普通样本一枚 给大家玩玩

sunnyjianna

EAV7   web防护拦截中止下载

仙剑问情

"";"特洛伊木马 SHeur4.BXFD, C:\Users\Downloads\IMG_0389(copy).jpg.zip";"正在处理..."

潘中医

火绒报毒

ikochina

刚下完费尔提示病毒

饭@avast

Filename: img_0389(copy).jpg.exe
Threat name: Trojan.Ransomlock.G
Full Path: c:\users\taocrismonet\downloads\sample\img_0389(copy).jpg\img_0389(copy).jpg.exe

____________________________



Details
Unknown Community Usage,  Unknown Age,  Risk High





Origin
Downloaded from
 Unknown





Activity
Actions performed: Actions performed: 1



____________________________



On computers as of 
Not Available


Last Used 
2014/6/28 at 17:55:40


Startup Item 
No


Launched 
No


____________________________


Unknown
It is unknown how many users in the Norton Community have used this file.

Unknown
This file release is currently not known.

High
This file risk is high.

Threat type: Virus. Programs that infect other programs, files, or areas of a computer by inserting themselves or attaching themselves to that medium.



____________________________



Source: External Media



____________________________

File Actions

File: c:\users\taocrismonet\downloads\sample\img_0389(copy).jpg\ img_0389(copy).jpg.exe Removed
____________________________


File Thumbprint - SHA:
404294f6b8af0dac7450840b5f3c8f03caae56622d6b5d990e47058e58a7d985
File Thumbprint - MD5:
Not available

懿寒

在请求的页面的 HTTP 数据中发现病毒或恶意程序。



请求的 URL：                https://att.kafan.cn/forum.php?mo ... DQ5NjAwOXwxNzUwMDg1
信息：                该文件包含一个伪装成无害文件扩展名(HIDDENEXT/Worm.Gen)的可执行程序
小红伞

as188672207

skycai 发表于 2014-6-24 15:36
是。
火绒。

火绒2.5吗  貌似好高端