【05.31】#VirusPackage 13x + Modified Samples

Jerry.Lin

Dust-;羅錠 发表于 2018-5-31 21:43
可惜了，红伞弄了个启动器，让我断绝了对它的兴趣。我试了一下，即使是企业版也有那个启动器，红伞真是要 ...

https://bbs.kafan.cn/thread-2111161-1-1.html

这样就行了

Jerry.Lin

wusiyuanjh 发表于 2018-5-31 21:56
卡巴  0531 21：55
Samples(12/13) + M(4/13) = Total(16/26)

双击看看

bbs2811125

SEP 05 31 21:56

Samples(12/13) + M(12/13) = Total(24/26)
居然漏了7号

x291502676

191196846 发表于 2018-5-31 22:03
误报较少

那就厉害了  云响应快还可以  希望能加入一个厉害的主防

bbs2811125

ESET 05 31 22:15
你大爷还是你大爷
Samples(13/13) + M(13/13) = Total(26/26)

1. 
   
2. Version of detection engine: 17476P (20180531)
   
3. Date: 2018/5/31  Time: 22:14:33
   
4. Scanned disks, folders and files: D:\搜狗高速下载\Virus 13x 0531
   
5. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(1).exe - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
   
6. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(10).exe - a variant of Win32/Injector.DYIP trojan - cleaned by deleting [1]
   
7. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(11).exe - Suspicious Object - deleted
   
8. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(12).exe - a variant of MSIL/Kryptik.OHT trojan - cleaned by deleting [1]
   
9. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(13).scr - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
   
10. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(2).exe - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
    
11. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(3).exe - a variant of Win32/Injector.DYIG trojan - cleaned by deleting [1]
    
12. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(4).exe - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
    
13. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(5).exe - a variant of Win32/Injector.DYIN trojan - cleaned by deleting [1]
    
14. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(6).exe - a variant of Win32/Injector.DYHV trojan - cleaned by deleting [1]
    
15. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(7).exe - a variant of MSIL/Kryptik.NIB trojan - cleaned by deleting [1]
    
16. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(8).exe - a variant of Win32/Injector.DYHU trojan - cleaned by deleting [1]
    
17. D:\搜狗高速下载\Virus 13x 0531\Modified Samples\M(9).exe - a variant of Win32/Injector.DYIN trojan - cleaned by deleting [1]
    
18. D:\搜狗高速下载\Virus 13x 0531\Samples\(1).exe - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
    
19. D:\搜狗高速下载\Virus 13x 0531\Samples\(10).exe - a variant of Win32/Injector.DYIP trojan - cleaned by deleting [1]
    
20. D:\搜狗高速下载\Virus 13x 0531\Samples\(11).exe - Suspicious Object - deleted
    
21. D:\搜狗高速下载\Virus 13x 0531\Samples\(12).exe - a variant of MSIL/Kryptik.OHT trojan - cleaned by deleting [1]
    
22. D:\搜狗高速下载\Virus 13x 0531\Samples\(13).scr - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
    
23. D:\搜狗高速下载\Virus 13x 0531\Samples\(2).exe - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
    
24. D:\搜狗高速下载\Virus 13x 0531\Samples\(3).exe - a variant of Win32/Injector.DYIG trojan - cleaned by deleting [1]
    
25. D:\搜狗高速下载\Virus 13x 0531\Samples\(4).exe - a variant of Win32/Injector.DYIH trojan - cleaned by deleting [1]
    
26. D:\搜狗高速下载\Virus 13x 0531\Samples\(5).exe - a variant of Win32/Injector.DYIN trojan - cleaned by deleting [1]
    
27. D:\搜狗高速下载\Virus 13x 0531\Samples\(6).exe - a variant of Win32/Injector.DYHV trojan - cleaned by deleting [1]
    
28. D:\搜狗高速下载\Virus 13x 0531\Samples\(7).exe - a variant of MSIL/Kryptik.NIB trojan - cleaned by deleting [1]
    
29. D:\搜狗高速下载\Virus 13x 0531\Samples\(8).exe - a variant of Win32/Injector.DYHU trojan - cleaned by deleting [1]
    
30. D:\搜狗高速下载\Virus 13x 0531\Samples\(9).exe - a variant of Win32/Injector.DYIN trojan - cleaned by deleting [1]
    
31. Number of scanned objects: 26
    
32. Number of threats found: 26
    
33. Number of cleaned objects: 26
    
34. Time of completion: 22:15:00  Total scanning time: 27 sec (00:00:27)

复制代码

ATP_synthase

191196846 发表于 2018-5-31 22:05
双击看看

双击无反应

Dust-;羅錠

Malwarebytes

5/13+4/13=9/26

Trojan.Emotet, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\SAMPLES\(11).EXE
Spyware.TrickBot, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\SAMPLES\(10).EXE
Spyware.PasswordStealer, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\SAMPLES\(6).EXE
Trojan.Injector, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\SAMPLES\(8).EXE
Trojan.MalPack, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\SAMPLES\(3).EXE

Trojan.Injector, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\MODIFIED SAMPLES\M(8).EXE
Trojan.MalPack, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\MODIFIED SAMPLES\M(3).EXE
Trojan.Emotet, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\MODIFIED SAMPLES\M(11).EXE
Spyware.PasswordStealer, C:\USERS\YILAN\DOWNLOADS\VIRUS 13X 0531\MODIFIED SAMPLES\M(6).EXE

Dust-;羅錠

191196846 发表于 2018-5-31 22:05
https://bbs.kafan.cn/thread-2111161-1-1.html

这样就行了

我有点奇怪的洁癖，对红伞这样的行为看不顺眼，这就不是自己动手清除的问题了。不过红伞的UI真的是迷之难看。

桑德尔

Dust-;羅錠 发表于 2018-5-31 22:39
我有点奇怪的洁癖，对红伞这样的行为看不顺眼，这就不是自己动手清除的问题了。不过红伞的UI真的是迷之难 ...

红伞真正的问题是偶尔会导致win10不能快速关机，而且还和Mactype兼容性不佳
那个时不时未响应的卢克天行者由于即将移除就不吐槽了

ccboxes

是否有人上报卡巴？没有的话响应速度还行

卡巴  0531 23：39
扫描
Samples(13/13) + M(12/13) = Total(25/26)
综合
Samples(13/13) + M(12/13) = Total(25/26)

M10.exe,双击后十分钟无行为，Miss。