收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #PACKAGE 0615
123
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] #PACKAGE 0615

[复制链接]
Sailer.X 该用户已被删除
发表于 2018-6-15 23:04:01 | 显示全部楼层
Panda:
Samples(3/17) 17.6%——2018/6/15 22:56

(2).exe : Trj/GdSda.A
(11).exe : Trj/GdSda.A
(16).exe : Trj/GdSda.A
回复

举报

WhiteCruel
发表于 2018-6-16 02:47:51 | 显示全部楼层
ESET 2:20

Samples(16/17) 94%

双击余下的4号,杀了一个bat衍生物






本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

dg1vg4
发表于 2018-6-16 09:26:15 | 显示全部楼层
当我看到这个的时候,我就知道,有人又双叒叕上传VT了。



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

momng
发表于 2018-6-16 10:04:34 | 显示全部楼层
本帖最后由 momng 于 2018-6-16 10:06 编辑

好不容易在Linux上装VB虚拟机,测了一下大蜘蛛:
Dr.Web SS 断网,Win10:
Samples(15/17) 88%——2018/6/16 10:00

扫描剩余:3.exe,5.exe,15.exe;
双击:
杀掉15.exe,其余两个应被过了但被大蜘蛛防火墙拦截。

还有想问问虚拟机VirtualBox在断网情况下,怎么保存扫描日志?



回复

举报

saleniy35
发表于 2018-6-16 11:56:07 | 显示全部楼层
WD 17/17

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

momng
发表于 2018-6-16 12:21:42 | 显示全部楼层
saleniy35 发表于 2018-6-16 11:56
WD 17/17

WD这是要对第三方杀软赶尽杀绝吗?


回复

举报

saleniy35
发表于 2018-6-16 15:26:47 | 显示全部楼层
momng 发表于 2018-6-16 12:21
WD这是要对第三方杀软赶尽杀绝吗?

最近WD的云好像在天朝格外给力=。=
回复

举报

小飞侠.net
发表于 2018-6-19 09:54:47 | 显示全部楼层
本帖最后由 小飞侠.net 于 2018-6-19 11:26 编辑

Basic Info:
---------------------

X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 4)....1803):


Database Version: 2018.06.15.01
Program Version: [图片]2.1.1.0
Heuristic Engine: Enabled
Cloud Engine: Enabled
Enhanced Mode: Disabled
Backup Before Resolve: Yes
Resolve Threats: Scan only
Scan Priority: Normal
---------------------
Targets:
---------------------
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956
---------------------
2018-06-19 11:23:51 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(10).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018-06-19 11:23:51 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(11).exe -- [Cloud] Cloud:Trojan.Win32.Generic
2018-06-19 11:23:52 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(12).exe -- [Cloud] Cloud:Trojan.Win32.Emotet
2018-06-19 11:23:53 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(13).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018-06-19 11:23:57 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(14).exe -- [Cloud] Cloud:Backdoor.Win32.NanoCore
2018-06-19 11:24:00 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(1).exe -- [Cloud] Cloud:Trojan.Win32.CoinMiner
2018-06-19 11:24:01 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(15).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018-06-19 11:24:07 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(16).exe -- [Cloud] Cloud:Trojan.Win32.Generic
2018-06-19 11:24:07 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(2).exe -- [Cloud] Cloud:Backdoor.Win32.Generic
2018-06-19 11:24:08 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(3).exe -- [Cloud] Cloud:Trojan.Win32.Emotet
2018-06-19 11:24:09 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(17).exe -- [Cloud] Cloud:Trojan.Win32.Generic
2018-06-19 11:24:09 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(4).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018-06-19 11:24:19 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(6).exe -- [Cloud] Cloud:Backdoor.Win32.DarkComet
2018-06-19 11:24:25 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(5).exe -- [Cloud] Cloud:Trojan.Win32.Downloader
2018-06-19 11:24:35 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(8).exe -- [Cloud] Cloud:Trojan.Win32.AgentTesla
2018-06-19 11:24:37 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(9).exe -- [Cloud] Cloud:Backdoor.Win32.NanoCore
                          ,,,                               ,,,      


   瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开)   

                瑞星反恶软引擎命令行扫描器(社区交流版)                 


编译于:Sep 22 2017   15:07:50

提示:
  - 本工具供社区交流使用,请勿用于其他用途
  - 本工具没有恶意软件删除、清除、隔离功能
  - 本工具包含开发中的新特性,结果仅供参考

* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180619111930.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956

* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4434
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Tue Jun 19 11:19:49 2018

{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(10).exe","infect":{"engine":"md5","signature":"bWQ1Ole3PghFf3s9TnREWL+fwJM","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(13).exe","infect":{"engine":"md5","signature":"bWQ1Ot8w/C8VXZCWMXsi1OlhU8o","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(14).exe","infect":{"engine":"md5","signature":"bWQ1OowtZTXjXsrLSTmHR4eNAD8","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(11).exe","infect":{"engine":"md5","signature":"bWQ1OkI3/8vkNYaLONKLZ0boPhw","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(12).exe","infect":{"engine":"md5","signature":"bWQ1Ojj6ImkZ2G4C/9cL/S0dkv8","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(16).exe","infect":{"engine":"md5","signature":"bWQ1Olgn2oSa8jQJsBu/JFm7kag","threat":"Backdoor.Androm!8.113"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(15).exe","infect":{"engine":"md5","signature":"bWQ1OkyLUdftizrH+44ubPiaaD4","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(1).exe","infect":{"engine":"md5","signature":"bWQ1OuchWy7R7U3JsfAFtv2jYgs","threat":"Trojan.Injector!1.AFE3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(2).exe","infect":{"engine":"md5","signature":"bWQ1OjumBNCVoa5goEgH4CN85WA","threat":"Backdoor.MSIL.Bladabindi!1.9E49"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(17).exe","infect":{"engine":"md5","signature":"bWQ1OvA5vZ7dkDnmmQuaiWZj1+A","threat":"Backdoor.Xtreme!8.25A"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(3).exe","infect":{"engine":"md5","signature":"bWQ1OvanQ+e96OgzFQZg/NrlFv4","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(4).exe","infect":{"engine":"md5","signature":"bWQ1OkJghWNQiPFukJyigTEMerQ","threat":"Trojan.Khalesi!8.F103"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(6).exe","infect":{"engine":"md5","signature":"bWQ1Oi3eolg7ybtu2+M9SQ90X5Y","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(7).exe","infect":{"engine":"md5","signature":"bWQ1Ok4tC6kmnq9mPNiv/M20vyc","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(9).exe","infect":{"engine":"md5","signature":"bWQ1Ohvp4HE8ZVwIAf3dsy4NO0I","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(8).exe","infect":{"engine":"md5","signature":"bWQ1OlQ2Tpwr7ojgwsXi1EA+Ef4","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0615Bladabindi0956\\PACKAGE 0615\\(5).exe","infect":{"engine":"md5","signature":"bWQ1OimMXgvrzLjs1GIFiCy5ubc","threat":"Downloader.Banload!8.15B"},"type":"scan"}

扫描结束: Tue Jun 19 11:19:50 2018

总扫描耗时: 0:1:44(m:s:ms)
总扫描对象: 17
总扫描文件: 17
总恶意文件: 17
有效检出率: 100.00%---VT上有瑞星,所以。。。。



Emsisoft Emergency Kit - 版本 2018.4
上次更新: 2018-06-19 9:34:41
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10 x64

Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
    Bitdefender(B)+Emsisoft(A) 双引擎

扫描设置:

扫描方式: 自定义扫描
对象: Rootkits, C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\

检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off

扫描开始于:        2018-06-19 10:37:59
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(17).exe -> (AutoIT r) -> (AutoIT Script) -> (unicode)         发现风险: AIT:Trojan.Nymeria.364 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(17).exe -> (AutoIT Script) -> (unicode)         发现风险: AIT:Trojan.Nymeria.364 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(10).exe         发现风险: Trojan.GenericKD.30979967 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(11).exe         发现风险: Trojan.GenericKD.30974466 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(12).exe         发现风险: Trojan.GenericKD.30976700 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(16).exe         发现风险: Trojan.Injector (A) [294198]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(15).exe         发现风险: Trojan.GenericKD.30976026 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(14).exe         发现风险: Trojan.GenericKD.30983185 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(2).exe         发现风险: Trojan.GenericKD.30975111 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(13).exe         发现风险: Gen:Variant.Zusy.289746 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(3).exe         发现风险: Trojan.GenericKD.30974211 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(1).exe         发现风险: Trojan.GenericKD.30972309 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(4).exe         发现风险: Gen:Variant.Graftor.496415 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(8).exe         发现风险: Trojan.GenericKD.30975370 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(6).exe         发现风险: Trojan.GenericKD.30978942 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(9).exe         发现风险: Trojan.GenericKD.30978941 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(7).exe         发现风险: Trojan.GenericKD.30978004 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(5).exe         发现风险: Gen:Variant.Zusy.288985 (B) [krnl.xmd]

已扫描        611
发现        18

扫描完成后:        2018-06-19 10:38:12
扫描时间:        0:00:13



ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):

日志
正在扫描日志
检测引擎的版本: 17574P (20180618)
日期: 2018-06-19  时间: 10:31:31
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(1).exe - Win32/Injector.DYQY 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(10).exe > NSIS > Britten.dll - Win32/Injector.DYRP 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(11).exe > YANO > deobfuscated.exe - MSIL/Kryptik.IGL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(12).exe - Win32/Kryptik.GHUU 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(13).exe - Win32/Kryptik.GHOW 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(14).exe - MSIL/Kryptik.OOB 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(15).exe - Win32/Injector.DYRL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(16).exe - Win32/Injector.DYQL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(17).exe > AUTOIT > script.bin - Win32/Injector.Autoit.DGN 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(2).exe - MSIL/Bladabindi.Q 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(3).exe - Win32/Kryptik.GHVT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(4).exe - Generik.DTSZVQF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(5).exe - Win32/TrojanDownloader.Banload.YEZ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(6).exe > WINRARSFX > muj.mp4 - Win32/Injector.Autoit.CNO 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(7).exe - MSIL/Kryptik.OHT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(8).exe - MSIL/Kryptik.ONT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0615Bladabindi0956\PACKAGE 0615\(9).exe - MSIL/Kryptik.OOB 特洛伊木马 的变种 - 通过删除清除 [1]
已扫描的对象数: 69
发现的威胁数: 17
已清除对象数: 17
完成时间: 10:32:53  总扫描时间: 82 秒 (00:01:22)

备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。




Dr.Web CureIt! 简体中文绿色免费版---( Windows 7 Ultimate with SP1 简体中文旗舰版....):

-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\3B5179EC3 -rpcpr:np

Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615


C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(12).exe - infected with Trojan.EmotetENT.242
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(12).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(10).exe - infected with Trojan.PWS.Stealer.23950
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(10).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(14).exe - infected with Trojan.Inject3.587
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(14).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(13).exe - infected with Trojan.PWS.Stealer.19347
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(13).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(4).exe - infected with Trojan.PWS.Stealer.1932
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(4).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(2).exe - infected with Trojan.MulDrop8.26538
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(2).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(3).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(11).exe - infected with Trojan.Inject3.9343
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(11).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(8).exe - infected with Trojan.PWS.Stealer.13052
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(8).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(6).exe - infected with BackDoor.Tordev.976
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(6).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(1).exe - infected with Trojan.DownLoader26.50873
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(1).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(16).exe - infected with Trojan.VbCrypt.150
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(16).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(9).exe - infected with Trojan.Inject3.587
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(9).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(17).exe - infected with Trojan.DownLoader6.34128
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(17).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(15).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(7).exe - infected with BackDoor.Siggen2.2488
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(7).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(5).exe - OkTotal 13768586 bytes in 17 files scanned
Total 3 files are clean
Total 14 files are infected.......几乎全KILL,是否又上传VT???
Scan time is 00:00:02.169



火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。


病毒库:2018-06-18 15:08
开始时间:2018-06-19 09:52
总计用时:00:00:04
扫描对象:23个
扫描文件:17个............Generic???又是Generic???
发现风险:17个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个

病毒详情

风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(1).exe, 病毒名:Trojan/Generic!E4C29B7BAE4B50A7, 病毒ID:[e4c29b7bae4b50a7], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(13).exe, 病毒名:Trojan/Generic!348F0D057E368EF9, 病毒ID:[348f0d057e368ef9], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(12).exe, 病毒名:Trojan/Generic!2F86BFAE509EA535, 病毒ID:[2f86bfae509ea535], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(14).exe, 病毒名:Trojan/Generic!A7E41D474458AA19, 病毒ID:[a7e41d474458aa19], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(11).exe, 病毒名:Trojan/Generic!ED00580B1EEEA699, 病毒ID:[ed00580b1eeea699], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(10).exe, 病毒名:Trojan/Generic!6290FB9C7B0E737E, 病毒ID:[6290fb9c7b0e737e], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(16).exe, 病毒名:Trojan/Generic!15611863FDF2EB8B, 病毒ID:[15611863fdf2eb8b], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(2).exe, 病毒名:Trojan/Bladabindi.c, 病毒ID:[ff725d8d780ca8ef], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(17).exe, 病毒名:Trojan/Generic!AF4A6D798DDAD0F8, 病毒ID:[af4a6d798ddad0f8], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(4).exe, 病毒名:Trojan/Generic!1362D6D699C546EF, 病毒ID:[1362d6d699c546ef], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(3).exe, 病毒名:Trojan/Generic!6BE303E8F12D5D6B, 病毒ID:[6be303e8f12d5d6b], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(5).exe, 病毒名:Trojan/Generic!636E9AA1A653B891, 病毒ID:[636e9aa1a653b891], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(6).exe, 病毒名:Trojan/Generic!77791E8A2A3DF469, 病毒ID:[77791e8a2a3df469], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(7).exe, 病毒名:Trojan/Generic!7DAE21ED8E0BC650, 病毒ID:[7dae21ed8e0bc650], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(8).exe, 病毒名:Trojan/Generic!DAB77ED97B0315D1, 病毒ID:[dab77ed97b0315d1], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(9).exe, 病毒名:Trojan/Generic!45A616FE5A66FC4B, 病毒ID:[45a616fe5a66fc4b], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615\(15).exe, 病毒名:HEUR:VirTool/VB.Obfuscator.gen!A, 病毒ID:[636e99dfed83873b], 处理结果:已忽略


文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0615.rar
文件大小: 7.97 MB (8,361,665 字节)
修改时间: 2018年06月19日,09:51:30
MD5: FA552585EF050F7A36701EE125E1156C
SHA1: 9E1E117E49E903A7CB7ED08DA720A72480805C07
SHA256: 9AE493E8ED5D61A32842E28C2D29DDF3930BBCE3FF8C79F642A7B247521C2018
SHA512: 858356C87B7F06DF05D60648D6BC8EF3CA9725772EFA6533A5F66FC7693E04D59EFEDEADEBD0A15461B10D2CF450143BCE0FFD7FB599DC7A07B4A3723AFB856D
CRC32: 8C6A2F33
计算时间: 0.22s



回复

举报

123
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-27 05:28 , Processed in 0.099414 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表