VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
Service_KMS.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:Service_KMS.exe
file type:EXEx86
Submission time:2018-09-19 15:00:11
Threat level:malicious
MD5:17ac95b349ccf5dc5f9792b0c5217e36
sha256:9b962b2c2f12521a5af60d30e4661dd1c2e68145f875bca675fd316874e13067
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
Static information
PE section table information
Section name:.text
Virtual address:0x00002000
Physical address:0x00000200
Physical size:0x000e6e00
Section permissions:R-E
Section name:.rsrc
Virtual address:0x000ea000
Physical address:0x000e7000
Physical size:0x00003c00
Section permissions:R--
Section name:.reloc
Virtual address:0x000ee000
Physical address:0x000eac00
Physical size:0x00000200
Section permissions:R--
PE basic information
import_hash:f34d5f2d4577ed6d9ceec516c1f5a744
time_stamp:2014-10-26 12:29:51
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0xe8c8e
PE resource information
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000ec870
size:0x00000468
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000ec870
size:0x00000468
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000ec870
size:0x00000468
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000ec870
size:0x00000468
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000ec870
size:0x00000468
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000ec870
size:0x00000468
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x000ec870
size:0x00000468
name:RT_GROUP_ICON
language:LANG_NEUTRAL
filetype:MS Windows icon resource - 7 icons, 32x32, 16-colors
sublanguage:SUBLANG_NEUTRAL
offset:0x000eccd8
size:0x00000068
name:RT_VERSION
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000ecd40
size:0x00000314
name:RT_MANIFEST
language:LANG_NEUTRAL
filetype:XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
sublanguage:SUBLANG_NEUTRAL
offset:0x000ed058
size:0x00000a71

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号