VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

00闰年    Threatbook file behavior analysis report

Basic Information

file name: 00闰年
file type: EXEx86
Threat level: malicious
MD5: 71ab6b01f02d087e8aaeee535e3bc09c
sha256: c8875caebd66a58983db8889f799f17f0740c0704a38445757301b6104d90886

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains: 0

Document release report

File release report not detected

File process number report

Process details: 共分析了0个进程

Document behavior signature report

Low risk behavior 0
Low risk behavior
Reverse Engineering: {"en": "The binary likely contains encrypted or compressed data indicative of a packer", "cn": "这个二进制可能包含被加密或被压缩的数据,可能被加壳"}
High risk behavior 0
Low risk behavior 0
Low risk behavior
Reverse Engineering: {"en": "The executable is compressed using UPX", "cn": "该可执行文件使用UPX进行压缩"}
High risk behavior 0

Static information

Section name: rdata
Virtual address: 0x00001000
Physical address: 0x00000400
Physical size: 0x00000000
Section permissions: RWE
Section name: UPX1
Virtual address: 0x00057000
Physical address: 0x00000400
Physical size: 0x0000f200
Section permissions: RWE
Section name: UPX2
Virtual address: 0x00067000
Physical address: 0x0000f600
Physical size: 0x00001200
Section permissions: RW-
import_hash: e59476c2f511174da844d6431fd827ff
time_stamp: 2013-01-17 12:22:17
entry_point_section: UPX1
image_base: 0x400000
entry_point: 0x65f00
PE resource information 0