VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

00越狱第四季    Threatbook file behavior analysis report

Basic Information

file name: 00越狱第四季
file type: Unknown
Threat level: malicious
MD5: 775ae5463f9748042c148a57324a4e2c
sha256: 7090d41c843d31472b9546ef198206028ddf7c34b8a4c43156f19b3389fd34ce

Document Threat Intelligence IOC Report

No intelligence IOC detected

Intelligence decision system

Undetected intelligence determination system

Network behavior report

domains
ip: 172.217.27.138
domain: ajax.googleapis.com
ip: 70.34.33.8
domain: www.edmontonacademyofmusic.com
ip: 23.32.241.66
domain: crl.identrust.com
ip: 180.163.151.38
domain: pagead2.googlesyndication.com
ip: 180.163.150.33
domain: fonts.googleapis.com
ip:
domain: kaskader.wroclaw.pl
ip: 85.10.200.158
domain: ad.a-ads.com
ip:
domain: stuntsfireshow.pl
ip: 85.128.200.124
domain: laptop-tech.nazwa.pl
ip: 203.208.50.65
domain: www.google-analytics.com
ip: 31.13.90.19
domain: www.facebook.com
ip: 70.34.33.8
domain: edmontonacademyofmusic.com
ip: 45.77.208.109
domain: angiemoney.com
ip: 69.192.4.192
domain: r3.o.lencr.org
dns
type: A
request: edmontonacademyofmusic.com
type: A
request: ad.a-ads.com
type: A
request: kaskader.wroclaw.pl
type: A
request: www.google-analytics.com
type: A
request: laptop-tech.nazwa.pl
type: A
request: stuntsfireshow.pl
type: A
request: www.facebook.com
type: A
request: crl.identrust.com
type: A
request: www.edmontonacademyofmusic.com
type: A
request: fonts.googleapis.com
type: A
request: ajax.googleapis.com
type: A
request: angiemoney.com
type: A
request: r3.o.lencr.org
type: A
request: pagead2.googlesyndication.com
http
count: 2
url:
count: 4
url:
count: 1
url:
count: 1
url:
count: 2
url:
count: 1
url:
count: 1
url:
count: 1
url:
count: 1
url:
udp: 0
smtp: 0
icmp: 0
irc: 0
hosts: 0

Document release report

File release report not detected

File process number report

nofind

Document behavior signature report

Low risk behavior
Network correlation: {"en": "Performs some HTTP requests", "cn": "发起了HTTP请求"}
Suspicious behavior 0
High risk behavior 0
Low risk behavior
Network correlation: {"en": "Generates some ICMP traffic", "cn": "样本产生了ICMP流量"}
Suspicious behavior 0
High risk behavior 0
Low risk behavior 0
Low risk behavior
Reverse Engineering: {"en": "Contains functionality to create guard pages, often used to hinder reverse engineering and debugging", "cn": "创建PAGE_GUARD属性的内存页,通常用于反逆向和反调试"}
High risk behavior 0
Low risk behavior 0
Low risk behavior
High risk behavior 0

Static information

PE section table information 0
PE basic information 0
PE resource information 0