收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 在学校忽悠学生的文件,疑似木马!
123456789下一页
返回列表 发新帖
查看: 11678|回复: 80
收起左侧

[可疑文件] 在学校忽悠学生的文件,疑似木马!

  [复制链接]
15263695596
发表于 2012-12-17 01:01:51 | 显示全部楼层 |阅读模式
  近期在我们学院的qq群里出现了一封可疑邮件,如图

  小弟觉得不对劲,因为学校是没有这种东西的,然后放到虚拟机里测试。
   
  经卡巴斯基,小红伞,360检查,均报无毒。但打开该exe后,没有任何反应,没有弹出任何窗口。打开任务管理器,多了一项名为 “资料库.exe”的进程。如图

  此压缩包内含三个文件,其中一个txt是:“这是12级寒假放假和回校的查询工具,输入学号前面4位即可查阅。” 因为学校不可能发这种东西。  明显感觉是钓鱼软件,可没有任何窗口显示,所以怀疑是木马。

  希望各位大神能帮忙看看,确认一下是否是恶意程序。因为有同学已经误打开,所以还是希望能给出解决办法。

  最后附上该文件

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

firefox3
发表于 2012-12-17 01:07:51 | 显示全部楼层
本帖最后由 firefox3 于 2012-12-17 01:12 编辑

https://www.virustotal.com/file/ ... nalysis/1355677531/


白加黑 白天吃白片 不瞌睡,晚上吃黑片 睡得香


log file

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:11, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:08, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:09, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:10, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:05, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:06, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:07, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:02, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:03, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:10:04, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:09:59, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:09:59, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:09:59, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)

12.17.2012  01:09:59, 模块 C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe, 1:Attempt to bring window of the process C:\Documents and Settings\Administrator\桌面\关于寒假放假和回校的通知\资料库.exe to the top (屏幕)
回复

举报

hx1997
发表于 2012-12-17 01:09:40 | 显示全部楼层
http://fireeye.ijinshan.com/anal ... 1df&type=1#full

QQ 钓鱼, obviously.

只要不在莫名其妙的登录窗口输入自己的 QQ 帐号密码就没大事了。
回复

举报

firefox3
发表于 2012-12-17 01:14:07 | 显示全部楼层
hx1997 发表于 2012-12-17 01:09
http://fireeye.ijinshan.com/analyse.html?md5=d9082ce15bf55fba6013d59168d911df&type=1#full

QQ 钓鱼 ...

还不洗洗碎了你
回复

举报

15263695596
 楼主| 发表于 2012-12-17 01:21:15 | 显示全部楼层

RE: 在学校忽悠学生的文件,疑似木马!

firefox3 发表于 2012-12-17 01:07
https://www.virustotal.com/file/bb06c4f308bac3b6ee4791bf857544cf691d6397e5fe6dc39572b80df5fa6fff/ana ...

好多。。。谢了
回复

举报

15263695596
 楼主| 发表于 2012-12-17 01:23:20 | 显示全部楼层

RE: 在学校忽悠学生的文件,疑似木马!

hx1997 发表于 2012-12-17 01:09
http://fireeye.ijinshan.com/analyse.html?md5=d9082ce15bf55fba6013d59168d911df&type=1#full

QQ 钓鱼 ...

多谢。再弱弱的问一句,为啥在虚拟机里没有任何窗口弹出来,是不是因为没装qq的缘故。。。
回复

举报

15263695596
 楼主| 发表于 2012-12-17 01:25:12 | 显示全部楼层

RE: 在学校忽悠学生的文件,疑似木马!

firefox3 发表于 2012-12-17 01:14
还不洗洗碎了你

为求真理,可以熬夜,哈哈。。多谢了。
回复

举报

zst470396853
发表于 2012-12-17 01:28:18 | 显示全部楼层
我是QQ2013  运行 毛豆无任何反映。。。 看火眼分析  好像只搜索了QQ2011和2012
回复

举报

firefox3
发表于 2012-12-17 01:28:22 | 显示全部楼层
15263695596 发表于 2012-12-17 01:21
好多。。。谢了

推荐SS、SSF、md防御
回复

举报

firefox3
发表于 2012-12-17 01:28:38 | 显示全部楼层
15263695596 发表于 2012-12-17 01:25
为求真理,可以熬夜,哈哈。。多谢了。

不客气
回复

举报

下一页 »
123456789下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-10-15 06:00 , Processed in 0.132236 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表