VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

  Main Menu
VirSCAN  HOME VirSCAN  go Virscan.org VirSCAN  Report VirSCAN  Virus report VirSCAN  Behavior report VirSCAN  Help VirSCAN VirSCAN  Submit Bugs VirSCAN  Contact us VirSCAN  URL detection VirSCAN  API VirSCAN  uploader for windows(test)
  Powered By
a-squared
a-squared
a-squared
 
File information
Safety rating:41
Behavior list
Basic Information
MD5:de4bdc5f35360279e6a324a57b86cb13
file type:EXE
Production company:1111111111
version:1.1.1.1---1.1.1.1
Shell or compiler information:COMPILER:Microsoft Visual C++ 6.0 [调试]
Key behavior
Behavior description:修改注册表_启动项
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cao360
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:创建文件
details:C:\WINDOWS\system32\Terms.EXE
Behavior description:创建可执行文件
details:C:\WINDOWS\system32\Terms.EXE
Behavior description:修改文件内容
details:C:\WINDOWS\system32\Terms.EXE ---> Offset = 0
C:\WINDOWS\system32\Terms.EXE ---> Offset = 65536
C:\WINDOWS\system32\Terms.EXE ---> Offset = 4096
C:\WINDOWS\system32\Terms.EXE ---> Offset = 8192
C:\WINDOWS\system32\Terms.EXE ---> Offset = 98376
C:\WINDOWS\system32\Terms.EXE ---> Offset = 99400
C:\WINDOWS\system32\Terms.EXE ---> Offset = 100424
C:\WINDOWS\system32\Terms.EXE ---> Offset = 101448
C:\WINDOWS\system32\Terms.EXE ---> Offset = 102472
Behavior description:修改新生成的可执行文件
details:C:\WINDOWS\system32\Terms.EXE
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\MACHINE\SYSTEM\ControlSet002\Services\SuperProServermzq\ConnectGroup
\REGISTRY\MACHINE\SYSTEM\ControlSet002\Services\SuperProServermzq\MarkTime
Behavior description:修改注册表_启动项
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cao360
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
Behavior description:创建事件对象
details:EventName = Cao360
Behavior description:修改后的可执行文件MD5
details:C:\WINDOWS\system32\Terms.EXE ---> 0443d0c7884501bf93d72418f5c8917e
Behavior description:修改后的可执行文件签名信息
details:C:\WINDOWS\system32\Terms.EXE(签名验证: 未通过)
Behavior description:可执行文件签名信息
details:C:\WINDOWS\system32\Terms.EXE(签名验证: 未通过)
Behavior description:可执行文件MD5
details:C:\WINDOWS\system32\Terms.EXE ---> de4bdc5f35360279e6a324a57b86cb13
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

 pol

京公网安备 11010802020746号