VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
371192.dat    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:371192.dat
file type:EXEx86
Submission time:2019-01-12 00:30:31
Threat level:malicious
MD5:a7884c2ea6c3fd4cca8346b2144577e6
sha256:699b8f5386649da12a534955e5fec5b10215e207718527683edde5754bafb279
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
hosts:1
hosts:3
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
No file behavior report detected
Static information
PE section table information
Section name:CODE
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x0009da00
Section permissions:R-E
Section name:DATA
Virtual address:0x0009f000
Physical address:0x0009de00
Physical size:0x00004c00
Section permissions:RW-
Section name:BSS
Virtual address:0x000a4000
Physical address:0x000a2a00
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x000a6000
Physical address:0x000a2a00
Physical size:0x00003600
Section permissions:RW-
Section name:.tls
Virtual address:0x000aa000
Physical address:0x000a6000
Physical size:0x00000000
Section permissions:RW-
Section name:.rdata
Virtual address:0x000ab000
Physical address:0x000a6000
Physical size:0x00000200
Section permissions:R--
Section name:.reloc
Virtual address:0x000ac000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:R--
Section name:.rsrc
Virtual address:0x000b6000
Physical address:0x000a6200
Physical size:0x00006400
Section permissions:R--
PE basic information
import_hash:66e7384a72372e083bd39387e90d6859
time_stamp:1992-06-20 06:22:17
entry_point_section:CODE
entry_point_section:CODE
image_base:0x400000
entry_point:0x9e518
PE resource information
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b6b88
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b6cbc
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b6df0
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b6f24
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b7058
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b718c
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b72c0
size:0x00000134
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b73f4
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b75c4
size:0x000001e4
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b77a8
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b7978
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b7b48
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b7d18
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b7ee8
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b80b8
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b8288
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b8458
size:0x000001d0
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000b8628
size:0x000000e8
name:RT_ICON
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000b8710
size:0x000002e8
name:RT_DIALOG
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b89f8
size:0x00000052
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b8a4c
size:0x0000011c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b8b68
size:0x0000026c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b8dd4
size:0x000001ec
name:RT_STRING
language:LANG_NEUTRAL
filetype:Hitachi SH big-endian COFF object, not stripped
sublanguage:SUBLANG_NEUTRAL
offset:0x000b8fc0
size:0x000000ec
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b90ac
size:0x000003d0
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b947c
size:0x000001c4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b9640
size:0x000000d8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b9718
size:0x00000118
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b9830
size:0x00000268
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b9a98
size:0x000003f8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000b9e90
size:0x00000398
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000ba228
size:0x000003a0
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000ba5c8
size:0x00000418
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000ba9e0
size:0x00000138
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000bab18
size:0x000000ec
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000bac04
size:0x00000228
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000bae2c
size:0x000003b8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000bb1e4
size:0x0000038c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000bb570
size:0x000002c4
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:Sendmail frozen configuration
sublanguage:SUBLANG_NEUTRAL
offset:0x000bb834
size:0x00000010
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000bb844
size:0x00000488
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000bbccc
size:0x000003ce
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000bc09c
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000bc0b0
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000bc0c4
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000bc0d8
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000bc0ec
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000bc100
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000bc114
size:0x00000014
name:RT_GROUP_ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000bc128
size:0x00000014
name:RT_MANIFEST
language:LANG_CHINESE
filetype:XML document text
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000bc13c
size:0x00000173

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号