VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
截图OCR识字工具1.6.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:截图OCR识字工具1.6.exe
file type:EXEx86
Threat level:malicious
MD5:bd4dc8cde94f7261be505defe9cfb7a0
sha256:7269c35e503059b74b08eb8127b69f3ebff26831699e3d808d021d9cc551e3ba
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
Process details:共分析了1个进程
Document behavior signature report
No file behavior report detected
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:R-E
Section name:.rdata
Virtual address:0x000a5000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:R--
Section name:.data
Virtual address:0x0010f000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:RW-
Section name:.vmp0
Virtual address:0x00156000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:R-E
Section name:.vmp1
Virtual address:0x00392000
Physical address:0x00001000
Physical size:0x002e8000
Section permissions:R-E
Section name:.reloc
Virtual address:0x0067a000
Physical address:0x002e9000
Physical size:0x00001000
Section permissions:R--
Section name:.rsrc
Virtual address:0x0067b000
Physical address:0x002ea000
Physical size:0x00007000
Section permissions:R--
import_hash:4d7e44dd3c8fa8afcb266edcfc837123
time_stamp:2017-12-23 17:57:07
entry_point_section:.vmp1
entry_point_section:.vmp1
image_base:0x400000
entry_point:0x4756f8
name:RT_ICON
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0067b2cc
size:0x000002e8
name:RT_ICON
language:LANG_CHINESE
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0067b5b4
size:0x00000128
name:RT_ICON
language:LANG_NEUTRAL
filetype:PNG image data, 256 x 0, 8-bit/color RGBA, non-interlaced
sublanguage:SUBLANG_NEUTRAL
offset:0x0067b6dc
size:0x000014bf
name:RT_ICON
language:LANG_NEUTRAL
filetype:FoxPro FPT, blocks size 0, next free block index 671088640
sublanguage:SUBLANG_NEUTRAL
offset:0x0067cb9c
size:0x000025a8
name:RT_ICON
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0067f144
size:0x000010a8
name:RT_ICON
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x006801ec
size:0x00000988
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x00680b74
size:0x00000468
name:RT_GROUP_ICON
language:LANG_NEUTRAL
filetype:MS Windows icon resource - 5 icons, 13x, 256-colors
sublanguage:SUBLANG_NEUTRAL
offset:0x00680fdc
size:0x0000004c
name:RT_GROUP_ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00681028
size:0x00000014
name:RT_GROUP_ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0068103c
size:0x00000014
name:RT_VERSION
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00681050
size:0x00000258
name:RT_MANIFEST
language:LANG_NEUTRAL
filetype:XML document text
sublanguage:SUBLANG_NEUTRAL
offset:0x006812a8
size:0x000001cd

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号