收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 downloader+衍生物
12下一页
返回列表 发新帖
查看: 3707|回复: 12
收起左侧

[病毒样本] downloader+衍生物

[复制链接]
jason_jiang
发表于 2010-3-26 20:49:12 | 显示全部楼层 |阅读模式
本帖最后由 jason_jiang 于 2010-3-26 20:54 编辑

http://bbs.kafan.cn/thread-669445-1-1.html
to panda,drweb,sophos,MS
  1. 1.rar - archive RAR (password infected)
  2. >1.rar/1.exe packed by ASPACK
  3. >>1.rar/1.exe infected with Trojan.MulDrop.origin
  4. >1.rar/1001.exe infected with Trojan.DownLoad1.40739
  5. >1.rar/2.exe packed by FSG
  6. >>1.rar/2.exe infected with Trojan.MulDrop.32677
  7. >1.rar/360.exe packed by UPX
  8. >>1.rar/360.exe - archive BINARYRES
  9. >>>1.rar/360.exe/data001 - Ok
  10. >>>1.rar/360.exe/data002 - Ok
  11. >>>1.rar/360.exe/data003 - Ok
  12. >>1.rar/360.exe - Ok
  13. >1.rar/Dg32.New packed by UPX
  14. >>1.rar/Dg32.New - Ok
  15. >1.rar/Dg32.bak - Ok
  16. >1.rar/FastUserSwitchingCompatibilityex.dll probably infected with DLOADER.Trojan
  17. >1.rar/Lonei.DRV infected with Trojan.PWS.Wsgame.17203
  18. >1.rar/Systam.exe - Ok
  19. >1.rar/TIM858B.DRV packed by UPX
  20. >>1.rar/TIM858B.DRV packed by FLY-CODE
  21. >>>1.rar/TIM858B.DRV - Ok
  22. >1.rar/TIMF5BA.DRV packed by FLY-CODE
  23. >>1.rar/TIMF5BA.DRV - Ok
  24. >1.rar/TXPlatform.exe - Ok
  25. >1.rar/Windows.ime packed by FLY-CODE
  26. >>1.rar/Windows.ime packed by VMPROTECT
  27. >>>1.rar/Windows.ime infected with Trojan.DownLoad1.36185
  28. >1.rar/atid.dll - Ok
  29. >1.rar/back_XUNLEI.DLL - Ok
  30. >1.rar/browsor.dll - Ok
  31. >1.rar/csrse.exe packed by ASPACK
  32. >>1.rar/csrse.exe - Ok
  33. >1.rar/dnflogin.exe packed by UPX
  34. >>1.rar/dnflogin.exe packed by BINARYRES
  35. >>>1.rar/dnflogin.exe - Ok
  36. >1.rar/dsound.dll.mod infected with Trojan.PWS.Wsgame.18437
  37. >1.rar/dsound.dllBvGmm - Ok
  38. >1.rar/dtadhost.dll packed by ASPACK
  39. >>1.rar/dtadhost.dll - Ok
  40. >1.rar/f1drc1nr.dll packed by NSPACK
  41. >>1.rar/f1drc1nr.dll - Ok
  42. >1.rar/gcjSo.DRV infected with Trojan.PWS.Wsgame.17203
  43. >1.rar/google.exe - Ok
  44. >1.rar/kb371510.exe packed by MEW
  45. >>1.rar/kb371510.exe packed by FLY-CODE
  46. >>>1.rar/kb371510.exe - Ok
  47. >1.rar/kb371511.exe packed by UPX
  48. >>1.rar/kb371511.exe infected with Trojan.PWS.Wsgame.17203
  49. >1.rar/kb371512.exe packed by PETITE
  50. >>1.rar/kb371512.exe infected with Trojan.DownLoad.61867
  51. >1.rar/kb371514.exe - archive RAR
  52. >1.rar/kb371516.exe packed by UPX
  53. >>1.rar/kb371516.exe probably infected with BACKDOOR.Trojan
  54. >>1.rar/kb371516.exe packed by BINARYRES
  55. >>>1.rar/kb371516.exe infected with Trojan.PWS.Wsgame.17203
  56. >1.rar/kb371517.exe infected with Trojan.PWS.Gamania.24275
  57. >1.rar/kb37152.exe packed by UPACK
  58. >>1.rar/kb37152.exe infected with Trojan.PWS.Gamania.24293
  59. >1.rar/kb371524.exe packed by FSG
  60. >>1.rar/kb371524.exe - archive BINARYRES
  61. >>>1.rar/kb371524.exe/data001 packed by BINARYRES
  62. >>>>1.rar/kb371524.exe/data001 - Ok
  63. >>1.rar/kb371524.exe - Ok
  64. >1.rar/kb371527.exe packed by UPX
  65. >>1.rar/kb371527.exe infected with Trojan.PWS.Wsgame.17203
  66. >1.rar/kb371528.exe packed by PECOMPACT
  67. >>1.rar/kb371528.exe - archive BINARYRES
  68. >>>1.rar/kb371528.exe/data001 packed by NSPACK
  69. >>>>1.rar/kb371528.exe/data001 - Ok
  70. >>>1.rar/kb371528.exe/data002 - Ok
  71. >>1.rar/kb371528.exe - Ok
  72. >1.rar/kb371530.exe infected with BackDoor.Pigeon.origin
  73. >1.rar/kb371530.exe packed by BINARYRES
  74. >1.rar/kb37154.exe infected with Trojan.PWS.Qqpass.origin
  75. >1.rar/kb37155.exe packed by ASPACK
  76. >>1.rar/kb37155.exe infected with Trojan.MulDrop.origin
  77. >>1.rar/kb37155.exe packed by BINARYRES
  78. >>>1.rar/kb37155.exe packed by ASPACK
  79. >1.rar/kb38013.exe infected with Trojan.PWS.Spy.4362
  80. >1.rar/mvscrtz.dll infected with Trojan.DownLoader.origin
  81. >1.rar/mvscrtz.dll packed by BINARYRES
  82. >1.rar/mygod.ime - Ok
  83. >1.rar/olepro32.dll - Ok
  84. >1.rar/olepro32.dll.mod infected with Trojan.PWS.Wsgame.17203
  85. >1.rar/pxdRM.DRV infected with Trojan.PWS.Wsgame.17203
  86. >1.rar/rpcss.dll infected with Trojan.PWS.Gamania.24293
  87. >1.rar/rpc~3~ss.dll infected with Trojan.DownLoader1.3182
  88. >1.rar/servia.exe infected with Trojan.Siggen.43622
  89. >1.rar/smss.exe - Ok
  90. >1.rar/svchost.exe infected with Trojan.DownLoad1.45391
  91. >1.rar/svstem.exe - Ok
  92. >1.rar/t306060.dll infected with Trojan.PWS.Gamania.24274
  93. >1.rar/t320034.dll packed by FLY-CODE
  94. >>1.rar/t320034.dll probably infected with Trojan.Packed.946
  95. >1.rar/t322049.dll infected with Trojan.PWS.Gamania.24247
复制代码
回复

举报

fatezero
发表于 2010-3-26 20:57:59 | 显示全部楼层
17X to kl

基叔TO 好多
有点卡...
回复

举报

jason_jiang
 楼主| 发表于 2010-3-26 20:58:58 | 显示全部楼层
回复 2# fatezero

顺手群发
回复

举报

hansyu
发表于 2010-3-26 21:01:38 | 显示全部楼层
Mcafee miss 19
回复

举报

jason_jiang
 楼主| 发表于 2010-3-26 21:03:10 | 显示全部楼层
回复 5# fatezero

我发信时加了infected,在信里也会注明
回复

举报

fatezero
发表于 2010-3-26 21:04:12 | 显示全部楼层
回复 5# jason_jiang


    看到了
(password infected)
回复

举报

jason_jiang
 楼主| 发表于 2010-3-26 21:06:14 | 显示全部楼层
回复 6# fatezero

其实厂商的分析机大多可以自动尝试infected和virus这两个通用密码
回复

举报

ablhr
发表于 2010-3-26 22:05:30 | 显示全部楼层
22x to avast
回复

举报

schumi小粉
发表于 2010-3-26 22:11:41 | 显示全部楼层
剩28个,to avast~
回复

举报

ablhr
发表于 2010-3-26 22:16:28 | 显示全部楼层
回复 9# schumi小粉


    我这剩22个阿
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-19 07:19 , Processed in 0.141435 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表