VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

00龙骑战机    Threatbook file behavior analysis report

Basic Information

file name: 00龙骑战机
file type: Unknown
Threat level: malicious
MD5: 3a65fcabbfa8153f3bed9a88a8ace9a2
sha256: 1af3f364ca6abc2930c25721de0669db1260bd9de1cf10d09a29f7f0692241c0

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains
ip: 172.217.27.129
domain: images-blogger-opensocial.googleusercontent.com
ip: 172.217.24.73
domain: resources.blogblog.com
ip: 74.125.203.82
domain: javaji.googlecode.com
ip:
domain: s.haivl.com
ip: 172.217.160.65
domain: lh4.googleusercontent.com
ip: 172.217.27.129
domain: lh3.googleusercontent.com
ip: 172.217.160.105
domain: img1.blogblog.com
ip: 203.208.50.33
domain: www.google-analytics.com
ip: 74.125.203.82
domain: helplogger.googlecode.com
ip: 31.13.75.12
domain: www.blogger.com
dns
type: A
request: helplogger.googlecode.com
type: A
request: www.google-analytics.com
type: A
request: s.haivl.com
type: A
request: img1.blogblog.com
type: A
request: javaji.googlecode.com
type: A
request: lh3.googleusercontent.com
type: A
request: www.blogger.com
type: A
request: resources.blogblog.com
type: A
request: lh4.googleusercontent.com
type: A
request: images-blogger-opensocial.googleusercontent.com
http: 0
udp: 0
smtp: 0
icmp: 0
irc: 0
hosts: 0

Document release report

File release report not detected

File process number report

nofind

Document behavior signature report

Low risk behavior
Network correlation: {"en": "Generates some ICMP traffic", "cn": "样本产生了ICMP流量"}
Suspicious behavior 0
High risk behavior 0
Low risk behavior
Network correlation: {"en": "Queries the IP of a very long domain name", "cn": "IP对应的域名长度异常"}
Suspicious behavior 0
High risk behavior 0
Low risk behavior 0
Low risk behavior
High risk behavior 0

Static information

PE section table information 0
PE basic information 0
PE resource information 0