收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 样本14个 md5内详
12下一页
返回列表 发新帖
查看: 2493|回复: 13
收起左侧

[病毒样本] 样本14个 md5内详

[复制链接]
wulm
发表于 2007-10-11 12:13:17 | 显示全部楼层 |阅读模式
[MD5: 711609 41DB43 61F4AA E26752 29296A 2BDB17 35B9F2 8068E1 C4B7CC 2825A7 B0D03D 70DC65 335EDD B7697D]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

mofunzone
发表于 2007-10-11 12:14:47 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\样本.rar'
C:\Users\morgan\Documents\
  样本.rar
  样本.rar:Zone.Identifier
    [0] Archive type: RAR
    --> kaqhfaz.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eoa
        [WARNING]   Infected files in archives cannot be repaired!
    --> kvdxcis.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ejx.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> ratbftl.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> avzxdst.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.enb.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> sidjaaz.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> kawdbaz.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eja
        [WARNING]   Infected files in archives cannot be repaired!
    --> kafyeaz.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.elp
        [WARNING]   Infected files in archives cannot be repaired!
    --> kvdxsbis.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eij
        [WARNING]   Infected files in archives cannot be repaired!
    --> kvmxeis.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ehx
        [WARNING]   Infected files in archives cannot be repaired!
    --> rarjbtl.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eni
        [WARNING]   Infected files in archives cannot be repaired!
    --> avwlbst.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.enb
        [WARNING]   Infected files in archives cannot be repaired!
    --> kaqheaz.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ejh
        [WARNING]   Infected files in archives cannot be repaired!
    --> rsztcsp.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ejq
        [WARNING]   Infected files in archives cannot be repaired!
    --> raqjbtl.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.enj
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      The file was deleted!


End of the scan: 2007年10月10日  21:14
Used time: 00:04 min

The scan has been done completely.

      0 Scanning directories
     16 Files were scanned
     12 viruses and/or unwanted programs were found
      2 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      4 Files not concerned
      1 Archives were scanned
     14 Warnings
      0 Notes
回复

举报

绅博周幸
发表于 2007-10-11 12:17:21 | 显示全部楼层
卡巴全部已知
回复

举报

kp2006
头像被屏蔽
发表于 2007-10-11 12:18:06 | 显示全部楼层
avast!报4个
回复

举报

wangjay1980
发表于 2007-10-11 12:20:54 | 显示全部楼层
14
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eoa        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/kaqhfaz.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ejx        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/kvdxcis.exe//UPack
detected: Trojan program Trojan-Spy.Win32.Delf.akx        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/ratbftl.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.enb        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/avzxdst.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.enh        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/sidjaaz.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eja        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/kawdbaz.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.elp        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/kafyeaz.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eij        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/kvdxsbis.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ehx        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/kvmxeis.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eni        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/rarjbtl.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.enb        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/avwlbst.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ejh        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/kaqheaz.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ejq        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/rsztcsp.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.enj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/raqjbtl.exe//UPack
回复

举报

BING126
头像被屏蔽
发表于 2007-10-11 14:19:03 | 显示全部楼层
扫描开始时间: 2007-10-11 14:18:43
扫描日志
NOD32 版本 2585 (20071010) NT
命令行: C:\Documents and Settings\Administrator\桌面\样本.rar

日期: 2007年10月11日  时间: 14:18:45
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: C:\Documents and Settings\Administrator\桌面\样本.rar
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?kaqhfaz.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?kvdxcis.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?ratbftl.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?avzxdst.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?sidjaaz.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?kawdbaz.exe<病毒 - Win32/PSW.OnLineGames.EJA 木马>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?kafyeaz.exe<病毒 - 可能是 Win32/PSW.OnLineGames.NEN 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?kvdxsbis.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?kvmxeis.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?rarjbtl.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?avwlbst.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?kaqheaz.exe<病毒 - 可能是 Win32/PSW.OnLineGames.NEN 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?rsztcsp.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\样本.rar ?RAR ?raqjbtl.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
已扫描文件数量: 14
已发现病毒数量: 14
完成时间: 14:18:49 总共扫描时间: 4 秒 (00:00:04)
回复

举报

uhthn2002
发表于 2007-10-11 16:39:54 | 显示全部楼层
Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 443
Paranoia Database - 7092
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\kaqhfaz.exe - Infected Trojan-PSW.OnLineGames.am
C:\Documents and Settings\uhthn\Desktop\New Folder\kvdxcis.exe - Infected Generic.Malware.645
C:\Documents and Settings\uhthn\Desktop\New Folder\ratbftl.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\avzxdst.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\sidjaaz.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\kawdbaz.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\kafyeaz.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\kvdxsbis.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\kvmxeis.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\rarjbtl.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\avwlbst.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\kaqheaz.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\rsztcsp.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\raqjbtl.exe - Suspected MalwareDetector:Generic.PSW.3

14 Files scanned
2 Infected files found
12 Suspected files found
0 Files cured
2 Files deleted
回复

举报

FBAV
发表于 2007-10-11 16:40:23 | 显示全部楼层
MicroVita AntiSpyware  
_____________________________________________
                                          
             风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]                  
                   http://221.10.254.214/
----------------------------------------------
开始扫描……


正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\kaqhfaz.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:14243  MD5:711609d6db777711c5aec763e5c21e53


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\kvdxcis.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:14314  MD5:41db435bd6d27329bd62bfba89869115


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\ratbftl.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:13975  MD5:61f4aa6d75960acc4cea2a26008acccd


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\avzxdst.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:15158  MD5:e26752f446bb3e6c22f1b19b6952f3f4


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\sidjaaz.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:13518  MD5:29296aa1dab8807c7a3cfc5cb428bdfd


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\kawdbaz.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:14034  MD5:2bdb177d02127074ff5c21775c65114b


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\kafyeaz.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:13328  MD5:35b9f21752472b0d7f0dd4e3027c34f1


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\kvdxsbis.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:13892  MD5:8068e10b331473838a8e0f182bb7a23b


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\kvmxeis.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:14402  MD5:c4b7cc904e8294f411d9776fe94188b0


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\rarjbtl.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:14516  MD5:2825a71a05f74974d2c88fc709f4721c


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\avwlbst.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:15050  MD5:b0d03d1fd677511fb0f7348b5360f790


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\kaqheaz.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:13933  MD5:70dc65c14f5fe6b1c60cf9475825f121


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\rsztcsp.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:15366  MD5:335edd56075b8d473ffd6f25e8f6c366


[C:\Documents and Settings\Administrator\桌面\Virus\o0-89-\raqjbtl.exe]
                    …………发现Spy!报告: [4] [1]
文件信息:  大小:14781  MD5:b7697d1d2cdfb5c2cfef8822cb7e1af5


文件数:14   病毒数:14  比重:1
OK  扫描完毕!

  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎   
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-10-11 16:44 编辑 ]
回复

举报

残缺的唯美
发表于 2007-10-11 17:08:53 | 显示全部楼层
Result: 14 malware found
Trojan-PSW.Win32.OnLineGames.eoa (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\kaqhfaz.exe
Trojan-PSW.Win32.OnLineGames.ejx (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\kvdxcis.exe
Trojan-Spy.Win32.Delf.akx (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\ratbftl.exe
Trojan-PSW.Win32.OnLineGames.enb (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\avzxdst.exe
C:\Users\Administrator\Desktop\Ñù±¾.rar\avwlbst.exe
Trojan-PSW.Win32.OnLineGames.enh (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\sidjaaz.exe
Trojan-PSW.Win32.OnLineGames.eja (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\kawdbaz.exe
Trojan-PSW.Win32.OnLineGames.elp (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\kafyeaz.exe
Trojan-PSW.Win32.OnLineGames.eij (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\kvdxsbis.exe
Trojan-PSW.Win32.OnLineGames.ehx (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\kvmxeis.exe
Trojan-PSW.Win32.OnLineGames.eni (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\rarjbtl.exe
Trojan-PSW.Win32.OnLineGames.ejh (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\kaqheaz.exe
Trojan-PSW.Win32.OnLineGames.ejq (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\rsztcsp.exe
Trojan-PSW.Win32.OnLineGames.enj (virus)
C:\Users\Administrator\Desktop\Ñù±¾.rar\raqjbtl.exe
回复

举报

欠妳緈諨
发表于 2007-10-11 17:13:42 | 显示全部楼层

回复 6楼 BING126 的帖子

Win32/Genetik无敌
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-19 16:43 , Processed in 0.125887 second(s), 19 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表