VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

00远大前程    Threatbook file behavior analysis report

Basic Information

file name: 00远大前程
file type: EXEx86
Threat level: malicious
MD5: 75a3d15312cda158e4d9fc080e4491de
sha256: 558ab85c1c9cc373ef19bfcdad864cc06151f38f20cf0fc2a195fc0fe72d3b98

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains: 0

Document release report

File release report not detected

File process number report

nofind

Document behavior signature report

No file behavior report detected

Static information

Section name: .text
Virtual address: 0x00001000
Physical address: 0x00000400
Physical size: 0x00087200
Section permissions: R-E
Section name: .itext
Virtual address: 0x00089000
Physical address: 0x00087600
Physical size: 0x00000a00
Section permissions: R-E
Section name: .data
Virtual address: 0x0008a000
Physical address: 0x00088000
Physical size: 0x00002a00
Section permissions: RW-
Section name: .bss
Virtual address: 0x0008d000
Physical address: 0x0008aa00
Physical size: 0x00000000
Section permissions: RW-
Section name: .idata
Virtual address: 0x00093000
Physical address: 0x0008aa00
Physical size: 0x00003200
Section permissions: RW-
Section name: .tls
Virtual address: 0x00097000
Physical address: 0x0008dc00
Physical size: 0x00000000
Section permissions: RW-
Section name: .rdata
Virtual address: 0x00098000
Physical address: 0x0008dc00
Physical size: 0x00000200
Section permissions: R--
Section name: .rsrc
Virtual address: 0x00099000
Physical address: 0x0008de00
Physical size: 0x00024000
Section permissions: R--
import_hash: 3c8577ca4bab2f95cc6fc73ef1895288
time_stamp: 2008-07-23 23:21:46
entry_point_section: .itext
image_base: 0x400000
entry_point: 0x89990
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00099884
size: 0x00000134
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000999b8
size: 0x00000134
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00099aec
size: 0x00000134
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00099c20
size: 0x00000134
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00099d54
size: 0x00000134
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00099e88
size: 0x00000134
name: RT_CURSOR
language: LANG_ENGLISH
filetype: data
sublanguage: SUBLANG_ENGLISH_US
offset: 0x00099fbc
size: 0x00000134
name: RT_ICON
language: LANG_DUTCH
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_DUTCH
offset: 0x0009a0f0
size: 0x00000128
name: RT_ICON
language: LANG_DUTCH
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_DUTCH
offset: 0x0009a218
size: 0x00000568
name: RT_ICON
language: LANG_DUTCH
filetype: data
sublanguage: SUBLANG_DUTCH
offset: 0x0009a780
size: 0x000002e8
name: RT_ICON
language: LANG_DUTCH
filetype: data
sublanguage: SUBLANG_DUTCH
offset: 0x0009aa68
size: 0x000008a8
name: RT_ICON
language: LANG_DUTCH
filetype: data
sublanguage: SUBLANG_DUTCH
offset: 0x0009b310
size: 0x00000ea8
name: RT_ICON
language: LANG_DUTCH
filetype: dBase IV DBT of `.DBF, block length 1536, next free block index 40, next free block 57599, next used block 256
sublanguage: SUBLANG_DUTCH
offset: 0x0009c1b8
size: 0x00000668
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009c820
size: 0x0000005c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009c87c
size: 0x0000043c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009ccb8
size: 0x000002d8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009cf90
size: 0x000000c0
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009d050
size: 0x00000158
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009d1a8
size: 0x00000494
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009d63c
size: 0x00000360
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009d99c
size: 0x00000374
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009dd10
size: 0x00000418
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009e128
size: 0x00000140
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009e268
size: 0x000000cc
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009e334
size: 0x000001ec
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009e520
size: 0x000003b0
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009e8d0
size: 0x00000354
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009ec24
size: 0x000002b4
name: RT_RCDATA
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009eed8
size: 0x00000010
name: RT_RCDATA
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009eee8
size: 0x0000033c
name: RT_RCDATA
language: LANG_NEUTRAL
filetype: Delphi compiled form 'TmmrForm'
sublanguage: SUBLANG_NEUTRAL
offset: 0x0009f224
size: 0x0001d7f9
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x1
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000bca20
size: 0x00000014
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x1
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000bca34
size: 0x00000014
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x1
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000bca48
size: 0x00000014
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x1
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000bca5c
size: 0x00000014
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x1
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000bca70
size: 0x00000014
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x1
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000bca84
size: 0x00000014
name: RT_GROUP_CURSOR
language: LANG_ENGLISH
filetype: Lotus unknown worksheet or configuration, revision 0x1
sublanguage: SUBLANG_ENGLISH_US
offset: 0x000bca98
size: 0x00000014
name: RT_GROUP_ICON
language: LANG_DUTCH
filetype: data
sublanguage: SUBLANG_DUTCH
offset: 0x000bcaac
size: 0x0000005a
name: RT_MANIFEST
language: LANG_DUTCH
filetype: XML 1.0 document, ASCII text, with CRLF line terminators
sublanguage: SUBLANG_DUTCH
offset: 0x000bcb08
size: 0x00000351