VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
BANJLAQ.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:BANJLAQ.exe
file type:EXEx86
Submission time:2019-05-16 20:33:33
Threat level:malicious
MD5:18e5ac14944d271d2ec96c39d0698e0d
sha256:9c74f4aa7e9569bfeba6821895ccd58ba02a2577dd7ef251875a6c6eab03be29
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains
ip:125.65.112.241
domain:www.dutewangluo.xyz
dns
type:A
request:www.dutewangluo.xyz
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
Process details:共分析了1个进程
Document behavior signature report
No file behavior report detected
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00001000
Physical size:0x00037000
Section permissions:RWE
Section name:.rdata
Virtual address:0x00038000
Physical address:0x00038000
Physical size:0x00009000
Section permissions:R--
Section name:.data
Virtual address:0x00041000
Physical address:0x00041000
Physical size:0x00008000
Section permissions:RW-
Section name:.rsrc
Virtual address:0x00050000
Physical address:0x00049000
Physical size:0x0000a000
Section permissions:RWE
Section name:kymoohy
Virtual address:0x0005a000
Physical address:0x00053000
Physical size:0x00000000
Section permissions:RW-
import_hash:612c752f4bfa77f7b64c51555b50c9db
time_stamp:2009-12-04 21:35:59
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0x2757e
name:RT_CURSOR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050d80
size:0x00000134
name:RT_CURSOR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050eb8
size:0x000000b4
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050f98
size:0x000005e4
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051668
size:0x000000b8
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051720
size:0x0000016c
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051890
size:0x00000144
name:RT_ICON
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050550
size:0x000002e8
name:RT_ICON
language:LANG_CHINESE
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050838
size:0x00000128
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050988
size:0x000000be
name:RT_DIALOG
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051580
size:0x000000e2
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000519d8
size:0x00000050
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051a28
size:0x0000002c
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051a58
size:0x00000078
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051ad0
size:0x000001c4
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051e20
size:0x0000012a
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051cd8
size:0x00000146
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051c98
size:0x00000040
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00052240
size:0x00000064
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00051f50
size:0x000001d8
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00052128
size:0x00000114
name:RT_STRING
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000522a8
size:0x00000024
name:RT_GROUP_CURSOR
language:LANG_CHINESE
filetype:Lotus 1-2-3
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050f70
size:0x00000022
name:RT_GROUP_ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 2 icons, 32x32, 16-colors
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050960
size:0x00000022
name:RT_VERSION
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00050a48
size:0x00000338

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号