VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

cfa0f2116eb75303fe2371f1ebde234c    Hybrid analysis report

Basic Information

file name: cfa0f2116eb75303fe2371f1ebde234c
file size: 70540
file type: PE32 executable (GUI) Intel 80386, for MS Windows
Submission time: 2019-09-07 08:20:06
MD5: cfa0f2116eb75303fe2371f1ebde234c
sha1: 569cabdb013d02e845c8a467d1aad2f6d96bd5ec
sha256: 286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df
enviorment_description: Windows 7 32 bit (HWP Support)
total_processes: 0
total_signatures: 0
file_analysis: 0
mitre_attcks: 0

Document analysis report

uuid: java:java.util.UUID
xmlns: http://www.misp-project.org/
Event
id: e646ec05-0459-4814-8d19-1e8592c96d80
date: 2019-09-07
info: Falcon Sandbox auto-generated for \"286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df\"
analysis: 2
distribution: 1
published: 1
Attribute
category: External analysis
type: link
value: https://www.hybrid-analysis.com/search?query=286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df
distribution: 1
category: External analysis
type: comment
value: Falcon Sandbox v8.30 Copyright 2019 Hybrid Analysis GmbH, All Rights Reserved, www.payload-security.com
distribution: 1
category: Payload delivery
type: filename|md5
value: 286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df|cfa0f2116eb75303fe2371f1ebde234c
distribution: 1
category: Payload delivery
type: filename|sha1
value: 286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df|569cabdb013d02e845c8a467d1aad2f6d96bd5ec
distribution: 1
category: Payload delivery
type: filename|sha256
value: 286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df|286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df
distribution: 1
category: Payload delivery
type: filename|sha512
value: 286437a97ea8d2a1b76098aa21e0ca5397107989dc3448ec5eee9ca7627379df|dc8940b095a47a4ab003b2c3117e77ce7848e3ea4e5dd73fd902195a8126302b90d0d2d5190f1c2a9ae709ee1b53d3de8ab4c4dc36061905dbe027d9b6fb68fe
distribution: 1
category: Network activity
type: domain
value: gnzbfxthk.nnnn.eu.org
distribution: 1
category: Network activity
type: domain
value: lywfcujs.nnnn.eu.org
distribution: 1
category: Network activity
type: domain
value: uhvnncn9xr.nnnn.eu.org
distribution: 1
category: Network activity
type: domain
value: www.baidu.com
distribution: 1
category: Network activity
type: domain
value: zsxeptehz8.nnnn.eu.org
distribution: 1
category: Payload installation
type: filename|md5
value: CKAHOST.EXE.5D731424.bin|1b6477304249a674c01e976eb3ec21bf
distribution: 1
category: Payload installation
type: filename|sha1
value: CKAHOST.EXE.5D731424.bin|9250dd37afec77c915e57f735900d076ae13f1d6
distribution: 1
category: Payload installation
type: filename|sha256
value: CKAHOST.EXE.5D731424.bin|6f16cd5317cb71377b70783874e408a673a3c27ebf3ce64698adb9a7f866fd5a
distribution: 1
category: Payload installation
type: filename|sha512
value: CKAHOST.EXE.5D731424.bin|8d012ab30b707f74fdcdf5cbe70bcb0ab2d7924e9349d425a4c619e30db9714ce7126da4f9af1bdefda888f4e891c36d2c2e5fbcab078b31e62457955aaac20b
distribution: 1
category: Payload installation
type: filename|md5
value: CKAHOST.EXE.5D7315B0.bin|1b6477304249a674c01e976eb3ec21bf
distribution: 1
category: Payload installation
type: filename|sha1
value: CKAHOST.EXE.5D7315B0.bin|9250dd37afec77c915e57f735900d076ae13f1d6
distribution: 1
category: Payload installation
type: filename|sha256
value: CKAHOST.EXE.5D7315B0.bin|6f16cd5317cb71377b70783874e408a673a3c27ebf3ce64698adb9a7f866fd5a
distribution: 1
category: Payload installation
type: filename|sha512
value: CKAHOST.EXE.5D7315B0.bin|8d012ab30b707f74fdcdf5cbe70bcb0ab2d7924e9349d425a4c619e30db9714ce7126da4f9af1bdefda888f4e891c36d2c2e5fbcab078b31e62457955aaac20b
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\debug\ckahost.exe|1b6477304249a674c01e976eb3ec21bf
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\debug\ckahost.exe|9250dd37afec77c915e57f735900d076ae13f1d6
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\debug\ckahost.exe|6f16cd5317cb71377b70783874e408a673a3c27ebf3ce64698adb9a7f866fd5a
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\debug\ckahost.exe|8d012ab30b707f74fdcdf5cbe70bcb0ab2d7924e9349d425a4c619e30db9714ce7126da4f9af1bdefda888f4e891c36d2c2e5fbcab078b31e62457955aaac20b
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SYSTEM\CONTROLSET001\SERVICES\SERPIEI\DESCRIPTION|4D006900630072006F0073006F006600740020002E004E0045005400200043004F004D002B00200049006E0074006500670072006100740069006F006E0020007700690074006800200053004F00410050000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesLockedCacheCounterMutex
distribution: 1
category: Artifacts dropped
type: mutex
value: Local\ZonesCacheCounterMutex
distribution: 1