VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

fa4a9547d80e0fb95bf423be07ea5852    Hybrid analysis report

Basic Information

file name: fa4a9547d80e0fb95bf423be07ea5852
file size: 491378
file type: PE32 executable (GUI) Intel 80386, for MS Windows
Submission time: 2019-09-08 06:20:19
MD5: fa4a9547d80e0fb95bf423be07ea5852
sha1: 9a6443fecc64273e578aa94c08338bc03b456a8c
sha256: bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24
enviorment_description: Windows 7 32 bit (HWP Support)
total_processes: 0
total_signatures: 0
file_analysis: 0
mitre_attcks: 0

Document analysis report

uuid: java:java.util.UUID
xmlns: http://www.misp-project.org/
Event
id: f797c8af-125a-42e4-8c41-59eb9af8ba21
date: 2019-09-07
info: Falcon Sandbox auto-generated for \"bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24\"
analysis: 2
distribution: 1
published: 1
Attribute
category: External analysis
type: link
value: https://www.hybrid-analysis.com/search?query=bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24
distribution: 1
category: External analysis
type: comment
value: Falcon Sandbox v8.30 Copyright 2019 Hybrid Analysis GmbH, All Rights Reserved, www.payload-security.com
distribution: 1
category: Payload delivery
type: filename|md5
value: bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24|fa4a9547d80e0fb95bf423be07ea5852
distribution: 1
category: Payload delivery
type: filename|sha1
value: bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24|9a6443fecc64273e578aa94c08338bc03b456a8c
distribution: 1
category: Payload delivery
type: filename|sha256
value: bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24|bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24
distribution: 1
category: Payload delivery
type: filename|sha512
value: bd53af1833724c46d3b5ce2fd590e7a1f84feabe8e75780f4793fd0cb70ada24|b4da9aa88f6e3257df4264da67d21b64b1ceaec05c7411b94014316e37cdb9140c572f3b1df01cf8c1cd96d3fa6374b35bbbf25ba88f023bb12048c0bac5fa79
distribution: 1
category: Artifacts dropped
type: pdb
value: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb
distribution: 1
category: Payload installation
type: filename|md5
value: C:\Keyloger.exe|dad176ed8cf5b6606f07660e41bfb3f7
distribution: 1
category: Payload installation
type: filename|sha1
value: C:\Keyloger.exe|1e811fe6b8152451c23ae4e120fc68d0ef7eadaa
distribution: 1
category: Payload installation
type: filename|sha256
value: C:\Keyloger.exe|d423f6997b7ff86e580479dbb286dd8486a592c5fa40a8938df218f16c0b0c87
distribution: 1
category: Payload installation
type: filename|sha512
value: C:\Keyloger.exe|4137004f9d6978aebfbaf612ee6ce99e4dc3e0662f10ca1a5abfb5d76ce7779a548130f1b5af815451d04eb0f21ad37ab958985c88d41b848dc948eeb06be0aa
distribution: 1
category: Payload installation
type: filename|md5
value: C:\Desktop.exe|21fc613c7507e4e6cb385985e5e36495
distribution: 1
category: Payload installation
type: filename|sha1
value: C:\Desktop.exe|26a5e987b766fdbcd246549fe659f07099120d78
distribution: 1
category: Payload installation
type: filename|sha256
value: C:\Desktop.exe|7f5107f9b6d4a21ed1c25c028bc8cedad8051b2a13d0c7b8bb7cf80579728bb3
distribution: 1
category: Payload installation
type: filename|sha512
value: C:\Desktop.exe|9535537176bfc4f34e3057c8de3effa06f76c5cb1a24be971348bc097346d689ba24a5bccb594429063b2285eeeeccd8ffb11734d31efc56c788a3890839d286
distribution: 1
category: Payload installation
type: filename|md5
value: C:\51369860_1743244045782295_5050172569844449280_n.jpg|34a9d1640eccf363bfde137b9864da1b
distribution: 1
category: Payload installation
type: filename|sha1
value: C:\51369860_1743244045782295_5050172569844449280_n.jpg|b2e94d4146b0a6679f0f1eee0c7f0a6e5f980b5e
distribution: 1
category: Payload installation
type: filename|sha256
value: C:\51369860_1743244045782295_5050172569844449280_n.jpg|8752b48cd25b5746c38ac77310969be988f307fa3aab80284e28909e707aa773
distribution: 1
category: Payload installation
type: filename|sha512
value: C:\51369860_1743244045782295_5050172569844449280_n.jpg|9594b8d8dcf23e7da7087bb4516321566e13b27a9b5cdeb6338827fdc2096b22453f6e425ea4a3b1ad87da5ac291d9b354d19282d5f13ddce60f6b9af5a2382e
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\DIRECT3D\MOSTRECENTAPPLICATION\NAME|4400650073006B0074006F0070002E006500780065000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: pdb
value: C:\Users\PC\Desktop\Keyloger_-_Kopya\Keyloger - Kopya\Keyloger\obj\x86\Debug\Keyloger.pdb
distribution: 1