VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

云想冒险岛.exe    Threatbook file behavior analysis report

Basic Information

file name: 云想冒险岛.exe
file type: EXEx86
Threat level: malicious
MD5: c1e7e3d2bf5287cf22f7b39d253e90bb
sha256: 20cd2701376535387d4f851846f51d73b3c91fad1f74b6e8ec39a0f4291304ed

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains: 0

Document release report

File release report not detected

File process number report

nofind

Document behavior signature report

No file behavior report detected

Static information

Section name: .text
Virtual address: 0x00001000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: R-E
Section name: .rdata
Virtual address: 0x004ce000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: R--
Section name: .data
Virtual address: 0x00af1000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: RW-
Section name: .vmp0
Virtual address: 0x00c90000
Physical address: 0x00000000
Physical size: 0x00000000
Section permissions: R-E
Section name: .vmp1
Virtual address: 0x00f82000
Physical address: 0x00001000
Physical size: 0x008cd000
Section permissions: R-E
Section name: .rsrc
Virtual address: 0x0184f000
Physical address: 0x008ce000
Physical size: 0x00005000
Section permissions: R--
import_hash: b549d7f7e2adc8c7a75d77264e093573
time_stamp: 2020-11-04 00:18:04
entry_point_section: .vmp1
image_base: 0x400000
entry_point: 0x1548c2c
name: RT_ICON
language: LANG_CHINESE
filetype: data
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x0184f26c
size: 0x000002e8
name: RT_ICON
language: LANG_CHINESE
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x0184f554
size: 0x00000128
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x0184f67c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: dBase III DBT, version number 0, next free block index 40
sublanguage: SUBLANG_NEUTRAL
offset: 0x0184fae4
size: 0x000010a8
name: RT_ICON
language: LANG_NEUTRAL
filetype: dBase III DBT, version number 0, next free block index 40
sublanguage: SUBLANG_NEUTRAL
offset: 0x01850b8c
size: 0x000025a8
name: RT_GROUP_ICON
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x01853134
size: 0x00000030
name: RT_GROUP_ICON
language: LANG_CHINESE
filetype: data
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x01853164
size: 0x00000014
name: RT_GROUP_ICON
language: LANG_CHINESE
filetype: data
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x01853178
size: 0x00000014
name: RT_VERSION
language: LANG_CHINESE
filetype: data
sublanguage: SUBLANG_CHINESE_SIMPLIFIED
offset: 0x0185318c
size: 0x000002a0
name: RT_MANIFEST
language: LANG_NEUTRAL
filetype: XML 1.0 document, ASCII text, with very long lines, with no line terminators
sublanguage: SUBLANG_NEUTRAL
offset: 0x0185342c
size: 0x000002b9