VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

142928c31c5ee307d9de7bd86982d59c    Threatbook file behavior analysis report

Basic Information

file name: 142928c31c5ee307d9de7bd86982d59c
file type: EXEx86
Threat level: malicious
MD5: 142928c31c5ee307d9de7bd86982d59c
sha256: 030ff8812e7d24ed11a599b4d6da27a8c716d17c7ade51cc5d8e8fe0991ed80e

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains
ip:
domain: ns2.corp-servers.ru
ip:
domain: ransomware.bit
ip:
domain: ns1.corp-servers.ru
ip:
domain: zonealarm.bit
ip: 66.171.248.178
domain: ipv4bot.whatismyipaddress.com
dns
type: A
request: ipv4bot.whatismyipaddress.com
type: AAAA
request: zonealarm.bit
type: AAAA
request: ransomware.bit
type: A
request: ns2.corp-servers.ru
type: A
request: zonealarm.bit
type: A
request: ns1.corp-servers.ru
type: A
request: ransomware.bit
http
count: 1
url:
udp: 0
smtp: 0
icmp: 0
irc: 0
hosts: 0

Document release report

File release report not detected

File process number report

nofind

Document behavior signature report

No file behavior report detected

Static information

Section name: .text
Virtual address: 0x00001000
Physical address: 0x00000400
Physical size: 0x00014600
Section permissions: R-E
Section name: .rdata
Virtual address: 0x00016000
Physical address: 0x00014a00
Physical size: 0x00004600
Section permissions: R--
Section name: .data
Virtual address: 0x0001b000
Physical address: 0x00019000
Physical size: 0x00001c00
Section permissions: RW-
Section name: .rsrc
Virtual address: 0x005cc000
Physical address: 0x0001ac00
Physical size: 0x00024e00
Section permissions: R--
Section name: .reloc
Virtual address: 0x005f1000
Physical address: 0x0003fa00
Physical size: 0x00005600
Section permissions: R--
import_hash: 022e75c8089eb1300c6b4ca118f5ca63
time_stamp: 2018-04-23 02:26:27
entry_point_section: .text
image_base: 0x400000
entry_point: 0x4de7
name: PQDPDSFKC
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005cca74
size: 0x00018b0e
name: RT_BITMAP
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005e5584
size: 0x00006160
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x005eb6e4
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ebb4c
size: 0x000025a8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee0f4
size: 0x000000c0
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee1b4
size: 0x0000004c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee200
size: 0x00000072
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee274
size: 0x00000110
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee384
size: 0x0000017e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee504
size: 0x00000100
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee604
size: 0x00000150
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee754
size: 0x0000015a
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee8b0
size: 0x00000108
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ee9b8
size: 0x00000218
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005eebd0
size: 0x00000204
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005eedd4
size: 0x00000054
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005eee28
size: 0x000001b2
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005eefdc
size: 0x00000038
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef014
size: 0x000000c2
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef0d8
size: 0x00000028
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef100
size: 0x00000094
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef194
size: 0x000000ce
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef264
size: 0x0000012e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef394
size: 0x000000a8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef43c
size: 0x0000002c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef468
size: 0x00000158
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef5c0
size: 0x00000068
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef628
size: 0x00000066
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef690
size: 0x00000126
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef7b8
size: 0x0000022c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005ef9e4
size: 0x0000009e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005efa84
size: 0x000000b4
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005efb38
size: 0x000000ac
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005efbe4
size: 0x000000ce
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005efcb4
size: 0x0000010c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005efdc0
size: 0x0000007e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005efe40
size: 0x00000092
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005efed4
size: 0x00000100
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005effd4
size: 0x000000c2
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0098
size: 0x000001d0
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0268
size: 0x00000144
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f03ac
size: 0x000000b6
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0464
size: 0x000000f8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f055c
size: 0x00000138
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0694
size: 0x000002a6
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f093c
size: 0x000000fe
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0a3c
size: 0x00000090
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0acc
size: 0x0000018c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0c58
size: 0x000000e4
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x005f0d3c
size: 0x0000007e