VirSCAN VirSCAN

1, U kunt elk bestandstype UPLOADEN, bestandsgrootte max. 20 Mb.
2, VirSCAN ondersteunt Rar/Zip decompressie, max. 20 bestanden per Rar/Zip
3, VirSCAN kan Rar/Zip bestanden scannen die beveiligd zijn met wachtwoord 'infected' of 'virus'.

Taal
Serverbelasting
Server Load
太白传奇3.exe    Threatbook file behaviour analysis report
Virscan.org multi-engine scanrapport
Basis informatie
Bestandsnaam:太白传奇3.exe
Bestandstype:EXEx86
Inzendingstijd:2019-03-17 16:02:42
Dreigingsniveau:malicious
MD5:a15d58c8d53ba035f5c8bf809b237dda
sha256:7d7672183031f3eceeb4ff942f83d53b67f59c728b3bc41c78c8df352b701fcb
Document Threat Intelligence IOC Report
Geen intelligentie IOC gedetecteerd
Intelligentie beslissingssysteem
Undetected intelligence determination system
Rapport over netwerkgedrag
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document vrijlating rapport
Bestandsversie rapport niet gedetecteerd
Bestand proces nummer rapport
nofind
Document gedrag handtekening rapport
Low risk behavior
General behavior:Contains ability to find and load resources of a specific module
Suspicious behavior0
High risk behavior0
Low risk behavior
System Environment Detection:Contains functionality to query system information
Suspicious behavior0
High risk behavior0
Low risk behavior
Static File Characteristics:Found potential IP address or url in binary/memory
Suspicious behavior0
High risk behavior0
Low risk behavior
General behavior:One or more processes crashed
Suspicious behavior0
High risk behavior0
Low risk behavior0
Suspicious behavior
System Sensitive Operations:Disables application error messsages (SetErrorMode)
High risk behavior0
Low risk behavior0
Suspicious behavior
High risk behavior0
Statische informatie
Sectienaam:.text
Virtueel adres:0x00001000
Fysiek adres:0x00001000
Fysieke maat:0x000f0000
Sectie machtigingen:R-E
Sectienaam:.data
Virtueel adres:0x000f1000
Fysiek adres:0x000f1000
Fysieke maat:0x00001000
Sectie machtigingen:RW-
Sectienaam:.rsrc
Virtueel adres:0x000fe000
Fysiek adres:0x000f2000
Fysieke maat:0x00025000
Sectie machtigingen:R--
import_hash:6c387c8e4f402adea71563dd49b6f117
time_stamp:2012-02-17 19:24:33
entry_point_section:.text
entry_point_section:.text
image_base:0x400000
entry_point:0x6e38
name:1
language:LANG_CHINESE
filetype:ASCII text, with very long lines, with no line terminators
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000fe4b8
size:0x00000180
name:1
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000fe638
size:0x0000057e
name:ETC
language:LANG_CHINESE
filetype:RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x000febb8
size:0x00003d88
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00102940
size:0x000008be
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00103200
size:0x000008be
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00103ac0
size:0x000008be
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00104380
size:0x000008be
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00104c40
size:0x000008be
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00105500
size:0x000008be
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00105dc0
size:0x000008be
name:ICON
language:LANG_CHINESE
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00106680
size:0x000008be
name:OCX
language:LANG_CHINESE
filetype:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00106f40
size:0x00018f10
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0011fe50
size:0x00000c2a
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00120a7c
size:0x00000c2a
name:RT_BITMAP
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x001216a8
size:0x0000020a
name:RT_ICON
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x001218b4
size:0x000008d0
name:RT_ICON
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x001218b4
size:0x000008d0
name:RT_ICON
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x001218b4
size:0x000008d0
name:RT_GROUP_ICON
language:LANG_NEUTRAL
filetype:MS Windows icon resource - 3 icons, 32x32, 256-colors
sublanguage:SUBLANG_NEUTRAL
offset:0x00122d8c
size:0x00000030
name:RT_VERSION
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00122dbc
size:0x000001ec

Over VirSCAN | Privacybeleid | Neem contact met ons op | Vriendelijke link | Help VirSCAN
Vertaald door Ctrlaltdelete, Nederland
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号