VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

00轩辕剑    Threatbook file behavior analysis report

Basic Information

file name: 00轩辕剑
file type: EXEx86
Threat level: malicious
MD5: 84671a98df8b5416f0600ce65fa9f2a3
sha256: bb6dc1f87495efb3999b3f450cfe3d3ca436b4cdffcec59a98c8505afd611fb7

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains: 0

Document release report

File release report not detected

File process number report

nofind

Document behavior signature report

No file behavior report detected

Static information

Section name: .text
Virtual address: 0x00001000
Physical address: 0x00001000
Physical size: 0x00063000
Section permissions: R-E
Section name: .rdata
Virtual address: 0x00064000
Physical address: 0x00064000
Physical size: 0x0000f000
Section permissions: R--
Section name: .data
Virtual address: 0x00073000
Physical address: 0x00073000
Physical size: 0x00005000
Section permissions: RW-
Section name: .idata
Virtual address: 0x0007d000
Physical address: 0x00078000
Physical size: 0x00004000
Section permissions: RW-
Section name: .rsrc
Virtual address: 0x00081000
Physical address: 0x0007c000
Physical size: 0x00010000
Section permissions: R--
Section name: .reloc
Virtual address: 0x00091000
Physical address: 0x0008c000
Physical size: 0x00007000
Section permissions: R--
import_hash: 9ca4295f55acb4d2b6ee4f76fa5d2e0a
time_stamp: 2020-04-25 03:40:48
entry_point_section: .text
image_base: 0x400000
entry_point: 0x1174a
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008bd70
size: 0x00000134
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008bea8
size: 0x000000b4
name: RT_BITMAP
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008bf88
size: 0x000005e4
name: RT_BITMAP
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008c658
size: 0x000000b8
name: RT_BITMAP
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008c710
size: 0x0000016c
name: RT_BITMAP
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008c880
size: 0x00000144
name: RT_DIALOG
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00081680
size: 0x000007a8
name: RT_DIALOG
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008c570
size: 0x000000e8
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008c9c8
size: 0x00000082
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008ca50
size: 0x0000002a
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008ca80
size: 0x0000014a
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008cbd0
size: 0x000004e2
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008d448
size: 0x000002a2
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008d168
size: 0x000002dc
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008d0b8
size: 0x000000ac
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008de20
size: 0x000000de
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008d6f0
size: 0x000004c4
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008dbb8
size: 0x00000264
name: RT_STRING
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008df00
size: 0x0000002c
name: RT_RCDATA
language: LANG_ARABIC
filetype: data
sublanguage: SUBLANG_ARABIC_SAUDI_ARABIA
offset: 0x00081e28
size: 0x00009f44
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x2
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008bf60
size: 0x00000022