VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
WIN7Activation.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:WIN7Activation.exe
file type:EXEx86
Submission time:2018-08-23 21:22:30
Threat level:malicious
MD5:e1d3e20e41b850f35fb2c41715b690c5
sha256:1587f222750eb467e0c4dbe61bce675bbaa77427e569cbaa9ca774bde2d3ab8d
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
Document release report
file name:__tmp_rar_sfx_access_check_32448031
file type:empty
file size:0
MD5:d41d8cd98f00b204e9800998ecf8427e
file name:certificate.xrm-ms
file type:XML document text
file size:2731
MD5:f25832af6a684360950dbb15589de34a
file name:lang.ini
file type:Non-ISO extended-ASCII text, with CRLF, NEL line terminators
file size:1870
MD5:63edbd0147485cc173900753f46a3b90
file name:read_me.txt
file type:ISO-8859 text, with CRLF line terminators
file size:2054
MD5:75162e7093c2fa72a9aa3c3b52359d77
file name:bootinst.exe
file type:PE32 executable (console) Intel 80386, for MS Windows
file size:87552
MD5:70c5f6f69cdc6c5b8240622cf7d90380
file name:win7 activation.exe
file type:PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
file size:466944
MD5:db32449409f446c5f68e99eeb40321c1
file name:bootrest.exe
file type:PE32 executable (console) Intel 80386, for MS Windows
file size:87552
MD5:e1921dea226b244f83ac5f59681d48a2
File process number report
Process details:0
Document behavior signature report
Static information
PE section table information
Section name:UPX0
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x00000000
Section permissions:RWE
Section name:UPX1
Virtual address:0x00024000
Physical address:0x00000400
Physical size:0x00017a00
Section permissions:RWE
Section name:.rsrc
Virtual address:0x0003c000
Physical address:0x00017e00
Physical size:0x00003200
Section permissions:RW-
PE basic information
import_hash:af7b8813a2e213ad2ed4a1d42c1b2975
time_stamp:2009-08-16 19:05:35
entry_point_section:UPX1
entry_point_section:UPX1
image_base:0x400000
entry_point:0x3b670
PE resource information
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:empty
sublanguage:SUBLANG_DEFAULT
offset:0x000213fc
size:0x00014a7a
name:RT_ICON
language:LANG_NEUTRAL
filetype:FoxPro FPT, blocks size 0, next free block index 671088640
sublanguage:SUBLANG_DEFAULT
offset:0x0003c400
size:0x000025a8
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00038ab0
size:0x0000019e
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00038ab0
size:0x0000019e
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00038ab0
size:0x0000019e
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00038ab0
size:0x0000019e
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00038ab0
size:0x0000019e
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00038ab0
size:0x0000019e
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0003911c
size:0x0000002e
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0003911c
size:0x0000002e
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0003911c
size:0x0000002e
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0003911c
size:0x0000002e
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0003911c
size:0x0000002e
name:RT_GROUP_ICON
language:LANG_NEUTRAL
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_DEFAULT
offset:0x0003e9ac
size:0x00000014
name:RT_MANIFEST
language:LANG_CHINESE
filetype:XML document text
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0003e9c4
size:0x000005b8

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号