VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
MCG_DLL.dll    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:MCG_DLL.dll
file type:DLLx86
Submission time:2019-03-16 01:02:48
Threat level:clean
MD5:b5640cad6d20813e21439de4eb72c134
sha256:de87d4ecc710cb486027bed33ea992ed2abdbbec34d98562c41417dabfb29bb6
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
file name:classification_dll.dll
file type:PE32 executable (DLL) (console) Intel 80386, for MS Windows, UPX compressed
file size:1567232
MD5:ad025d607c79bfe1635136b2e879886a
file name:libquadmath-0.dll
file type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
file size:132778
MD5:5814d46195be3983e963e13a91657e7a
file name:libgfortran-3.dll
file type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
file size:260482
MD5:6b82dbdf29f34ab683c7525ea316f6fd
file name:libopenblas.dll
file type:PE32 executable (DLL) (console) Intel 80386, for MS Windows, UPX compressed
file size:5336935
MD5:b159bba22ed8faee5160ea3e22915dfe
file name:libgcc_s_sjlj-1.dll
file type:PE32 executable (DLL) (console) Intel 80386, for MS Windows, UPX compressed
file size:194531
MD5:704370d7ce3cea4809b267d165c103a3
File process number report
nofind
Document behavior signature report
Low risk behavior
General behavior:Creates a writable file in a temporary directory
Suspicious behavior0
High risk behavior0
Low risk behavior
System Sensitive Operations:Creates executable files on the filesystem
Suspicious behavior0
High risk behavior0
Low risk behavior
General behavior:Contains ability to find and load resources of a specific module
Suspicious behavior0
High risk behavior0
Low risk behavior
System Environment Detection:Contains functionality to query system information
Suspicious behavior0
High risk behavior0
Low risk behavior
General behavior:One or more processes crashed
Suspicious behavior0
High risk behavior0
Low risk behavior0
Suspicious behavior
Reverse Engineering:The binary likely contains encrypted or compressed data indicative of a packer
High risk behavior0
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00001000
Physical size:0x0002d000
Section permissions:R-E
Section name:.rdata
Virtual address:0x0002e000
Physical address:0x0002e000
Physical size:0x00006000
Section permissions:R--
Section name:.data
Virtual address:0x00034000
Physical address:0x00034000
Physical size:0x004a3000
Section permissions:RW-
Section name:.rsrc
Virtual address:0x004ea000
Physical address:0x004d7000
Physical size:0x00001000
Section permissions:R--
Section name:.reloc
Virtual address:0x004eb000
Physical address:0x004d8000
Physical size:0x00008000
Section permissions:R--
import_hash:46cb498bb55fe222e93febe94f0ba823
time_stamp:2018-01-26 20:29:48
entry_point_section:.text
entry_point_section:.text
image_base:0x10000000
entry_point:0x1acfe
name:RT_VERSION
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x004ea058
size:0x00000244

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号