VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load
Tx-box.dll    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:Tx-box.dll
file type:DLLx86
Submission time:2019-01-11 23:30:27
Threat level:suspicious
MD5:2d682b38c8022407fd884d381780c4e9
sha256:87a8b73cea0d7326f422c4f121f43e917415b4dd15925363a2089278af7e0ad1
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains
ip:61.139.126.102
domain:sql.w108.vhostgo.com
dns
type:A
request:sql.w108.vhostgo.com
http:0
hosts:6
Document release report
file name:jedata.dll
file type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed
file size:88576
MD5:114054313070472cd1a6d7d28f7c5002
File process number report
Process details:0
                    
Document behavior signature report
Low risk behavior
General behavior:Contains ability to find and load resources of a specific module
Low risk behavior
System Environment Detection:Contains functionality to query system information
Low risk behavior
System Environment Detection:Contains ability to query machine timezone
Low risk behavior
General behavior:One or more processes crashed
可疑行为
System Sensitive Operations:Creates executable files on the filesystem
可疑行为
General behavior:Potential time zone aware malware
可疑行为
Information gathering:Contains functionality to retrieve information about pressed keystrokes
可疑行为
Static File Characteristics:PE file has nameless sections
可疑行为
Reverse Engineering:The binary likely contains encrypted or compressed data indicative of a packer
可疑行为
System Sensitive Operations:Checks for the Locally Unique Identifier on the system for a suspicious privilege
Static information
PE section table information
Section name:
Virtual address:0x00001000
Physical address:0x00000a00
Physical size:0x000f3000
Section permissions:RWE
Section name:.rsrc
Virtual address:0x002a3000
Physical address:0x000f3a00
Physical size:0x00002ed3
Section permissions:RW-
Section name:
Virtual address:0x002a9000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:RW-
Section name:.petite
Virtual address:0x002c2000
Physical address:0x00000400
Physical size:0x00000600
Section permissions:RWE
PE basic information
import_hash:05c9cfed98ac673558d4ec0fc91d060e
time_stamp:2018-11-15 12:26:09
entry_point_section:.petite
entry_point_section:.petite
image_base:0x10000000
entry_point:0x2c2046
PE resource information
name:TEXTINCLUDE
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a4b10
size:0x0000000b
name:TEXTINCLUDE
language:LANG_CHINESE
filetype:Non-ISO extended-ASCII text, with no line terminators
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a4b1c
size:0x00000016
name:TEXTINCLUDE
language:LANG_CHINESE
filetype:DOS executable (COM)
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a4b34
size:0x00000151
name:RT_CURSOR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a4c88
size:0x00000134
name:RT_CURSOR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a4dbc
size:0x00000134
name:RT_CURSOR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a4ef0
size:0x00000134
name:RT_CURSOR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5024
size:0x000000b4
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a50d8
size:0x0000016c
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5244
size:0x00000248
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a548c
size:0x00000144
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a55d0
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5728
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5880
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a59d8
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5b30
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5c88
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5de0
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a5f38
size:0x00000158
name:RT_BITMAP
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a6090
size:0x000005e4
name:RT_BITMAP
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a6674
size:0x000000b8
name:RT_BITMAP
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a672c
size:0x0000016c
name:RT_BITMAP
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a6898
size:0x00000144
name:RT_ICON
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a69dc
size:0x000002e8
name:RT_ICON
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a6cc4
size:0x00000128
name:RT_ICON
language:LANG_NEUTRAL
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_NEUTRAL
offset:0x002a49e8
size:0x00000128
name:RT_ICON
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x002a4700
size:0x000002e8
name:RT_ICON
language:LANG_NEUTRAL
filetype:dBase IV DBT of `.DBF, blocks size 48, block length 1536, next free block index 40, 1st item \"v\377\366f\377\366f\377\366fo\377f\377\377\377\377\367w\177\377\377\377\367vo\377fo\377fo\377fo\377f\377\377\377\377\367www\377\377\367vf\377\366f\377\366f\377\366o\377f\377\377\"
sublanguage:SUBLANG_NEUTRAL
offset:0x002a4098
size:0x00000668
name:RT_MENU
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a6dec
size:0x0000000c
name:RT_MENU
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a6df8
size:0x00000284
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a707c
size:0x00000098
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a7114
size:0x0000017a
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a7290
size:0x000000fa
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a738c
size:0x000000ea
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a7478
size:0x000008ae
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a7d28
size:0x000000b2
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a7ddc
size:0x000000cc
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a7ea8
size:0x000000b2
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a7f5c
size:0x000000e2
name:RT_DIALOG
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8040
size:0x0000018c
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a81cc
size:0x00000050
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a821c
size:0x0000002c
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8248
size:0x00000078
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a82c0
size:0x000001c4
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8484
size:0x0000012a
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a85b0
size:0x00000146
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a86f8
size:0x00000040
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8738
size:0x00000064
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a879c
size:0x000001d8
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8974
size:0x00000114
name:RT_STRING
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8a88
size:0x00000024
name:RT_GROUP_CURSOR
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8aac
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8ac0
size:0x00000014
name:RT_GROUP_CURSOR
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8ad4
size:0x00000022
name:RT_GROUP_ICON
language:LANG_NEUTRAL
filetype:MS Windows icon resource - 3 icons, 16x16, 16-colors
sublanguage:SUBLANG_NEUTRAL
offset:0x002a4068
size:0x00000030
name:RT_GROUP_ICON
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8af8
size:0x00000014
name:RT_GROUP_ICON
language:LANG_CHINESE
filetype:empty
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a8b0c
size:0x00000014
name:RT_VERSION
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x002a3e24
size:0x00000244
name:RT_MANIFEST
language:LANG_NEUTRAL
filetype:XML document text
sublanguage:SUBLANG_NEUTRAL
offset:0x002a3c54
size:0x000001cd

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号