Adobe_Flash_Install.rar

360Tencent

很荣幸第一次在推特上收到垃圾信息


https://www.virustotal.com/fr/ur ... nalysis/1400411026/

https://www.virustotal.com/fr/fi ... nalysis/1400410694/

https://www.virustotal.com/fr/ip ... 136.18/information/(5731 端口)

XywCloud

费尔云鉴定、动态防御杀exe
巡警启发杀exe

瓜g

cn86li

To BD

[Ticket ID:201405181000142]

尘梦幽然

上报咖啡和卡巴。
McAfee Labs Sample Analysis

ID Number:  8099284   Identified: Generic.TRA

Synopsis:

Thank you for submitting your suspicious file(s) for analysis. Attached is an EXTRA.DAT file for extra detection.
This update will be added to our daily production DATs as soon as possible. Usually this will be within the next 48 hours but may be longer in certain circumstances.

Solution:

The attached EXTRA.DAT file will detect the following submitted files:

Filename            MD5 digest                                                      
--------            ----------                                                      
install_adobe_fla...20130e8cdc74c3551d813a0c2fa7a205                                 

The EXTRA.DAT file should be copied into the directory where the other DAT files reside (the default folder is: C:\Program Files\Common Files\McAfee\Engine).
Additional information, including steps to deploy EXTRA.DAT files, is available in the following location: http://www.mcafee.com/us/threat-center/system-help/extra-dat.aspx  

Support:

McAfee Labs accepts file samples for analysis and possible inclusion into AV signature DAT updates.
Additional information for submitting samples to McAfee is available in the following location: https://kc.mcafee.com/corporate/index?page=content&id=KB68030

Product related questions and comments can be addressed via McAfee Technical Support and Customer Services, including:
* Assistance with detection and cleaning or removal of malware
* Product installation and update questions
* Product usage questions

Please use the following links to reach our Technical Support group:
Business Customers: http://www.mcafee.com/us/support.aspx
Home Customers: http://home.mcafee.com/root/support.aspx

Regards,
McAfee Labs: McAfee Labs

McAfee Labs: http://www.mcafee.com/us/threat-center.aspx
McAfee Labs Blog: http://blogs.mcafee.com/mcafee-labs

dongwenqi

尘梦幽然 发表于 2014-5-18 21:06
上报咖啡和卡巴。
咖啡这两天不知道是不是特别繁忙，处理速度有所下降

Acrofx32.dll,
AcroRdIF.dll

No malicious code has been found in these files.

Install_Adobe_Flash.exe - Trojan.Win32.Inject.ngbe

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

ReadMe.htm

This file is in process.

Best Regards, Kaspersky Lab

尘梦幽然

dongwenqi 发表于 2014-5-18 21:19
Acrofx32.dll,
AcroRdIF.dll

嗯咖啡几分钟前也把那exe入库了

panzhitian

主程序图标有点奇怪，看了下详细信息，显然就是假冒
To dr.web

dongwenqi

尘梦幽然 发表于 2014-5-18 21:21
嗯咖啡几分钟前也把那exe入库了

我预计诺顿不会马上入库，你还是换卡巴或者咖啡吧

尘梦幽然

dongwenqi 发表于 2014-5-18 21:26
我预计诺顿不会马上入库，你还是换卡巴或者咖啡吧

我现在裸奔呢。