(0904.24-25)卡饭论坛被挂—样本及下载物+分析（9日更新38X-Update6）

显示全部楼层 · 发表于 2009-4-24 20:12:16

首先是一个htm...
因为当时没有开监控，且至今电脑没发现其样本

接下来在temp目下下载一个*.exe（不知道是啥名

显示全部楼层 · 发表于 2009-4-24 20:18:52

MS就这些

显示全部楼层 · 发表于 2009-4-24 20:19:43

下载测试~~~~~
小红伞全歼

[ 本帖最后由 llzy3575 于 2009-4-24 20:41 编辑 ]

显示全部楼层 · 发表于 2009-4-24 20:22:04

AVG 第一个 Worm/Generic.WJJ

显示全部楼层 · 发表于 2009-4-24 20:26:44

AVG 第二包
"Infections"
"File";"Infection";"Result"
"D:\TDDownload\木马群\122B901E.dll";"Trojan horse PSW.Generic7.DQR";"Infected"
"D:\TDDownload\木马群\12days.dll";"Trojan horse PSW.Generic7.EGG";"Infected"
"D:\TDDownload\木马群\12days.exe";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\2742513_xeex.exe";"Trojan horse Downloader.Generic8.AGLJ";"Infected"
"D:\TDDownload\木马群\56BC86C7.dll";"Trojan horse PSW.OnlineGames3.BQI";"Infected"
"D:\TDDownload\木马群\704C3595.dll";"Trojan horse PSW.Generic7.DQX";"Infected"
"D:\TDDownload\木马群\a8.exe";"Trojan horse BackDoor.Generic9.VNG";"Infected"
"D:\TDDownload\木马群\efc0c52cc1.dll";"Trojan horse PSW.Generic7.DIK";"Infected"
"D:\TDDownload\木马群\GrTZqH5SnRhAt.dll";"Trojan horse PSW.Generic7.DIG";"Infected"
"D:\TDDownload\木马群\JBn2ypqY23vWX.dll";"Trojan horse PSW.OnlineGames3.BSJ";"Infected"
"D:\TDDownload\木马群\jxsystem.gif";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\L1.exe";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\L3.exe";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\L4.exe";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\L5.exe";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\L6.exe";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\M15.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M23.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M24.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M25.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M33.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M35.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M37.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M39.exe";"Trojan horse PSW.Generic7.EGR.dropper";"Infected"
"D:\TDDownload\木马群\M4.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\M5.exe";"Trojan horse PSW.Generic7.EEZ.dropper";"Infected"
"D:\TDDownload\木马群\Nj4gYd3rUbJ57.dll";"Trojan horse PSW.Generic7.DQL";"Infected"
"D:\TDDownload\木马群\peV7mS4gcukR.dll";"Trojan horse PSW.Generic7.DQU";"Infected"
"D:\TDDownload\木马群\PkVyCX5kHnftC7BXjt.dll";"Trojan horse PSW.Generic7.EEZ";"Infected"
"D:\TDDownload\木马群\S1.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S10.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S12.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S13.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S14.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S11.exe";"Trojan horse PSW.Generic7.EDY.dropper";"Infected"
"D:\TDDownload\木马群\S15.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S16.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S17.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S2.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S20.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S21.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\S8.exe";"Trojan horse Downloader.Zlob_r.FK";"Infected"
"D:\TDDownload\木马群\scvhost.exe";"Virus found Win32/Heur";"Infected"
"D:\TDDownload\木马群\xcsystem.gif";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\木马群\zxsystem.gif";"Virus identified Win32/Cryptor";"Infected"

"Spyware"
"File";"Infection";"Result"
"D:\TDDownload\木马群\a2.exe";"Adware Generic4.BFF.dropper";"Potentially dangerous object"
"D:\TDDownload\木马群\a2.exe:\$KA\15.exe";"Adware Generic4.BFF";"Potentially dangerous object"

miss one
上报中

显示全部楼层 · 发表于 2009-4-24 20:28:55

还有Zlob么

显示全部楼层 · 发表于 2009-4-24 20:29:00

死牛。

显示全部楼层 · 发表于 2009-4-24 20:30:56

avira kill all

全启发..

显示全部楼层 · 发表于 2009-4-24 20:33:50

我的红伞怎么没反应，一直开着监控和防火墙~~~也没什么提示啊

让我扫了一遍电脑~~~~

显示全部楼层 · 发表于 2009-4-24 20:36:26

压缩壳咔嚓飘过

00002298 00404098 0 http://wll.6d2n.com/list.txt

[病毒样本] (0904.24-25)卡饭论坛被挂—样本及下载物+分析（9日更新38X-Update6）

本帖子中包含更多资源

回复 5楼悠柚的帖子

评分

回复 1楼 935623508 的帖子

[病毒样本] (0904.24-25)卡饭论坛被挂—样本及下载物+分析（9日更新38X-Update6）

本帖子中包含更多资源

回复 5楼 悠柚 的帖子

评分

回复 1楼 935623508 的帖子

回复 5楼悠柚的帖子