VirSCAN VirSCAN

1, คุณสามารถอัพโหลดไฟล์ไดๆก็ได้ที่มีขนาดไม่ใหญ่กว่า 20 เมกกะไบต์
2, VirSCAN สามารถสแกนไฟล์ที่ถูกบีบอัดในรูปแบบของ ZIP และ RAR โดยจะต้องมีไฟล์ในนั้นไม่สูงกว่า 20 ไฟล์
3, VirSCAN สามารถสแกนไฟล์บีบอัดที่มีรหัสผ่านด้วยคำว่า 'infected' และ 'virus' ได้

ภาษา
การทำงานของเซิฟเวอร์
Server Load
fa14f6d84aa9f537d95a05c95b3dfb58    รายงานการวิเคราะห์แบบผสมผสาน
รายงานการสแกนหลายเครื่องของ Virscan.org
ข้อมูลพื้นฐาน
ชื่อไฟล์:fa14f6d84aa9f537d95a05c95b3dfb58
ขนาดไฟล์:1486848
ประเภทไฟล์:PE32 executable (GUI) Intel 80386, for MS Windows
เวลาในการส่ง:2019-09-08 07:40:34
MD5:fa14f6d84aa9f537d95a05c95b3dfb58
sha1:139401d86aff44fc9b69cf8d6791716de0a86cb8
sha256:c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864
enviorment_description:Windows 7 32 bit (HWP Support)
total_processes:0
total_signatures:0
file_analysis: 0
mitre_attcks:0
รายงานการวิเคราะห์เอกสาร
uuid:java:java.util.UUID
xmlns:http://www.misp-project.org/
Event
id:7cbd2f76-3cdf-4909-b005-cdae9a7f0cf5
date:2019-09-07
info:Falcon Sandbox auto-generated for \"c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864\"
analysis:2
distribution:1
published:1
Attribute
category:External analysis
type:link
value:https://www.hybrid-analysis.com/search?query=c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864
distribution:1
category:External analysis
type:comment
value:Falcon Sandbox v8.30 Copyright 2019 Hybrid Analysis GmbH, All Rights Reserved, www.payload-security.com
distribution:1
category:Payload delivery
type:filename|md5
value:c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864|fa14f6d84aa9f537d95a05c95b3dfb58
distribution:1
category:Payload delivery
type:filename|sha1
value:c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864|139401d86aff44fc9b69cf8d6791716de0a86cb8
distribution:1
category:Payload delivery
type:filename|sha256
value:c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864|c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864
distribution:1
category:Payload delivery
type:filename|sha512
value:c9b9d45df31b42c6d93c7ad5aaa864c7d8f399e2cda811d25a6abfca61a71864|73094075f6032883ee22244f88c5fb3a6db2d682949a7bb1a99925fa802b94bf0e39087762aeb59f3cf14d3693118c0dea5256d3fffdb5a19755dfcd4ab4aa05
distribution:1
category:Payload installation
type:filename|md5
value:KBCEAAMC.EXE.5D745C6E.bin|ca23fa11e76357524b022209384850fc
distribution:1
category:Payload installation
type:filename|sha1
value:KBCEAAMC.EXE.5D745C6E.bin|97a433a5cf25d5786a987d60619e375c2995faeb
distribution:1
category:Payload installation
type:filename|sha256
value:KBCEAAMC.EXE.5D745C6E.bin|2a4c413df3ffab71595157f85a13217fd679e4321703822f5cf51432a4776db2
distribution:1
category:Payload installation
type:filename|sha512
value:KBCEAAMC.EXE.5D745C6E.bin|7111432a925e0c393e51411dbd4a20ebc4f4bf2c662760c4f5569ce97fc111057c1cc22f6d566f51fcf6203f96f06d3c50fd65c7ad2675e1e7b813e52bb4a443
distribution:1
category:Payload installation
type:filename|md5
value:%WINDIR%\System32\Kbceaamc.exe|ca23fa11e76357524b022209384850fc
distribution:1
category:Payload installation
type:filename|sha1
value:%WINDIR%\System32\Kbceaamc.exe|97a433a5cf25d5786a987d60619e375c2995faeb
distribution:1
category:Payload installation
type:filename|sha256
value:%WINDIR%\System32\Kbceaamc.exe|2a4c413df3ffab71595157f85a13217fd679e4321703822f5cf51432a4776db2
distribution:1
category:Payload installation
type:filename|sha512
value:%WINDIR%\System32\Kbceaamc.exe|7111432a925e0c393e51411dbd4a20ebc4f4bf2c662760c4f5569ce97fc111057c1cc22f6d566f51fcf6203f96f06d3c50fd65c7ad2675e1e7b813e52bb4a443
distribution:1
category:Payload installation
type:filename|md5
value:%WINDIR%\System32\Lhgodo32.dll|d431edbda49222ba24c00320160cd6fd
distribution:1
category:Payload installation
type:filename|sha1
value:%WINDIR%\System32\Lhgodo32.dll|bf42847fb0d7d25ef6b892e6c2c69293cba6eede
distribution:1
category:Payload installation
type:filename|sha256
value:%WINDIR%\System32\Lhgodo32.dll|115d22da2b86755d43730e221ae0e678533eeefc4fa6d5b0c5ba2a9ce6891624
distribution:1
category:Payload installation
type:filename|sha512
value:%WINDIR%\System32\Lhgodo32.dll|f29c7a14db55a3e3edeff678e8978fc4e46bc788bb066b58f5e9490599aada4b8e085833486c3982f18364bb76b8681a129297df6705f3bf44536b3ce03d349f
distribution:1
category:Payload installation
type:filename|md5
value:%WINDIR%\system32\klopghllallc|8837639fd08198ef6311fce3a95f9cc4
distribution:1
category:Payload installation
type:filename|sha1
value:%WINDIR%\system32\klopghllallc|7a3b284d01975ecc1acf6931cabc8db75da2f78a
distribution:1
category:Payload installation
type:filename|sha256
value:%WINDIR%\system32\klopghllallc|aae6b97b8dff048229a3e6eeec340f5722ec959e449ffd8a21acae3e571a23cb
distribution:1
category:Payload installation
type:filename|sha512
value:%WINDIR%\system32\klopghllallc|71b680dbf1f2d7b9d8c37cd4860d03614ab0ae48fa6cb62a0cd3a0791e25cb43803361d7f51cb426d8e290c4f48f103d27b9ee06c5103e2fddc026cb384952fa
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCR\SOFTWARE\CLASSES\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\INPROCSERVER32\(DEFAULT)|43003A005C00570069006E0064006F00770073005C00730079007300740065006D00330032005C004C00680067006F0064006F00330032002E0064006C006C000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCR\SOFTWARE\CLASSES\CLSID\{79ECA078-17FF-726B-E811-213280E5C831}\INPROCSERVER32\THREADINGMODEL|410070006100720074006D0065006E0074000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELLSERVICEOBJECTDELAYLOAD\WEB EVENT LOGGER|7B00370039004500430041003000370038002D0031003700460046002D0037003200360042002D0045003800310031002D003200310033003200380030004500350043003800330031007D000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\CONTENT\CACHEPREFIX|0000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\COOKIES\CACHEPREFIX|43006F006F006B00690065003A000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\HISTORY\CACHEPREFIX|56006900730069007400650064003A000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\IE4\MGR|65006E006700310032002D0069006D0069006B006D00710066006A000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\AUTOCOMPLETE\AUTOSUGGEST|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\USE FORMSUGGEST|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FORMSUGGEST PASSWORDS|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FORMSUGGEST PW ASK|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\AUTOCOMPLETE\AUTOSUGGEST|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\USE FORMSUGGEST|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FORMSUGGEST PASSWORDS|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FORMSUGGEST PW ASK|79006500730000004100750074006F005300750067006700650073007400000053004F004600540057004100520045005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C00430075007200720065006E007400560065007200730069006F006E005C004500780070006C006F007200650072005C004100750074006F0043006F006D0070006C00650074006500000042005500540054004F004E000000230033003200370037003000000057004E006500740045006E0075006D00430061006300680065006400500061007300730077006F0072006400730000004D00500052002E0044004C004C000000250073003A002500730000002500730000005B00250073005D002000270025007300270000005B00250073005D0020002500730000003A0000003A002F002F00000049006E007400650072006E006500740020004500780070006C006F0072006500720000005000530074006F007200650043007200650061007400650049006E007300740061006E006300650000007000730074006F007200650063002E0064006C006C000000250073002000250058003A00000025007300200046004F0052004D005F0025005800000076000000610000006C0000007500000065000000000000000D000A0000004D006900630072006F0073006F0066007400200049006E00
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\0\1601|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\1\1601|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\2\1601|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\3\1601|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\4\1601|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\GLOBALUSEROFFLINE|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSENEWPROCESS\BROWSENEWPROCESS|7900650073000000
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\ENGEL_12
distribution:1
category:Artifacts dropped
type:mutex
value:ENGEL_12
distribution:1

เกี่ยวกับ VirSCAN | ข้อตกลงด้านความเป็นส่วนตัว | ติดต่อเรา | ลิงค์ที่เป็นมิตร | ช่วยเหลือ VirSCAN
แปลโดย Maethasit Hongmanee, Thailand
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号