一个神奇的文件~~

显示全部楼层 · 发表于 2015-8-29 17:25:53

偶尔发现的一东西，360压缩提示风险，第一次看到有这么多的签名，除了sha384那个被吊销之外，其他都是有效的，话说sha512又是神马东西，要这么高的强度干嘛~~

，一开始还以为是没毒的呢，毕竟有这么多的签名嘛，但是我又觉得不保险就沙箱一下，结果这货在沙箱内表现得人畜无害，于是再试试企鹅的哈勃，结果无风险，嗯嗯，无风险，还88分，出于对企鹅的信任。。。于是我就实机双击了。。事实证明企鹅的技术不咋的，这货表现得和沙箱时的截然不同，界面几秒后就消失了。。。

我知道坏事了~~TM的中标了~~~关键时刻还是sonar靠得住。。

显示全部楼层 · 发表于 2015-8-29 17:31:55

本帖最后由 MXCERILYF! 于 2015-8-29 17:33 编辑

360TS

显示全部楼层 · 发表于 2015-8-29 17:33:26

MXCERILYF! 发表于 2015-8-29 17:31
360TS

为什么我的360不报

显示全部楼层 · 发表于 2015-8-29 17:33:44

本帖最后由 ELOHIM 于 2015-8-29 17:35 编辑

signtool GUI.zip.exe found no threats.
上报ing...不过，不知道双击会是什么样的party.

显示全部楼层 · 发表于 2015-8-29 17:36:49

ELOHIM 发表于 2015-8-29 17:33
signtool GUI.zip.exe found no threats.
上报ing...不过，不知道双击会是什么样的party.

界面几秒后消失，病毒标配~~

显示全部楼层 · 发表于 2015-8-29 17:53:48

COMODO云端查询结果为需要提交的

显示全部楼层 · 发表于 2015-8-29 18:15:19

过ESS，过腾讯管家

显示全部楼层 · 发表于 2015-8-29 18:25:18

NS:信誉不良，IPS也直接击杀

[mw_shl_code=css,true]Filename: signtool GUI.zip.exe
Full Path: C:\Documents and Settings\Administrator\桌面\signtool GUI.zip.exe

____________________________

____________________________

Developers
Open Source Developer, 鏄撳彲绫

Version
1.8.0.2

Identified
2015-8-29 at 18:23:26

Last Used
Not Available

Startup Item
No

____________________________

Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week ago.

Poor
There are some indications that this file is untrustworthy.

____________________________

Source File:
winrar.exe

File Created:
signtool gui.zip.exe

____________________________

File Thumbprint - SHA:
9bcb6531799b11e732c2da51fcf9c1afad26db55d1fec85e08f50134ac5cdaf2
File Thumbprint - MD5:
34c46ecb669b1f2b1a49fb03ecde5958
[/mw_shl_code]

[mw_shl_code=css,true]Filename: signtool gui.zip.exe
Threat name: WS.Reputation.1Full Path: c:\documents and settings\administrator\桌面\signtool gui.zip.exe

____________________________

____________________________

On computers as of
2015-8-29 at 18:23:26

Last Used
2015-8-29 at 18:24:37

Startup Item
No

Launched
No

Threat type: Insight Network Threat. There are many indications that this file is untrustworthy and therefore not safe

____________________________

signtool gui.zip.exe Threat name: WS.Reputation.1
Locate

Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week ago.

Medium
This file risk is medium.

____________________________

Source: External Media

Source File:
winrar.exe

File Created:
signtool gui.zip.exe

____________________________

File Actions

File: c:\documents and settings\administrator\桌面\ signtool gui.zip.exe Removed
____________________________

File Thumbprint - SHA:
9bcb6531799b11e732c2da51fcf9c1afad26db55d1fec85e08f50134ac5cdaf2
File Thumbprint - MD5:
Not available
[/mw_shl_code]

显示全部楼层 · 发表于 2015-8-29 19:55:56

发给卡巴了

显示全部楼层 · 发表于 2015-8-29 20:12:20

FSCS12 MISS

[可疑文件] 一个神奇的文件~~

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块