VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

XISE WBMS管理V23.8.exe    Threatbook file behavior analysis report

Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis

Basic Information

file name: XISE WBMS管理V23.8.exe
file type: EXEx86
Threat level: malicious
MD5: a3983f36d31d08a51486501965d04cb5
sha256: a34b0d6525ab341a51f8760c52738f2a0f7abd4b4bf565d58da6db0c7ee592ba

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains: 0

Document release report

File release report not detected

File process number report

Process details: 共分析了0个进程

Document behavior signature report

Low risk behavior
Suspicious behavior 0
High risk behavior 0
Low risk behavior
Suspicious behavior 0
High risk behavior 0
Low risk behavior 0
Low risk behavior
High risk behavior 0

Static information

Section name: .text
Virtual address: 0x00001000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: R-E
Section name: .rdata
Virtual address: 0x001d3000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: RW-
Section name: .data
Virtual address: 0x0036e000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: RW-
Section name: .z0
Virtual address: 0x003f3000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: RWE
Section name: .Silvana
Virtual address: 0x00454000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: RW-
Section name: .z1
Virtual address: 0x00455000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: RWE
Section name: .z2
Virtual address: 0x0050c000
Physical address: 0x00001000
Physical size: 0x002cf000
Section permissions: RWE
Section name: .rsrc
Virtual address: 0x007db000
Physical address: 0x002d0000
Physical size: 0x0005a000
Section permissions: R--
import_hash: cc907c11b56da87b106728585c710748
time_stamp: 2016-08-14 22:52:12
entry_point_section: .z2
image_base: 0x400000
entry_point: 0x72f2a4
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x00833f2c
size: 0x00000468
name: RT_GROUP_ICON
language: LANG_CHINESE
filetype: MS Windows icon resource - 1 icon
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x00834458
size: 0x00000014
name: RT_GROUP_ICON
language: LANG_CHINESE
filetype: MS Windows icon resource - 1 icon
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x00834458
size: 0x00000014
name: RT_GROUP_ICON
language: LANG_CHINESE
filetype: MS Windows icon resource - 1 icon
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x00834458
size: 0x00000014
name: RT_VERSION
language: LANG_CHINESE
filetype: data
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x0083446c
size: 0x0000026c
name: RT_MANIFEST
language: LANG_NEUTRAL
filetype: XML document text
sublanguage: SUBLANG_NEUTRAL
offset: 0x008346d8
size: 0x000001cd