VirSCAN VirSCAN

1, Herhangi bir dosyayı YÜKLEYEBİLİRSİNİZ, ancak dosya başına 20 MB sınır vardır.
2, VirSCAN, içeriğinde en fazla 20 dosya olmak kaydıyla Rar/Zip sıkıştırmasını destekler.
3, VirSCAN 'infected' ya da 'virus' kelimesiyle şifrelenip sıkıştırılmış dosyaları tarayabilir.

Dil
Sunucu Yükü
Server Load
VirSCAN
VirSCAN

1, Herhangi bir dosyayı YÜKLEYEBİLİRSİNİZ, ancak dosya başına 20 MB sınır vardır.
2, VirSCAN, içeriğinde en fazla 20 dosya olmak kaydıyla Rar/Zip sıkıştırmasını destekler.
3, VirSCAN 'infected' ya da 'virus' kelimesiyle şifrelenip sıkıştırılmış dosyaları tarayabilir.

4467ea1c0ad485ab24c068e4406d7853    Threatbook dosya davranış analizi raporu

Temel bilgiler

Dosya adı: 4467ea1c0ad485ab24c068e4406d7853
Dosya türü: EXEx86
Tehdit seviyesi: malicious
MD5: 4467ea1c0ad485ab24c068e4406d7853
sha256: d13eeeab863d87bb302eab1f394d2058c1b0ade2eccc5c8f5018907926311278

Belge Tehdit İstihbaratı IOC Raporu

Hiçbir istihbarat IOC tespit edildi

İstihbarat karar sistemi

Undetected intelligence determination system

Ağ davranış raporu

domains
ip:
domain: ns2.corp-servers.ru
ip:
domain: ransomware.bit
ip:
domain: ns1.corp-servers.ru
ip:
domain: zonealarm.bit
ip: 66.171.248.178
domain: ipv4bot.whatismyipaddress.com
dns
type: A
request: ipv4bot.whatismyipaddress.com
type: AAAA
request: zonealarm.bit
type: AAAA
request: ransomware.bit
type: A
request: ns2.corp-servers.ru
type: A
request: zonealarm.bit
type: A
request: ns1.corp-servers.ru
type: A
request: ransomware.bit
http
count: 1
url:
udp: 0
smtp: 0
icmp: 0
irc: 0
hosts: 0

Belge sürüm raporu

Dosya yayınlanma raporu tespit edilmedi

Dosya işlem numarası raporu

nofind

Belge davranış imzası raporu

Hiçbir dosya davranış raporu tespit edilmedi

Statik bilgi

Bölüm adı: .text
Sanal adres: 0x00001000
Fiziksel adres: 0x00000400
Fiziksel boyutu: 0x0000da00
Bölüm izinleri: R-E
Bölüm adı: .rdata
Sanal adres: 0x0000f000
Fiziksel adres: 0x0000de00
Fiziksel boyutu: 0x00005200
Bölüm izinleri: R--
Bölüm adı: .data
Sanal adres: 0x00015000
Fiziksel adres: 0x00013000
Fiziksel boyutu: 0x00001a00
Bölüm izinleri: RW-
Bölüm adı: .rsrc
Sanal adres: 0x00021000
Fiziksel adres: 0x00014a00
Fiziksel boyutu: 0x00026e00
Bölüm izinleri: R--
Bölüm adı: .reloc
Sanal adres: 0x00048000
Fiziksel adres: 0x0003b800
Fiziksel boyutu: 0x00001a00
Bölüm izinleri: R--
import_hash: eeda7ed1c8f4a5189c125f0dd1052ae5
time_stamp: 2018-04-22 16:47:36
entry_point_section: .text
image_base: 0x400000
entry_point: 0x1ee0
name: MERUWOPIDILETIKAJUMOVUJIRUSO
language: LANG_NEUTRAL
filetype: ASCII text, with very long lines, with no line terminators
sublanguage: SUBLANG_NEUTRAL
offset: 0x000219d0
size: 0x00000aa0
name: MUCIKAGI
language: LANG_NEUTRAL
filetype: ASCII text, with very long lines, with no line terminators
sublanguage: SUBLANG_NEUTRAL
offset: 0x00022470
size: 0x0000023c
name: ROLOKOFUFABO
language: LANG_NEUTRAL
filetype: ASCII text, with very long lines, with no line terminators
sublanguage: SUBLANG_NEUTRAL
offset: 0x000226ac
size: 0x00000c7b
name: VO
language: LANG_NEUTRAL
filetype: ASCII text, with very long lines, with no line terminators
sublanguage: SUBLANG_NEUTRAL
offset: 0x00023328
size: 0x00000aa3
name: XHFTI
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00023dcc
size: 0x00018a18
name: RT_BITMAP
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0003c7e4
size: 0x00002338
name: RT_BITMAP
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0003eb1c
size: 0x00002404
name: RT_BITMAP
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00040f20
size: 0x00002384
name: RT_ICON
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x000432a4
size: 0x000025a8
name: RT_ICON
language: LANG_NEUTRAL
filetype: GLS_BINARY_LSB_FIRST
sublanguage: SUBLANG_NEUTRAL
offset: 0x0004584c
size: 0x00000468
name: RT_ICON
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00045cb4
size: 0x000010a8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00046d5c
size: 0x00000082
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00046de0
size: 0x00000064
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00046e44
size: 0x00000066
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00046eac
size: 0x00000080
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00046f2c
size: 0x0000005a
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00046f88
size: 0x00000066
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00046ff0
size: 0x000000a8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047098
size: 0x000000fe
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047198
size: 0x00000084
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0004721c
size: 0x000000a8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x000472c4
size: 0x00000042
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047308
size: 0x00000094
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0004739c
size: 0x000000b6
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047454
size: 0x0000004a
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x000474a0
size: 0x00000054
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x000474f4
size: 0x00000032
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047528
size: 0x0000003e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047568
size: 0x00000044
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x000475ac
size: 0x0000009e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0004764c
size: 0x000000aa
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x000476f8
size: 0x00000052
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0004774c
size: 0x0000004a
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047798
size: 0x0000009a
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047834
size: 0x00000028
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x0004785c
size: 0x0000007e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x000478dc
size: 0x000000b8
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047994
size: 0x0000006c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047a00
size: 0x00000074
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047a74
size: 0x0000002e
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047aa4
size: 0x0000003c
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047ae0
size: 0x00000082
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047b64
size: 0x000000ee
name: RT_STRING
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047c54
size: 0x0000008c
name: RT_GROUP_ICON
language: LANG_NEUTRAL
filetype: data
sublanguage: SUBLANG_NEUTRAL
offset: 0x00047ce0
size: 0x00000030