VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:3%Antivirus software(1/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-10-18 12:08:23 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 9
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 6
avast 161017-1 4.7.4 2016-10-17 Found nothing 32
avg 2109/12728 10.0.1405 2016-10-17 Found nothing 2
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
baidusd 1.0 1.0 2014-04-02 Found nothing 2
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 1
clamav 22375 0.97.5 2016-10-16 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2016-10-05 Found nothing 45
fortinet 40.067, 40.067, 40.067 5.4.233 2016-10-17 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 19
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 38
gdata 25.8610 25.8610 2016-10-12 Found nothing 23
ikarus 1.06.01 V1.32.31.0 2016-10-17 Found nothing 38
jiangmin 16.0.100 1.0.0.0 2016-10-06 Found nothing 58
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 30
kingsoft 2.1 2.1 2013-09-22 Android.Troj.tk_adiop.a.(kcloud) 10
mcafee 8254 5400.1158 2016-08-11 Found nothing 56
nod32 1777 3.0.21 2015-06-12 Found nothing 4
panda 9.05.01 9.05.01 2016-10-16 Found nothing 5
pcc 12.842.05 9.500-1005 2016-10-17 Found nothing 13
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 1
quickheal 14.00 14.00 2016-10-17 Found nothing 7
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 14
sophos 5.32 3.65.2 2016-10-10 Found nothing 24
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 30
thehacker 6.8.0.5 6.8.0.5 2016-10-16 Found nothing 6
tws 17.47.17308 1.0.2.2108 2016-10-17 Found nothing 26
vba 3.12.29.3 beta 3.12.29.3 beta 2016-10-16 Found nothing 55
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :70
基本信息
VirSCANVirSCAN
MD5:5adab85b737cd4538795bc25867f5e48
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:
最低运行环境:
版权:
关键行为
VirSCANVirSCAN
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0xb001057a.
Foreground window Info: HWND = 0x00000000, DC = 0x580105e8.
Foreground window Info: HWND = 0x00000000, DC = 0x27010203.
进程行为
VirSCANVirSCAN
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0xb001057a.
Foreground window Info: HWND = 0x00000000, DC = 0x580105e8.
Foreground window Info: HWND = 0x00000000, DC = 0x27010203.
文件行为
VirSCANVirSCAN
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\配置文件\*.txt
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.MMH
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = MSCTF.SendReceive.Event.MMH.IC
EventName = MSCTF.SendReceiveConection.Event.MMH.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000052
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000052
MSCTF.SendReceive.Event.ELH.IC
MSCTF.SendReceiveConection.Event.ELH.IC
行为描述: 窗口信息
详情信息: Pid = 896, Hwnd=0xe0316, Text = 此功能处于锁定状态!, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 896, Hwnd=0x130334, Text = V2.0版本,本次更新细节: 1、增加带参数功能。 2、增加延迟扫描功能(定义xx毫秒/每次GET发送),防止被WAF防火墙等拦截。 3, ClassName = Edit.
Pid = 896, Hwnd=0x1402f2, Text = 解锁, ClassName = Button.
Pid = 896, Hwnd=0x1e02ce, Text = 密码:, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 896, Hwnd=0xf032c, Text = .txt, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 896, Hwnd=0x50376, Text = 文件名:, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 896, Hwnd=0xe0362, Text = 爆出的路径, ClassName = Edit.
Pid = 896, Hwnd=0x50374, Text = 保存爆出的内容, ClassName = Button.
Pid = 896, Hwnd=0x1502c8, Text = 匹配关键字:, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 896, Hwnd=0x13035e, Text = on line , ClassName = Edit.
Pid = 896, Hwnd=0x503de, Text = in , ClassName = Edit.
Pid = 896, Hwnd=0x303d4, Text = V1.0版本 by:sct7p http://zone.wooyun.org Time:2014.09.13 06:xx ps:本工具是易语言编写,不喜勿用,听说很多大牛都是用汇编, ClassName = Edit.
Pid = 896, Hwnd=0x303d0, Text = 如果爆出路径,会自动在此处显示。 不做换行处理。 , ClassName = Edit.
Pid = 896, Hwnd=0xa03ac, Text = 扫描进度, ClassName = Button(GroupBox).
Pid = 896, Hwnd=0x1203a8, Text = 等待开始中......, ClassName = Afx:400000:b:10011:1900015:0.
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0xb001057a.
Foreground window Info: HWND = 0x00000000, DC = 0x580105e8.
Foreground window Info: HWND = 0x00000000, DC = 0x27010203.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [<,AfxWnd42s]
[Window,Class] = [>,AfxWnd42s]
[Window,Class] = [,Button]
[Window,Class] = [,Afx:400000:8:10011:1900015:0]
[Window,Class] = [爆出的路径,Edit]
[Window,Class] = [文件名:,Afx:400000:b:10011:1900015:0]
[Window,Class] = [.txt,Afx:400000:b:10011:1900015:0]
行为描述: 打开互斥体
详情信息: RasPbFile
ShimCacheMutex
运行截图
VirSCANVirSCAN
VirSCAN