VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
老毛桃WinPe U盘版.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:老毛桃WinPe U盘版.exe
file type:EXEx86
Submission time:2019-01-11 23:31:07
Threat level:malicious
MD5:59c697bfbbef48099fe1f07442e06433
sha256:b8c5c0f06e2d102cfddcffbc8edf37099fc51aa0a5d7226551b0961879509eb7
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
No behavioral characteristics detected
Document release report
file name:aut8B29.tmp
file type:data
file size:800
MD5:3b658e5b660c5fc5ee09d9dea5fa01e0
file name:btn-close11.tmp
file type:JPEG image data, JFIF standard 1.01
file size:831
MD5:44ae4b1289d918a4baaf663fe3963a87
file name:aut8B68.tmp
file type:data
file size:590
MD5:f09ec35e5b4bf902b2ecff6de3788562
file name:btn-min11.tmp
file type:JPEG image data, JFIF standard 1.01
file size:648
MD5:949a4f697f32efd16d8513a66738b659
file name:aut8B88.tmp
file type:JPEG image data, JFIF standard 1.01
file size:5120
MD5:6b736b1cb18d15867538a004b65c3e05
file name:aut8BC8.tmp
file type:JPEG image data, JFIF standard 1.01
file size:2022
MD5:83d30bb2bfd28398941c20e9fe857ae2
file name:aut8BD8.tmp
file type:JPEG image data, JFIF standard 1.01
file size:2353
MD5:9f1615fe76f3185485afb69d0a423b77
file name:aut8BF9.tmp
file type:JPEG image data, JFIF standard 1.01
file size:2176
MD5:d8c8c12b84821baebea87eac90dad92a
file name:aut8C29.tmp
file type:JPEG image data, JFIF standard 1.01
file size:1839
MD5:a8c9bc73a2e862e30c869c440f9dc08e
file name:aut8C97.tmp
file type:data
file size:1242
MD5:069c88496b60e636e3a3ea2349acdf41
file name:btn-usb1.tmp
file type:JPEG image data, JFIF standard 1.01
file size:1255
MD5:f7a49b7f269223f7e5975193e14cb010
file name:aut8CB7.tmp
file type:JPEG image data, JFIF standard 1.01
file size:1272
MD5:4cd6ee9936f4fa9063c4b31cc0c248f5
file name:aut8CC8.tmp
file type:JPEG image data, JFIF standard 1.01
file size:1331
MD5:8d10f5abb5c6bfbd1ea922666d034288
file name:aut8CE8.tmp
file type:JPEG image data, JFIF standard 1.01
file size:2000
MD5:65ea8e3e440a3c6ca12b7c0d3921955a
file name:aut8D18.tmp
file type:data
file size:24044
MD5:96eb3f1604ada5399ffbed8c39781974
file name:mainbg.tmp
file type:JPEG image data, JFIF standard 1.01
file size:32438
MD5:d9b6926dd3c362c81590c3c541ad8116
file name:aut8DC5.tmp
file type:data
file size:972
MD5:cee203044ee66f7b2b2d4e9c8b5126c5
file name:aut8F3D.tmp
file type:JPEG image data, JFIF standard 1.01
file size:24456
MD5:bb7f512583dbcb6e46b8ccedd8e22ebd
file name:aut8F6D.tmp
file type:JPEG image data, JFIF standard 1.01
file size:27247
MD5:70ee0f8c416dec624043a4fb9ad8d347
file name:DNDUp.TMP
file type:ISO-8859 text, with CRLF line terminators
file size:239
MD5:e1f0944c28f2d87248289cef48c0a6c0
file name:aut98F3.tmp
file type:JPEG image data, JFIF standard 1.01
file size:2281
MD5:1458721c48fd752954e53b33dd3580a8
File process number report
Process details:0
Document behavior signature report
No file behavior report detected
Static information
PE section table information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x00080200
Section permissions:R-E
Section name:.rdata
Virtual address:0x00082000
Physical address:0x00080600
Physical size:0x0000da00
Section permissions:R--
Section name:.data
Virtual address:0x00090000
Physical address:0x0008e000
Physical size:0x00006800
Section permissions:RW-
Section name:.rsrc
Virtual address:0x000ab000
Physical address:0x00094800
Physical size:0x00007800
Section permissions:R--
Section name:.vmp0
Virtual address:0x000b3000
Physical address:0x004de200
Physical size:0x00000800
Section permissions:R-E
Section name:.reloc
Virtual address:0x000b4000
Physical address:0x004dea00
Physical size:0x00000400
Section permissions:R--
PE basic information
import_hash:aaaa8913c89c8aa4a5d93f06853894da
time_stamp:2010-04-16 15:47:33
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0x16310
PE resource information
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000ab538
size:0x00000128
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000ab660
size:0x00000128
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000ab788
size:0x00000128
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000ab8b0
size:0x00000ea8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000ac758
size:0x000008a8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000ad000
size:0x00000568
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000ad568
size:0x000025a8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000afb10
size:0x000010a8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b0bb8
size:0x00000468
name:RT_MENU
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b1020
size:0x0000004e
name:RT_DIALOG
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b1070
size:0x000000f0
name:RT_STRING
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b1160
size:0x00000222
name:RT_STRING
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b1384
size:0x000002aa
name:RT_STRING
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b1630
size:0x000001b6
name:RT_STRING
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b17e8
size:0x000002dc
name:RT_STRING
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b1ac4
size:0x000002fa
name:RT_STRING
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b1dc0
size:0x0000022a
name:RT_STRING
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000b1fec
size:0x00000084
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 6 icons, 48x48, 256-colors
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b2070
size:0x0000005a
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b20cc
size:0x00000014
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b20e0
size:0x00000014
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_ENGLISH_UK
offset:0x000b20f4
size:0x00000014
name:RT_VERSION
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000b2108
size:0x000002a8
name:RT_MANIFEST
language:LANG_ENGLISH
filetype:ASCII text, with CRLF line terminators
sublanguage:SUBLANG_ENGLISH_US
offset:0x000b23b0
size:0x0000026c

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号