VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
stub.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:stub.exe
file type:EXEx86
Threat level:malicious
MD5:efc17cda3dccd79bf17bf017ffb85ad8
sha256:1899462f09d0de7fce103785b75f802c8a0656eb22397076c4fda3307ef08c65
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
nofind
Document behavior signature report
Low risk behavior0
Suspicious behavior
Anti-detection Technology:Checks whether any human activity is being performed by constantly checking whether the foreground window changed
High risk behavior0
Low risk behavior0
Suspicious behavior
Information gathering:Contains functionality to retrieve information about pressed keystrokes
High risk behavior0
Low risk behavior0
Suspicious behavior
Static File Characteristics:YARA signature match
High risk behavior0
Low risk behavior0
Suspicious behavior
Reverse Engineering:The binary likely contains encrypted or compressed data indicative of a packer
High risk behavior0
Static information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x0005e200
Section permissions:R-E
Section name:.itext
Virtual address:0x00060000
Physical address:0x0005e600
Physical size:0x00000800
Section permissions:R-E
Section name:.data
Virtual address:0x00061000
Physical address:0x0005ee00
Physical size:0x0002fe00
Section permissions:RW-
Section name:.bss
Virtual address:0x00091000
Physical address:0x0008ec00
Physical size:0x00000000
Section permissions:RW-
Section name:.idata
Virtual address:0x00097000
Physical address:0x0008ec00
Physical size:0x00002e00
Section permissions:RW-
Section name:.tls
Virtual address:0x0009a000
Physical address:0x00091a00
Physical size:0x00000000
Section permissions:RW-
Section name:.rdata
Virtual address:0x0009b000
Physical address:0x00091a00
Physical size:0x00000200
Section permissions:R--
Section name:.reloc
Virtual address:0x0009c000
Physical address:0x00091c00
Physical size:0x00004e00
Section permissions:R--
Section name:.rsrc
Virtual address:0x000a1000
Physical address:0x00096a00
Physical size:0x00002200
Section permissions:R--
import_hash:2dbff3ce210d5c2b4ba36c7170d04dc2
time_stamp:2016-06-30 14:20:04
entry_point_section:.itext
entry_point_section:.itext
image_base:0x400000
entry_point:0x605d8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a12a8
size:0x00000078
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a1320
size:0x000001cc
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a14ec
size:0x0000032c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a1818
size:0x00000490
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a1ca8
size:0x000000dc
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a1d84
size:0x000000c4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a1e48
size:0x0000022c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a2074
size:0x000003b4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a2428
size:0x00000368
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a2790
size:0x000002b4
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:Sendmail frozen configuration
sublanguage:SUBLANG_NEUTRAL
offset:0x000a2a44
size:0x00000010
name:RT_RCDATA
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x000a2a54
size:0x000005b8

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号