收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #PACKAGE 0620
12下一页
返回列表 发新帖
查看: 2446|回复: 18
收起左侧

[病毒样本] #PACKAGE 0620

[复制链接]
Jerry.Lin
发表于 2018-6-20 21:24:21 | 显示全部楼层 |阅读模式
本帖最后由 191196846 于 2018-6-20 21:59 编辑

蓝奏


Total : 27

========================================
These products were tested before package released:

Products                        Pre-execute    Advanced block     Miss         Status

Windows Defender           20                        3                        4           Infected
Qihoo 360 SD                    21                        3                        3           Infected


Note: Pre-execute includes On-Access scan or exeute scan before malware is running on memory.
          Advanced block includes behavior block or other techiques that successufully terminate running malware.
          Miss includes situations: no any Alert or warning from AV software.
          Status means if there are any malicious items, including processes, images, drivers, autoruns, regs etc., on the current system, the system is infected; otherwise it is clean.

========================================


#勿传VT
#在样本有效期内(24小时),建议无需手动上报样本至厂商,便于其他人测试行为拦截,响应速度等
#样本序号以收集时间顺序排序,越大代表越接近现在时间


回帖格式建议

杀软名称 + 时间
查杀数量+查杀率


例如:
XXX 20:39
Samples(5/10) 50%


评分

参与人数 1人气 +1 收起 理由
petr0vic + 1 版区有你更精彩: )

查看全部评分

回复

举报

YU2711
发表于 2018-6-20 22:10:23 | 显示全部楼层
本帖最后由 YU2711 于 2018-6-20 22:49 编辑

Norton Security   22:09
22/27 双击
1C:\Users\User\AppData\Local\Temp\is-5VNV8.tmp里的衍生物机器B杀
11Miss
13SONAR.Heuristic.170
18SONAR.SuspLaunch!g12
20SONAR.Heuristic.170
1双击第2次SONAR.Heuristic.170

回复

举报

ATP_synthase
发表于 2018-6-20 22:28:24 | 显示全部楼层
本帖最后由 wusiyuanjh 于 2018-6-20 22:33 编辑

卡巴扫描杀14个,双击测试,2号阻止危险网址,4、7、11、13、15、20、24、25号主防杀
22/27

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

B100D1E55
发表于 2018-6-20 22:44:00 | 显示全部楼层
本帖最后由 B100D1E55 于 2018-6-20 23:10 编辑

ESET剩余6,20两个文件,其中20杀vbe衍生物,6被AMS杀injector
回复

举报

,就一个.
发表于 2018-6-20 23:06:56 | 显示全部楼层
迈克菲扫描7/27 2018年6月20日22:54:15

双击
1 不报
2 报Real Protect-LS!049cedad8275
3 报DAC/Suspect.0:0:3eb!24075858b86a
4 报Real Protect-LS!7c631b2c975e
5 不报
6 报DAC/Suspect.0:0:3eb!dbe5b23fcd94
7 报Real Protect-EC!18D497C9F08B
9 报Real Protect-LS!798f646cc38b
10 报Real Protect-LS!3189a6e7f59c
12 报Real Protect-LS!2098632942f0
13 不报
15 报Real Protect-EC!0E5E9AD6B349
17 报Real Protect-LS!954aa2ceb943
18 报Real Protect-LS!c93d77e073de
19 报Real Protect-LS!beb38b76a4ee
20 报Real Protect-EC!35DB5309D751
21 报Real Protect-LS!1988b9cc50f0
22 报Real Protect-LS!01db05781b1e
24 报Real Protect-LS!13b9ed052cc4
25 报Real Protect-LS!75ab4f9f2785
27 报Real Protect-EC!72D63A589DC4

最后成绩 24/27 88%

回复

举报

ELOHIM
发表于 2018-6-20 21:37:29 | 显示全部楼层
本帖最后由 ELOHIM 于 2018-6-20 21:46 编辑

SCEP KILL 10   21:38 37%
回复

举报

星猫
发表于 2018-6-20 21:40:18 | 显示全部楼层
WD 2018/06/20 21:40
24/27
回复

举报

petr0vic
发表于 2018-6-20 21:55:29 | 显示全部楼层
KIS 19 KSN-off
14/27




瑞星RDM+社区版
8/27



瑞星ML社区版
11/27





本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

lambggy
发表于 2018-6-20 22:10:38 | 显示全部楼层
瑞星V17   20:39
Samples(4/27)
运行7.exe,瑞星之剑拦截成功


19.exe触发注册表保护,拦截成功

剩下的均运行成功。。。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Jerry.Lin
 楼主| 发表于 2018-6-20 22:14:49 | 显示全部楼层
本帖最后由 191196846 于 2018-6-20 22:18 编辑

22:13

27/27 100%


炒鸡多次出现上传的弹窗……Uploading... Analyzing... Infected!

  1. 2018/6/20, 22:12:41 [Real-Time Protection] Malware found
  2.         The pattern of 'TR/Injector.vkkla (Cloud) [TR/Injector.vkkla]'
  3.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(27).exe'.
  4.         Action performed: Delete file
  5.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  7. 2018/6/20, 22:12:35 [Real-Time Protection] Malware found
  8.         The pattern of 'DR/Delphi.47fc88 (Cloud) [DR/Delphi.47fc88]'
  9.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(26).exe'.
  10.         Action performed: Delete file
  11.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  13. 2018/6/20, 22:12:30 [Real-Time Protection] Malware found
  14.         The pattern of 'TR/Crypt.XPACK.7973cf (Cloud) [TR/Crypt.XPACK.7973cf]'
  15.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(25).exe'.
  16.         Action performed: Delete file
  17.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  19. 2018/6/20, 22:12:26 [Real-Time Protection] Malware found
  20.         The pattern of 'DR/Delphi.4cc805 (Cloud) [DR/Delphi.4cc805]'
  21.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(23).exe'.
  22.         Action performed: Delete file
  23.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  25. 2018/6/20, 22:11:57 [Real-Time Protection] Malware found
  26.         The pattern of 'TR/Crypt.XPACK.3379db (Cloud) [TR/Crypt.XPACK.3379db]'
  27.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(22).exe'.
  28.         Action performed: Delete file
  29.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  31. 2018/6/20, 22:11:52 [Real-Time Protection] Malware found
  32.         The pattern of 'TR/ATRAPS.Gen [trojan]'
  33.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(21).exe'.
  34.         Action performed: Delete file
  35.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  37. 2018/6/20, 22:11:49 [Real-Time Protection] Malware found
  38.         The pattern of 'HEUR/AGEN.1029336 [heuristic]'
  39.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(19).exe'.
  40.         Action performed: Delete file
  41.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  43. 2018/6/20, 22:11:46 [Real-Time Protection] Malware found
  44.         The pattern of 'HEUR/AGEN.1019180 [heuristic]'
  45.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(18).exe'.
  46.         Action performed: Delete file
  47.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  49. 2018/6/20, 22:11:42 [Real-Time Protection] Malware found
  50.         The pattern of 'TR/Dropper.MSIL.ef14de (Cloud) [TR/Dropper.MSIL.ef14de]'
  51.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(17).exe'.
  52.         Action performed: Delete file
  53.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  55. 2018/6/20, 22:11:33 [Real-Time Protection] Malware found
  56.         The pattern of 'DR/Delphi.Gen (Cloud) [DR/Delphi.Gen]'
  57.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(16).exe'.
  58.         Action performed: Delete file
  59.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  61. 2018/6/20, 22:11:13 [Real-Time Protection] Malware found
  62.         The pattern of 'TR/Crypt.Agent.9a4333 (Cloud) [TR/Crypt.Agent.9a4333]'
  63.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(15).exe'.
  64.         Action performed: Delete file
  65.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  67. 2018/6/20, 22:10:55 [Real-Time Protection] Malware found
  68.         The pattern of 'TR/AD.njLogger.Y (Cloud) [TR/AD.njLogger.Y]'
  69.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(14).exe'.
  70.         Action performed: Delete file
  71.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  73. 2018/6/20, 22:10:49 [Real-Time Protection] Malware found
  74.         The pattern of 'TR/Crypt.EPACK.083369 (Cloud) [TR/Crypt.EPACK.083369]'
  75.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(13).exe'.
  76.         Action performed: Delete file
  77.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  79. 2018/6/20, 22:10:43 [Real-Time Protection] Malware found
  80.         The pattern of 'TR/Crypt.XPACK.ea3057 (Cloud) [TR/Crypt.XPACK.ea3057]'
  81.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(12).exe'.
  82.         Action performed: Delete file
  83.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  85. 2018/6/20, 22:10:37 [Real-Time Protection] Malware found
  86.         The pattern of 'TR/AD.Sagonaire.Y (Cloud) [TR/AD.Sagonaire.Y]'
  87.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(11).exe'.
  88.         Action performed: Delete file
  89.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  91. 2018/6/20, 22:10:31 [Real-Time Protection] Malware found
  92.         The pattern of 'TR/Crypt.XPACK.2f6299 (Cloud) [TR/Crypt.XPACK.2f6299]'
  93.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(10).exe'.
  94.         Action performed: Delete file
  95.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  97. 2018/6/20, 22:10:26 [Real-Time Protection] Malware found
  98.         The pattern of 'TR/Dropper.MSIL.286650 (Cloud) [TR/Dropper.MSIL.286650]'
  99.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(9).exe'.
  100.         Action performed: Delete file
  101.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  103. 2018/6/20, 22:10:09 [Real-Time Protection] Malware found
  104.         The pattern of 'TR/Crypt.XPACK.Gen [trojan]'
  105.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(8).exe'.
  106.         Action performed: Delete file
  107.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  109. 2018/6/20, 22:09:59 [Real-Time Protection] Malware found
  110.         The pattern of 'TR/Kryptik.b8d772 (Cloud) [TR/Kryptik.b8d772]'
  111.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(7).exe'.
  112.         Action performed: Delete file
  113.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  115. 2018/6/20, 22:09:40 [Real-Time Protection] Malware found
  116.         The pattern of 'TR/Dropper.VB.e5ca91 (Cloud) [TR/Dropper.VB.e5ca91]'
  117.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(6).exe'.
  118.         Action performed: Delete file
  119.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  121. 2018/6/20, 22:09:37 [Real-Time Protection] Malware found
  122.         The pattern of 'TR/Injector.ba1c9d (Cloud) [TR/Injector.ba1c9d]'
  123.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(5).exe'.
  124.         Action performed: Delete file
  125.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  127. 2018/6/20, 22:09:31 [Real-Time Protection] Malware found
  128.         The pattern of 'TR/Dropper.VB.eafe26 (Cloud) [TR/Dropper.VB.eafe26]'
  129.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(3).exe'.
  130.         Action performed: Delete file
  131.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  133. 2018/6/20, 22:09:15 [Real-Time Protection] Malware found
  134.         The pattern of 'TR/Kryptik.19522d (Cloud) [TR/Kryptik.19522d]'
  135.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(2).exe'.
  136.         Action performed: Delete file
  137.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  139. 2018/6/20, 22:09:04 [Real-Time Protection] Malware found
  140.         The pattern of 'TR/Crypt.Agent.c2a297 (Cloud) [TR/Crypt.Agent.c2a297]'
  141.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(1).exe'.
  142.         Action performed: Delete file
  143.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  145. 2018/6/20, 22:07:47 [Real-Time Protection] Malware found
  146.         The pattern of 'TR/Kryptik.ncsrs [trojan]'
  147.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(24).exe'.
  148.         Action performed: Delete file
  149.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  151. 2018/6/20, 22:07:45 [Real-Time Protection] Malware found
  152.         The pattern of 'TR/Kryptik.ncsrs [trojan]'
  153.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(24).exe'.
  154.         Action performed: Delete file
  155.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  157. 2018/6/20, 22:07:45 [Real-Time Protection] Malware found
  158.         The pattern of 'TR/Bicololo.sfpjv [trojan]'
  159.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(20).exe'.
  160.         Action performed: Delete file
  161.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

  163. 2018/6/20, 22:07:44 [Real-Time Protection] Malware found
  164.         The pattern of 'TR/AD.Emotet.kjtmf [trojan]'
  165.         detected in file 'C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE0620\(4).exe'.
  166.         Action performed: Delete file
  167.         User SID: S-1-5-21-3774652721-2607747548-2788097174-1001

复制代码



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
ELOHIM + 1 大棒棒哦!错了错了,太棒棒哦!

查看全部评分

回复

举报

wangyuhe
发表于 2018-6-20 22:34:35 | 显示全部楼层
FS纯扫描kill13
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-25 09:04 , Processed in 0.139484 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表