對於在 Windows環境開發工具的人而言,這個網站的好處是,可以在Release前透過41套防毒軟體的掃描,確認自己是否有用到被特定軟體視為惡意行為的操作機制.
或是,當使用者有安全疑慮懷疑的執行檔時,也可以透過該網站的41套防毒軟體進行掃描 (應該沒有人會自己安裝41套防毒軟體吧….),確認沒有漏網之魚.
該網站中文介紹如下
關於 VirusTotal
VirusTotal 是一款可疑檔案分析服務, 通過各種知名反病毒引擎, 對您所上傳的檔案進行偵測, 以判斷檔案是否被病毒, 蠕蟲, 木馬, 以及各類惡意軟體感染.
VirusTotal 是一款可疑檔案分析服務, 通過各種知名反病毒引擎, 對您所上傳的檔案進行偵測, 以判斷檔案是否被病毒, 蠕蟲, 木馬, 以及各類惡意軟體感染.
特點:
免費, 獨立的服務
使用多種反病毒引擎
實時自動更新病毒特徵庫
每款反病毒引擎都將顯示詳細的結果
實時全球統計資料
使用多種反病毒引擎
實時自動更新病毒特徵庫
每款反病毒引擎都將顯示詳細的結果
實時全球統計資料
操作範例流程如下.
選擇一個檔案上傳進行掃描
上傳中,
進行41套防毒軟體的掃描.
如下為這次掃描的掃描結果- 文字內容
| 反病毒引擎 | 版本 | 最後更新 | 掃瞄結果 |
|---|---|---|---|
| a-squared | 4.5.0.50 | 2010.05.10 | - |
| AhnLab-V3 | 2010.05.11.00 | 2010.05.10 | - |
| AntiVir | 8.2.1.236 | 2010.05.10 | - |
| Antiy-AVL | 2.0.3.7 | 2010.05.10 | - |
| Authentium | 5.2.0.5 | 2010.05.11 | - |
| Avast | 4.8.1351.0 | 2010.05.10 | - |
| Avast5 | 5.0.332.0 | 2010.05.10 | - |
| AVG | 9.0.0.787 | 2010.05.11 | - |
| BitDefender | 7.2 | 2010.05.11 | - |
| CAT-QuickHeal | 10.00 | 2010.05.11 | - |
| ClamAV | 0.96.0.3-git | 2010.05.11 | - |
| Comodo | 4821 | 2010.05.11 | - |
| DrWeb | 5.0.2.03300 | 2010.05.11 | - |
| eSafe | 7.0.17.0 | 2010.05.10 | - |
| eTrust-Vet | 35.2.7478 | 2010.05.10 | - |
| F-Prot | 4.5.1.85 | 2010.05.10 | - |
| F-Secure | 9.0.15370.0 | 2010.05.11 | - |
| Fortinet | 4.1.133.0 | 2010.05.10 | - |
| GData | 21 | 2010.05.11 | - |
| Ikarus | T3.1.1.84.0 | 2010.05.11 | - |
| Jiangmin | 13.0.900 | 2010.05.10 | - |
| Kaspersky | 7.0.0.125 | 2010.05.11 | - |
| McAfee | 5.400.0.1158 | 2010.05.11 | - |
| McAfee-GW-Edition | 2010.1 | 2010.05.10 | - |
| Microsoft | 1.5703 | 2010.05.11 | - |
| NOD32 | 5103 | 2010.05.10 | - |
| Norman | 6.04.12 | 2010.05.10 | - |
| nProtect | 2010-05-10.01 | 2010.05.10 | - |
| Panda | 10.0.2.7 | 2010.05.10 | - |
| PCTools | 7.0.3.5 | 2010.05.11 | - |
| Prevx | 3.0 | 2010.05.11 | - |
| Rising | 22.47.01.01 | 2010.05.11 | - |
| Sophos | 4.53.0 | 2010.05.11 | - |
| Sunbelt | 6289 | 2010.05.11 | - |
| Symantec | 20101.1.0.89 | 2010.05.11 | - |
| TheHacker | 6.5.2.0.277 | 2010.05.10 | - |
| TrendMicro | 9.120.0.1004 | 2010.05.10 | - |
| TrendMicro-HouseCall | 9.120.0.1004 | 2010.05.11 | - |
| VBA32 | 3.12.12.4 | 2010.05.06 | - |
| ViRobot | 2010.5.10.2308 | 2010.05.10 | - |
| VirusBuster | 5.0.27.0 | 2010.05.10 | - |
| 附加訊息 |
|---|
| File size: 208944 bytes |
| MD5 : 54cdf523534a508e30d52bb0b8ad9242 |
| SHA1 : cd1eaa03dd65b41e66f0266c382de1370c5fab3a |
| SHA256: df3ff0dbf803c6b62aeb9640cdbe945d059a8a006d589c838052f273f475180e |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0×5820 timedatestamp…..: 0x4B964183 (Tue Mar 9 13:39:31 2010) machinetype…….: 0x14C (Intel I386) ( 6 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0×1000 0x25F00 0×26000 3.89 f35d8f9b5d1b86fa3bbd918ecde6c34d .rdata 0×27000 0x185F 0×2000 3.96 7cf866c92f7ca0d52f1ed4ae68d864a5 .data 0×29000 0x27F9C8 0×4000 3.14 9c7d52b9515945e34c0e2cddcbbb9c68 .idata 0x2A9000 0xF42 0×1000 4.24 9122a7dc375f906f450a03911fca224b .rsrc 0x2AA000 0x16C3 0×2000 2.20 2c5332ec2474f0bff2a946763d58e02f .reloc 0x2AC000 0x2E2D 0×3000 3.02 07607e3ff3614a885c58c2081e00b3f5 ( 6 imports ) > advapi32.dll: SetSecurityDescriptorDacl, GetSecurityDescriptorSacl, InitializeSecurityDescriptor, SetNamedSecurityInfoA, SetSecurityDescriptorSacl, ConvertStringSecurityDescriptorToSecurityDescriptorA > comctl32.dll: InitCommonControlsEx, - > kernel32.dll: CreateMutexA, Sleep, CreateThread, CompareStringW, CompareStringA, LCMapStringW, LCMapStringA, ReadFile, SetEndOfFile, GetStringTypeW, GetStringTypeA, MultiByteToWideChar, GetOEMCP, GetACP, GetCPInfo, CreateFileA, SetFilePointer, FlushFileBuffers, SetStdHandle, GetLastError, HeapReAlloc, HeapAlloc, GetCurrentProcessId, CreateFileMappingA, MapViewOfFile, ExitProcess, IsBadReadPtr, LocalFree, GetVersionExA, SetConsoleCtrlHandler, RtlUnwind, VirtualFree, HeapFree, HeapCreate, HeapDestroy, GetFileType, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, WideCharToMultiByte, CloseHandle, GetCurrentProcess, TerminateProcess, HeapValidate, SetEnvironmentVariableA, GetTickCount, VirtualAlloc, GetModuleFileNameA, GetTimeZoneInformation, GetSystemTime, GetLocalTime, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, DebugBreak, GetStdHandle, WriteFile, InterlockedDecrement, OutputDebugStringA, GetProcAddress, LoadLibraryA, InterlockedIncrement, IsBadWritePtr > shell32.dll: Shell_NotifyIconW > user32.dll: SendMessageW, MessageBoxA, SendMessageA, GetClientRect, DialogBoxParamW, EndDialog, SetWindowPos, GetWindowRect, DestroyIcon, KillTimer, LoadImageA, SetTimer, GetDlgItem, SetClassLongA, SetForegroundWindow, GetSystemMetrics, LoadIconA, CreateWindowExA > ws2_32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - ( 0 exports ) |
| TrID : File type identification Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) |
| Symantec reputation: Suspicious.Insight http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99 |
| ssdeep: 1536:jZSFY6l3HDe4cYc9Yv9ddYnDBaPUtkUj3Y/lGpqsba:gYWjjcxwXEDBZtkIXpqs+ |
| sigcheck: publisher….: n/a copyright….: n/a product……: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments…..: n/a signers……: - signing date.: - verified…..: Unsigned |
| PEiD : - |
| RDS : NSRL Reference Data Set - |
沒有留言:
張貼留言