收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 附报告
12下一页
返回列表 发新帖
查看: 3344|回复: 14
收起左侧

[病毒样本] 附报告

[复制链接]
jimmyleo
发表于 2008-2-15 11:26:03 | 显示全部楼层 |阅读模式
文件 a0e27d1a-a8f9-11dc-9eb8-00142a156 接收于 2008.02.15 04:14:50 (CET)
反病毒引擎版本最后更新扫描结果
AhnLab-V32008.2.15.102008.02.14-
AntiVir7.6.0.652008.02.14TR/Crypt.XDR.Gen
Authentium4.93.82008.02.14-
Avast4.7.1098.02008.02.14Win32:VB-HAH
AVG7.5.0.5162008.02.14Generic9.AJDK
BitDefender7.22008.02.15-
CAT-QuickHealNone2008.02.14W32.Brontok.Q
ClamAV0.92.12008.02.15PUA.Packed.MEW-1
DrWeb4.44.0.091702008.02.14Trojan.Click.16618
eSafe7.0.15.02008.02.14Win32.VB.bon
eTrust-Vet31.3.55382008.02.14-
Ewido4.02008.02.14Trojan.VB.boa
FileAdvisor12008.02.15High threat detected
Fortinet3.14.0.02008.02.15-
F-Prot4.4.2.542008.02.14-
F-Secure6.70.13260.02008.02.14W32/Adclicker.BHX
IkarusT3.1.1.202008.02.15IM-Worm.Win32.Sumom.C
Kaspersky7.0.0.1252008.02.15Trojan.Win32.VB.bon
McAfee52302008.02.14Generic.dx
Microsoft1.32042008.02.14-
NOD32v228762008.02.14probably unknown NewHeur_PE virus
Norman5.80.022008.02.14W32/Adclicker.BHX
Panda9.0.0.42008.02.14-
Prevx1V22008.02.15-
Rising20.31.30.002008.02.14Trojan.Win32.Undef.aos
Sophos4.26.02008.02.14Mal/EncPk-BA
Sunbelt2.2.907.02008.02.14W32/MEWpacked.gen
Symantec102008.02.15Trojan.Adclicker
TheHacker6.2.9.2202008.02.14Trojan/VB.bon
VBA323.12.6.12008.02.14Trojan.Win32.VB.bon
VirusBuster4.3.26:92008.02.14Packed/MEW
Webwasher-Gateway6.6.22008.02.14Trojan.Crypt.XDR.Gen

附加信息
File size: 27006 bytes
MD5: aeab29c3a088f3ecf5ad6d325d03c3b3
SHA1: 82d0b41ab95b2ac1594868eec87a71813a881cab
PEiD: MEW 11 SE v1.2 -> Northfox[HCC]
Bit9 info: http://fileadvisor.bit9.com/serv ... 3ecf5ad6d325d03c3b3
packers: MEW
packers: PE_Patch, MewBundle, MEW

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

无尽藏海
发表于 2008-2-15 11:28:16 | 显示全部楼层
2008-2-15 11:27:35        Kernel        File  'F:\a0e27d1a-a8f9-11dc-9eb8-00142a156370.rar' was sent to ESET for analysis.
回复

举报

danielchen
发表于 2008-2-15 11:31:35 | 显示全部楼层
大部分杀软都报了~
回复

举报

红心王子
发表于 2008-2-15 11:34:17 | 显示全部楼层
木马名称:Trojan.Win32.VB.cgi

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\A0E27D1A-A8F9-11DC-9EB8-00142A156370.JPG
是木马程序!
已成功阻止其运行,是否要删除此文件?
回复

举报

qianwenxiang
发表于 2008-2-15 11:36:27 | 显示全部楼层
CAT-QuickHeal None 2008.02.14 W32.Brontok.Q

Brontok..生平最恨的字眼..

Win32:VB-HAH [Trj]
回复

举报

挪威的冬天
发表于 2008-2-15 13:16:28 | 显示全部楼层
信息        2008-02-15  13:16:14        您此次查毒共查出1个病毒以及危险代码                       
信息        2008-02-15  13:16:14        您此次查毒共查了内存模块0个,磁盘引导扇区0个,文件4个                       
信息        2008-02-15  13:16:14        金山毒霸主程序查毒过程结束,查毒方式:命令行查毒                       
病毒        2008-02-15  13:16:14        C:\Users\挪威的冬天\Desktop\a0e27d1a-a8f9-11dc-9eb8-00142a156370.rar\a0e27d1a-a8f9-11dc-9eb8-00142a156370.jpg        Win32.Troj.VB.185856        跳过,未处理
回复

举报

woai_jolin
发表于 2008-2-15 13:18:43 | 显示全部楼层

回复 2楼 无尽藏海 的帖子

Scan Log
Version of virus signature database: 2876 (20080214)
Date: 2008/2/15  Time: 13:16:06
Scanned disks, folders and files: G:\v\a0e27d1a-a8f9-11dc-9eb8-00142a156370.jpg
G:\v\a0e27d1a-a8f9-11dc-9eb8-00142a156370.jpg - probably unknown NewHeur_PE virus [7]
Number of scanned objects: 1
Number of threats found: 1
Time of completion: 13:16:06  Total scanning time: 0 sec (00:00:00)

Notes:
[7] Object is probably infected with an unknown virus.
回复

举报

woai_jolin
发表于 2008-2-15 13:20:46 | 显示全部楼层
Hello,

Thanks for taking the time to submit your samples to the Norman
Sandbox Information Center.  Customer delight is our top priority at
Norman.  With that in mind we have developed Sandbox Solutions for
organizations that are committed to speedy analysis and debugging.

Norman Sandbox Solutions give your organization the opportunity to
analyze files immediately in your own environment.

To find out how to bring the power of Norman Sandbox into your test
environments follow the links below.

Norman Sandbox Solutions
http://www.norman.com/Product/Sandbox-products/

Norman Sandbox Analyzer
http://www.norman.com/Product/Sandbox-products/Analyzer/

Norman Sandbox Analyzer Pro
http://www.norman.com/Product/Sandbox-products/Analyzer-pro/

Norman SandBox Reporter
http://www.norman.com/Product/Sandbox-products/Reporter/

a0e27d1a-a8f9-11dc-9eb8-00142a156370.jpg : Not detected by Sandbox (Signature: W32/Adclicker.BHX)


[ DetectionInfo ]
    * Sandbox name: NO_MALWARE
    * Signature name: W32/Adclicker.BHX
    * Compressed: YES
    * TLS hooks: NO
    * Executable type: Application
    * Executable file structure: OK

[ General information ]
    * Decompressing Mew.
    * Applications uses MSVBVM60.DLL (Visual Basic 6).
    * File length:        27006 bytes.
    * MD5 hash: aeab29c3a088f3ecf5ad6d325d03c3b3.

[ Process/window information ]
    * Creates a COM object with CLSID {FCFB3D23-A0FA-1068-A738-08002B3371B5} : VBRuntime.
    * Creates a COM object with CLSID {E93AD7C1-C347-11D1-A3E2-00A0C90AEA82} : VBRuntime6.



(C) 2004-2006 Norman ASA. All Rights Reserved.

The material presented is distributed by Norman ASA as an information source only.


************************************
Sent from an unmonitored email address.
Please DO NOT reply.
************************************




[ 本帖最后由 woai_jolin 于 2008-2-15 13:22 编辑 ]
回复

举报

Palkia
发表于 2008-2-15 13:27:40 | 显示全部楼层
C:\Documents and Settings\Administrator\桌面\a0e27d1a-a8f9-11dc-9eb8-00142a156370.rar >>RAR >>a0e27d1a-a8f9-11dc-9eb8-00142a156370.jpg - 未查明的 NewHeur_PE 病毒 [7]
回复

举报

sam.to
发表于 2008-2-15 14:02:03 | 显示全部楼层
Kaspersky Virus Scanner         
Scanned file:   a0e27d1a-a8f9-11dc-9eb8-00142a156370.rar - Infected
a0e27d1a-a8f9-11dc-9eb8-00142a156370.rar/a0e27d1a-a8f9-11dc-9eb8-00142a156370.jpg - infected by Trojan.Win32.VB.bon

回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-29 14:41 , Processed in 0.124394 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表