfo: 通过文件遍历查找指定目标文件
num: 187
process_id: 2596
process_name: 1620720020477_360c6853df5b0fe6cae6b6d3acd877dc.exe
rulename: 遍历文件