VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
hwidgen.mk3.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:hwidgen.mk3.exe
file type:EXEx86
Submission time:2018-08-01 05:47:37
Threat level:clean
MD5:eabba79f80f5157855c05878428ccec7
sha256:4aae0a90bcb5e72d9be1d321b758370991ab6b18e67664f370d22c9d6aa2343b
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Abnormal flow detection system:0
Hunting system:0
DGA domain name recognition system:0
Network behavior report
domains:0
dns:0
http:0
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
Signature description:0
name:0
Threat level:0
Static information
PE section table information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x0009e200
Section permissions:R-E
Section name:.rdata
Virtual address:0x000a0000
Physical address:0x0009e600
Physical size:0x00023800
Section permissions:R--
Section name:.data
Virtual address:0x000c4000
Physical address:0x000c1e00
Physical size:0x00003200
Section permissions:RW-
Section name:.rsrc
Virtual address:0x000cf000
Physical address:0x000c5000
Physical size:0x00165200
Section permissions:R--
PE basic information
import_hash:dcdb4df40210534551e68c8254201ff3
time_stamp:2018-04-07 10:35:52
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0x91523
PE resource information
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e87cc
size:0x00000468
name:RT_MENU
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e8c34
size:0x000002c8
name:RT_DIALOG
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e8efc
size:0x000000e8
name:RT_ACCELERATOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000e8fe4
size:0x00000048
name:RT_RCDATA
language:LANG_ENGLISH
filetype:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
sublanguage:SUBLANG_ENGLISH_US
offset:0x002304a4
size:0x00003400
name:RT_RCDATA
language:LANG_ENGLISH
filetype:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
sublanguage:SUBLANG_ENGLISH_US
offset:0x002304a4
size:0x00003400
name:RT_RCDATA
language:LANG_ENGLISH
filetype:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
sublanguage:SUBLANG_ENGLISH_US
offset:0x002304a4
size:0x00003400
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 15 icons, 16-colors
sublanguage:SUBLANG_ENGLISH_US
offset:0x002338a4
size:0x000000d8
name:RT_VERSION
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0023397c
size:0x00000248
name:RT_MANIFEST
language:LANG_ENGLISH
filetype:ASCII text, with very long lines, with no line terminators
sublanguage:SUBLANG_ENGLISH_US
offset:0x00233bc4
size:0x00000492

| | | |
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号