Server Load
TaiwuSveEdit.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:TaiwuSveEdit.exe
file type:EXEx86
Submission time:2018-10-11 22:01:46
Threat level:clean
MD5:31256436917667b0df77ee96f0516c87
sha256:862d3b0b73fe7af0107e061481ee782d6a0d314f50ff7bd7c933860f14b5e2f1
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Abnormal flow detection system:0
Hunting system:0
DGA domain name recognition system:0
Network behavior report
domains:0
dns:0
http:0
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
api:GetComputerNameA
category:misc
type:call
api:GetComputerNameW
category:misc
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:FindFirstFileExW
category:file
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GetSystemInfo
category:system
type:call
api:GlobalMemoryStatusEx
category:system
type:call
api:NtReadFile
category:file
type:call
api:NtReadFile
category:file
type:call
api:NtReadFile
category:file
type:call
api:NtReadFile
category:file
type:call
api:NtReadFile
category:file
type:call
api:IsDebuggerPresent
category:system
type:call
api:IsDebuggerPresent
category:system
type:call
api:IsDebuggerPresent
category:system
type:call
api:IsDebuggerPresent
category:system
type:call
Static information
PE section table information
Section name:.text
Virtual address:0x00002000
Physical address:0x00000200
Physical size:0x0001d200
Section permissions:R-E
Section name:.rsrc
Virtual address:0x00020000
Physical address:0x0001d400
Physical size:0x00000400
Section permissions:R--
Section name:.reloc
Virtual address:0x00022000
Physical address:0x0001d800
Physical size:0x00000200
Section permissions:R--
PE basic information
import_hash:f34d5f2d4577ed6d9ceec516c1f5a744
time_stamp:2018-10-10 10:32:07
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0x1f0d6
PE resource information
name:RT_VERSION
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00020058
size:0x0000033c

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号