收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(16.10.27)
1234下一页
返回列表 发新帖
楼主: vanishtime
 收起左侧

[病毒样本] 精睿样本测试(16.10.27)

  [复制链接]
叶无道
发表于 2016-10-27 11:28:02 | 显示全部楼层
avg 25
回复

举报

dsb2466
头像被屏蔽
发表于 2016-10-27 11:41:22 | 显示全部楼层
skyboybone 发表于 2016-10-27 10:48




本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

dsb2466
头像被屏蔽
发表于 2016-10-27 11:42:05 | 显示全部楼层
skyboybone 发表于 2016-10-27 10:48

感觉接下来一段时间,扫描率好看一些了诶
回复

举报

小飞侠.net
发表于 2016-10-27 11:47:05 | 显示全部楼层
360杀毒扫描日志

病毒库版本:2016-10-26 16:18
扫描时间:2016-10-27 11:43:05
扫描用时:00:02:08
扫描类型:右键扫描
扫描文件总数:50
项目总数: 28
清除项目数:0

扫描选项
----------------------
扫描所有文件:是
扫描压缩包:是
发现病毒处理方式:由用户选择处理
扫描磁盘引导区:是
扫描 Rootkit:是
使用云查杀引擎:是
使用QVM人工智能引擎:是
扫描建议修复项:是
常规引擎设置:BitDefender Avira(小红伞)

扫描内容
----------------------
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27


文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27.7z
文件大小: 4.33 MB (4,545,225 字节)
修改时间: 2016年10月27日,11:40:31
MD5: a9a347218c7e2295af1bdaf2dcf7338a
SHA1: c0f9253f399245e5c94dac49cddd888dc1a5d45b
SHA256: 312122980736cd0a164c5837e6e107894a020fa1a3cd580e7e7c1902783b76bd
CRC32: 30958d1b
计算时间: 0.05s



[mw_shl_code=javascript,true]
扫描结果
======================
高危风险项
----------------------
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\03.vir        virus.js.gen.80        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\04.vir        virus.js.gen.75        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\06.vir        virus.vbs.gen.1        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\09.vir        virus.js.gen.85        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\18.vir        virus.js.gen.80        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\21.vir        virus.vbs.gen.1        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\28.vir        virus.office.obfuscated.1        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\29.vir        virus.js.gen.1        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\32.vir        virus.js.gen.85        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\36.vir        virus.js.gen.90        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\38.vir        木马程序(Generic.JS.NemucodA.624FB173)        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\42.vir        virus.js.gen.85        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\44.vir        virus.js.gen.1        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\47.vir        virus.js.gen.1        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\08.vir        感染型病毒(Win32/Trojan.4a9)        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\12.vir        感染型病毒(Win32/Trojan.Downloader.b9b)        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\23.vir        HEUR/QVM10.1.C11C.Malware.Gen        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\30.vir        HEUR/QVM03.0.C11C.Malware.Gen        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\26.vir        HEUR/QVM03.0.C11C.Malware.Gen        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\33.vir        感染型病毒(Win32/Trojan.Dropper.980)        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\34.vir        感染型病毒(Win32/Trojan.Dropper.743)        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\40.vir        感染型病毒(Win32/Trojan.8fc)        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\45.vir        HEUR/QVM03.0.C11C.Malware.Gen        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\48.vir        virus.office.gen.90        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\01.vir        js.url.downloader.k2        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\25.vir        Gen:Heur.MSIL.Androm.9        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\50.vir        virus.js.gen.1        未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘嘉欣\7346797\958202\952802\王馨妍\Windows Defender\AVTestZipX\2016.10.27\2016.10.27\41.vir        后门程序(Backdoor.Win32.Agent.FH)        未处理[/mw_shl_code]
回复

举报

T.Yoshiyuki
发表于 2016-10-27 11:51:06 | 显示全部楼层
宇宙第一大BD kill 33x (其中fix 2x,17號手動刪除)



[mw_shl_code=css,true]Remaining issues:

D:\TEST\daily\2016.10.27\17.vir.MSG=>(attachment) VBA:Trojan.VBA.Downloader.BH Infected

Resolved issues:

D:\TEST\daily\2016.10.27\13.vir.ZIP Trojan.GenericKD.3634102 Deleted
D:\TEST\daily\2016.10.27\05.vir.DOCM=>word/vbaProject.bin O97M.Downloader.N Disinfected
D:\TEST\daily\2016.10.27\29.vir.JS Trojan.JS.Agent.NSB Deleted
D:\TEST\daily\2016.10.27\27.vir.html=>(INFECTED_JS) JS:Trojan.JS.Ransom.K Deleted
D:\TEST\daily\2016.10.27\33.vir.exe Gen:Variant.Zusy.175352 Deleted
D:\TEST\daily\2016.10.27\44.vir.txt Generic.JS.NemucodA.5EFA3136 Deleted
D:\TEST\daily\2016.10.27\01.vir.html Trojan.JS.Downloader.FUS Moved to Quarantine
D:\TEST\daily\2016.10.27\50.vir.JS=>(INFECTED_JS) JS:Trojan.JS.Nemucod.DO Deleted
D:\TEST\daily\2016.10.27\02.vir.swf Exploit.SWF.Agent.DO Deleted
D:\TEST\daily\2016.10.27\47.vir.JS=>(INFECTED_JS) JS:Trojan.JS.Nemucod.DO Deleted
D:\TEST\daily\2016.10.27\48.vir.DOC W97m.Downloader.EMV Moved to Quarantine
D:\TEST\daily\2016.10.27\42.vir.html Trojan.JS.Downloader.FXY Moved to Quarantine
D:\TEST\daily\2016.10.27\39.vir.html=>(INFECTED_JS) JS:Trojan.JS.Ransom.K Deleted
D:\TEST\daily\2016.10.27\38.vir.txt Generic.JS.NemucodA.624FB173 Deleted
D:\TEST\daily\2016.10.27\45.vir.exe Trojan.GenericKD.3629124 Deleted
D:\TEST\daily\2016.10.27\21.vir Trojan.JS.Nemucod.DV Deleted
D:\TEST\daily\2016.10.27\39.vir.html=>(JAVASCRIPT 1) Trojan.JS.Downloader.FXQ Deleted
D:\TEST\daily\2016.10.27\23.vir.exe Trojan.GenericKD.3629634 Deleted
D:\TEST\daily\2016.10.27\41.vir.exe Gen:Variant.Symmi.21603 Deleted
D:\TEST\daily\2016.10.27\36.vir.JS=>(INFECTED_JS) JS:Trojan.JS.Downloader.MX Deleted
D:\TEST\daily\2016.10.27\31.vir.exe Trojan.GenericKD.3630865 Deleted
D:\TEST\daily\2016.10.27\34.vir.exe Gen:Variant.Zusy.209509 Deleted
D:\TEST\daily\2016.10.27\32.vir.html Trojan.JS.Downloader.FXY Moved to Quarantine
D:\TEST\daily\2016.10.27\09.vir.html Trojan.JS.Downloader.FXY Moved to Quarantine
D:\TEST\daily\2016.10.27\08.vir.exe Trojan.GenericKD.3589202 Deleted
D:\TEST\daily\2016.10.27\26.vir.exe Gen:Variant.Barys.2161 Deleted
D:\TEST\daily\2016.10.27\25.vir.exe Gen:Heur.MSIL.Androm.9 Deleted
D:\TEST\daily\2016.10.27\18.vir.html Trojan.JS.Downloader.FXY Moved to Quarantine
D:\TEST\daily\2016.10.27\04.vir.html Trojan.JS.Downloader.FXY Moved to Quarantine
D:\TEST\daily\2016.10.27\30.vir.exe Gen:Variant.Zusy.82883 Deleted
D:\TEST\daily\2016.10.27\11.vir=>DX.DLL Win32.Worm.Downadup.Gen Moved to Quarantine
D:\TEST\daily\2016.10.27\03.vir.html Trojan.JS.Downloader.FXY Moved to Quarantine
D:\TEST\daily\2016.10.27\06.vir Trojan.JS.Nemucod.DV Deleted [/mw_shl_code]


P.S.
17號是一個擴展名爲msg的郵件文件 BD不僅修復失敗 而且選擇刪除時也沒反應
26日的包裏也有個msg文件 同樣失敗
估計是要反饋給官人了!

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
小小瞻 + 1 希望常测试BD,样本区不能无BD

查看全部评分

回复

举报

DF快递
发表于 2016-10-27 11:55:18 | 显示全部楼层
T.Yoshiyuki 发表于 2016-10-27 11:51
宇宙第一大BD kill 33x (其中fix 2x,17號手動刪除)

修复不了又删除不掉,这是啥情况
回复

举报

jiangz1234
发表于 2016-10-27 12:37:57 | 显示全部楼层
Escan大杀器 解压加扫描共KILL 33X,剩余17X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ys0516
发表于 2016-10-27 12:42:15 | 显示全部楼层
EIS 10
实时KILL 30
右键KILL 4
总共KILL 34
回复

举报

T.Yoshiyuki
发表于 2016-10-27 14:19:25 | 显示全部楼层
jiangz1234 发表于 2016-10-27 13:37
Escan大杀器 解压加扫描共KILL 33X,剩余17X

不就是BD親兒子嘛 怎麼“大殺器”了
回复

举报

Eset小粉絲
发表于 2016-10-27 14:19:43 | 显示全部楼层
本帖最后由 Eset小粉絲 于 2016-10-27 14:30 编辑

Avira 30x 忘了调用检测全文件设置,移动文件夹自动隔离多5个

[mw_shl_code=css,true]Start of the scan: Thursday, 27 October, 2016  14:18

Starting the file scan:

Begin scan in 'C:\Users\Ivan\Desktop\2016.10.27'
C:\Users\Ivan\Desktop\2016.10.27\03.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.BCN Java script virus
C:\Users\Ivan\Desktop\2016.10.27\04.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.BCN Java script virus
C:\Users\Ivan\Desktop\2016.10.27\05.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains suspicious code HEUR/Macro.Agent
        [WARNING]   Infected files in archives cannot be repaired
Successful Cloud SDK initialization and license check.
The file 'C:\Users\Ivan\Desktop\2016.10.27\08.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 14EA299CDFBA8FC0A06166D4F7BF68DCF2F0FFCA4A60104E42689805A2D735BE
C:\Users\Ivan\Desktop\2016.10.27\08.vir (SHA-256: 14ea299cdfba8fc0a06166d4f7bf68dcf2f0ffca4a60104e42689805a2d735be)
  [INFO]      The file 'C:\Users\Ivan\Desktop\2016.10.27\08.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\Ivan\Desktop\2016.10.27\09.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.BCN Java script virus
C:\Users\Ivan\Desktop\2016.10.27\12.vir
  [DETECTION] Is the TR/Downloader.jhebm Trojan
C:\Users\Ivan\Desktop\2016.10.27\13.vir
    [0] Archive type: ZIP
    --> sgahuetrwa/rwdfshsdsadqwq.class
        [DETECTION] Contains recognition pattern of the EXP/JAVA.Adwind.BV.Gen exploit
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.27\14.vir
    [0] Archive type: ZIP
    --> aa.class
        [DETECTION] Contains recognition pattern of the EXP/JAVA.Adwind.BR.Gen exploit
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.27\17.vir
  [DETECTION] Contains code of the W2000M/Agent.40111 macro virus
C:\Users\Ivan\Desktop\2016.10.27\18.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.BCN Java script virus
C:\Users\Ivan\Desktop\2016.10.27\20.vir
  [DETECTION] Is the TR/Patched.Ren.Gen2 Trojan
C:\Users\Ivan\Desktop\2016.10.27\23.vir
  [DETECTION] Is the TR/Spy.Autoit.zhfre Trojan
C:\Users\Ivan\Desktop\2016.10.27\25.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.ajoos back-door program
C:\Users\Ivan\Desktop\2016.10.27\26.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Users\Ivan\Desktop\2016.10.27\28.vir
  [DETECTION] Contains code of the X2000M/Dldr.Agent.AM.18070 Excel macro virus
C:\Users\Ivan\Desktop\2016.10.27\30.vir
  [DETECTION] Is the TR/ClipBanker.lka.12 Trojan
C:\Users\Ivan\Desktop\2016.10.27\31.vir
    [0] Archive type: 7-Zip SFX (self extracting)
    --> fach.bat
        [DETECTION] Contains recognition pattern of the BAT/Dldr.FakeFlash.23125 batch virus
        [WARNING]   Infected files in archives cannot be repaired
    --> ftbg.ps1
        [DETECTION] Contains recognition pattern of the BAT/Dldr.FakeFlash.23125.1 batch virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.27\32.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.BCN Java script virus
C:\Users\Ivan\Desktop\2016.10.27\33.vir
  [DETECTION] Is the TR/Dropper.MSIL.176860 Trojan
C:\Users\Ivan\Desktop\2016.10.27\34.vir
  [DETECTION] Is the TR/Dropper.MSIL.dixip Trojan
C:\Users\Ivan\Desktop\2016.10.27\40.vir
  [DETECTION] Is the TR/Agent.lljso Trojan
C:\Users\Ivan\Desktop\2016.10.27\41.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agentb.adze back-door program
C:\Users\Ivan\Desktop\2016.10.27\42.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.BCN Java script virus
C:\Users\Ivan\Desktop\2016.10.27\45.vir
  [DETECTION] Is the TR/Dropper.MSIL.cksgy Trojan
C:\Users\Ivan\Desktop\2016.10.27\48.vir
  [DETECTION] Contains code of the W2000M/Agent.54524 macro virus
C:\Users\Ivan\Desktop\2016.10.27\49.vir
    [0] Archive type: NSIS
    --> Object
        [DETECTION] Contains patterns of software PUA/MyWebSearch.ME.1
        [WARNING]   Infected files in archives cannot be repaired[/mw_shl_code]
回复

举报

下一页 »
1234下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-8 13:04 , Processed in 0.097317 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表