收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #PACKAGE 0613
1234下一页
返回列表 发新帖
查看: 5083|回复: 33
收起左侧

[病毒样本] #PACKAGE 0613

  [复制链接]
Jerry.Lin
发表于 2018-6-13 21:14:39 | 显示全部楼层 |阅读模式
本帖最后由 191196846 于 2018-6-13 21:23 编辑

蓝奏


Total : 36 (18+18)

……我错了


#勿传VT
#在样本有效期内(24小时),建议无需手动上报样本至厂商,便于其他人测试行为拦截,响应速度等
#样本序号以收集时间顺序排序,越大代表越接近现在时间


如 Modified Samples 报毒名与原样本有较大出入,则不计算在内。
行为防御检测计算在内
鼓励双击,结果置顶


回帖格式建议

杀软名称 + 时间

Samples查杀率 + M_Samples查杀率 = Total



例如:

XXXX  05 22 21:27

Samples(5/10) + M(3/10) = Total(8/20)  40%


----------------------------------------------
Second Scan 05 22 21:29

Samples(7/10) + M(3/10) = Total(10/20) 50%


评分

参与人数 1人气 +1 收起 理由
petr0vic + 1 版区有你更精彩: )

查看全部评分

回复

举报

ATP_synthase
发表于 2018-6-13 21:54:59 | 显示全部楼层
本帖最后由 wusiyuanjh 于 2018-6-13 22:06 编辑

KFA2019

双击14号删除自身,m2号衍生物被拉黑杀掉,m5报错停止运行,m8号删除自身,阻止m11启动,m12删除自身,m16删除自身

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
aboringman + 1 非常感谢

查看全部评分

回复

举报

YU2711
发表于 2018-6-13 22:29:17 | 显示全部楼层
本帖最后由 YU2711 于 2018-6-13 22:30 编辑

SEP  S【15/18】+M【16/18】=T【31/36】 22:30

双击  S剩5  12 16
5 停止运作
12 SONAR.SuspPE!gen28
16 消失
M剩2 5
2
5跟S5一样
总结
S【17/18】+M【16/18】=T【33/36】
回复

举报

,就一个.
发表于 2018-6-14 01:25:13 | 显示全部楼层
本帖最后由 ,就一个. 于 2018-6-14 02:47 编辑

迈克菲 2018年6月14日2018年6月14日02:47:41
扫描
S文件夹16/18+9/18M文件夹=25/36

双击

S文件夹
9 不杀
16 报Real Protect-EC!DC7C5C557DE7

M文件夹
2 报衍生物 Suspect!515e721fa9cb
4 报Real Protect-EC!680E5E4E2097
5不杀8 报Real Protect-EC!EA3F4FFEBE24
9 报Real Protect-EC!A0D40AD57F04
10 报Real Protect-LS!e02c483d895d
11 报Real Protect-EC!388C1B9DB3BE
16 报 Suspect!8643cac7423e
18报 Real Protect-LS!089d59ba2a05

最后成绩S 17/18+M 17/18=34/36  94%

回复

举报

Jerry.Lin
 楼主| 发表于 2018-6-13 21:14:56 | 显示全部楼层
本帖最后由 191196846 于 2018-6-13 21:58 编辑

21:24

Samples(17/18) + M(16/18) = Total(33/36) 92%


21:57
Samples(17/18) + M(18/18) = Total(35/36) 97%
  1. 2018/6/13, 21:22:42 [Real-Time Protection] Malware found
  2.         The pattern of 'TR/Crypt.XPACK.Gen [trojan]'
  3.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(18).exe'.
  4.         Action performed: Delete file
  5.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  7. 2018/6/13, 21:22:35 [Real-Time Protection] Malware found
  8.         The pattern of 'TR/Crypt.ZPACK.Gen2 (Cloud) [TR/Crypt.ZPACK.Gen2]'
  9.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(16).exe'.
  10.         Action performed: Delete file
  11.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  13. 2018/6/13, 21:22:16 [Real-Time Protection] Malware found
  14.         The pattern of 'DR/Delphi.4572c7 (Cloud) [DR/Delphi.4572c7]'
  15.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(15).exe'.
  16.         Action performed: Delete file
  17.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  19. 2018/6/13, 21:22:00 [Real-Time Protection] Malware found
  20.         The pattern of 'TR/Dropper.VB.d7889c (Cloud) [TR/Dropper.VB.d7889c]'
  21.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(14).exe'.
  22.         Action performed: Delete file
  23.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  25. 2018/6/13, 21:21:45 [Real-Time Protection] Malware found
  26.         The pattern of 'DR/Delphi.28177a (Cloud) [DR/Delphi.28177a]'
  27.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(13).exe'.
  28.         Action performed: Delete file
  29.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  31. 2018/6/13, 21:21:26 [Real-Time Protection] Malware found
  32.         The pattern of 'DR/Delphi.Gen [dropper]'
  33.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(12).exe'.
  34.         Action performed: Delete file
  35.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  37. 2018/6/13, 21:21:19 [Real-Time Protection] Malware found
  38.         The pattern of 'TR/Crypt.ZPACK.606e16 (Cloud) [TR/Crypt.ZPACK.606e16]'
  39.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(11).exe'.
  40.         Action performed: Delete file
  41.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  43. 2018/6/13, 21:21:04 [Real-Time Protection] Malware found
  44.         The pattern of 'TR/Crypt.XPACK.Gen [trojan]'
  45.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(10).exe'.
  46.         Action performed: Delete file
  47.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  49. 2018/6/13, 21:21:00 [Real-Time Protection] Malware found
  50.         The pattern of 'TR/Crypt.ZPACK.Gen [trojan]'
  51.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(9).exe'.
  52.         Action performed: Delete file
  53.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  55. 2018/6/13, 21:20:56 [Real-Time Protection] Malware found
  56.         The pattern of 'DR/Delphi.Gen [dropper]'
  57.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(8).exe'.
  58.         Action performed: Delete file
  59.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  61. 2018/6/13, 21:20:52 [Real-Time Protection] Malware found
  62.         The pattern of 'TR/Injector.9c0b08 (Cloud) [TR/Injector.9c0b08]'
  63.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(7).exe'.
  64.         Action performed: Delete file
  65.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  67. 2018/6/13, 21:20:37 [Real-Time Protection] Malware found
  68.         The pattern of 'TR/Crypt.ZPACK.Gen [trojan]'
  69.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(6).exe'.
  70.         Action performed: Delete file
  71.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  73. 2018/6/13, 21:20:34 [Real-Time Protection] Malware found
  74.         The pattern of 'DR/AutoIt.Gen8 [dropper]'
  75.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(5).exe'.
  76.         Action performed: Delete file
  77.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  79. 2018/6/13, 21:20:31 [Real-Time Protection] Malware found
  80.         The pattern of 'TR/Crypt.XPACK.b2e6e5 (Cloud) [TR/Crypt.XPACK.b2e6e5]'
  81.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(4).exe'.
  82.         Action performed: Delete file
  83.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  85. 2018/6/13, 21:19:34 [Real-Time Protection] Malware found
  86.         The pattern of 'TR/AD.Emotet.T (Cloud) [TR/AD.Emotet.T]'
  87.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(18).exe'.
  88.         Action performed: Delete file
  89.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  91. 2018/6/13, 21:19:29 [Real-Time Protection] Malware found
  92.         The pattern of 'DR/Delphi.4a53e2 (Cloud) [DR/Delphi.4a53e2]'
  93.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(17).exe'.
  94.         Action performed: Delete file
  95.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  97. 2018/6/13, 21:19:25 [Real-Time Protection] Malware found
  98.         The pattern of 'TR/Crypt.ZPACK.963f17 (Cloud) [TR/Crypt.ZPACK.963f17]'
  99.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(16).exe'.
  100.         Action performed: Delete file
  101.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  103. 2018/6/13, 21:19:20 [Real-Time Protection] Malware found
  104.         The pattern of 'DR/Delphi.498e51 (Cloud) [DR/Delphi.498e51]'
  105.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(15).exe'.
  106.         Action performed: Delete file
  107.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  109. 2018/6/13, 21:19:16 [Real-Time Protection] Malware found
  110.         The pattern of 'HEUR/AGEN.1004799 [heuristic]'
  111.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(14).exe'.
  112.         Action performed: Delete file
  113.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  115. 2018/6/13, 21:19:11 [Real-Time Protection] Malware found
  116.         The pattern of 'DR/Delphi.20a52c (Cloud) [DR/Delphi.20a52c]'
  117.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(13).exe'.
  118.         Action performed: Delete file
  119.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  121. 2018/6/13, 21:18:53 [Real-Time Protection] Malware found
  122.         The pattern of 'TR/Dldr.Delf.d8186c (Cloud) [TR/Dldr.Delf.d8186c]'
  123.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(12).exe'.
  124.         Action performed: Delete file
  125.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  127. 2018/6/13, 21:18:49 [Real-Time Protection] Malware found
  128.         The pattern of 'TR/AD.Inject.2f01ba (Cloud) [TR/AD.Inject.2f01ba]'
  129.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(11).exe'.
  130.         Action performed: Delete file
  131.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  133. 2018/6/13, 21:18:44 [Real-Time Protection] Malware found
  134.         The pattern of 'TR/Crypt.ZPACK.aea946 (Cloud) [TR/Crypt.ZPACK.aea946]'
  135.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(10).exe'.
  136.         Action performed: Delete file
  137.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  139. 2018/6/13, 21:18:38 [Real-Time Protection] Malware found
  140.         The pattern of 'TR/Dropper.VB.e00885 (Cloud) [TR/Dropper.VB.e00885]'
  141.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(9).exe'.
  142.         Action performed: Delete file
  143.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  145. 2018/6/13, 21:18:15 [Real-Time Protection] Malware found
  146.         The pattern of 'HEUR/APC (Cloud) [HEUR/APC]'
  147.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(8).exe'.
  148.         Action performed: Delete file
  149.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  151. 2018/6/13, 21:18:10 [Real-Time Protection] Malware found
  152.         The pattern of 'TR/Injector.a90ab2 (Cloud) [TR/Injector.a90ab2]'
  153.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(6).exe'.
  154.         Action performed: Delete file
  155.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  157. 2018/6/13, 21:17:48 [Real-Time Protection] Malware found
  158.         The pattern of 'DR/AutoIt.Gen8 [dropper]'
  159.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(5).exe'.
  160.         Action performed: Delete file
  161.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  163. 2018/6/13, 21:17:43 [Real-Time Protection] Malware found
  164.         The pattern of 'TR/Crypt.XPACK.ece2a8 (Cloud) [TR/Crypt.XPACK.ece2a8]'
  165.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(4).exe'.
  166.         Action performed: Delete file
  167.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  169. 2018/6/13, 21:17:05 [Real-Time Protection] Malware found
  170.         The pattern of 'TR/Injector.lyfmo [trojan]'
  171.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(3).exe'.
  172.         Action performed: Delete file
  173.         User SID: S-1-5-18

  175. 2018/6/13, 21:17:04 [Real-Time Protection] Malware found
  176.         The pattern of 'TR/Injector.lyfmo [trojan]'
  177.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(3).exe'.
  178.         Action performed: Delete file
  179.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  181. 2018/6/13, 21:17:04 [Real-Time Protection] Malware found
  182.         The pattern of 'TR/AD.RansomHeur.qqkfb [trojan]'
  183.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Modified Samples\(1).exe'.
  184.         Action performed: Delete file
  185.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  187. 2018/6/13, 21:17:03 [Real-Time Protection] Malware found
  188.         The pattern of 'TR/AD.Sagonaire.leqho [trojan]'
  189.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(7).exe'.
  190.         Action performed: Delete file
  191.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  193. 2018/6/13, 21:17:03 [Real-Time Protection] Malware found
  194.         The pattern of 'TR/AD.RansomHeur.qqkfb [trojan]'
  195.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(1).exe'.
  196.         Action performed: Delete file
  197.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  199. 2018/6/13, 21:17:02 [Real-Time Protection] Malware found
  200.         The pattern of 'TR/AD.Sagonaire.leqho [trojan]'
  201.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(7).exe'.
  202.         Action performed: Delete file
  203.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  205. 2018/6/13, 21:17:02 [Real-Time Protection] Malware found
  206.         The pattern of 'TR/Injector.lyfmo [trojan]'
  207.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(3).exe'.
  208.         Action performed: Delete file
  209.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  211. 2018/6/13, 21:17:02 [Real-Time Protection] Malware found
  212.         The pattern of 'TR/AD.RansomHeur.qqkfb [trojan]'
  213.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(1).exe'.
  214.         Action performed: Delete file
  215.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  217. 2018/6/13, 21:17:02 [Real-Time Protection] Malware found
  218.         The pattern of 'TR/Injector.lyfmo [trojan]'
  219.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(3).exe'.
  220.         Action performed: Delete file
  221.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  223. 2018/6/13, 21:17:01 [Real-Time Protection] Malware found
  224.         The pattern of 'TR/AD.RansomHeur.qqkfb [trojan]'
  225.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0613\Samples\(1).exe'.
  226.         Action performed: Delete file
  227.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

复制代码


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ELOHIM
发表于 2018-6-13 21:15:08 | 显示全部楼层
本帖最后由 ELOHIM 于 2018-6-13 21:21 编辑

SCEP 06/13 21:19
s(8/18)+m(9/18)=t(17/36) 47.2%
回复

举报

aboringman
发表于 2018-6-13 21:15:42 | 显示全部楼层
本帖最后由 aboringman 于 2018-6-13 21:20 编辑

KIS:S【17/18】+M【11/18】=T【28/36】
回复

举报

B100D1E55
发表于 2018-6-13 21:20:51 | 显示全部楼层
ESET清空…………
回复

举报

2605276004x
发表于 2018-6-13 21:21:50 | 显示全部楼层
本帖最后由 2605276004x 于 2018-6-13 22:42 编辑

sandboxie双击-Kaspersky一群大爷不测了

22:40
S【18/18】+M【17/18】=T【35/36】 97%
剩M16
回复

举报

momng
发表于 2018-6-13 21:22:56 | 显示全部楼层
AVIRA最近真良心,一用户5设备3年才60多块,找时间买来玩玩。


以前一直是红豆组合,现在逼于无奈入了大蜘蛛,莫非又勾引我入红伞。。。



回复

举报

Jerry.Lin
 楼主| 发表于 2018-6-13 21:26:22 | 显示全部楼层
B100D1E55 发表于 2018-6-13 21:20
ESET清空…………

2.exe 到底是啥

我记得前天我也捕到这个……当时好像你说是白的?
回复

举报

2605276004x
发表于 2018-6-13 21:28:23 | 显示全部楼层
本帖最后由 2605276004x 于 2018-6-13 21:29 编辑
191196846 发表于 2018-6-13 21:26
2.exe 到底是啥

我记得前天我也捕到这个……当时好像你说是白的?

Kaspersky trojan-banker.win32.tinynuke.mf
回复

举报

x291502676
发表于 2018-6-13 21:29:43 | 显示全部楼层
@,就一个.   期待你的测试
回复

举报

下一页 »
1234下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-24 13:51 , Processed in 0.119489 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表