VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

6    Threatbook file behavior analysis report

Basic Information

file name: 6
file type: EXEx86
Threat level: malicious
MD5: 20ce071cc103f7b925a1b1ef8463c3ca
sha256: a389c782ca673301e6bcb285feef30c3a5579f312fcf7dacb1dac9990a617da3

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

No behavioral characteristics detected

Document release report

File release report not detected

File process number report

nofind

Document behavior signature report

No file behavior report detected

Static information

Section name: .text
Virtual address: 0x00001000
Physical address: 0x00000400
Physical size: 0x0000f400
Section permissions: R-E
Section name: .itext
Virtual address: 0x00011000
Physical address: 0x0000f800
Physical size: 0x00001000
Section permissions: R-E
Section name: .data
Virtual address: 0x00012000
Physical address: 0x00010800
Physical size: 0x00000e00
Section permissions: RW-
Section name: .bss
Virtual address: 0x00013000
Physical address: 0x00011600
Physical size: 0x00000000
Section permissions: RW-
Section name: .idata
Virtual address: 0x00019000
Physical address: 0x00011600
Physical size: 0x00001000
Section permissions: RW-
Section name: .tls
Virtual address: 0x0001a000
Physical address: 0x00012600
Physical size: 0x00000000
Section permissions: RW-
Section name: .rdata
Virtual address: 0x0001b000
Physical address: 0x00012600
Physical size: 0x00000200
Section permissions: R--
Section name: .rsrc
Virtual address: 0x0001c000
Physical address: 0x00012800
Physical size: 0x0007aa00
Section permissions: R--
import_hash: 20dd26497880c05caed9305b3c8b9109
time_stamp: 2016-04-06 22:39:04
entry_point_section: .itext
image_base: 0x400000
entry_point: 0x117dc
name: RT_ICON
language: LANG_ENGLISH
filetype: PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0001c62c
size: 0x000064f8
name: RT_ICON
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00022b24
size: 0x00000668
name: RT_ICON
language: LANG_ENGLISH
filetype: dBase IV DBT of @.DBF, block length 512, next free block index 40, next free block 2295261128, next used block 35064
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0002318c
size: 0x000002e8
name: RT_ICON
language: LANG_ENGLISH
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00023474
size: 0x00000128
name: RT_ICON
language: LANG_ENGLISH
filetype: PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0002359c
size: 0x000082d4
name: RT_ICON
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0002b870
size: 0x00000ea8
name: RT_ICON
language: LANG_ENGLISH
filetype: dBase IV DBT of @.DBF, block length 1024, next free block index 40, next free block 15397886, next used block 15528955
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0002c718
size: 0x000008a8
name: RT_ICON
language: LANG_ENGLISH
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0002cfc0
size: 0x00000568
name: RT_ICON
language: LANG_ENGLISH
filetype: PNG image data, 768 x 768, 8-bit/color RGBA, non-interlaced
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0002d528
size: 0x0002a053
name: RT_ICON
language: LANG_ENGLISH
filetype: PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0005757c
size: 0x00018373
name: RT_ICON
language: LANG_ENGLISH
filetype: PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0006f8f0
size: 0x000092c5
name: RT_ICON
language: LANG_ENGLISH
filetype: dBase IV DBT, blocks size 0, block length 2048, next free block index 40, next free block 0, next used block 0
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00078bb8
size: 0x00010828
name: RT_ICON
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000893e0
size: 0x000025a8
name: RT_ICON
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008b988
size: 0x000010a8
name: RT_ICON
language: LANG_ENGLISH
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008ca30
size: 0x00000468
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0008ce98
size: 0x00000068
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0008cf00
size: 0x000000d4
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0008cfd4
size: 0x000000a4
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0008d078
size: 0x000002ac
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0008d324
size: 0x0000034c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0008d670
size: 0x00000294
name: RT_RCDATA
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x0008d904
size: 0x000082e8
name: RT_RCDATA
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00095bec
size: 0x00000010
name: RT_RCDATA
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00095bfc
size: 0x00000150
name: RT_RCDATA
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00095d4c
size: 0x0000002c
name: RT_GROUP_ICON
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00095d78
size: 0x000000d8
name: RT_VERSION
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00095e50
size: 0x000004f4
name: RT_MANIFEST
language: LANG_ENGLISH
filetype: XML 1.0 document, ASCII text, with CRLF line terminators
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00096344
size: 0x0000062c