VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-06-27 17:12:11 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 11
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 5
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14105 10.0.1405 2017-06-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 7
baidusd 1.0 1.0 2017-03-22 Found nothing 2
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23503 0.97.5 2017-06-24 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 49.794, 49.794, 49.794 5.4.233 2017-06-27 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13066 25.13066 2017-06-26 Found nothing 20
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-06-25 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-06-26 Found nothing 5
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-06-26 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 8
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-06-24 Found nothing 4
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 4
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 8
thehacker 6.8.0.5 6.8.0.5 2017-06-25 Found nothing 3
tws 17.47.17308 1.0.2.2108 2017-06-26 Found nothing 18
vba 3.12.29.5 beta 3.12.29.5 beta 2017-06-23 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60

没有相关的权限信息

文件信息
VirSCANVirSCAN
安全评分 :77
基本信息
VirSCANVirSCAN
MD5:b301426f195b990f78da5de2a31e98fe
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:
最低运行环境:
版权:
关键行为
VirSCANVirSCAN
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x0006037e, Text = , ClassName = #32770.
hWnd = 0x00160342, Text = UnicornViewer, ClassName = Afx:400000:8:10011:0:4202bf.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.rld
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.rld
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.rld ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 177
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 498
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 526
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 535
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 544
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 555
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 568
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 587
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 605
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 626
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 647
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 667
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 684
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.ini ---> Offset = 489
行为描述: 查找文件
详情信息: FileName = C:\*.*
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\UnicornViewer.rld
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Jian Ma"s Tools\UnicornViewer\Setting\ExePath
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
4F799A75-778B-4e00-85F1-299156123BC8
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.MNK
行为描述: 创建事件对象
详情信息: EventName = MSCTF.SendReceiveConection.Event.MNK.IC
EventName = MSCTF.SendReceive.Event.MNK.IC
EventName = ShellCopyEngineRunning
EventName = ShellCopyEngineFinished
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
NtUserFindWindowEx: [Class,Window] = [MS_WINHELP,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000052
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000052
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
_fCanRegisterWithShellService
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 屏蔽窗口关闭消息
详情信息: hWnd = 0x0006037e, Text = , ClassName = #32770.
hWnd = 0x00160342, Text = UnicornViewer, ClassName = Afx:400000:8:10011:0:4202bf.
行为描述: 窗口信息
详情信息: Pid = 2776, Hwnd=0x40394, Text = 0, ClassName = Edit.
Pid = 2776, Hwnd=0x40382, Text = / 0, ClassName = Static.
Pid = 2776, Hwnd=0x503b2, Text = 跳转, ClassName = Button.
Pid = 2776, Hwnd=0x140306, Text = 欢迎使用UnicornViewer, ClassName = msctls_statusbar32.
Pid = 2776, Hwnd=0x100320, Text = 工具栏, ClassName = AfxControlBar42s.
Pid = 2776, Hwnd=0x60380, Text = 工具栏, ClassName = ToolbarWindow32.
Pid = 2776, Hwnd=0xf033c, Text = 工具栏, ClassName = ToolbarWindow32.
Pid = 2776, Hwnd=0x160342, Text = UnicornViewer, ClassName = Afx:400000:8:10011:0:4202bf.
Pid = 2776, Hwnd=0x40394, Text = 1, ClassName = Edit.
Pid = 2776, Hwnd=0x303dc, Text = 456, ClassName = ComboBox.
Pid = 2776, Hwnd=0x16032e, Text = 456, ClassName = Edit.
Pid = 2776, Hwnd=0x303dc, Text = 56, ClassName = ComboBox.
Pid = 2776, Hwnd=0x16032e, Text = 56, ClassName = Edit.
Pid = 2776, Hwnd=0x303dc, Text = 3456, ClassName = ComboBox.
Pid = 2776, Hwnd=0x16032e, Text = 3456, ClassName = Edit.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [UnicornViewer,Afx:400000:8:10011:0:4202bf]
行为描述: 打开互斥体
详情信息: ShimCacheMutex
运行截图
VirSCANVirSCAN
VirSCAN