病毒样本一枚

显示全部楼层 · 发表于 2015-7-17 17:15:27

链接: http://pan.baidu.com/s/1hqKWt6W 密码: 5kdw

显示全部楼层 · 发表于 2015-7-17 17:18:13

显示全部楼层 · 发表于 2015-7-17 17:20:28

一闪而过。什么东西？

显示全部楼层 · 发表于 2015-7-17 17:21:44

毒霸本地启发

显示全部楼层 · 发表于 2015-7-17 17:23:29

Filename: jj.exe
Threat name: SONAR.Heuristic.120Full Path: Not Available

____________________________

____________________________

On computers as of
2015/7/17 at 17:22:48

Last Used
2015/7/17 at 17:22:48

Startup Item
No

Launched
Yes

SONAR Protection monitors for suspicious program activity on your computer.

____________________________

jj.exe Threat name: SONAR.Heuristic.120
Locate

Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week ago.

High
This file risk is high.

____________________________

Source: External Media

Source File:
7zfm.exe

File Created:
jj.exe

____________________________

File Actions

File: d:\360安全浏览器下载\ jj.exe Threat Removed
____________________________

Registry Actions

Registry change: HKEY_USERS\S-1-5-21-3586500503-2481598044-4063237542-1001\Software\ SogouInput.user->SogouComponentFirstLoad:1437124968, Registry Hive: 64 bit Repaired
Registry change: HKEY_USERS\S-1-5-21-3586500503-2481598044-4063237542-1001\Software\ SogouInput.user->Used:1437124968, Registry Hive: 64 bit Repaired
Registry change: HKEY_USERS\S-1-5-21-3586500503-2481598044-4063237542-1001\Software\Microsoft\Windows\CurrentVersion\ Internet Settings->ProxyEnable:0, Registry Hive: 64 bit Repaired
Registry change: HKEY_USERS\S-1-5-21-3586500503-2481598044-4063237542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ Connections->SavedLegacySettings:..., Registry Hive: 64 bit Repaired
Registry change: HKEY_USERS\S-1-5-21-3586500503-2481598044-4063237542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ Content->CachePrefix, Registry Hive: 64 bit Repaired
Registry change: HKEY_USERS\S-1-5-21-3586500503-2481598044-4063237542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ Cookies->CachePrefix:Cookie:, Registry Hive: 64 bit Repaired
Registry change: HKEY_USERS\S-1-5-21-3586500503-2481598044-4063237542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\ History->CachePrefix:Visited:, Registry Hive: 64 bit Repaired
____________________________

Network Actions

Event: Network activity (Performed by d:\360安全浏览器下载\jj.exe, PID:5672) No action taken
____________________________

System Settings Actions

Event: Process start (Performed by d:\360安全浏览器下载\jj.exe, PID:5672) No action taken
(Performed by d:\360安全浏览器下载\jj.exe, PID:5672) No action taken
Event: Process start: d:\360安全浏览器下载\ jj.exe, PID:5672 (Performed by d:\360安全浏览器下载\jj.exe, PID:5672) No action taken
____________________________

File Thumbprint - SHA:
Not available
File Thumbprint - MD5:
Not available

显示全部楼层 · 发表于 2015-7-17 17:29:59

盗号的？

E-mail：samples@eset.sk

显示全部楼层 · 发表于 2015-7-17 17:36:14

SUD to BAV

显示全部楼层 · 发表于 2015-7-17 17:38:24

显示全部楼层 · 发表于 2015-7-17 17:48:12

显示全部楼层 · 发表于 2015-7-17 17:57:03

mcafee miss...

[病毒样本] 病毒样本一枚

本帖子中包含更多资源

本帖子中包含更多资源

评分

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块