帮忙确认是否为wanacryptor误报样本

显示全部楼层 · 发表于 2017-5-18 11:00:47

帮忙看下是否为误报，勒索软件谨慎点，请各位大侠分析下：

样本：
https://www.upload.ee/files/7020 ... 3_21_134_0.zip.html

显示全部楼层 · 发表于 2017-5-18 11:14:50

双击未见异常

显示全部楼层 · 发表于 2017-5-18 11:22:12

诺顿扫描不报，信誉良好，未双击

显示全部楼层 · 发表于 2017-5-18 12:43:27

SCEP MISS ALL

显示全部楼层 · 发表于 2017-5-18 13:06:38

File: DittoPortable_64bit_3_21_134_0.zip
Size: 15.09 MB 这么大的病毒

Views: 46
Downloads: 151
Lae fail alla!
------------------------
目测安全...

显示全部楼层 · 发表于 2017-5-18 13:51:06

ESET MISS

显示全部楼层 · 发表于 2017-5-18 17:01:34

avg miss

显示全部楼层 · 发表于 2017-5-18 22:07:57

360 卡巴 Q管国际本都MISS

显示全部楼层 · 发表于 2017-5-18 23:07:29

本帖最后由黑衣~魂于 2017-5-18 23:09 编辑

false positive
FS想要看Fsdiag ,看LZ要不要提供嚕

Greetings,

Thank you for your submission.
We would like to acquire the Fsdiag log from your side for further investigation about the Deepguard detection alert on the file. There are reason to believe the detection is false positive however we still wanted to understand better by checking the logs from your side.

Collection guide:
https://community.f-secure.com/t ... IAG-file/ta-p/18190

Thank you, we will be waiting for your prompt reply.

Best regards,
Hau Vei,
Malware Analyst
F-Secure Security Labs

[误报文件] 帮忙确认是否为wanacryptor误报样本

本帖子中包含更多资源

本帖子中包含更多资源