转吾爱的木马一枚

显示全部楼层 · 发表于 2017-3-19 09:38:02

https://x.threatbook.cn/report/9 ... 6ff17bc429b8bea693e

发现木马样本如果不出现在卡饭，各大云怎么都就哑火了。。。什么国内的国外的。。

显示全部楼层 · 发表于 2017-3-19 09:55:55

百度杀毒扫描日志

扫描信息
扫描开始时间:2017-3-19 09:55:22
扫描用时:00:00:07
扫描类型:自定义查杀
扫描状态:查杀完成

扫描结果
扫描文件数:4
发现风险数:1
已处理风险数:1

风险情况详情:

病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9982.bav 路径:C:\Users\LonelyWildCrane\Desktop\木马样本\dat\baidu.com 病毒木马类型:恶意木马成功清除

显示全部楼层 · 发表于 2017-3-19 10:41:16

eset杀一个

显示全部楼层 · 发表于 2017-3-19 11:14:29

卡巴拉黑下载链接

显示全部楼层 · 发表于 2017-3-19 11:25:12

sep文件信誉报

显示全部楼层 · 发表于 2017-3-19 11:57:52

Kaspersky
Total Security
ACCESS DENIED
The requested URL cannot be provided

Object URL:

https://att.kafan.cn/forum.php?mo ... Dk3NTc3MnwyMDgxNTU1

Reason:

The object is infected by Trojan.Win32.DLLhijack.fv
Message generated on: 2017/3/19 11:57:44

显示全部楼层 · 发表于 2017-3-19 12:32:15

Filename: baidu.com
Threat name: SONAR.Heuristic.158Full Path: Not Available

____________________________

____________________________

On computers as of
Not Available

Last Used
at

Startup Item
No

Launched
Yes

SONAR Protection monitors for suspicious program activity on your computer.

____________________________

baidu.com Threat name: SONAR.Heuristic.158
Locate

Unknown
It is unknown how many users in the Norton Community have used this file.

Unknown
This file release is currently not known.

High
This file risk is high.

____________________________

Source: External Media

____________________________

File Actions

File: c:\users\m\desktop\木马样本\木马样本\dat\ baidu.com No Action Required
Directory: c:\sandbox\m\defaultbox\drive\c\program files (x86)\tencent\ qqgame No Action Required
____________________________

System Settings Actions

Event: Process start (Performed by c:\users\m\desktop\木马样本\木马样本\dat\baidu.com, PID:6892) No action taken
Event: PE file creation: c:\sandbox\m\defaultbox\drive\c\program files (x86)\tencent\qqgame\ qqgame.exe (Performed by c:\users\m\desktop\木马样本\木马样本\dat\baidu.com, PID:6892) No action taken
Event: Process start: c:\users\m\desktop\木马样本\木马样本\dat\ baidu.com, PID:6892 (Performed by c:\users\m\desktop\木马样本\木马样本\dat\baidu.com, PID:6892) No action taken
____________________________

File Thumbprint - SHA:
Not available
File Thumbprint - MD5:
Not available

显示全部楼层 · 发表于 2017-3-19 14:08:39

毒霸扫描miss

显示全部楼层 · 发表于 2017-3-19 14:35:43

Avira
Detection: HEUR/APC.Griffin (Cloud)

显示全部楼层 · 发表于 2017-3-19 14:36:36

微点拦截

[病毒样本] 转吾爱的木马一枚

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源