挖到的 qq.exe [md5:a4f712]

显示全部楼层 · 发表于 2008-2-21 08:32:04

反病毒引擎	版本	最后更新	扫描结果
AhnLab-V3	2008.2.20.0	2008.02.20	-
AntiVir	7.6.0.67	2008.02.20	TR/Crypt.XDR.Gen
Authentium	4.93.8	2008.02.20	-
Avast	4.7.1098.0	2008.02.20	-
AVG	7.5.0.516	2008.02.21	-
BitDefender	7.2	2008.02.21	-
CAT-QuickHeal	9.50	2008.02.20	-
ClamAV	None	2008.02.21	-
DrWeb	4.44.0.09170	2008.02.20	-
eSafe	7.0.15.0	2008.02.20	suspicious Trojan/Worm
eTrust-Vet	31.3.5550	2008.02.20	-
Ewido	4.0	2008.02.20	-
FileAdvisor	1	2008.02.21	-
Fortinet	3.14.0.0	2008.02.19	-
F-Prot	4.4.2.54	2008.02.20	-
F-Secure	6.70.13260.0	2008.02.20	-
Ikarus	T3.1.1.20	2008.02.20	Trojan.Crypt.XDR
Kaspersky	7.0.0.125	2008.02.21	-
McAfee	5234	2008.02.20	-
Microsoft	1.3204	2008.02.20	-
NOD32v2	2891	2008.02.21	-
Norman	5.80.02	2008.02.20	-
Panda	9.0.0.4	2008.02.20	Suspicious file
Prevx1	V2	2008.02.21	-
Rising	20.32.22.00	2008.02.20	-
Sophos	4.26.0	2008.02.20	Mal/Emogen-E
Sunbelt	3.0.884.0	2008.02.19	-
Symantec	10	2008.02.21	-
TheHacker	6.2.9.225	2008.02.21	-
VBA32	3.12.6.1	2008.02.17	-
VirusBuster	4.3.26:9	2008.02.20	-
Webwasher-Gateway	6.6.2	2008.02.20	Trojan.Crypt.XDR.Gen

附加信息

File size: 908288 bytes

MD5: a4f712d61d3fb13a8d2a2d18ec0bf85c

SHA1: fa893dc731ddedc82ba7f3233841f7d99bae3bc2

PEiD: EncryptPE V2.2007.4.11 -> WFS

packers: UPX

显示全部楼层 · 发表于 2008-2-21 08:53:36

to kl..shou

Hello,

2008020113TestHttp.exek

No malicious code was found in this file.

3.exek - Trojan-Downloader.Win32.Small.imt,
5.exek - Backdoor.Win32.Agent.eqc,
52vip_yoyo1012.exek - Backdoor.Win32.Rbot.htn,
an006.exek - Trojan-Downloader.Win32.Agent.jhx,
exe.exek - Trojan-Downloader.Win32.Agent.jhy,
mrofinu565.exek - Trojan-Downloader.Win32.Agent.jhv,
niu.ex4e - Worm.Win32.AutoRun.cpy,
qq.exek - Trojan.Win32.Pakes.cew, [:1:]
www.hmhk.cn.exek - Backdoor.Win32.Hupigon.axet

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

73e1.exek - not-a-virus:AdWare.Win32.BHO.abi

This file is an Advertizing Tool, it is detected by
extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates

Please quote all when answering.

--
Best regards, Vladimir Krylov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 wangjay1980 于 2008-2-21 11:42 编辑 ]

显示全部楼层 · 发表于 2008-2-21 09:24:44

http://research.sunbelt-software.com/ViewMalware.aspx?id=3170521

到底是不是啊

显示全部楼层 · 发表于 2008-2-21 09:27:22

还是那句话，你双击一下么，不就全知道了

显示全部楼层 · 发表于 2008-2-21 09:28:56

珍爱电脑，远离试毒

显示全部楼层 · 发表于 2008-2-21 09:41:23

微点拦截

显示全部楼层 · 发表于 2008-2-21 10:06:45

NOD又没拦住

显示全部楼层 · 发表于 2008-2-21 10:50:42

好像挺猛的1个毒啊，狂开窗口，FS没拦住

显示全部楼层 · 发表于 2008-2-21 11:10:15

华丽的过了费尔

显示全部楼层 · 发表于 2008-2-21 11:12:28

微点砍掉

[病毒样本] 挖到的 qq.exe [md5:a4f712]

本帖子中包含更多资源

回复 3楼 spaceplane 的帖子

本帖子中包含更多资源