精睿样本测试（15.5.19）

heishen2010

迅雷快传：http://kuai.xunlei.com/d/zuh.AUodVnJaVQQA2f1
百度云盘：http://pan.baidu.com/s/1mg3PLby 密码: ty24
360云盘：http://yunpan.cn/cjCVdanXbGzGe （提取码：d96e）
新浪微盘：http://vdisk.weibo.com/lc/2ifV8nTWyHidehQYlDT  密码：YFI4

密码：bbs.vc52.cn
数量：50

欧阳宣

百度国内版占位，不开卡巴。
26个。
[mw_shl_code=html,true]病毒木马名:Win32.Backdoor.Bladabindi.a.bav  路径:E:\virus\2015.5.19\17.vir  病毒木马类型:后门程序  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9996.bav  路径:E:\virus\2015.5.19\32.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.ExtenBro.y.cav  路径:E:\virus\2015.5.19\28.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Backdoor.Bladabindi.a.cav  路径:E:\virus\2015.5.19\02.vir  病毒木马类型:后门程序  已清除
病毒木马名:MSIL.Trojan-Dropper.Agent.c.cav  路径:E:\virus\2015.5.19\03.vir  病毒木马类型:释放者木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.19\07.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCEV201.cdq.cav  路径:E:\virus\2015.5.19\09.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan-Downloader.Wauchos.ax.cav  路径:E:\virus\2015.5.19\14.vir  病毒木马类型:下载者木马  已清除
病毒木马名:Win32.Trojan.Generic.kss.cav  路径:E:\virus\2015.5.19\13.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.Kryptik.epat.cav  路径:E:\virus\2015.5.19\15.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.19\22.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan-Dropper.Autoit.q.cav  路径:E:\virus\2015.5.19\20.vir  病毒木马类型:释放者木马  已清除
病毒木马名:Win32.Trojan.Strictor.kbqh.cav  路径:E:\virus\2015.5.19\29.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9995.bav  路径:E:\virus\2015.5.19\49.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Backdoor.Bladabindi.a.cav  路径:E:\virus\2015.5.19\33.vir  病毒木马类型:后门程序  已清除
病毒木马名:Win32.Worm.Agent.eif.cav  路径:E:\virus\2015.5.19\36.vir  病毒木马类型:蠕虫病毒  已清除
病毒木马名:Win32.Trojan.Injector.xts.cav  路径:E:\virus\2015.5.19\37.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.19\46.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.19\50.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.Crypt.wila.cav  路径:E:\virus\2015.5.19\44.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9999.bav  路径:E:\virus\2015.5.19\19.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9996.bav  路径:E:\virus\2015.5.19\21.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Backdoor.Bladabindi.a.bav  路径:E:\virus\2015.5.19\24.vir  病毒木马类型:后门程序  已清除
病毒木马名:Win32.Backdoor.Bladabindi.a.bav  路径:E:\virus\2015.5.19\25.vir  病毒木马类型:后门程序  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9998.bav  路径:E:\virus\2015.5.19\43.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9998.bav  路径:E:\virus\2015.5.19\48.vir  病毒木马类型:恶意木马  已清除[/mw_shl_code]

诸葛亮

红伞28/50

救命稻草

欧阳宣 发表于 2015-5-19 17:54
百度国内版占位，不开卡巴。
26个。
[mw_shl_code=html,true]病毒木马名:Win32.Backdoor.Bladabindi.a.ba ...

云引擎都加cav了？为了区分卡巴引擎还是有什么别的意图啊？关得好，反正寿命也不长了。

欧阳宣

救命稻草 发表于 2015-5-19 18:07
云引擎都加cav了？为了区分卡巴引擎还是有什么别的意图啊？关得好，反正寿命也不长了。

以前是雪狼后缀是bav，但是云引擎和卡巴报法很像分不清，现在估计是为了分开吧

也可能有猫腻

sogou2004

KES占位

修复4  Miss27

ericdj

蛋挞  kill 28

[mw_shl_code=html,true]Virus check with G DATA INTERNET SECURITY
Version 25.1.0.3 (2015/4/7)
Virus signature dated 2015/5/19
Start time: 2015/5/19 18:36:11
Engine(s): Engine A (AVA 25.1637), Engine B (GD 25.5122)
Heuristics: On
Archives: On
System areas: Off
Check rootkits: Off


Analysis performed in full: 2015/5/19 18:36:26
    50 files checked
    28 infected files detected
    0 suspicious files found


Archive: 02.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.Uztuby.1, Gen:Variant.Barys.7801 (Engine A)
        ----------------------------------------------------------------
        Object: (RAR Sfx o)=>[Comment]
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\02.vir
                Status: Virus detected
                Virus: Trojan.Uztuby.1
        Object: (RAR Sfx o)=>Server.exe
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\02.vir
                Status: Virus detected
                Virus: Gen:Variant.Barys.7801
        ----------------------------------------------------------------

Object: 03.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.GenericKD.2421200 (Engine A)

Object: 04.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Zusy.141040 (Engine A)

Object: 07.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.Generic.11522435 (Engine A)

Object: 09.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.Agent.BJXP (Engine A)

Object: 13.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Backdoor.Delf.HNB (Engine A)

Object: 14.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.GenericKD.2406296 (Engine A)

Archive: 15.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Generic.Starter.3.1F67C0FC (Engine A)
        ----------------------------------------------------------------
        Object: (RAR Sfx o)=>[Comment]=>(unicode)
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\15.vir
                Status: Virus detected
                Virus: Generic.Starter.3.1F67C0FC
        ----------------------------------------------------------------

Archive: 17.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.Uztuby.1, Gen:Variant.Barys.7801 (Engine A)
        ----------------------------------------------------------------
        Object: sxse.exe=>(RAR Sfx o)=>[Comment]
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\17.vir
                Status: Virus detected
                Virus: Trojan.Uztuby.1
        Object: sxse.exe=>(RAR Sfx o)=>Server.exe
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\17.vir
                Status: Virus detected
                Virus: Gen:Variant.Barys.7801
        ----------------------------------------------------------------

Object: 20.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.GenericKD.2421084 (Engine A)

Object: 21.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.GenericKD.2420581 (Engine A)

Object: 22.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Barys.7801 (Engine A)

Object: 24.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Barys.7348 (Engine A)

Object: 25.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Barys.7801 (Engine A)

Object: 28.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.Generic.14557122 (Engine A)

Object: 29.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Strictor.83014 (Engine A)

Archive: 32.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.GenericKD.2420581 (Engine A)
        ----------------------------------------------------------------
        Object: DHL_Report_4278087610____lang___SD18_05_2015___07_39_15___Message__ID18_DHL_DE_N05.exe
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\32.vir
                Status: Virus detected
                Virus: Trojan.GenericKD.2420581
        ----------------------------------------------------------------

Object: 33.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Barys.7801 (Engine A)

Archive: 34.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.MSWord.Downloader.C (Engine A)
        ----------------------------------------------------------------
        Object: ACH Transcation Details_97923.doc
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\34.vir
                Status: Virus detected
                Virus: Trojan.MSWord.Downloader.C
        ----------------------------------------------------------------

Object: 36.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Tofsee.1 (Engine A)

Object: 37.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.GenericKD.2420796 (Engine A)

Object: 43.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Trojan.Heur.ke3@r4CEr@mG (Engine A)

Object: 44.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.Agent.BJXM (Engine A)

Archive: 40.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Graftor.173529 (Engine A)
        ----------------------------------------------------------------
        Object: 2Via_Boleto.exe
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\40.vir
                Status: Virus detected
                Virus: Gen:Variant.Graftor.173529
        ----------------------------------------------------------------

Object: 46.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Barys.7801 (Engine A)

Object: 48.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.MSIL.Downloader.203 (Engine A)

Archive: 49.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Trojan.Agent.BJXP (Engine A)
        ----------------------------------------------------------------
        Object: fax2_info.exe
                In archive: C:\Users\eric\Desktop\virus\2015.5.19\49.vir
                Status: Virus detected
                Virus: Trojan.Agent.BJXP
        ----------------------------------------------------------------

Object: 50.vir
        Path: C:\Users\eric\Desktop\virus\2015.5.19
        Status: Virus detected
        Virus: Gen:Variant.Barys.7801 (Engine A)
[/mw_shl_code]

saga3721

文件 ID         文件名         大小(字节)         结果
25861374         01.vir         41 KB         CLEAN
28513424         05.vir         184.08 KB         MALWARE
28514101         06.vir         1.72 MB         UNDER ANALYSIS
28514102         08.vir         677.47 KB         UNDER ANALYSIS
28514103         09.vir         112 KB         MALWARE
28514104         10.vir         202.77 KB         UNDER ANALYSIS
28514105         11.vir         137.49 KB         UNDER ANALYSIS
28514106         12.vir         362.59 KB         UNDER ANALYSIS
28514107         16.vir         53.81 KB         UNDER ANALYSIS
28514108         18.vir         582 Byte         UNDER ANALYSIS
28514111         23.vir         2.02 KB         UNDER ANALYSIS
28514112         26.vir         219.42 KB         UNDER ANALYSIS
28514113         27.vir         1.18 MB         UNDER ANALYSIS
28514114         31.vir         95 KB         UNDER ANALYSIS
28514116         35.vir         592.5 KB         UNDER ANALYSIS
28514117         38.vir         399.71 KB         UNDER ANALYSIS
28514118         39.vir         190.59 KB         CLEAN
123322169         30.vir         2.27 MB         KNOWN CLEAN
28514119         42.vir         701.16 KB         UNDER ANALYSIS
28514120         45.vir         13.72 KB         UNDER ANALYSIS
28514121         47.vir         12.44 KB         UNDER ANALYSIS

wenshui1013

今天样本包好晚。我换了LINUX，就不测了。。

bbszy

欧阳宣 发表于 2015-5-19 17:54
百度国内版占位，不开卡巴。
26个。
[mw_shl_code=html,true]病毒木马名:Win32.Backdoor.Bladabindi.a.ba ...

这报毒名字跟卡巴这么像。。。