VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
KMS10_2017.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:KMS10_2017.exe
file type:EXEx86
Threat level:malicious
MD5:2fbee053de0977cb58f2e165e4317754
sha256:b176e98984e72a9f43ba5cd179b23e1b3128a73ab3c69286cdbe0436aba18ebd
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Undetected intelligence determination system
Network behavior report
domains:0
dns:0
http:0
udp:0
smtp:0
icmp:0
irc:0
hosts:0
Document release report
File release report not detected
File process number report
nofind
Document behavior signature report
No file behavior report detected
Static information
Section name:UPX0
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x00000000
Section permissions:RWE
Section name:UPX1
Virtual address:0x002fd000
Physical address:0x00000400
Physical size:0x00128c00
Section permissions:RWE
Section name:.rsrc
Virtual address:0x00426000
Physical address:0x00129000
Physical size:0x00011c00
Section permissions:RW-
import_hash:a802e60b490412a3757cefce5c4cb1f1
time_stamp:2015-07-31 16:30:18
entry_point_section:UPX1
entry_point_section:UPX1
image_base:0x400000
entry_point:0x425950
name:COR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0032c274
size:0x00002c00
name:COR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0032ee74
size:0x00003000
name:COR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00331e74
size:0x00003c00
name:COR
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00335a74
size:0x00003600
name:DAT
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00339074
size:0x00029c80
name:DAT
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00362cf4
size:0x00046efd
name:DAT
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003a9bf4
size:0x00002c7c
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003ac870
size:0x00021a00
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003ce270
size:0x00017c00
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003e5e70
size:0x00001000
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003e6e70
size:0x00001000
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003e7e70
size:0x00001200
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003e9070
size:0x00001200
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x003ea270
size:0x00017c00
name:PRO
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00401e70
size:0x00001000
name:XM
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00402e70
size:0x00000aab
name:XM
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x0040391c
size:0x00000aab
name:RT_CURSOR
language:LANG_ENGLISH
filetype:COM executable for MS-DOS
sublanguage:SUBLANG_ENGLISH_US
offset:0x004043c8
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x004044fc
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00404630
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00404764
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00404898
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x004049cc
size:0x00000134
name:RT_CURSOR
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00404b00
size:0x00000134
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00427278
size:0x00000668
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x004278e4
size:0x000002e8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00427bd0
size:0x00000128
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00427cfc
size:0x00000ea8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00428ba8
size:0x000008a8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00429454
size:0x00000568
name:RT_ICON
language:LANG_ENGLISH
filetype:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
sublanguage:SUBLANG_ENGLISH_US
offset:0x004299c0
size:0x00009b66
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x0043352c
size:0x000025a8
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x00435ad8
size:0x000010a8
name:RT_ICON
language:LANG_ENGLISH
filetype:GLS_BINARY_LSB_FIRST
sublanguage:SUBLANG_ENGLISH_US
offset:0x00436b84
size:0x00000468
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00414984
size:0x000004c8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00414e4c
size:0x00000ff4
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00415e40
size:0x00000a94
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x004168d4
size:0x000009fc
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x004172d0
size:0x00000918
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00417be8
size:0x000006e8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x004182d0
size:0x0000021c
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x004184ec
size:0x000005b0
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00418a9c
size:0x000003a0
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00418e3c
size:0x00000484
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x004192c0
size:0x000002e8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x004195a8
size:0x00000484
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00419a2c
size:0x000003a0
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x00419dcc
size:0x000003d8
name:RT_STRING
language:LANG_NEUTRAL
filetype:data
sublanguage:SUBLANG_NEUTRAL
offset:0x0041a1a4
size:0x000002f0
name:RT_STRING
language:LANG_NEUTRAL
filetype:DOS executable (COM)
sublanguage:SUBLANG_NEUTRAL
offset:0x0041a494
size:0x0000031c

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号