VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
52e67eb97580acbcfb147a0eccd9d366    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:52e67eb97580acbcfb147a0eccd9d366
file type:EXEx86
Submission time:2019-03-16 01:01:38
Threat level:clean
MD5:52e67eb97580acbcfb147a0eccd9d366
sha256:0b2f98511de5a65f349e91d6a29eb242f4854313a7900ca1c5a7bd6774911ff6
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
Process details:共分析了1个进程
Document behavior signature report
Low risk behavior
System Environment Detection:Contains functionality to query system information
Suspicious behavior0
High risk behavior0
Low risk behavior
Static File Characteristics:Found potential IP address or url in binary/memory
Suspicious behavior0
High risk behavior0
Low risk behavior
General behavior:One or more processes crashed
Suspicious behavior0
High risk behavior0
Low risk behavior0
Suspicious behavior
System Sensitive Operations:Disables application error messsages (SetErrorMode)
High risk behavior0
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x0000f400
Section permissions:R-E
Section name:.itext
Virtual address:0x00011000
Physical address:0x0000f800
Physical size:0x00001000
Section permissions:R-E
Section name:.data
Virtual address:0x00012000
Physical address:0x00010800
Physical size:0x00000e00
Section permissions:RW-
Section name:.bss
Virtual address:0x00013000
Physical address:0x00011600
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x00019000
Physical address:0x00011600
Physical size:0x00001000
Section permissions:RW-
Section name:.tls
Virtual address:0x0001a000
Physical address:0x00012600
Physical size:0x00000000
Section permissions:RW-
Section name:.rdata
Virtual address:0x0001b000
Physical address:0x00012600
Physical size:0x00000200
Section permissions:R--
Section name:.rsrc
Virtual address:0x0001c000
Physical address:0x00012800
Physical size:0x00012400
Section permissions:R--
import_hash:20dd26497880c05caed9305b3c8b9109
time_stamp:2016-04-06 22:39:04
entry_point_section:.itext
entry_point_section:.itext
image_base:0x400000
entry_point:0x117dc
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x0001c4dc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:dBase IV DBT of `.DBF, blocks size 48, next free block index 40, 1st item \"\207\207\206\377\207\207\206\377\207\207\206\340\207\207\206\027\207\207\206\"
sublanguage:SUBLANG_ENGLISH_US
offset:0x0001c944
size:0x000025a8
name:RT_ICON
language:LANG_ENGLISH
filetype:FoxPro FPT, blocks size 0, next free block index 671088640
sublanguage:SUBLANG_ENGLISH_US
offset:0x0001eeec
size:0x00001a68
name:RT_ICON
language:LANG_ENGLISH
filetype:dBase IV DBT of D.DBF, blocks size 34, next free block index 40, 1st item \"\207\207\2068\207\207\206\374\207\207\2064\207\207\206\223\207\207\206\265\207\207\206\220\207\207\206\355\207\207\206`\207\207\206\"
sublanguage:SUBLANG_ENGLISH_US
offset:0x00020954
size:0x00001348
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00021c9c
size:0x000010a8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00022d44
size:0x00000b20
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00023864
size:0x00000988
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000241ec
size:0x000006b8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000248a4
size:0x00000068
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0002490c
size:0x000000d4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000249e0
size:0x000000a4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00024a84
size:0x000002ac
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00024d30
size:0x0000034c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0002507c
size:0x00000294
name:RT_RCDATA
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00025310
size:0x000082e8
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:Sendmail frozen configuration
sublanguage:SUBLANG_NEUTRAL
offset:0x0002d5f8
size:0x00000010
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0002d608
size:0x00000150
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0002d758
size:0x0000002c
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 8 icons, 16x16, 256-colors
sublanguage:SUBLANG_ENGLISH_US
offset:0x0002d784
size:0x00000076
name:RT_VERSION
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0002d7fc
size:0x000004f4
name:RT_MANIFEST
language:LANG_ENGLISH
filetype:XML document text
sublanguage:SUBLANG_ENGLISH_US
offset:0x0002dcf0
size:0x0000062c

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号