楼主: 神龟Turmi
收起左侧

[病毒样本] 【缉毒卫队测试包】第46期 20180521

  [复制链接]
zhoutaoyu
发表于 2018-5-22 10:11:20 | 显示全部楼层
Norton:8/12

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
ATP_synthase
发表于 2018-5-22 13:19:59 | 显示全部楼层
本帖最后由 wusiyuanjh 于 2018-5-22 13:26 编辑

卡巴杀6,剩余的另一个word文档打开启用宏后杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
dongwenqi + 1 版区有你更精彩: )

查看全部评分

桑德尔
头像被屏蔽
发表于 2018-5-22 14:50:23 | 显示全部楼层
dg1vg4 发表于 2018-5-21 22:07
瑞星杀毒软件v17
未修改:4/7

我就记得之前有人说过“!8”是拉黑MD5的报法
,就一个.
发表于 2018-5-22 15:00:19 | 显示全部楼层
迈克菲就是拉黑MD5,怎么滴?俺就是要用啊
klinxun
发表于 2018-5-22 17:15:22 | 显示全部楼层
,就一个. 发表于 2018-5-22 15:00
迈克菲就是拉黑MD5,怎么滴?俺就是要用啊

咖啡玄学一般的存在。没错是拉黑md5,但是改了md5照样干死它。
wangyuhe
发表于 2018-5-22 20:54:41 | 显示全部楼层
AVG杀7个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
真小读者
发表于 2018-5-22 22:05:05 | 显示全部楼层
本帖最后由 真小读者 于 2018-5-22 22:06 编辑

@191196846 的帮助下,解决了微点回滚杀7z的问题,重新测试

@a445441 @終極小壞蛋 @skycai

报了一个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
a445441
发表于 2018-5-22 22:07:58 | 显示全部楼层
真小读者 发表于 2018-5-22 22:05
在@191196846 的帮助下,解决了微点回滚杀7z的问题,重新测试

@a445441 @終極小壞蛋 @skycai

我测试微点是拦截4.exe 3.exe是不拦截的
小飞侠.net
发表于 2018-5-23 22:01:02 | 显示全部楼层
本帖最后由 小飞侠.net 于 2018-5-23 23:03 编辑

X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 4)....1803):

Basic Info:
---------------------
Database Version: 2018.05.21.01
Program Version: [图片]2.1.1.0
Heuristic Engine: Enabled
Cloud Engine: Enabled
Enhanced Mode: Disabled
Backup Before Resolve: Yes
Resolve Threats: Scan only
Scan Priority: Normal
---------------------
Targets:
---------------------
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic
---------------------
2018/05/23 23:01:50 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-2-Backdoor.Strictor.exe.infected -- [Cloud] Cloud:Trojan.Win32.Generic
2018/05/23 23:01:50 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-1-VBA.Powershell.doc.infected -- [Cloud] Cloud:Macro.MSWord.Downloader
2018/05/23 23:01:50 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-3-Backdoor.Socelars.exe.infected -- [Classic] [图片]Trojan.Win32.Agent.AR
2018/05/23 23:01:51 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-5-VBA.Powershell.doc.infected -- [Cloud] Cloud:Macro.MSWord.Downloader
2018/05/23 23:01:51 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-4-Backdoor.Hokelambert.exe.infected -- [Cloud] Cloud:Backdoor.Win32.Generic
2018/05/23 23:01:52 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-6-Backdoor.Xow4.exe.infected -- [Cloud] Cloud:Backdoor.Win32.Generic
2018/05/23 23:01:53 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-2-Backdoor.Strictor.exe.infected -- [Cloud] Cloud:Trojan.Win32.Generic
2018/05/23 23:01:53 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-3-Backdoor.Socelars.exe.infected -- [Classic] [图片]Trojan.Win32.Agent.AR
2018/05/23 23:01:55 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-4-Backdoor.Hokelambert.exe.infected -- [Cloud] Cloud:Backdoor.Win32.Generic
2018/05/23 23:01:57 Threat Detected: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-6-Backdoor.Xow4.exe.infected -- [Cloud] Cloud:Backdoor.Win32.Generic



瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开)   

                瑞星反恶软引擎命令行扫描器(社区交流版)                 


编译于:Sep 22 2017   15:07:50

提示:
  - 本工具供社区交流使用,请勿用于其他用途
  - 本工具没有恶意软件删除、清除、隔离功能
  - 本工具包含开发中的新特性,结果仅供参考

* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180523225519.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic

* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4289
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Wed May 23 22:55:32 2018

{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\180521-4-Backdoor.Hokelambert.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTofvjKNI9BXXYFwnDVlY8eLIDrgqw","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\180521-3-Backdoor.Socelars.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTpSGnMyrQm0gBV5hp98oyDGF7yFdg","threat":"Spyware.Socelars!8.EBE4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\180521-6-Backdoor.Xow4.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTqFjwc5rU2/TM8uNKSUmOTphCVo4w","threat":"Trojan.Agentb!8.F8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\modifed\\modifed.180521-2-Backdoor.Strictor.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTqEFIsc0idUrUP56PC0/YtNDu33rQ","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\180521-2-Backdoor.Strictor.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTrkcKG/4E/nfHMG31bu7htF22tOuw","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\modifed\\modifed.180521-4-Backdoor.Hokelambert.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTryblMAofUZXgj+s8orQuev2YlSaA","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\modifed\\modifed.180521-3-Backdoor.Socelars.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTqk2sabAg+3YxlR6o6l/KZ32/WCCw","threat":"Spyware.Socelars!8.EBE4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\modifed\\modifed.180521-6-Backdoor.Xow4.exe.infected","infect":{"engine":"rdmk","signature":"cmRtazqPNMT4AkotIrrUDMTfBO9H","threat":"Trojan.Agentb!8.F8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\180521-7-Backdoor.Avialance.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTp4DbZCByjpSE061j+30UEKaydwaw","threat":"Trojan.Tiggre!8.ED98"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\modifed\\modifed.180521-7-Backdoor.Avialance.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTp2Ge0KDIukN4ApguAtHSqWuLdKDQ","threat":"Trojan.Fuerboos!8.EFC8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\180521-1-VBA.Powershell.doc.infected","infect":{"engine":"topis","signature":"VcNmICzPcdS","threat":"Downloader.Agent!8.B23"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\jdwd180521Generic\\jdwd180521\\180521-5-VBA.Powershell.doc.infected","infect":{"engine":"topis","signature":"BEdVVFpeC1O","threat":"Downloader.Agent!8.B23"},"type":"scan"}

扫描结束: Wed May 23 22:55:33 2018

总扫描耗时: 0:1:236(m:s:ms)
总扫描对象: 14
总扫描文件: 12
总恶意文件: 12
有效检出率: 100.00%



Emsisoft Emergency Kit - 版本 2018.3
上次更新: 2018/5/23 21:42:24
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10x64

Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
    Bitdefender(B)+Emsisoft(A) 双引擎

扫描设置:

扫描方式: 自定义扫描
对象: Rootkits, 内存, C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\

检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off

扫描开始于:        2018/5/23 22:43:36
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-1-VBA.Powershell.doc.infected         发现风险: VB:Trojan.Valyria.1776 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-5-VBA.Powershell.doc.infected         发现风险: VB:Trojan.Valyria.1776 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-2-Backdoor.Strictor.exe.infected         发现风险: Gen:Variant.Jaik.24161 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-3-Backdoor.Socelars.exe.infected         发现风险: Gen:Variant.Adware.ConvertAD.1396 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-2-Backdoor.Strictor.exe.infected         发现风险: Trojan.GenericKD.30843992 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-6-Backdoor.Xow4.exe.infected         发现风险: Trojan.GenericKD.30843099 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-4-Backdoor.Hokelambert.exe.infected         发现风险: Trojan.GenericKD.30838561 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-6-Backdoor.Xow4.exe.infected         发现风险: Trojan.GenericKD.30843099 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-4-Backdoor.Hokelambert.exe.infected         发现风险: Trojan.GenericKD.30838561 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-3-Backdoor.Socelars.exe.infected         发现风险: Gen:Variant.Adware.ConvertAD.1396 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-7-Backdoor.Avialance.exe.infected         发现风险: Gen:Variant.Ursu.194549 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-7-Backdoor.Avialance.exe.infected         发现风险: Gen:Variant.Barys.53803 (B) [krnl.xmd]

已扫描        1832
发现        12

扫描完成后:        2018/5/23 22:44:21
扫描时间:        0:00:45



ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):

日志
正在扫描日志
检测引擎的版本: 17432P (20180523)
日期: 2018/5/23  时间: 22:38:27
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-1-VBA.Powershell.doc.infected - VBA/TrojanDownloader.Agent.IIM 特洛伊木马 - 已清除
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-2-Backdoor.Strictor.exe.infected - Generik.DHGVZKC 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-3-Backdoor.Socelars.exe.infected - Win32/Spy.Socelars.G 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-4-Backdoor.Hokelambert.exe.infected - MSIL/Kryptik.ODU 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-5-VBA.Powershell.doc.infected - VBA/TrojanDownloader.Agent.IIF 特洛伊木马 - 已清除
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-6-Backdoor.Xow4.exe.infected - Generik.MMZNHYL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\180521-7-Backdoor.Avialance.exe.infected - MSIL/Packed.Confuser.J 可疑应用程序 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-3-Backdoor.Socelars.exe.infected - Win32/Spy.Socelars.G 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-4-Backdoor.Hokelambert.exe.infected - MSIL/Kryptik.ODU 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-7-Backdoor.Avialance.exe.infected - MSIL/Packed.Confuser.J 可疑应用程序 的变种 - 通过删除清除 [1]
已扫描的对象数: 12
发现的威胁数: 10
已清除对象数: 10
完成时间: 22:38:51  总扫描时间: 24 秒 (00:00:24)

备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。



Dr.Web CureIt! 简体中文绿色免费版---( Windows 7 Ultimate with SP1 简体中文旗舰版....):

-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\2197D95DD -rpcpr:np

Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic


C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-1-VBA.Powershell.doc.infected - infected with W97M.DownLoader.2736
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-1-VBA.Powershell.doc.infected - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-4-Backdoor.Hokelambert.exe.infected - infected with Trojan.MulDrop8.23716
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-4-Backdoor.Hokelambert.exe.infected - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-4-Backdoor.Hokelambert.exe.infected - infected with Trojan.MulDrop8.23716
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-4-Backdoor.Hokelambert.exe.infected - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-2-Backdoor.Strictor.exe.infected - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-5-VBA.Powershell.doc.infected - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-3-Backdoor.Socelars.exe.infected - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-2-Backdoor.Strictor.exe.infected - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-6-Backdoor.Xow4.exe.infected - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-3-Backdoor.Socelars.exe.infected - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-6-Backdoor.Xow4.exe.infected - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-6-Backdoor.Xow4.exe.infected - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-6-Backdoor.Xow4.exe.infected - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\180521-7-Backdoor.Avialance.exe.infected - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521Generic\jdwd180521\modifed\modifed.180521-7-Backdoor.Avialance.exe.infected - Ok

Total 4432830 bytes in 12 files scanned
Total 9 files are clean
Total 3 files are infected
Scan time is 00:00:00.833


火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。

文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521.7z
文件大小: 1.47 MB (1,551,294 字节)
修改时间: 2018年05月23日,21:56:04
MD5: 264FC6CB5D5DEAEB4B71C18621479D9D
SHA1: CDDAEEB42A3F7C93358BCFE5E9F51BD56C875F58
SHA256: 0B6B26B4DB83FFC4269358BB539AC349FBFB170045674D517F145ACFBAB87E51
SHA512: F1E6E7FE7DD5C0EBB2C5EDDD6DC7F3DF641D7682D1068F1F87976F8D647D648093BAD100D686ECA81363DF885C2B9315966CBB0E060546358B5F782F29ED87CE
CRC32: 6849822C
计算时间: 0.05s



病毒库:2018-05-23 16:41
开始时间:2018-05-23 21:58
总计用时:00:00:12
扫描对象:16个
扫描文件:12个
发现风险:8个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个

病毒详情

风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\180521-1-VBA.Powershell.doc.infected, 病毒名:Trojan/Generic!68863A5E3570DF51, 病毒ID:[68863a5e3570df51], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\180521-5-VBA.Powershell.doc.infected, 病毒名:Trojan/Generic!E13051611A6F8ADD, 病毒ID:[e13051611a6f8add], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\180521-4-Backdoor.Hokelambert.exe.infected, 病毒名:Trojan/Generic!139D1C1F27683E3A, 病毒ID:[139d1c1f27683e3a], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\180521-7-Backdoor.Avialance.exe.infected, 病毒名:Trojan/Generic!F38BC2E2E54D8CCE, 病毒ID:[f38bc2e2e54d8cce], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\180521-3-Backdoor.Socelars.exe.infected, 病毒名:TrojanDownloader/Socelars.a, 病毒ID:[a194df1a081fd5d3], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\modifed\modifed.180521-3-Backdoor.Socelars.exe.infected, 病毒名:TrojanDownloader/Socelars.a, 病毒ID:[a194df1a081fd5d3], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\modifed\modifed.180521-4-Backdoor.Hokelambert.exe.infected, 病毒名:Trojan/Generic!C27CAC85C0CF2F0F, 病毒ID:[c27cac85c0cf2f0f], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\jdwd180521\modifed\modifed.180521-7-Backdoor.Avialance.exe.infected, 病毒名:Trojan/Generic!100B9288CD8FB199, 病毒ID:[100b9288cd8fb199], 处理结果:已忽略
dg1vg4
发表于 2018-5-23 22:06:21 | 显示全部楼层
桑德尔 发表于 2018-5-22 14:50
我就记得之前有人说过“!8”是拉黑MD5的报法

应该不是,你自己测一下就能发现一些反例了。
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-28 17:40 , Processed in 0.098423 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表