Server Load
VirtualRadarSetup.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:VirtualRadarSetup.exe
file type:EXEx86
Submission time:2018-08-21 02:52:12
Threat level:clean
MD5:d76c10a0703a9126988963774fa62afa
sha256:dcb437f4e8eb4528668a484ea004959101361fb1ad5fc899090ba8d22b6a2054
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Abnormal flow detection system:0
Hunting system:0
DGA domain name recognition system:0
Network behavior report
domains:0
dns:0
http:0
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
category:static
ioc:.tls
type:ioc
category:BSS
ioc:0x00000000
type:ioc
category:.tls
ioc:0x00000000
type:ioc
category:.reloc
ioc:0x00000000
type:ioc
category:0
ioc:0
type:generic
category:0
ioc:0
type:generic
Static information
PE section table information
Section name:CODE
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x0000a200
Section permissions:R-E
Section name:DATA
Virtual address:0x0000c000
Physical address:0x0000a600
Physical size:0x00000400
Section permissions:RW-
Section name:BSS
Virtual address:0x0000d000
Physical address:0x0000aa00
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x0000e000
Physical address:0x0000aa00
Physical size:0x00000a00
Section permissions:RW-
Section name:.tls
Virtual address:0x0000f000
Physical address:0x0000b400
Physical size:0x00000000
Section permissions:RW-
Section name:.rdata
Virtual address:0x00010000
Physical address:0x0000b400
Physical size:0x00000200
Section permissions:R--
Section name:.reloc
Virtual address:0x00011000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:R--
Section name:.rsrc
Virtual address:0x00012000
Physical address:0x0000b600
Physical size:0x00012400
Section permissions:R--
PE basic information
import_hash:2fb819a19fe4dee5c03e8c6a79342f79
time_stamp:1992-06-20 06:22:17
entry_point_section:CODE
entry_point_section:CODE
image_base:0x400000
entry_point:0xaa98
PE resource information
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022814
size:0x00000468
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00023668
size:0x000000ae
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00023668
size:0x000000ae
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00023668
size:0x000000ae
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00023668
size:0x000000ae
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00023668
size:0x000000ae
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00023668
size:0x000000ae
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00023718
size:0x0000002c
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 8 icons, 256-colors
sublanguage:SUBLANG_ENGLISH_US
offset:0x00023744
size:0x00000076
name:RT_VERSION
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000237bc
size:0x000004f4
name:RT_MANIFEST
language:LANG_ENGLISH
filetype:XML document text
sublanguage:SUBLANG_ENGLISH_US
offset:0x00023cb0
size:0x0000062c

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号