每日样本

显示全部楼层 · 发表于 2015-3-29 11:34:26

剩下的1个上报卡巴刚才已回复！！！

Hello,

No malicious software was found in the attached file.

Best Regards, Cobber Tuo
Malware Analyst, Kaspersky Lab.

39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com http://www.viruslist.com

--------------------------------------------------------------------------------
From: xxxxxxxxx@qq.com
Sent: 29.03.2015 5:43:00
To: newvirus@kaspersky.com
Subject: [VirLabSRF][Malicious file analysis][M:1][LN:EN][L:1]

LANG: cn
email: xxxxxxxxx@qq.com

description:
http://bbs.kafan.cn/thread-1819093-1-1.html

上传文件:
malware.rar

显示全部楼层 · 发表于 2015-3-29 11:51:49

百度检测12个。

显示全部楼层 · 发表于 2015-3-29 11:53:15

ESS8干剩1个尝试上报

显示全部楼层 · 发表于 2015-3-29 12:03:11

显示全部楼层 · 发表于 2015-3-29 12:09:55

:\Users\EKINCHENG\Downloads\malware\malware\04e147e857ede2ffeb320d44124f3f8e9436e40ee7c6f708e8fcfd5b9ca0a5a6.bin 已感染! Gen:Variant.Barys.10219 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\18b58b5d9612aa63cecffc651400435728f779767b35ac2a0f824f91b23c58bb.bin 已感染! Gen:Variant.Barys.10219 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\0ea309ab370ca98a2db20c647dea4d7349ef8de68aaa3e4dd3b4c806d38c5635.bin 已感染! Win32.Neshta.A (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\2d8d01c8ca7d95940ff58983f506fd5dd07922d0492c727b1ad1a7d55373d943.bin 已感染! Gen:Variant.Zusy.65247 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\79b059407d4740d9b6087a0a92c0b1ec217487094ab732c65acfa8e2a5b774dc.bin 已感染! Gen:Variant.Barys.10219 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\7afe6b5f0fb4b8e508fc2f434795751d0f9f4579b6ec022ed4e0a65a4eec05e7.bin 已感染! Gen:Variant.Barys.10219 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\b0f12231c540f7feda8c5d56585fe5411de6268d52e811e6f7da5e0e237471f6.bin 已感染! Gen:Variant.Barys.10219 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\b1a722340f7f3b20c381e671b6f43da4e238452247fa8026b71bdf18014e1bfd.bin 已感染! Gen:Adware.SMSHoax.6 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\b4f6146ac96c24e95d169cd4f54173f7e357249d5318369a9105b73a23ee373d.bin 已感染! Gen:Variant.Barys.5565 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\ce0c612bef05a625d43ea302e50409b0526ab44d13ec9f0bad1c56efaa0ac8bc.bin 已感染! Trojan.GenericKD.2255964 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\dc84befe91476f43e7e1f00eb133559ded6f218a1f862c477f5538eede66a743.bin 已感染! Gen:Variant.Barys.10219 (Xenon) 已隔離
C:\Users\EKINCHENG\Downloads\malware\malware\a4bdccbda7f3a2e9ca7f6e1028350414b4bd69c5fd164f63dc2e60b75e4d8ee3.bin 已感染! Generic12_c.AIOO (Argon) 已隔離
tp kill 14

显示全部楼层 · 发表于 2015-3-29 12:47:27

[mw_shl_code=html,true]【扫描信息】

开始时间:2015-3-29 12:46:38
扫描用时:00:00:09
扫描类型:指定位置杀毒
扫描引擎:管家云查杀引擎管家反病毒引擎金山云查杀引擎 Avira本地查杀引擎管家系统修复引擎
扫描状态:扫描完成

【扫描结果】

扫描文件数:16
发现风险数:11
已处理风险数:11

---------------------
2015-3-29 12:46:53 MD5:4f74fb162a6fb4c0610450389766ad23 E:\Downloads\样本\malware\04e147e857ede2ffeb320d44124f3f8e9436e40ee7c6f708e8fcfd5b9ca0a5a6.bin [Win32.Troj.Undef.(kcloud)]  [删除成功]
2015-3-29 12:46:53 MD5:cfde29cfa47120f94005ba0770934911 E:\Downloads\样本\malware\18b58b5d9612aa63cecffc651400435728f779767b35ac2a0f824f91b23c58bb.bin [Win32.Trojan.Generic.wkcb]  [删除成功]
2015-3-29 12:46:53 MD5:d593246b7a8c21563654ee1905e3c3ae E:\Downloads\样本\malware\7afe6b5f0fb4b8e508fc2f434795751d0f9f4579b6ec022ed4e0a65a4eec05e7.bin [Win32.Trojan.Generic.jwm]  [删除成功]
2015-3-29 12:46:54 MD5:36daaf9b0f301620c2e465b4f5574b4c E:\Downloads\样本\malware\79b059407d4740d9b6087a0a92c0b1ec217487094ab732c65acfa8e2a5b774dc.bin [Win32.Troj.Undef.(kcloud)]  [删除成功]
2015-3-29 12:46:54 MD5:ba8b086f646f1a46fd0beafeb3c4c5eb E:\Downloads\样本\malware\2d8d01c8ca7d95940ff58983f506fd5dd07922d0492c727b1ad1a7d55373d943.bin [Win32.Trojan.Generic.pijp]  [删除成功]
2015-3-29 12:46:54 MD5:c8bbd8798bd85f54242174da4246da40 E:\Downloads\样本\malware\a4bdccbda7f3a2e9ca7f6e1028350414b4bd69c5fd164f63dc2e60b75e4d8ee3.bin [TR/Crypt.TPM.Gen]  [删除成功]
2015-3-29 12:46:54 MD5:11928a48c7face4927ffb1a62edcc298 E:\Downloads\样本\malware\dc84befe91476f43e7e1f00eb133559ded6f218a1f862c477f5538eede66a743.bin [Win32.Trojan.Generic.aiih]  [删除成功]
2015-3-29 12:46:55 MD5:3874459605457bf52f9e7f4b18bfdc93 E:\Downloads\样本\malware\ce0c612bef05a625d43ea302e50409b0526ab44d13ec9f0bad1c56efaa0ac8bc.bin [Win32.Trojan.Blocker.Lkns]  [删除成功]
2015-3-29 12:46:55 MD5:b7550bd121cef1d34480d5be8d7a5277 E:\Downloads\样本\malware\b4f6146ac96c24e95d169cd4f54173f7e357249d5318369a9105b73a23ee373d.bin [Msil.Trojan.Disfa.agbi]  [删除成功]
2015-3-29 12:46:55 MD5:6530547f80ecefca84286625827cb8a6 E:\Downloads\样本\malware\0ea309ab370ca98a2db20c647dea4d7349ef8de68aaa3e4dd3b4c806d38c5635.bin [Virus.Win32.Neshta.a]  [删除成功]
2015-3-29 12:46:55 MD5:b360b74634f4a64cc54c0849235f5a39 E:\Downloads\样本\malware\b0f12231c540f7feda8c5d56585fe5411de6268d52e811e6f7da5e0e237471f6.bin [Win32.Trojan.Generic.wkcb]  [删除成功]
---------------------
[/mw_shl_code]

显示全部楼层 · 发表于 2015-3-29 18:21:05

GD 右键 kill 12

[mw_shl_code=html,true]Virus check with G DATA INTERNET SECURITY
Version 25.0.2.4 (2015/1/8)
Virus signature dated 2015/3/29
Start time: 2015/3/29 18:14:23
Engine(s): Engine A (AVA 25.866), Engine B (GD 25.4865)
Heuristics: On
Archives: On
System areas: On
Check rootkits: Off

Check system areas...
Check the following directories and files:
C:\Users\eric\Desktop\virus\malware\

Analysis performed in full: 2015/3/29 18:14:44
   16 files checked
   12 infected files detected
   0 suspicious files found

Object: 02a1b4acd9efadc723b47ef272307081ed2cb3c2956dbec800350eaa8afc9125.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Win32.Trojan.Agent.Y51R1A (Engine B)

Object: 04e147e857ede2ffeb320d44124f3f8e9436e40ee7c6f708e8fcfd5b9ca0a5a6.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Barys.10219 (Engine A)

Object: 18b58b5d9612aa63cecffc651400435728f779767b35ac2a0f824f91b23c58bb.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Barys.10219 (Engine A)

Object: 2d8d01c8ca7d95940ff58983f506fd5dd07922d0492c727b1ad1a7d55373d943.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Zusy.65247 (Engine A)

Object: 79b059407d4740d9b6087a0a92c0b1ec217487094ab732c65acfa8e2a5b774dc.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Barys.10219 (Engine A)

Object: 7afe6b5f0fb4b8e508fc2f434795751d0f9f4579b6ec022ed4e0a65a4eec05e7.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Barys.10219 (Engine A)

Object: 0ea309ab370ca98a2db20c647dea4d7349ef8de68aaa3e4dd3b4c806d38c5635.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Win32.Neshta.A (Engine A)

Object: b0f12231c540f7feda8c5d56585fe5411de6268d52e811e6f7da5e0e237471f6.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Barys.10219 (Engine A)

Object: b1a722340f7f3b20c381e671b6f43da4e238452247fa8026b71bdf18014e1bfd.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Adware.SMSHoax.6 (Engine A)

Object: b4f6146ac96c24e95d169cd4f54173f7e357249d5318369a9105b73a23ee373d.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Barys.5565 (Engine A)

Object: ce0c612bef05a625d43ea302e50409b0526ab44d13ec9f0bad1c56efaa0ac8bc.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Trojan.GenericKD.2255964 (Engine A)

Object: dc84befe91476f43e7e1f00eb133559ded6f218a1f862c477f5538eede66a743.bin
Path: C:\Users\eric\Desktop\virus\malware
Status: Virus, file deleted
Virus: Gen:Variant.Barys.10219 (Engine A)
[/mw_shl_code]

显示全部楼层 · 发表于 2015-3-29 21:45:17

火绒剩下7个，已上报

显示全部楼层 · 发表于 2015-3-29 22:34:57

金山云11，伞4

[病毒样本] 每日样本

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块