VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
552da974c1aaac2a6bf498fde43c31b2    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:552da974c1aaac2a6bf498fde43c31b2
file type:EXEx86
Submission time:2019-02-12 08:01:03
Threat level:malicious
MD5:552da974c1aaac2a6bf498fde43c31b2
sha256:a692d50f0f926e8c36f89d2407794b8ec15562839c280900067e6532416848e0
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
Process details:共分析了1个进程
Document behavior signature report
Low risk behavior
System Environment Detection:Contains functionality to query system information
Suspicious behavior0
High risk behavior0
Low risk behavior0
Suspicious behavior
Reverse Engineering:The binary likely contains encrypted or compressed data indicative of a packer
High risk behavior0
Low risk behavior0
Suspicious behavior
General behavior:Reads terminal service related keys (often RDP related)
High risk behavior0
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x00003800
Section permissions:R-E
Section name:.rdata
Virtual address:0x00005000
Physical address:0x00003c00
Physical size:0x00000400
Section permissions:R--
Section name:.data
Virtual address:0x00006000
Physical address:0x00004000
Physical size:0x00000200
Section permissions:RW-
Section name:.shared
Virtual address:0x00007000
Physical address:0x00004200
Physical size:0x00000400
Section permissions:RW-
Section name:.sxdata
Virtual address:0x00008000
Physical address:0x00004600
Physical size:0x00000200
Section permissions:RW-
import_hash:433daa09c64243241ac35872a644fc57
time_stamp:2018-11-04 02:17:26
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0x452c
PE resource information0

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号