VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
3be2eada477574ba62d8b14442118998    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:3be2eada477574ba62d8b14442118998
file type:DLLx86
Submission time:2019-02-12 01:04:38
Threat level:clean
MD5:3be2eada477574ba62d8b14442118998
sha256:cde1e9990d34e5897559abbe0d1b487425cda8bc2891539c7ce5bf152829fcfe
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
hosts:2
Document release report
File release report not detected
File process number report
Process details:0
        
Document behavior signature report
Low risk behavior
General behavior:Contains ability to find and load resources of a specific module
Low risk behavior
General behavior:One or more processes crashed
可疑行为
Reverse Engineering:Checks if process is being debugged by a debugger
高危行为
Anti-detection Technology:Tries to unhook Windows functions monitored by Cuckoo
Static information
PE section table information
Section name:CODE
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x00061800
Section permissions:R-E
Section name:DATA
Virtual address:0x00063000
Physical address:0x00061c00
Physical size:0x00001200
Section permissions:RW-
Section name:BSS
Virtual address:0x00065000
Physical address:0x00062e00
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x00066000
Physical address:0x00062e00
Physical size:0x00002200
Section permissions:RW-
Section name:.edata
Virtual address:0x00069000
Physical address:0x00065000
Physical size:0x00000200
Section permissions:R--
Section name:.reloc
Virtual address:0x0006a000
Physical address:0x00065200
Physical size:0x00005e00
Section permissions:R--
Section name:.rsrc
Virtual address:0x00070000
Physical address:0x0006b000
Physical size:0x00003200
Section permissions:R--
PE basic information
import_hash:a16b7b0f662a58e349d1724c885f24af
time_stamp:1992-06-20 06:22:17
entry_point_section:CODE
entry_point_section:CODE
image_base:0x400000
entry_point:0x5c588
PE resource information
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00070608
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0007073c
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00070870
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000709a4
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00070ad8
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00070c0c
size:0x00000134
name:RT_CURSOR
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00070d40
size:0x00000134
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00070e74
size:0x0000006c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00070ee0
size:0x00000300
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000711e0
size:0x000000d8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000712b8
size:0x0000022c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000714e4
size:0x000003f4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000718d8
size:0x00000368
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00071c40
size:0x00000428
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00072068
size:0x000001b0
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00072218
size:0x000000ec
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00072304
size:0x000001e4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000724e8
size:0x000003ac
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00072894
size:0x0000036c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00072c00
size:0x000002b4
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:Sendmail frozen configuration
sublanguage:SUBLANG_NEUTRAL
offset:0x00072eb4
size:0x00000010
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00072ec4
size:0x000001cc
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x00073090
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000730a4
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000730b8
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000730cc
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000730e0
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x000730f4
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_NEUTRAL
filetype:Lotus 1-2-3
sublanguage:SUBLANG_NEUTRAL
offset:0x00073108
size:0x00000014

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号