样本

显示全部楼层 · 发表于 2010-10-9 09:59:36

卡巴斯基启发式引擎报警，样本已经上报卡巴斯基【中国】。（估计，得下星期一，会收到回信。）

样本源于同一个地方。

显示全部楼层 · 发表于 2010-10-9 10:10:28

本帖最后由 langzi2009 于 2010.10.9 10:11 编辑

百锐杀

显示全部楼层 · 发表于 2010-10-9 10:21:22

kis2011。。报毒

显示全部楼层 · 发表于 2010-10-9 10:23:58

to eset

http://samples.nod32.com.sg/inde ... 459e55d4f706dcbb397

显示全部楼层 · 发表于 2010-10-9 10:25:51

360表示不认识~

显示全部楼层 · 发表于 2010-10-9 10:34:23

本帖最后由 jayavira 于 2010.10.9 10:40 编辑

动作非常之多，第一次看到的

comodo分析报告
http://camas.comodo.com/cgi-bin/ ... 14b0d7941dad1c7fa05

threatexpert分析报告
http://www.threatexpert.com/report.aspx?md5=239bcfcabdee8459e55d4f706dcbb397

显示全部楼层 · 发表于 2010-10-9 11:10:06

The file 'file.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/ATRAPS.Gen. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.This file is detected by a special detection routine from the engine module.

显示全部楼层 · 发表于 2010-10-9 11:37:00

to avast

显示全部楼层 · 发表于 2010-10-9 11:47:47

显示全部楼层 · 发表于 2010-10-9 12:04:13

Hello,

file.exe - Trojan.Win32.Antavka.aod

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Regards, Kuskov Vladimir
Virus Analyst

[可疑文件] 样本

评分