收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 19X 可疑~~~~(标题要长,标题要长,标题要长,重要的事 ...
12下一页
返回列表 发新帖
查看: 2796|回复: 15
收起左侧

[可疑文件] 19X 可疑~~~~(标题要长,标题要长,标题要长,重要的事情说三遍)

[复制链接]
轩夏
发表于 2016-3-21 16:56:59 | 显示全部楼层 |阅读模式
本帖最后由 轩夏 于 2016-3-21 17:07 编辑







本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

轩夏
 楼主| 发表于 2016-3-21 17:01:20 | 显示全部楼层
微软 17X

[mw_shl_code=css,true]Scan started on Mon Mar 21 16:58:33 2016

E:\Software\RAVE\Samples\Samples\Samples\1 (1).bin              Infected: Backdoor:MSIL/Bladabindi
E:\Software\RAVE\Samples\Samples\Samples\1 (10).bin             Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (11).bin             Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (12).bin             Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (13).bin             Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (14).bin             Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (15).bin             Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (16).bin             Infected: Ransom:Win32/Locky
E:\Software\RAVE\Samples\Samples\Samples\1 (17).bin             Infected: Backdoor:Win32/Drixed
E:\Software\RAVE\Samples\Samples\Samples\1 (19).bin             Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (2).bin              Infected: TrojanSpy:MSIL/Omaneat.B
E:\Software\RAVE\Samples\Samples\Samples\1 (4).bin              Infected: Ransom:Win32/Tescrypt.Q
E:\Software\RAVE\Samples\Samples\Samples\1 (5).bin              Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (6).bin              Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (7).bin              Infected: Ransom:Win32/Locky.A
E:\Software\RAVE\Samples\Samples\Samples\1 (8).bin              Infected: Ransom:Win32/Locky!rfn
E:\Software\RAVE\Samples\Samples\Samples\1 (9).bin              Infected: Ransom:Win32/Locky.A
Successfully checked: E:\Software\RAVE\Samples\Samples\Samples

Scan ended on Mon Mar 21 16:58:40 2016[/mw_shl_code]
回复

举报

lasvegas
发表于 2016-3-21 17:04:59 | 显示全部楼层
包不完整?
回复

举报

MXCERILYF!
发表于 2016-3-21 17:10:32 | 显示全部楼层
瑞星清空

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

轩夏
 楼主| 发表于 2016-3-21 17:23:47 | 显示全部楼层
MXCERILYF! 发表于 2016-3-21 17:10
瑞星清空

哇塞~~~~微软差两个
回复

举报

llcy
发表于 2016-3-21 17:28:10 | 显示全部楼层
norton余下两个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

MXCERILYF!
发表于 2016-3-21 17:33:30 | 显示全部楼层
轩夏 发表于 2016-3-21 17:23
哇塞~~~~微软差两个

卡巴也清空

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Eset小粉絲
发表于 2016-3-21 17:39:30 | 显示全部楼层
Avira 18x + APC 1x

[mw_shl_code=css,true]Start of the scan: Monday, March 21, 2016  17:35

Starting the file scan:

Begin scan in 'C:\Users\IVAN\Desktop\New Folder (2)'
C:\Users\IVAN\Desktop\New Folder (2)\1 (1).bin
  [DETECTION] Is the TR/Dropper.MSIL.272092 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '511f53d9.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (10).bin
  [DETECTION] Is the TR/Crypt.EPACK.26016 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '49887c7e.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (11).bin
  [DETECTION] Is the TR/Crypt.EPACK.26017 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1bd72697.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (12).bin
  [DETECTION] Is the TR/Crypt.EPACK.26026 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '7de06955.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (13).bin
  [DETECTION] Is the TR/Crypt.EPACK.26020 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '3864446b.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (14).bin
  [DETECTION] Is the TR/Locky.KJ.1 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '477f760a.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (15).bin
  [DETECTION] Is the TR/FileCoder.Locky.56777 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '0bc75a40.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (16).bin
  [DETECTION] Is the TR/FileCoder.184320.1 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '77df1a10.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (17).bin
  [DETECTION] Is the TR/Crypt.Xpack.434662 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '5a85355d.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (19).bin
  [DETECTION] Is the TR/Ransom.A.66 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '43ed0ec7.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (2).bin
  [DETECTION] Is the TR/Dropper.MSIL.276121 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2fb122f7.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (3).bin
  [DETECTION] Is the TR/Crypt.Xpack.425685 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '5e081b62.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (4).bin
  [DETECTION] Is the TR/Crypt.ZPACK.237832 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '50122ba5.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (5).bin
  [DETECTION] Is the TR/Crypt.ZPACK.237543 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '153b52e7.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (6).bin
  [DETECTION] Is the TR/Locky.lcl Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1c30564c.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (7).bin
  [DETECTION] Is the TR/Crypt.EPACK.26053 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '44714f25.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (8).bin
  [DETECTION] Is the TR/Locky.dhi Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '688536e9.qua'!
C:\Users\IVAN\Desktop\New Folder (2)\1 (9).bin
  [DETECTION] Is the TR/Crypt.EPACK.26023 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '567b5633.qua'!


End of the scan: Monday, March 21, 2016  17:35
Used time: 00:03 Minute(s)

The scan has been done completely.[/mw_shl_code]

[mw_shl_code=css,true]Start of the scan: Monday, March 21, 2016  17:36

Starting the file scan:

Begin scan in 'C:\Users\IVAN\Desktop\New Folder (2)\1 (18).bin'
Successful Cloud SDK initialization and license check.
The file 'C:\Users\IVAN\Desktop\New Folder (2)\1 (18).bin' was scanned with the Protection Cloud. SHA256 = D7516A2280113C31ABE706707F47655A90B8831AB0892339781DC5184E23B184
C:\Users\IVAN\Desktop\New Folder (2)\1 (18).bin (SHA-256: d7516a2280113c31abe706707f47655a90b8831ab0892339781dc5184e23b184)
  [DETECTION] Contains suspicious code HEUR/APC (Cloud)
  [NOTE]      The file was moved to the quarantine directory under the name '516662ed.qua'!


End of the scan: Monday, March 21, 2016  17:36
Used time: 00:06 Minute(s)

The scan has been done completely.[/mw_shl_code]
回复

举报

saga3721
发表于 2016-3-21 17:58:34 | 显示全部楼层
云2个余下红伞监控全杀
回复

举报

MXCERILYF!
发表于 2016-3-21 18:04:28 | 显示全部楼层
本帖最后由 MXCERILYF! 于 2016-3-22 08:58 编辑

BD扫描清空

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-15 13:16 , Processed in 0.132550 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表