VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
Office Tab Enterprise Edition 11.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:Office Tab Enterprise Edition 11.exe
file type:EXEx86
Threat level:clean
MD5:038b4b8b1d4b88552e45adb1d66e9e42
sha256:6bb67b20f4b62db62259e2ab8bef9ca7d87b19df7265539a21115f3acf5ccc4d
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
Process details:共分析了3个进程
Document behavior signature report
No file behavior report detected
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x0000f400
Section permissions:R-E
Section name:.itext
Virtual address:0x00011000
Physical address:0x0000f800
Physical size:0x00001000
Section permissions:R-E
Section name:.data
Virtual address:0x00012000
Physical address:0x00010800
Physical size:0x00000e00
Section permissions:RW-
Section name:.bss
Virtual address:0x00013000
Physical address:0x00011600
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x00019000
Physical address:0x00011600
Physical size:0x00001000
Section permissions:RW-
Section name:.tls
Virtual address:0x0001a000
Physical address:0x00012600
Physical size:0x00000000
Section permissions:RW-
Section name:.rdata
Virtual address:0x0001b000
Physical address:0x00012600
Physical size:0x00000200
Section permissions:R--
Section name:.rsrc
Virtual address:0x0001c000
Physical address:0x00012800
Physical size:0x00074800
Section permissions:R--
import_hash:20dd26497880c05caed9305b3c8b9109
time_stamp:2016-04-06 22:39:04
entry_point_section:.itext
entry_point_section:.itext
image_base:0x400000
entry_point:0x117dc
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0001c56c
size:0x000008a8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x0001ce14
size:0x00000568
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0001d37c
size:0x00042028
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0005f3a4
size:0x00010828
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0006fbcc
size:0x000094a8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00079074
size:0x00005488
name:RT_ICON
language:LANG_ENGLISH
filetype:FoxPro FPT, blocks size 0, next free block index 671088640
sublanguage:SUBLANG_ENGLISH_US
offset:0x0007e4fc
size:0x00004228
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00082724
size:0x000025a8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00084ccc
size:0x000010a8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00085d74
size:0x00000988
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000866fc
size:0x00000468
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00086b64
size:0x00000068
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00086bcc
size:0x000000d4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00086ca0
size:0x000000a4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00086d44
size:0x000002ac
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00086ff0
size:0x0000034c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0008733c
size:0x00000294
name:RT_RCDATA
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000875d0
size:0x000082e8
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:Sendmail frozen configuration
sublanguage:SUBLANG_NEUTRAL
offset:0x0008f8b8
size:0x00000010
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0008f8c8
size:0x00000150
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0008fa18
size:0x0000002c
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 11 icons, 32x32, 256-colors
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008fa44
size:0x000000a0
name:RT_VERSION
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008fae4
size:0x000004f4
name:RT_MANIFEST
language:LANG_ENGLISH
filetype:XML document text
sublanguage:SUBLANG_ENGLISH_US
offset:0x0008ffd8
size:0x0000062c

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号