楼主: 轩夏
收起左侧

[病毒样本] 精睿样本测试(17.4.14)

[复制链接]
欧阳宣
发表于 2017-4-14 16:37:33 | 显示全部楼层

估计他不知道右键现在没有云杀了
dsb2466
发表于 2017-4-14 16:44:09 | 显示全部楼层
petr0vic
发表于 2017-4-14 16:52:01 | 显示全部楼层
DrWeb
62/120
miss- 58

[CSS] 纯文本查看 / 双击代码区域 Ctrl+A快速复制
>C:\Users\User\Desktop\2017.4.14\2017.4.14\002.vir infected with Win32.HLLM.MyDoom.33808
C:\Users\User\Desktop\2017.4.14\2017.4.14\003.vir infected with Trojan.Siggen7.19967
>C:\Users\User\Desktop\2017.4.14\2017.4.14\006.vir/word/vbaProject.bin - infected with W97M.DownLoader.1702
C:\Users\User\Desktop\2017.4.14\2017.4.14\006.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\007.vir infected with Trojan.PWS.Stealer.19175
C:\Users\User\Desktop\2017.4.14\2017.4.14\009.vir infected with Trojan.Boaxxe.492
>C:\Users\User\Desktop\2017.4.14\2017.4.14\010.vir/word/vbaProject.bin - infected with W97M.DownLoader.1702
C:\Users\User\Desktop\2017.4.14\2017.4.14\010.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\012.vir infected with Trojan.PWS.Stealer.13052
C:\Users\User\Desktop\2017.4.14\2017.4.14\013.vir infected with Trojan.Nymaim.143
C:\Users\User\Desktop\2017.4.14\2017.4.14\017.vir infected with Trojan.Encoder.10731
C:\Users\User\Desktop\2017.4.14\2017.4.14\018.vir infected with Trojan.DownLoader24.36664
C:\Users\User\Desktop\2017.4.14\2017.4.14\019.vir infected with Trojan.PWS.Stealer.17779
C:\Users\User\Desktop\2017.4.14\2017.4.14\021.vir infected with BAT.DownLoader.104
C:\Users\User\Desktop\2017.4.14\2017.4.14\023.vir infected with Trojan.DownLoader24.36664
C:\Users\User\Desktop\2017.4.14\2017.4.14\024.vir infected with Trojan.PWS.Stealer.18461
C:\Users\User\Desktop\2017.4.14\2017.4.14\028.vir infected with Trojan.PWS.Stealer.1932
>>C:\Users\User\Desktop\2017.4.14\2017.4.14\031.vir/EmbeddedStream[00000001][00000061]/word/vbaProject.bin - infected with W97M.DownLoader.1702
>C:\Users\User\Desktop\2017.4.14\2017.4.14\031.vir/EmbeddedStream[00000001][00000061] - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\031.vir - archive contains infected objects
>C:\Users\User\Desktop\2017.4.14\2017.4.14\032.vir/word/vbaProject.bin - infected with W97M.DownLoader.1701
C:\Users\User\Desktop\2017.4.14\2017.4.14\032.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\034.vir infected with BackDoor.Siggen2.2041
>C:\Users\User\Desktop\2017.4.14\2017.4.14\036.vir/net/javax/code/Main$Q_1858_.class - infected with Java.Adwind.289
C:\Users\User\Desktop\2017.4.14\2017.4.14\036.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\038.vir infected with BackDoor.Siggen2.2041
C:\Users\User\Desktop\2017.4.14\2017.4.14\040.vir infected with BackDoor.Siggen2.2041
>C:\Users\User\Desktop\2017.4.14\2017.4.14\041.vir/Skypee\googleupdate.a3x - infected with Trojan.Siggen6.11222
C:\Users\User\Desktop\2017.4.14\2017.4.14\041.vir - archive contains infected objects
>>C:\Users\User\Desktop\2017.4.14\2017.4.14\042.vir/EmbeddedStream[00000001][00000061]/word/vbaProject.bin - infected with W97M.DownLoader.1702
>C:\Users\User\Desktop\2017.4.14\2017.4.14\042.vir/EmbeddedStream[00000001][00000061] - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\042.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\043.vir infected with Trojan.Dridex.504
C:\Users\User\Desktop\2017.4.14\2017.4.14\044.vir infected with Trojan.DownLoader24.1588
>C:\Users\User\Desktop\2017.4.14\2017.4.14\045.vir/word/vbaProject.bin - infected with W97M.DownLoader.1702
C:\Users\User\Desktop\2017.4.14\2017.4.14\045.vir - archive contains infected objects
>C:\Users\User\Desktop\2017.4.14\2017.4.14\046.vir infected with Win32.HLLM.MyDoom.33808
C:\Users\User\Desktop\2017.4.14\2017.4.14\047.vir infected with Trojan.Dridex.506
C:\Users\User\Desktop\2017.4.14\2017.4.14\053.vir infected with Trojan.Kovter.297
C:\Users\User\Desktop\2017.4.14\2017.4.14\054.vir infected with Trojan.WebPick.9115
C:\Users\User\Desktop\2017.4.14\2017.4.14\055.vir infected with BackDoor.Bladabindi.13678
>C:\Users\User\Desktop\2017.4.14\2017.4.14\062.vir/com/java/game/Main.class - infected with Java.Adwind.297
C:\Users\User\Desktop\2017.4.14\2017.4.14\062.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\063.vir infected with Trojan.Swrort.41
C:\Users\User\Desktop\2017.4.14\2017.4.14\064.vir infected with Trojan.LoadMoney.2164
>>C:\Users\User\Desktop\2017.4.14\2017.4.14\065.vir/EmbeddedStream[00000001][00000061]/word/vbaProject.bin - infected with W97M.DownLoader.1701
>C:\Users\User\Desktop\2017.4.14\2017.4.14\065.vir/EmbeddedStream[00000001][00000061] - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\065.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\067.vir infected with BackDoor.Neutrino.19
C:\Users\User\Desktop\2017.4.14\2017.4.14\069.vir infected with BackDoor.Bladabindi.13678
C:\Users\User\Desktop\2017.4.14\2017.4.14\070.vir infected with Trojan.DownLoader24.36664
C:\Users\User\Desktop\2017.4.14\2017.4.14\073.vir infected with Trojan.Encoder.10732
C:\Users\User\Desktop\2017.4.14\2017.4.14\076.vir infected with BackDoor.Bladabindi.13678
>C:\Users\User\Desktop\2017.4.14\2017.4.14\077.vir/JSTAG_1[182][9c2] - infected with JS.Muldrop.385
C:\Users\User\Desktop\2017.4.14\2017.4.14\077.vir - archive contains infected objects
>C:\Users\User\Desktop\2017.4.14\2017.4.14\078.vir/ActivSkin.exe - infected with Trojan.DownLoader22.7405
C:\Users\User\Desktop\2017.4.14\2017.4.14\078.vir - archive contains infected objects
>C:\Users\User\Desktop\2017.4.14\2017.4.14\079.vir/word/vbaProject.bin - infected with W97M.DownLoader.1702
C:\Users\User\Desktop\2017.4.14\2017.4.14\079.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\080.vir infected with Trojan.DownLoader21.32770
>C:\Users\User\Desktop\2017.4.14\2017.4.14\081.vir/OLEstream-1 - infected with Exploit.CVE-2017-0199.1
C:\Users\User\Desktop\2017.4.14\2017.4.14\081.vir - archive contains infected objects
>C:\Users\User\Desktop\2017.4.14\2017.4.14\083.vir/googleupdate.a3x - infected with Trojan.Siggen6.11222
C:\Users\User\Desktop\2017.4.14\2017.4.14\083.vir - archive contains infected objects
>>C:\Users\User\Desktop\2017.4.14\2017.4.14\085.vir/EmbeddedStream[00000001][00000061]/word/vbaProject.bin - infected with W97M.DownLoader.1702
>C:\Users\User\Desktop\2017.4.14\2017.4.14\085.vir/EmbeddedStream[00000001][00000061] - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\085.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\087.vir infected with Trojan.Nymaim.143
>C:\Users\User\Desktop\2017.4.14\2017.4.14\088.vir/classes.dex - infected with Android.Hidden.2472
C:\Users\User\Desktop\2017.4.14\2017.4.14\088.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\091.vir infected with Trojan.PWS.Spy.20497
>>C:\Users\User\Desktop\2017.4.14\2017.4.14\092.vir/Attach0.msg/OLEstream-1 - infected with Exploit.CVE-2017-0199.1
>C:\Users\User\Desktop\2017.4.14\2017.4.14\092.vir/Attach0.msg - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\092.vir - archive contains infected objects
>C:\Users\User\Desktop\2017.4.14\2017.4.14\099.vir/OLEstream-1 - infected with Exploit.CVE-2017-0199.1
C:\Users\User\Desktop\2017.4.14\2017.4.14\099.vir - archive contains infected objects
>>C:\Users\User\Desktop\2017.4.14\2017.4.14\101.vir/EmbeddedStream[00000001][00000061]/word/vbaProject.bin - infected with W97M.DownLoader.1702
>C:\Users\User\Desktop\2017.4.14\2017.4.14\101.vir/EmbeddedStream[00000001][00000061] - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\101.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\103.vir infected with BackDoor.Gozi.85
C:\Users\User\Desktop\2017.4.14\2017.4.14\105.vir infected with BackDoor.Bladabindi.13678
>C:\Users\User\Desktop\2017.4.14\2017.4.14\107.vir/word/vbaProject.bin - infected with W97M.DownLoader.1701
C:\Users\User\Desktop\2017.4.14\2017.4.14\107.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\108.vir infected with Trojan.PWS.Stealer.13052
C:\Users\User\Desktop\2017.4.14\2017.4.14\111.vir infected with BackDoor.Siggen2.2041
C:\Users\User\Desktop\2017.4.14\2017.4.14\112.vir infected with Trojan.PWS.Panda.5255
>>C:\Users\User\Desktop\2017.4.14\2017.4.14\113.vir/EmbeddedStream[00000001][00000061]/word/vbaProject.bin - infected with W97M.DownLoader.1701
>C:\Users\User\Desktop\2017.4.14\2017.4.14\113.vir/EmbeddedStream[00000001][00000061] - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\113.vir - archive contains infected objects
>C:\Users\User\Desktop\2017.4.14\2017.4.14\114.vir/script.bin - infected with Trojan.DownLoader24.39451
>C:\Users\User\Desktop\2017.4.14\2017.4.14\114.vir/Tw5NcW - infected with JS.DownLoader.3716
C:\Users\User\Desktop\2017.4.14\2017.4.14\114.vir - archive contains infected objects
C:\Users\User\Desktop\2017.4.14\2017.4.14\117.vir infected with Trojan.DownLoader17.15248

Eset小粉絲
发表于 2017-4-14 16:52:57 | 显示全部楼层
Avira
75 + 云殺6x + 1x啓發殺 = 82x

也許其他會再殺~也許報HEUR/APC的是誤報~看看就好~


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
萧萧先生
发表于 2017-4-14 16:54:31 | 显示全部楼层
本帖最后由 萧萧先生 于 2017-4-14 17:19 编辑

我确认了密码,为什么我打不开,不好意思,仔细对比了下,原来是加了个空格

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
Agu
发表于 2017-4-14 17:39:25 | 显示全部楼层
本帖最后由 Agu 于 2017-4-14 18:14 编辑

F-Secure - 偵測114,實際剩餘檔案25


剩餘檔案測試(圖太多就不上傳了):
015.exe - DeepGaurd攔截
023.exe  - DeepGaurd攔截
025.exe  - DeepGaurd攔截
033.pdf - 開啟後內含釣魚網址,F-Secure未攔截(已上報)
036.jar - JAVA檔無法測試
039.jar - JAVA檔無法測試
049.pdf - 開啟後內含釣魚網址,F-Secure攔截
051.pdf - 開啟後內含釣魚網址,F-Secure未攔截(已上報)
052.exe  - DeepGaurd攔截
055.exe  - DeepGaurd攔截
060.pdf - 開啟後內含釣魚網址,F-Secure未攔截(已上報)
062.jar - JAVA檔無法測試
066.xml - XML檔無法測試
068.exe  - DeepGaurd攔截
072.exe  - DeepGaurd攔截
084.exe  - DeepGaurd攔截
090.pdf - 開啟後未發現特別異常
095.exe  - DeepGaurd攔截
096.doc - DOC檔無法測試
098.pascal - PASCAL檔無法測試
105.exe  - DeepGaurd攔截
106.pascal - PASCAL檔無法測試
109.dll - DLL檔無法測試
112.exe  - DeepGaurd攔截
119.txt - TXT檔無法測試

EXE檔DeepGuard攔截率11/11=100%
釣魚網址攔截率1/4=25%
其餘無法測試檔案已上報

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
DF快递
发表于 2017-4-14 17:49:01 | 显示全部楼层

都是一扫
缘亦如此
发表于 2017-4-14 19:46:07 | 显示全部楼层
火绒 44
j2016
发表于 2017-4-14 20:01:09 | 显示全部楼层
avast 解压及右键,查杀72,修复13个,共检测到85个
后sep右键,杀了8个,还余27
引领四基生活
发表于 2017-4-14 21:19:26 | 显示全部楼层
Zemana 59x
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛|优惠券| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.3( 苏ICP备07004770号 ) GMT+8, 2017-4-24 19:19 , Processed in 0.075899 second(s), 5 queries , MemCache On.

快速回复 返回顶部 返回列表