VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
533a10670f6382e818acfd610351417e    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:533a10670f6382e818acfd610351417e
file type:EXEx86
Submission time:2019-03-16 01:03:15
Threat level:malicious
MD5:533a10670f6382e818acfd610351417e
sha256:ee520b60a155e0939c10c0f4cd44204097d428ea6c29f5da74d293598e620e43
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
Process details:共分析了1个进程
Document behavior signature report
Low risk behavior
General behavior:Contains ability to find and load resources of a specific module
Suspicious behavior0
High risk behavior0
Low risk behavior
System Environment Detection:Contains functionality to query system information
Suspicious behavior0
High risk behavior0
Low risk behavior
General behavior:This executable has a PDB path
Suspicious behavior0
High risk behavior0
Low risk behavior0
Suspicious behavior
Reverse Engineering:Checks if process is being debugged by a debugger
High risk behavior0
Low risk behavior0
Suspicious behavior
Reverse Engineering:Contains functionality to create guard pages, often used to hinder reverse engineering and debugging
High risk behavior0
Low risk behavior0
Suspicious behavior
Reverse Engineering:The binary likely contains encrypted or compressed data indicative of a packer
High risk behavior0
Static information
Section name:.text
Virtual address:0x00002000
Physical address:0x00000400
Physical size:0x00004200
Section permissions:R-E
Section name:.sdata
Virtual address:0x00008000
Physical address:0x00004600
Physical size:0x00000200
Section permissions:RW-
Section name:.rsrc
Virtual address:0x0000a000
Physical address:0x00004800
Physical size:0x0030e200
Section permissions:R--
Section name:.reloc
Virtual address:0x0031a000
Physical address:0x00312a00
Physical size:0x00000200
Section permissions:R--
import_hash:f34d5f2d4577ed6d9ceec516c1f5a744
time_stamp:2011-05-17 05:29:29
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0x61ee
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0000a070
size:0x0030dfd4

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号