Detection ratio: 2 / 56 Angler Exploit Kit Website 6 挂马

墨家小子

SHA256:        54f301ce21ca8425f250bfdd64755c7b4bcc00cf9257de24dfc81234a479d895
File name:        2176.tmp.exe
Detection ratio:        2 / 56
Analysis date:        2016-03-14 00:46:43 UTC ( 1 minute ago )
https://www.virustotal.com/en/file/54f301ce21ca8425f250bfdd64755c7b4bcc00cf9257de24dfc81234a479d895/analysis/1457916403/

Bkav        HW32.Packed.CA87        20160312
Qihoo-360        QVM07.1.Malware.Gen        20160314

2016/3/14 8:43:21,高,阻止了 localhost 的入侵企图,已阻止,不需要操作,Web Attack: Angler Exploit Kit Website 6,不需要操作,不需要操作,"localhost (127.0.0.1, 3XXX8)",ravitaillaientpettifogulizer.margolis.org/topic/11587-revive-degrade-droopingly-pathological-educations-fathomless-micturition-imperium/,"localhost (127.0.0.1, XXX3)",localhost (127.0.0.1),"TCP, 端口 3XXX8",

蓝天二号

运行之后，都是报错自退的，，

ericdj

GD……
主防干掉

winrar.exe
没有截图~~~



这才是本尊

z2009

过bg扫描
双击，bg杀

ymb668888

卡巴全部云杀

14.03.2016 10.18.49;检测到的对象 ( 文件 ) 已删除。;C:\Users\Administrator\Downloads\病毒测试\D64A.tmp.exe;C:\Users\Administrator\Downloads\病毒测试\D64A.tmp.exe;UDS:DangerousObject.Multi.Generic;未知威胁;03/14/2016 10:18:49
14.03.2016 10.18.37;检测到的对象 ( 文件 ) 已删除。;C:\Users\Administrator\Downloads\病毒测试\BB74.tmp.exe;C:\Users\Administrator\Downloads\病毒测试\BB74.tmp.exe;UDS:DangerousObject.Multi.Generic;未知威胁;03/14/2016 10:18:37
14.03.2016 10.18.22;检测到的对象 ( 文件 ) 已删除。;C:\Users\Administrator\Downloads\病毒测试\2176.tmp.exe;C:\Users\Administrator\Downloads\病毒测试\2176.tmp.exe;UDS:DangerousObject.Multi.Generic;未知威胁;03/14/2016 10:18:22
14.03.2016 10.18.15;检测到的对象 ( 文件 ) 已删除。;C:\Users\Administrator\Downloads\病毒测试\50A0.tmp.exe;C:\Users\Administrator\Downloads\病毒测试\50A0.tmp.exe;UDS:DangerousObject.Multi.Generic;未知威胁;03/14/2016 10:18:15

huchedehaizi88

为什么，费尔的云鉴定总是安全。。。

请叫我德玛西亚

huchedehaizi88 发表于 2016-3-14 10:44
为什么，费尔的云鉴定总是安全。。。

对的   鉴定不出来  不过这类加密大菲尔主防都可以拦截

1446547521

ESET全部云拉黑

saga3721

红伞全杀'TR/Crypt.Xpack.430337 [trojan]' ×4

aboringman

AVG：

扫描：miss；

双击：实机双击，IDP击杀之。（【又现SMP】继续断网测试！）

"";"IDP.SMP.13, C:\USERS\KILLER\DESKTOP\2176.TMP.EXE";"Deleted";"File or Directory";"2016/3/14, 19:27:29"

"";", C:\USERS\KILLER\DESKTOP\2176.TMP.EXE";"Object was blocked";"Process";"2016/3/14, 19:27:29"

"";", C:\Windows\igucnthnwlbj.exe";"Object was blocked";"Process";"2016/3/14, 19:27:29"

"";", C:\Windows\System32\cmd.exe";"Object was blocked";"Process";"2016/3/14, 19:27:29"

"";", C:\Windows\igucnthnwlbj.exe";"Deleted, Moved to Virus Vault";"File or Directory";"2016/3/14, 19:27:29"

"";", C:\USERS\KILLER\DESKTOP\2176.TMP.EXE";"Object was blocked";"Process";"2016/3/14, 19:27:29"



@墨家小子