VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
5320775821f3e81f09618dc5456088b8    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:5320775821f3e81f09618dc5456088b8
file type:EXEx86
Submission time:2019-03-16 01:02:37
Threat level:clean
MD5:5320775821f3e81f09618dc5456088b8
sha256:a6dc448129b1cdb87a38aef473d09f1e21cce0f8dec1d838545a8df84d2fde46
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
Process details:共分析了1个进程
Document behavior signature report
Low risk behavior
General behavior:Contains ability to find and load resources of a specific module
Suspicious behavior0
High risk behavior0
Low risk behavior
System Environment Detection:Contains functionality to query system information
Suspicious behavior0
High risk behavior0
Low risk behavior
General behavior:One or more processes crashed
Suspicious behavior0
High risk behavior0
Low risk behavior
General behavior:Sample reads its own file content
Suspicious behavior0
High risk behavior0
Low risk behavior0
Suspicious behavior
System Sensitive Operations:Disables application error messsages (SetErrorMode)
High risk behavior0
Low risk behavior0
Suspicious behavior
Static File Characteristics:Found TLS callbacks
High risk behavior0
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x000ffe00
Section permissions:R-E
Section name:.itext
Virtual address:0x00101000
Physical address:0x00100200
Physical size:0x00001800
Section permissions:R-E
Section name:.data
Virtual address:0x00103000
Physical address:0x00101a00
Physical size:0x00003200
Section permissions:RW-
Section name:.bss
Virtual address:0x00107000
Physical address:0x00104c00
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x0010e000
Physical address:0x00104c00
Physical size:0x00003a00
Section permissions:RW-
Section name:.tls
Virtual address:0x00112000
Physical address:0x00108600
Physical size:0x00000000
Section permissions:RW-
Section name:.rdata
Virtual address:0x00113000
Physical address:0x00108600
Physical size:0x00000200
Section permissions:R--
Section name:.rsrc
Virtual address:0x00114000
Physical address:0x00108800
Physical size:0x00029a00
Section permissions:R--
import_hash:f62b90e31eca404f228fcf7068b00f31
time_stamp:2018-06-14 21:27:46
entry_point_section:.itext
entry_point_section:.itext
image_base:0x400000
entry_point:0x1025d8
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00114ca4
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00114dd8
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00114f0c
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00115040
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00115174
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x001152a8
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x001153dc
size:0x00000134
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00115510
size:0x000004e8
name:RT_BITMAP
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x001159f8
size:0x000000e8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00115ae0
size:0x000008a8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00116388
size:0x00000568
name:RT_ICON
language:LANG_ENGLISH
filetype:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
sublanguage:SUBLANG_ENGLISH_US
offset:0x001168f0
size:0x0000cd63
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00123654
size:0x000025a8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00125bfc
size:0x000010a8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00126ca4
size:0x00000468
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0012710c
size:0x000000ec
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x001271f8
size:0x00000250
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00127448
size:0x0000028c
name:RT_STRING
language:LANG_NEUTRAL
filetype:Hitachi SH big-endian COFF object, not stripped
sublanguage:SUBLANG_NEUTRAL
offset:0x001276d4
size:0x000003e4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00127ab8
size:0x0000009c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00127b54
size:0x000000e8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00127c3c
size:0x00000468
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x001280a4
size:0x0000038c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00128430
size:0x000003dc
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0012880c
size:0x00000360
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00128b6c
size:0x0000040c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00128f78
size:0x00000108
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00129080
size:0x000000cc
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0012914c
size:0x00000234
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00129380
size:0x000003c8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00129748
size:0x0000032c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00129a74
size:0x000002a0
name:RT_RCDATA
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00129d14
size:0x000082e8
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:Sendmail frozen configuration
sublanguage:SUBLANG_NEUTRAL
offset:0x00131ffc
size:0x00000010
name:RT_RCDATA
language:LANG_ENGLISH
filetype:PE32+ executable (console) x86-64, for MS Windows
sublanguage:SUBLANG_ENGLISH_US
offset:0x0013200c
size:0x00001800
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0013380c
size:0x000006bc
name:RT_RCDATA
language:LANG_ENGLISH
filetype:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
sublanguage:SUBLANG_ENGLISH_US
offset:0x00133ec8
size:0x00005b10
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x001399d8
size:0x00000125
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00139b00
size:0x000003a2
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00139ea4
size:0x00000320
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0013a1c4
size:0x00000300
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0013a4c4
size:0x000005d9
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0013aaa0
size:0x00000461
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0013af04
size:0x00002092
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x0013cf98
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x0013cfac
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x0013cfc0
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x0013cfd4
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x0013cfe8
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_ENGLISH
filetype:Lotus 1-2-3
sublanguage:SUBLANG_ENGLISH_US
offset:0x0013cffc
size:0x00000014

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号